Evidence of meeting #30 for Access to Information, Privacy and Ethics in the 39th Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was enforcement.
A recording is available from Parliament.
9 a.m.
Liberal
9 a.m.
Conservative
David Tilson Conservative Dufferin—Caledon, ON
Mr. Chairman, while you're getting your breath, I wonder if I could have a point of order.
9 a.m.
Conservative
David Tilson Conservative Dufferin—Caledon, ON
As the vice-chairman, I'd like to say that most members, if not all, have read the obituary about the passing of your mother. Obviously she thought a lot of her family, and you and your family thought a lot of her. We offer our condolences.
9 a.m.
Liberal
The Chair Liberal Tom Wappel
Thank you very much. I very much appreciate it. And yes, we did think a lot of her. She was a wonderful person.
Today we have, from the Canadian Resource Centre for Victims of Crime, Steve Sullivan. Hi Steve.
We also have Krista Gray-Donald, director of research. Good morning.
From the Insurance Brokers Association of Canada, we have Robert Kimball, chairman; Peter Fredericks, vice-president; and Steve Masnyk, manager of communications. I'd like to thank the insurance brokers for sending around the blanket once in a while to the MPs. I appreciate it.
From the Canadian Association of Chiefs of Police, we have Clayton J.D. Pecknold, co-chair, law amendments committee.
Welcome to everybody.
I guess we'll start in the order the witnesses are listed and ask Mr. Sullivan to make his opening remarks.
By the way, as everybody knows, you have up to 10 minutes to make your remarks--we do time you--and then there will be questions from the members. So don't worry, if you happen to run over, anything you don't get an opportunity to say in your remarks I'm sure you can say in your response to questions.
Go ahead, Mr. Sullivan.
February 13th, 2007 / 9 a.m.
Steve Sullivan President, Canadian Resource Centre for Victims of Crime
Thank you, Mr. Chair, committee, for allowing us to come today to talk about issues related to your review of PIPEDA. I don't think we'll be very long in our opening remarks. Our issues are pretty specific. We just really want to raise those for you, and we'll be happy to try to answer any questions.
Very briefly, the Canadian Resource Centre for Victims of Crime is a national non-profit advocacy group for victims. We work with victims from across the country in providing direct advocacy services. We also try to raise issues with all levels of government, advocate on behalf of victims to promote their rights and their interests, and promote laws to better protect them. It's that latter role that I'm here in today, to try to promote some amendments and raise some awareness on issues that we think require some attention to better protect children, in this case, from Internet child sexual exploitation.
I should mention that we are funded by the Canadian Police Association. We have been sponsored by the police association since 1993, so we have had a lot of interaction with various law enforcement officers across the country. Some of those are investigators who work directly with these issues.
Contrary to a lot of public opinion, I think what law enforcement unfortunately faces on a day-to-day basis in dealing with these issues is not children frolicking on beaches or pictures of kids running around in their underwear; it is the rape and torture of children, sometimes babies, by men, and often their fathers or uncles. Those images are kept and put on the Internet for anyone and everyone to see. They are traded like baseball cards. There are thousands of images of children all around the world. Last week, we saw a huge bust resulting from Australia that has had impacts in many countries, Canada included.
One of the issues we want to speak to today is what the impact of PIPEDA is on law enforcement's efforts to try to address these issues. In our interaction with the members of the Canadian Police Association that we deal with from time to time, and also in following media reports, it seems there is some confusion with regard to the PIPEDA legislation and whether or not Internet service providers can or should provide information to law enforcement regarding subscriber information, like people's names and addresses. It's our position, very succinctly, that ISPs should frankly not have discretion to share that information with law enforcement efforts. At the very least, with this legislation, we need to make it clear that ISPs can and should share information.
We have provided a brief. I apologize for not getting it to you sooner so that it could be translated, but we have left copies with the clerk.
The issue of child pornography has been raised in various committees over the last couple of years. We sent a brief to all members of Parliament six or seven years ago about child pornography, along with some recommendations that we had made at that time. Some of them have been implemented, like the creation of a luring offence and the creation of a national tip line, which is now in operation and had I think 6,000 tips in the first year of operations alone.
