News - All

  • – 2016-09-13 –

    CIPPIC and the Citizen Lab, released a report today that describes and analyzes a class of covert electronic surveillance devices called cell site simulators (typically referred to as IMSI Catchers or by brand names such as 'Stingray'). IMSI Catchers operate by impersonating cell phone towers in order to trick mobile devices within range into transmitting digital identifiers, which are then used to track mobile devices or identify the otherwise anonymous individuals associated with them. The report (Executive Summary, FR) argues that the devices are inherently invasive. The geo-location and identification they facilitate engages sensitive privacy interests and, moreover, they are inherently coarse - for each target they are deployed against, the privacy of thousands of non-targeted mobile devices within range is collaterally affected. IMSI Catchers are also intrusive for their interference with the operation of mobile devices, which cannot receive or transmit any phone, text or data communications while engaged with an IMSI Catcher. This can include interference with critical communications such as emergency 911 calls.

    Exacerbating the intrusive features of this electronic surveillance tool has been the cloud of secrecy that pervades its use. The report describes significant efforts by journalists and civil society, in Canada and abroad, which sought to uncover use of this device in Canada and the heavy and unnecessary yet persistent resistance these efforts have experienced. The resulting secrecy, which appears to be encouraged by non-disclosure agreements imposed on Canadian agencies by IMSI Catcher vendors, has delayed important public policy debates regarding the appropriate use of these devices, while eroding public confidence. The report calls for the imposition of a range of transparency, proportionality and mitigation measures, modeled on regulatory frameworks adopted by other jurisdictions for IMSI Catchers, by Canadian courts and legislatures for comparably intrusive electronic surveillance tools and by international normative frameworks for digital privacy protection.

  • – 2016-08-26 –

    CIPPIC's application for leave to intervene has been granted in Douez v Facebook Inc, SCC File No 36616, an appeal that raises fundamental questions regarding the nature of online jurisdiction, e-consumer protection and privacy. Specifically at issue is a forum selection clause imposed by Facebook onto all of its customers, on a take it or leave it basis, mandating that all disputes be brought against it in California. On the basis of this clause, it was held that a class action launched against Facebook in BC and alleging violations of BC privacy laws cannot proceed.

    Managing online jurisdiction-where services can have significant global presence and impact on a largely virtual basis-has strained digital policy since the early days of the world wide web. However, CIPPIC's proposed intervention intends to argue that forum selection clauses are ill-suited as a means of navigating the challenges posed by global online services. A mandatory, non-negotiable forum selection clause effectively opts a service provider out of Canadian standards and laws as foreign courts tend to apply their own rules and standards. As forum selection clauses are ubiquitous and non-negotiable in online services, their universal enforcement could effectively deprive Canadians from domestic protections in relation to digital activities that are increasingly critical to their daily lives. In addition, it could force any Canadian individual embroiled in a dispute with a global online platform to undertake the expense and inconvenience of suing in a foreign court.

  • – 2016-07-28 –

    Voltage Pictures and its litigation partners - the applicants in a file-sharing "reverse class action" - have been granted a Norwich Order in respect of a single John Doe. The Court limited its Order to the name and address of the Rogers subscriber (the Applicants had sought additional information such as email address) and required payment to Rogers at its hourly fee for providing the subscriber data (the Applicants had argued that the new notice and notice provisions of the Copyright Act meant that Rogers had to provide this information for free). CIPPIC intervened in the motion on the narrow issue of the privacy protections and limits that might be required of any such order. It is possible that Voltage and its partners might appeal the decision on the issue of paying ISP costs. However, with the Order in hand, Voltage and its litigation partners are in place to begin discovery against the Doe with the goal of having the Doe appointed as the representative defedant and moving towards certification of its controversial reverse class proceeding.

    UPDATE: On Friday, August 5, 2016, Voltage filed a Notice of Appeal, FCA File No A-278-16, with the Federal Court of Appeal, challenging the Federal Court's conclusion that it cannot pass the cost of enforcing its rights on to Rogers' customers. Voltage did not seek a stay of the Proposed Class Action Proceeding and, as a result, it appears as though the class proceeding and the appeal will proceed in parallel.

