Earlier this year, an Ontario judge ruled that a police request for a “tower dump,” which asked two of Canada’s largest telecom companies to hand over tens of thousands of Canadians’ subscriber information, was overly broad and unconstitutional.
On Thursday, Rogers—which fought the police’s request in court—released its third annual transparency report, which promised in the preamble to break down in greater detail the kinds of police requests for information that it received in 2015, including tower dumps. This kind of breakdown is a first for Rogers.
Unfortunately, the report doesn’t go nearly far enough in disclosing how many similar requests Rogers received and potentially fulfilled in the last year, leaving Canadians in the dark about the flatly unconstitutional police practice.
“I'd like to have seen them really dig down and give specific numbers for how many tower dump requests they received, and how many customers were affected,” David Christopher, a spokesperson for digital rights group OpenMedia, wrote Motherboard in an email.
Whether the requests asked for information on one, or a dozen, or a thousand, or ten thousand customers at once is unknown
The problem is that Rogers counts the requests it receives by the number of impacted customers, except for when it comes to tower dumps. So, the transparency report states, “one court order requesting information on ten customers would be counted as ten requests.” The exception is “non-customer specific” tower dump requests, which may impact tens of thousands of customers, and are counted solely by the number of times engineers had to pull data from a tower.
Both tower dump requests and those that come from more narrow warrants are counted in the same “court order/warrant” category, with no further breakdown. Whether the individual requests counted in this category asked for information on one, or a dozen, or a thousand, or ten thousand customers at once is unknown. Thus, we don’t know specifically how many tower dump requests Rogers may have fulfilled or rejected, versus warrants for one or a handful of people, or how many customers were ultimately affected.
Rogers has not responded to Motherboard’s request for comment.
What we do know is this: in 2015, according to the report, Rogers received a total of 86,328 law enforcement requests, and fulfilled 97 percent of them. Of those requests, 74,977 were made through a court order or warrant, and Rogers fulfilled 99 percent of those. Roughly 2,000 requests came in the form of requirement letters commonly used by regulatory agencies, and Rogers complied with every single one of those.
There is some good news: overall, government requests for information in 2015 were down 24 percent from 2014.
Rogers’ transparency report states that in 2015, the company ended up handing over information relating to just half of the customers listed in police’s original requests for tower dumps. The previous year, Rogers disclosed 100 percent of the information requested by police in tower dumps.
In 2016, thanks in part to new guidelines that ask police to narrow their tower dump requests, Rogers anticipates that it will disclose information on roughly 10 percent of the customers police seek information on through tower dumps.
Telus, the other Canadian telecom that challenged the RCMP on its overbroad tower dump requests, released its first transparency report ever in 2014. Let’s hope this year’s report is more interesting than Rogers’.
Rogers Keeps Canadians In the Dark About Unconstitutional Surveillance Requests
Aucun commentaire:
Enregistrer un commentaire