Various other committees have heard from experts who have far more expertise in this area than us. I just want to read a very quick quote from OPP Detective Inspector Angie Howe, who spoke to a Senate committee in 2005 on Bill C-2, which had a variety of different measures, some of them regarding child pornography. What she said then was:
The images are getting more violent and the children in the photos are getting younger. As recently as one year ago, we did not often see pictures with babies, where now it is normal to see babies in many collections that we find. There is even a highly sought-after series on the Internet of a newborn baby being violated. She still has her umbilical cord attached; she is that young.
I say that not to shock you or disgust you—although I suspect you are disgusted—but just to really get the message across of what it is law enforcement is fighting.
In our efforts to raise these issues, we have heard of the notion of Big Brother and that law enforcement wants access to all this information. What they're doing every single day is sitting in front of a computer, sifting through tens of thousand of images. One accused person could have 10,000 images of children being raped and tortured. That's what law enforcement is dealing with, and those are the children we come here today to try to speak for.
You're dealing with PIPEDA, which is an act relating to privacy. Can you imagine any greater violation of your privacy than having the most awful images of you captured for anyone and everyone to see? Unfortunately, no one is speaking for those children. No one is talking about their privacy rights.
We have a Privacy Commissioner who I'm sure does an absolutely fabulous job on a variety of issues, but as far as I know, she has not once spoken for those children. Later, I'll refer to a letter she wrote to us about the PIPEDA legislation and what the discretion really is for ISPs.
In the letter, she says that ISPs may look at this on a case-by-case basis—frankly, a case-by-case basis is not good enough for us anyway—but nowhere did she talk about what her office is doing to raise the interests of those children. No one is speaking for them, and that's one of the reasons why we came here today. We're here to try to lend a voice to their concerns and their issues. What's being been done to protect their privacy rights? We have to balance that with the privacy rights of Internet users, but part of the equation has to be the privacy interests of those children.
The issue for us has been raised in the media by law enforcement and in a couple of court cases. It's with respect to subsection 7(3) of the legislation, which sets out the provisions where an organization may disclose personal information. The first condition, as you will see, is with a warrant. Obviously, if police go get a warrant, then the ISP has to comply.
There is, unfortunately, some confusion with the second stipulation, which refers to a response to a request by a government institution that has lawful authority to obtain the personal information for the purpose of enforcing a law, carrying out an investigation, or gathering intelligence. It's that issue of “lawful authority” I think that has led to some confusion, and our basic suggestion to you is to clarify that.
There was a case in Ontario in which Toronto police were investigating someone. They sent a letter of request for information, pursuant to a child exploitation investigation, to Bell Canada. Bell Canada cooperated with that and provided information to the police, but this was challenged in court. At that time, the court said that the section I referred to does not establish what “lawful authority” is. The court went on to say that really, in that court's mind, a warrant was needed. Fortunately, that decision was overturned by a higher court. And just for your information, the search led to the discovery of a large child pornography collection.
But that's the issue that this committee should task itself with. What is lawful authority? If law enforcement were here to speak to this—and I would encourage you to actually have some of the investigators come to talk about their experiences with PIPEDA—I think what you will find is that a lot of the larger ISPs tend to cooperate with law enforcement even if they don't get warrants but just have letters of authorization. Not all of them do, though. For some ISPs, use of PIPEDA is left to their interpretation. We're asking for your committee to clarify that or recommend that it be clarified.
People ask why police don't just get warrants. One of your previous witnesses, I think from the industry department, referred to the speed with which these things sometimes happen. At the time, I think the chair actually asked a question about a case from St. Thomas, where there was live abuse going on with a child. Sometimes there just isn't time to go get a warrant.
The other thing, from our perspective, is that police don't need a warrant. What we're talking about is someone's name and address, which they can get off a licence plate. They don't need a warrant to get your name and address if they see you speeding away from the scene of a crime or failing to stop. Are we really going to give better protection or more enforcement for people who fail to stop than we are for those who might be abusing children?
In some jurisdictions, some pawn shops are required to have information about customers who come in and sell merchandise. That information can be used to track back stolen property. Is stolen property really more important than our children?
That's the basic thrust of our testimony here today. Again, we're not experts in law enforcement, but these are the concerns that law enforcement have expressed both publicly and to us, if you look at some of the media reports. Just last week, over this bust, you'll note that the head of the National Child Exploitation Coordination Centre, from the RCMP here in Ottawa, said we have to rely on ISPs to help us. Frankly, we don't think there should be any discretion for ISPs to help law enforcement, certainly in these cases. At the minimum, though, we would ask this committee to clarify subsection 7(3).