  • – 2016-07-11 –

    CIPPIC and Carleton University’s Geomatics and Cartographic Research Centre have proposed the creation of a Traditional Knowledge open licensing scheme to help overcome some of the challenges associated with granting and obtaining permission for the use and sharing of traditional knowledge.  The scheme envisions a series of open licenses - similar to Creative Commons licenses -  responsive to the needs of granting communities that help overcome some of the obstacles parties routinely encounter in granting and obtaining permission for the use and sharing of traditional knowledge.

  • – 2016-06-03 –

    Canada Post has agreed to discontinue it's copyright infringement lawsuit against Geolytica.  The case involved a claim that Geloytica's use of a crowd-sourced database of postal codes mapped to geographic addresses infringed intellectual property rights Canada Post alleged that it enjoyed in those postal codes.

    While the terms of settlement are confidential, the parties have prepared an agreed statement:

    Canada Post commenced court proceedings in 2012 against Geolytica Inc. for copyright infringement in relation to Geolytica Inc.'s Canadian Postal Code Geocoded Dataset and related services offered on its website at geocoder.ca. The parties have now settled their dispute and Canada Post will discontinue the court proceedings. The postal codes returned by various geocoder interface APIs and downloadable on geocoder.ca, are estimated via a crowdsourcing process. They are not licensed by geocoder.ca from Canada Post, the entity responsible for assigning postal codes to street addresses. Geolytica continues to offer its products and services, using the postal code data it has collected via a crowdsourcing process which it created.

    While undoubtedly a good outcome for Geolytica, the settlement leaves unaddressed the legal claims advanced by Canada Post.

  • – 2016-03-23 –

    Cell-site simulators, colloquially referred to as IMSI Catchers or by brand names such as "Stingrays" or "King Fisher" are surveillance tools used by state agencies to identify or track mobile devices (and, of course, the individuals associated with such devices). Compared to other surveillance devices, IMSI Catchers are inherently invasive. They are designed to impersonate cell towers, in both functionality and appearance. As a result, IMSI Catcher surveillance is broad and indiscriminate -each time an IMSI Catcher is deployed against a specific target, it interferes with all devices in range. Each time an IMSI Catcher is used against one specific target, it can interfere with the privacy of thousands, collecting the digital identifiers (IMSI, IMEI) of all mobile devices within range. With these identifiers, otherwise anonymous individuals can be geo-located or tracked. In addition to the privacy interference, IMSI Catchers interfere with the functionality of mobile devices in range, preventing them from sending or receiving phone calls, text messages or data, including emergency 911 calls.

    The secrecy surrounding the use of these devices has been significant, with law enforcement agencies in Canada generally refusing to acknowledge, or even deny, whether they have ever made use of such a device. The Vancouver Police (VPD), for example, have refused to respond to a freedom of information demand from the Pivot Legal Society for any records relating to its use of these devices. CIPPIC and Christopher Parsons from Citizen Lab represented an intervener in the appeal of that refusal, OpenMedia. VPD defends its decision on the basis that acknowledging any IMSI Catcher would undermine their utility as surveillance tools. However, as we pointed out in the intervention, a lot of information is already in the public record regarding the capabilities of these devices and their use by state agencies, and there is a compelling public interest in publicizing use of these devices, to facilitate public debate regarding the appropriate parameters of their use. UPDATE: On May 25, 2016, after reviewing the record of the appeal, VPD issued a response, indicating that they do not own an IMSI Catcher and have no records relating to the use of such devices. However, ongoing questions remain regarding whether VPD has used these devices in past investigations through the aegis of the RCMP.

  • – 2016-03-04 –

    CIPPIC is pleased to announce that we will be hosting a Google Policy Fellow this summer. The Google Policy Fellow will join our Summer Internship Program and work closely with CIPPIC staff on a range of dynamic, cutting edge law & technology issues as we seek to further our mandate. This mandate regularly takes us before various policy- and law-making forums, including parliamentary committees, regulatory bodies, all levels of court and various international for as we seek to advocate in the public interest on issues arising at the intersection of law and technology. It additionally includes a public education and engagement component, as we seek to ensure the public is aware of issues that may effect their daily digital lives. Substantively, CIPPIC advocacy covers a diverse range of digital rights/policy issues, including copyright, privacy/electronic surveillance, telecommunications regulation/net neutrality, online consumer protection, online speech, access to knowledge and more general Internet governance concerns.

