FYI.

This story is over 5 years old.

Tech

One of Canada's Biggest Telecoms Refuses Data Reques To Police Without a Warrant

Rogers just said cops are going to need a warrant if they want user data from now on.
Image: Wikimedia Commons

After revelations that Canadian authorities can access user data with little effort shook consumer confidence in internet service providers, one of Canada’s largest telecommunications companies has gone on the record saying it will no longer fork over user data to police without a warrant.

Canadian privacy expert Michael Geist first reported that Roger’s Communications, which is Canada's second-largest provider of internet and mobile services, said in an online statement that it will no longer play ball with Canadian cops if they have no court order.

Advertisement

“After hearing your concerns and reviewing the Supreme Court ruling from last month,” reads the statement from Rogers, “we’ve decided that from now on we will require a court order/warrant to provide basic customer information to law enforcement agencies, except in life threatening emergencies. We believe this move is better for our customers and that law enforcement agencies will still be able to protect the public.”

The decision comes on the heels of the landmark Supreme Court case, which unanimously found that law enforcement requesting Canadians' personal information from ISPs before obtaining a search warrant is unconstitutional.

Add in the myriad privacy revelations leading up to that case. First Canadians were told that CSEC was spying on the Brazilian natural resources department, followed by revelations the signals intelligence agency grabbed citizen metadata through an unnamed airport wifi. In April, the privacy commissioner disclosed that, for reasons still unknown, the government made 1.2 million user data requests to telecom companies in a single year and the government regularly creeps your Facebook and Twitter accounts.

Previously, in the same online customer awareness page, Rogers maintained it only disclosed information on users, such as customer name and address checks, in emergency situations or in the case of court order or warrant. But we know requests to Canadian ISPs (including Rogers) have gone further: As Motherboard reported in May, law enforcement agencies like CSIS and CSEC gained unprecedented access to an array of user data, all a mere phone call away.

Advertisement
Statistics breaking down user data requests to Rogers from their 2013 transparency report.

Ken Engelhart, Rogers's chief privacy officer, maintained the company vetted previous requests closely to determine the law enforcement and public safety value of granting access to user data.

“We don’t provide direct access to our customer databases,” he said in a statement. “We carefully review requests to ensure they’re legally valid and not overly broad, and then our staff provides the information securely so that only the government or law enforcement agency requesting it can access it.”

Regardless of a placating privacy officer or that Rogers now offers transparency reports to its users, the fact remains: in 2013 alone, Rogers received “about 175,000” requests, while it’s unknown how many it granted or what exactly was disclosed.

Ultimately, the move by Rogers signals that the ISP establishment in Canada might be worried about taking a hit from more privacy-conscious users, especially when you consider competitors like Teksavvy, a smaller ISP, came out in June refusing to give law enforcement user data without a warrant.

Either way, it's a big deal for Canadians who can now at least rest assured that one of its biggest ISPs, serving nearly 10 million people, will wait for a warrant before their user data is shipped off to CSEC or whoever else calls.