We would also ask that some consideration be given to perhaps amending the statement of principles of the legislation, to make it clear that the legislation was never intended to negate or interfere with the moral and ethical duties of companies. Companies will often complain about the costs of these things, about what it costs them to cooperate with law enforcement. It's our argument that we all have a duty to cooperate with law enforcement. We're seeing now, in British Columbia, twelve citizens potentially giving a year of their life to jury duty. We all have to do that. There are consequences and there are costs for us to do that.
We work with women who are abused by partners, who testify in court and put themselves sometimes at great risk to assist with the enforcement of the law. We're all part of the solution here, and I think it's incumbent upon ISPs to step up and do their part.
I can speak a little more to the cost issue if that's something you want me to speak to.
The last issue I would raise is whether this committee could use its influence to encourage the Privacy Commissioner to take a more active role in protecting the privacy interests of children.
Thank you, Mr. Chair.
9:10 a.m.
Liberal
The Chair Liberal Tom Wappel
Thank you, Mr. Sullivan.
We will now go to the Insurance Brokers Association.
Mr. Masnyk, go ahead, sir.
9:10 a.m.
Steve Masnyk Manager of Communications, Insurance Brokers Association of Canada
Thank you, Mr. Chairman.
Good morning everyone. My name is Steve Masnyk. I am the Manager of Communications for the Insurance Brokers Association of Canada. Through its 11 provincial and regional members, the Insurance Brokers Association of Canada represents over 30,000 insurance brokers who are living and working in almost every community of our country.
Mr. Bob Kimball and Mr. Peter Fredericks, who are respectively the Chairman and the Vice-Chairman of our association, are with me this morning. I would like to leave the floor to Mr. Kimball who will be followed by Mr. Fredericks.
9:10 a.m.
Robert Kimball Chairman, Insurance Brokers Association of Canada
Good morning, everyone. As Mr. Masnyk mentioned, my name is Bob Kimball and I'm the volunteer chair for the Insurance Brokers Association of Canada.
I come from a small town of about 4,500 people, Sussex, New Brunswick. I just want to give you a little perspective on where I come from. I have six employees in my office. That includes me and my wife. My father is an insurance broker. My three brothers are insurance brokers. I mentioned my wife is an insurance broker. Even my son is working in insurance, so it's a family business...small community. Insurance gets in your blood.
My goal this morning is to provide you with an industry perspective as well as a working perspective on these issues that you're challenged to look into.
First, I'd like to commend your dedication in serving the public on an important issue that affects Canadians.
Privacy is one of the cornerstones of our society and something that should never wilfully be compromised. We live in a world that is being transformed by the greatest evolution in technology in our history, and safeguards need to be in place to protect Canadians from any abuses of their privacy.
I'm here as an insurance broker, so I'll speak on how some of the issues before you affect our profession and our consumers of insurance.
I'd like to begin this morning with a comment on the general effectiveness of PIPEDA. Through our experience, I would suggest to the committee that PIPEDA works, and it works well. I can tell you that we've checked with our office, the Insurance Brokers Association of Canada, and we have not received a single complaint regarding privacy since PIPEDA came into effect. In addition, we have confirmed with the general insurance ombudsman that his office has not received a single complaint regarding breaches of privacy when it comes to brokerages. It's based on this that I'm of the opinion that the approach taken in the spirit and the intention of PIPEDA has been a correct one.
After the privacy legislation was passed in 2001, our association prepared and distributed a guide to all of our brokers dealing with the implementation of these provisions, and you all have a copy of it in the binder.
In addition, we had seminars and road shows that were offered to all of our brokerages across the country to help them implement the new requirements. Brokers have embraced the guidelines as a regular part of day-to-day business. As brokers, we strive to cover and protect our clients. This is what we do every day. We provide clients with peace of mind. We would not be in business if we did not do this well.
Under this protective coverage also comes our clients' personal information. I'd like to share with you what that means in an insurance broker's office. In my own office, as well as having all of the physical things looked after--bars on windows, alarm systems, metal filing cabinets, those types of things--we have long-term employees. My shortest-term employee has been with me for 10 years. I have one lady who's been with us for 43 years. So we have long-term employees. We're in a small town, so obviously we have to keep people's privacy utmost in our mind.