    We involve our interns and policy fellows in all elements of our work. In addition, the policy fellow will enjoy our Summer Speaker Series, which brings leading experts in Canadian law & technology fields in to discuss various pressing issues with our students in a closed environment. See our past annual bulletin for a list of past speakers, as well as a description of some of our recent work. Applications are due Friday, March 25, 2016. To apply, visit Google's Policy Fellowship interface and fill out the application form. The fellowship will run for 10 weeks this summer, and is open to any law students or law graduate students.

  • – 2016-02-12 –

    CIPPIC and the Centre for Intellectual Property Policy at McGill University have together applied for amicus curae status in Eli Lilly v. Government of Canada UNCT/14/2, a NAFTA trade dispute before an arbitration tribunal.

    At issue is whether Canada's utility standard under patent law meets Canada's obligations under North American Free Trade Agreement.  The Complainant, the pharmaceutical giant Eli Lilly, claims that it does not.  When a Federal Court judge invalidated one of its patent registration for failing Canada's legal test for "utility" - an essential requirement of any valid patent - Eli Lilly claimed that it was entitled to a remedy under NAFTA's investor protection provisions.

    Most trade agreements these days include these investor protection provisions.  This case marks the expansion of the use of these provisions from cases that look more like state expropriation to the general contours of substantive intellectual property law.  The Tribunal is being asked to challenge the court's supervisory role over patentability in the Canadian patent system and to take an expansive view of the content of NAFTA's patent provisions.

  • – 2015-12-10 –

    TekSavvy Solutions Inc., the ISP targeted by Voltage PIctures in its motion for the identities of roughly 2000 subscribers whom Voltage alleges have infringed copyright in Voltage films, has succeeded in its appeal of its cost award in that motion.  In an earlier motion, TekSavvy had been awarded $21,577.50 as its "reasonable legal costs, administrative costs, and disbursements".  On appeal, that figure was raised by an additional $11,822.50. 

    As a result of this decision, and assuming the parties seek no further appeal, after paying these costs to TekSavvy (assuming it chooses to do so), Voltage will be in a position to provide a draft of proposed communications to targeted Subscribers and request the Court to convene a case conference with the Federal Court Case Management Review judge to approve the contents of the letter. 

  • – 2015-11-27 –

    In the wake of the Paris attacks, there have been numerous calls by security agencies to once again expand the nature and scope of surveillance and other security framework under which they operate. Many of these calls were neatly summarized in an opinion piece in the Globe and Mail published November 25, 2015. A number of civil society organizations wrote in response today, refuting the one-sided expansion of state powers as an enduring solution to the world's security problems, the full response and list of signatories is replicated below. Also today, the International Civil Liberties Monitoring Group penned a well-argued response to attempts by RCMP Commissioner Bob Paulson, who has renewed calls for legislation granting police unsupervised and unrestrained access to online identifiers. The post recalls how Canadians have soundly rejected such calls in the past when it was presented as a solution to, in succession: cybercrime, child pornography and cyber-bullying. This latest iteration is equally as invasive and equally as unnecessary as its predecessors. Online identifiers are the essence to digital privacy and anonymity. Granting wholesale access to them is neither necessary to effective law enforcement or counter-terrorism, nor is it a proportional incursion on our digital privacy. If police need specific access to identifying information, it should only be obtained through the use of a dedicated production order similar to those already in the Criminal Code for other forms of metadata such as transmission and tracking information.

    Overall, as both civil society initiatives note, we are seeing a familiar list of demands for new powers from law enforcement following the Paris attacks. However, it is notable that none of these are responses to whatever shortcomings (if any) in surveillance powers may have contributed to the Paris attacks. The Globe and Mail letter is reproduced after the bump and can also be read here.