Skip to Content

Vic Toews Sent Me an Email!

Today I received an email purporting to be from Vic Toews. This is clearly a response to the public outcry over bill C-30 currently being considered by the government. The bill is titled the "Protecting Children from Internet Predators Act" and fails to mention the term "child" or "predator" even once. This is a very bad bill that grants very broad Orwellian surveillance capabilities to the government and anyone the government designates.

If I put on my conspiracy theory hat for a moment, I can't help but think that this bill was written by the music and movie industries. The level of unfettered access to the online activities of Canadians so nicely falls in line with the types of lawsuits they want to pursue. That is suing everyone into oblivion for access "their" content without paying the graft, er I mean toll. They have had problems in this area in the past due to matching IP address to specific users and proving that USER actually did the crime, er.. data transfers. Bill C-30 requires the ISPs to gather enough data to match specific data transfers to specific people. Well at least to the person responsible for the data connection, that should be good enough for them. More importantly the bill requires this data to be handed over to anyone designated by the government without a warrant. Just how long do you think it would be that an employee of the music/movie industry, or at least someone friendly to them, is so designated?

Ok, back out of conspiracy land. In the interest of transparency I'm posting the letter I received below. I'm also posting my response where I felt compelled to correct the honourable Minister on his statements.

I encourage EVERYONE to also respond to Mr. Toews at vic.toews.c1@parl.gc.ca.

The letter purporting to be from Mr. Toews (cleaned up a little to get rid of the generous use of line breaks):

Thank you for contacting my office regarding Bill C-30, the Protecting Children from Internet Predators Act.

Canada's laws currently do not adequately protect Canadians from online exploitation and we think there is widespread agreement that this is a problem.

We want to update our laws while striking the right balance between combating crime and protecting privacy.

Let me be very clear: the police will not be able to read emails or view web activity unless they obtain a warrant issued by a judge and we have constructed safeguards to protect the privacy of Canadians, including audits by privacy commissioners.

What's needed most is an open discussion about how to better protect Canadians from online crime. We will therefore send this legislation directly to Parliamentary Committee for a full examination of the best ways to protect Canadians while respecting their privacy.

For your information, I have included some myths and facts below regarding Bill C-30 in its current state.

Sincerely,

Vic Toews
Member of Parliament for Provencher


Myth: Lawful Access legislation infringes on the privacy of Canadians.

Fact: Our Government puts a high priority on protecting the privacy of law-abiding Canadians. Current practices of accessing the actual content of communications with a legal authorization will not change.

Myth: Having access to basic subscriber information means that authorities can monitor personal communications and activities.

Fact: This has nothing to do with monitoring emails or web browsing.  Basic subscriber information would be limited to a customer's name, address, telephone number, email address, Internet Protocol (IP) address, and the name of the telecommunications service provider. It absolutely does not include the content of emails, phones calls or online activities.

Myth: This legislation does not benefit average Canadians and only gives authorities more power.

Fact:  As a result of technological innovations, criminals and terrorists have found ways to hide their illegal activities. This legislation will keep Canadians safer by putting police on the same footing as those who seek to harm us.

Myth: Basic subscriber information is way beyond "phone book information".

Fact: The basic subscriber information described in the proposed legislation is the modern day equivalent of information that is in the phone book. Individuals frequently freely share this information online and in many cases it is searchable and quite public.

Myth: Police and telecommunications service providers will now be required to maintain databases with information collected on Canadians.

Fact: This proposed legislation will not require either police or telecommunications service providers to create databases with information collected on Canadians.

Myth: "Warrantless access" to customer information will give police and government unregulated access to our personal information.

Fact: Federal legislation already allows telecommunications service providers to voluntarily release basic subscriber information to authorities without a warrant. This Bill acts as a counterbalance by adding a number of checks and balances which do not exist today, and clearly lists which basic subscriber identifiers authorities can access.

And my response:

Thank you for responding.