Our computer system, which has the information in it, is a proprietary system. It doesn't work on a Windows base. It's very different. There are about six or seven different insurance systems out there, and you have to know entirely how the system works in order to get any information out of it. There are multiple passwords. We have passwords to sign our computers on, to get into our insurance system, to access information. So we take privacy very much to heart.
I'd like to ask Mr. Fredericks to address some of the issues that are raised in your consultation, if I could, at this time.
9:15 a.m.
Peter Fredericks Vice-President, Insurance Brokers Association of Canada
Thanks, Bob.
Good morning, everyone. My name is Peter Fredericks. I'm the vice-president of our association. As is Mr. Kimball, I'm a working broker in Bedford, Nova Scotia, a town of about 28,000. There are five other brokers in my town, actually. I employ four people.
Our day-to-day operation, from a security and privacy standpoint, is very similar to Mr. Kimball's, so I won't go through that again with you.
We have three issues we would like to raise on the Privacy Commissioner this morning. The first is the actual role and mandate of the Office of the Privacy Commissioner. We believe the ombudsman model is the appropriate and effective model for this organization. We believe it is essential that parties have access to collaborative dispute resolution, and we believe it is a fair practice to have a judicious overseer.
The second issue we wish to bring up is work product. It's an area that we believe needs clarification. It's widely accepted that information obtained during the usual course of business is proprietary to the firm. The current law, we feel, is unclear both in the definition of work product and in the fact that it should be excluded from falling under personal information. Our position is that the analysis and expertise surrounding the use of personal information is proprietary to the broker and should not be included in personal information under the law.
Our third issue is with respect to duty to notify in the event of a breach of personal information. We concede and agree wholeheartedly that this is a sensitive topic for all Canadians. Our profession is one that is based on assessing risk and placing it with the proper coverages.
Our basic reason for being is to protect our clients, whether it's protecting their homes, their cars, their business, or of course their privacy. It just flows that a breach in privacy would necessarily involve assessing the degree of breach, informing a client, and mitigating any future breaches--it's key to our profession. We believe it just makes good business sense to follow this model. Because of the nature of the insurance industry, we believe that regulating this duty would be challenging at best and practically unworkable at worst.
For us, the bottom line is that if a briefcase containing three clients' files is stolen, obviously the broker involved is going to make every effort possible to assist those three customers and do whatever is right to make sure that information is protected. Our concern is being regulated by this body to contact, in my case, all 2,500 of my customers to inform them that three customers' files had been stolen.
Those are basically our concerns with the issues before you. We'd like to thank you very much for the opportunity to be here this morning. We're more than happy to answer any questions you may have.
9:20 a.m.
Liberal
The Chair Liberal Tom Wappel
Thank you very much.
Now we'll turn to Mr. Pecknold from the Canadian Association of Chiefs of Police.
9:20 a.m.
Clayton Pecknold Co-Chair, Law Amendments Committee, Canadian Association of Chiefs of Police
Good morning, Mr. Chair, and thank you.
I have some prepared remarks I would like to put on the record, if you will permit me. There will be some overlap I think with my friends from the Canadian Resource Centre for Victims of Crime, but if you bear with me, I'll go through them.
As stated, my name is Clayton Pecknold. I'm a deputy chief constable with the Central Saanich Police Service in British Columbia. I'm the co-chair of the Law Amendments Committee of the Canadian Association of Chiefs of Police.
First let me thank you for granting the CACP the opportunity on such short notice to appear before you today. I understand you are coming to the latter stages of your work and no doubt have had much material placed before you. I will endeavour to keep my remarks focused and brief with that in mind. I also wish to convey to you, Mr. Chair and members of the committee, the compliments of our president, Mr. Jack Ewatski, who's the chief of the Winnipeg Police Service, and our executive director, Mr. Peter Cuthbert.
The Canadian Association of Chiefs of Police represents the leadership of policing in Canada. Our membership spans all levels of policing, from municipal to federal agencies, and includes approximately 90% of the chiefs, deputy chiefs, and other senior executives from our nation's policing community. The CACP is committed to promoting effective law enforcement in Canada to the benefit and safety and security of all Canadians. As part of this mandate, and to enhance the effectiveness of policing, the CACP is committed to legislative reform such as that which is before you today. We appear often on bills and participate with enthusiasm and at every opportunity to consult with government on matters pertaining to the law and policy having an impact on public safety.
As I have stated, I'll endeavour to limit my remarks and therefore will focus primarily on two sections of the act. Before moving to specifics, permit me some general comments both to provide illumination of the guiding principles under which the CACP carries out its mandate, but further to provide some comment about the general policing environment in Canada, so that this honourable committee may have some context in which to view our specific comments.
The overall goal of the CACP is to lead progressive change in policing through, among other things, the advocacy for legislative reform, the advancing of innovative solutions to crime and public order issues, and the promotion of the highest professional and ethical standards for its member agencies. Simply put, the CACP believes that preserving and respecting the rule of law and the Charter of Rights and Freedoms guarantees that we will maintain the continuing consent of the citizens we police.
With the foregoing in mind, allow me to state clearly that the Canadian police community is very mindful of the concerns of Canadians for their privacy. We, like all Canadians, understand that while the digital age has brought forth much benefit, the ease with which personal information flows across boundaries brings with it many challenges for law enforcement. My committee and other CACP committees, such as the electronic crime committee and the organized crime committee, are actively pursuing legislative and policy initiatives to combat privacy-related criminal activity such as identity theft and telemarketing fraud, to name but two.
As well, as police services have modernized our own electronic data collection and information-sharing practices, we have worked hard to place the appropriate safeguards in place to ensure we comply with both the spirit and intent of our various governing privacy acts and the fair information practices they enshrine. We are also mindful that Canadians have a growing awareness of the very real dangers posed to our society by organized crime, global terrorism, and, perhaps most alarming, the exploitation of our children by Internet predators and purveyors of child pornography.
To that end, the CACP continues to advocate for changes to our laws to provide a balanced and effective set of investigative tools to deal with the new challenges faced by law enforcement in the information age. While Canadians expect balance and restraint from their police, they also expect that we will have the tools available to us to keep them safe and serve the public interest.
Another point I would make is that policing is not strictly the enforcing of laws. While the investigation of crime and the apprehension of criminals is a key aspect of what we do, provincial police statutes in the common law recognize that the primary duty of a police officer is the protection of the public and the preservation of the peace. In pursuit of this we are often called upon to perform tasks that are of a social benefit. These include such tasks as notification of the next of kin, checks on the welfare of the elderly and infirm, assistance to child protection authorities, or working in collaboration with mental health professionals to assist in protecting vulnerable persons within our society. In any or all of these cases, police may need timely access to accurate information about an individual for the benefit of that individual or for some other public good.
Therefore, here are some key points I would ask that you draw from my opening comments.
First, the digital age and the new realities of the Internet and the free flow of personal information in electronic form pose many of the same challenges to effective policing as they do for other sectors of society and, we suggest, have brought with them new public safety challenges.
Second, police operate under the considerable scrutiny of the public, the courts, and other regulatory bodies. Every police agency in this country is governed by privacy legislation. We understand our responsibilities with respect to the protection of the privacy of Canadians.
Finally, while one may tend to think of policing in terms of enforcement of the criminal law, there are many everyday functions performed by the police that do not invoke the criminal law powers or the associated investigative authorities, yet are equally of service to the public good.
Now turning to the act specifically, I would like to comment on two areas: the disclosure by police of personal information without consent, and secondly, the disclosure of information police themselves request to the individual about whom the information was requested. Specifically, I'm talking of sections 7 and 9.
As you know, paragraph 7(3)(c) permits organizations to disclose personal information without the knowledge or consent of the individual, where a court order exists. Police do frequently seek information with prior judicial authorization under search warrant or production order when the information is of a nature that attracts section 8 of the charter protection and of course where they can meet the legal threshold for obtaining such an order. But as noted, there are occasions in which information sought does not attract section 8 protection. One example of this is hydro power usage, which may indicate the theft of electricity or operation of a marijuana grow-op. There is some good authority from the courts that a warrant is not required for this information.