Unfortunately, your facts are wrong, or do not address the myth.  Let me correct you on the most important (i.e non-political speak) points:

1. Your statement regarding the online exploitation that is happening is a false lead.  While such exploitation does happen on a regular basis, the law enforcement agencies have yet to provide a case where they were not able to address these issue without the surveillance mandated by the bill.  In short, the expressed purpose of the bill is already met by current laws.  This bill is not needed.

2. Your statement that the police will not be able to read emails or view web activity without a warrant is wrong.  The bill outright says that this level of detail must be provided to the designated representative on demand, without a warrant.

3. The fact that only "basic subscriber information" will be gathered is wrong.

The information to be gathered, and the equipment needed to facilitate this gathering, allows the ISPs to watch and store traffic for specific individual computer connections.  The bill does not say this level of traffic monitoring cannot not be asked for and even suggest it MUST be provided on demand.  So it is assured that it will be asked for.  The bill allows what amounts to a phone tap on any individual for any reason without a warrant.  The data flowing across the lines is so much more than basic phone book information.  Given an IP address and the name of the Internet subscriber, the data available via the equipment that is required by this bill gives unfettered access to whatever a real person is doing online at any given moment. Even more alarmingly, the bill outright states it does not have to be a law enforcement officer who requests the data - any "representative" designated by the minister's office will have this authority - without warrants.  I am cycnical enough to believe that it will be a very short time before the designated representative just happens to have strong ties to the music/movie and big content industries.  They have long been demanding just this sort of access.

As a business owner, I am VERY alarmed by this.  The government should not have access to ANY of my business communications, except where such communication is with the government.  I have an obligation, by law, to ensure my customer data is kept confidential.

4. Your response to the myth that this bill does not benefit average Canadians fails to show how Canadians will be kept safer.  The statement is not enough.  And more importantly, the police already have laws in place to keep us safe and this bill does not offer them anything other than a higher level of surveillance against every Canadian without warrant.  Again, there has not been any stated case where not having this level of surveillance stopped the police from doing their duties.

5. Your "fact" about the "phone book information" is actually true. However, if this information is already freely available through other means then there is absolutely no need to mandate that ISPs must provide this information by law.  The police already have other means to gather this public information.

6. Your response to the myth about databases for the collected information is wrong.  While the bill does not explicitly state "thou shalt create and maintain a database', there is no way to get the data the bill allows to be demanded WITHOUT such a database.  Otherwise, how would the data be stored so the designated representative could copy that data on demand?  The term database means any collection of information that can be sorted or filtered through.  A "database" such as Oracle, or MS SQL Server are just computer based examples of this general term.

7. Your response to the "myth" of unregulated access to personal information is mis-targeted and again demonstrates why bill C-30 is not needed.  If the police and governments can already get access to this level of information via the voluntary release mechanism, then bill C-30 is not needed.  However there is room to regulate the release of personal information so that it is not just "voluntary".  However, that regulation would take the form of rules and guidelines - not a whole new law demanding unfettered access to the data by anyone the Minister designates.  Bill C-30 does not address this area in an appropriate manner.


With due respect Mr Toews, I believe you have been swindled by a lobbiest. This bill goes too far towards a Orwellian type society, Until this issue came up, I believe you had a relatively successful political career.  Unfortunately, I believe your political career is coming to an end.  Canadians are generally polite and very tolerant. But they don't take kindly to being called pedophiles, being treated as stupid idiots who can't read, or being spied on for no purpose.  I believe they will continue to show their angst over bill C-30 at every possible instance - including the elections.

Now, if you'll excuse me, I need to go and set up full data encryption across my entire network for both incoming and outgoing data.  This happens to be technically feasible, easy, and legal.  And it is the only way I can safely ensure my customer data stays confidential given the types of laws my government is considering.  I also need to plan some educational services for the general public so that they too can legally bypass the measures set out in this unfortunate bill.   After that, I may need to investigate moving to a less intrusive country.