In another example, a police officer may be in the early stages of a missing person investigation, in which he or she is trying to determine if in fact a crime has occurred. Perhaps we may have to solicit the assistance of a financial institution because we need to know if that person bought gas at a particular gas station or if the person used a credit card, or perhaps we need to find out if a person has a cell phone registered to him with a particular company. For this information we rely on paragraph 7(3)(c.1), which permits disclosure upon lawful authority, as my friend has already noticed. However, we are increasingly seeing some companies interpreting lawful authority to mean that a warrant or court order is required before they comply. This is an interpretation that is not, in our respectful view, consistent with the intent of the drafting of the act. Such an interpretation by companies, while no doubt grounded in a legitimate desire to protect their customers' privacy, is overly restrictive and defeats, in our view, the intent of paragraph 7(3)(c.1). That section is intended to be permissive and give guidance to the holder of the information to ensure that there is some legal basis upon which the police are requesting the information. That legal basis may be a criminal investigation and may involve the service of a court order, in which case paragraph 7(3)(c) would apply, or it may be pursuant to our many other duties, in which case we suggest that paragraph 7(3)(c.1) contemplates a situation in which a warrant is not required or indeed available. It does so by using the term “lawful authority” and differentiating between the enforcement of a law and the carrying out of an investigation relating to the enforcement of the law.
It is important to note at this juncture that the police are always restrained by the rules of evidence, and wherever there is an expectation that information is to be used for criminal prosecution, we are careful to ensure we do not jeopardize the subsequent prosecution by obtaining evidence in a manner that would otherwise require a warrant.
The second section concerned is section 9, which provides that a person may have access to his information possessed by the company, including whether the company has disclosed that information to another party, including the police. There is, of course, a provision that permits the objection by law enforcement to disclosure of the fact that a request had been made for the information, but as we understand it, the prevailing view of that section and the cumulative effect of that section are that protection is triggered only when the individual actually makes a request. In our view, there is nothing preventing a company from adopting a policy of voluntary notice to customers that the police had requested and received information. This is, as you can no doubt appreciate, of concern for us, most especially when there's an ongoing and sensitive investigation or the information was requested for intelligence purposes.
For purposes of the end result, we are requesting that the committee consider clarifying the ambiguity in sections 7 and 9. First, we respectfully suggest you consider clarifying the term “lawful authority”, either within the definitions section of the act or by employing some other wording, which would clearly demonstrate that a warrant is not required. This is recognizing, of course, that section 7 is permissive and that companies are not compelled to provide the information. Such clarification would serve primarily to give them some comfort in their efforts to be good corporate citizens and, where appropriate, assist in matters of public safety.
With respect to section 9, one possible suggestion is that an amendment be made to generally prohibit the disclosure to an individual that the police have requested or received information, regardless of whether the request is made by the individual. Provision could be made for the police to consent and not unreasonably withhold that consent. Such an amendment would also help clarify the obligations of companies, of course.
In closing, it is important to notice that the vast majority of organizations covered by the act strive to be good corporate citizens. Police across this country work closely with all members of their respective communities, corporate or otherwise, to maintain professional and cooperative relationships. This is a key component of good police work.
In keeping with this, it is important that all parties have a clear understanding of their duties and obligations with respect to protecting Canadians' privacy. Clarity of language in the act will go far in ensuring the appropriate balance between the protection of that privacy and the needs of public safety, by making sure the right information goes to the right people at the right time and according to the law.
Once again, on behalf of the Canadian Association of Chiefs of Police, thank you for the opportunity to comment.
9:30 a.m.
Liberal
The Chair Liberal Tom Wappel
Thank you very much.
Just before we go to questions, Mr. Sullivan and Mr. Pecknold, I know neither of you are lawyers, but do either of you have any knowledge of whether the phrase “lawful authority” has been judicially interpreted by any court of appeal or the Supreme Court of Canada?
9:30 a.m.
President, Canadian Resource Centre for Victims of Crime
It hasn't, to my knowledge.
9:30 a.m.
Co-Chair, Law Amendments Committee, Canadian Association of Chiefs of Police
I am a lawyer and I don't think it has. I did a quick search and didn't see it.
9:30 a.m.
Liberal
Sukh Dhaliwal Liberal Newton—North Delta, BC
Thank you, Mr. Chair.
First of all, I'd like to thank everyone who has come here today.
Mr. Sullivan, you said that ISPs should have the discretion, at a minimum, to be utilized to work with the police on the issues. I commend you for coming out and speaking for the children.
Are there any ISPs that are not cooperating with the police agencies at this time, and what would be the circumstances?
9:30 a.m.
President, Canadian Resource Centre for Victims of Crime
It's my understanding that most of the bigger ISPs generally cooperate with law enforcement. According to the Privacy Commissioner, in a letter we received from her, ISPs look at it on a case-by-case basis, so I guess it depends on the circumstances and what the issues are.
I'll refer to the Edmonton Journal of February 8. The head of the RCMP's coordination centre referred to some smaller Internet service providers that exist solely to trade in child sexual abuse, and the challenges in getting smaller companies to cooperate. Our concern is that if we leave it voluntary, the bigger companies will cooperate, but the people who are trading this stuff know what's going on and they'll tend to go to the smaller companies that are not cooperating.
I will refer very briefly to legislation that the former government introduced, Bill C-74, prior to the last election. It would have spoken to the issue of requiring ISPs to cooperate with law enforcement.
9:35 a.m.
Liberal
Sukh Dhaliwal Liberal Newton—North Delta, BC
You said you have some costs associated with it. Do you have those numbers?
9:35 a.m.
President, Canadian Resource Centre for Victims of Crime
What I was referring to there is in our brief, and again I apologize for not getting it in sooner. There was a case in Toronto where the police were looking to get information. I think it was a homicide investigation. The issue the ISP raised was that the cost of cooperating with law enforcement would be an unreasonable financial burden. It's the only example I know of where the costs were actually discussed.
The court heard evidence on the complete annual cost for companies to comply with production orders--orders from the police to get information. The complete annual cost was $660,000. The court had a forensic auditor look at those numbers, and they found that the expenditure was 0.0087% of Telus' operating revenue and 0.012% of their net income for one year. So the forensic auditor said it was not really a material amount. When you look at the profit compared to the cost of cooperating with law enforcement, we're really talking about fairly minimal numbers.
9:35 a.m.
Liberal
Sukh Dhaliwal Liberal Newton—North Delta, BC
Do you see a role that these Internet service providers can play beyond just sharing information with the police when it comes to the exploitation of children?
9:35 a.m.
President, Canadian Resource Centre for Victims of Crime
Ideally we would like to see ISPs take a more active role in ensuring that their services are not being used to facilitate the exploitation of children. That doesn't mean they have to police the Internet; that's unreasonable. But certainly when they become aware of how their services are being used, they should be more proactive in cooperating with law enforcement.
Certainly at a minimum, when police come and ask for help, they have an obligation to assist. But if there are ways for them to be more proactive in trying to reduce the chances that their own services, what they're making money from, are being used to exploit children, that's an issue to be explored.
9:35 a.m.
Liberal
9:35 a.m.
Co-Chair, Law Amendments Committee, Canadian Association of Chiefs of Police
There's a bit of a crossover on this issue, especially with respect to cost during the ongoing lawful access consultations we've had over the last number of years, which my friend alluded to, the Modernization of Investigative Techniques Act, the bill that was introduced by the previous government.
The Telus Mobility case is going before the Supreme Court of Canada, actually. That's the case that dealt with the imposition of a fee by Telus at the time as a precondition for complying with an order for production of data. The Supreme Court, it is my understanding, has granted leave to appeal. The CACP is considering intervening in that case.
What we found is that the deregulation of the telecommunications industry has produced a lot of small players in the industry. We have consulted with them, and we're mindful of the challenges they have in complying with requests from law enforcement. A lot of these ISPs are mom and pop operations, and they operate on a very thin margin, profit-wise. They tend to be good corporate citizens, and we know that. They want to comply, but there's an impact to complying.
We do find also, though, that there's perhaps some concern with respect to their liability if they produce information without a warrant, when in fact a warrant isn't required or we don't have a warrant available. We try to give them some comfort and clarity as to what's required.
By and large, we do run into some challenges, that's true. There are probably no doubt examples of blatant disregard, but I would say those are the exceptions, not the rule. That's why we look for clarity in terms of the tools, and we look for the tools necessary to get the information to us. The other concern, obviously, is that ISPs' data is erased quickly, so we need to get to it quickly. That's an area of concern for us that the MITA legislation was intended to address as well.