Secret RCMP Seizures
- January 22, 2015
- Clayton Rice, K.C.
On January 20, 2015, Justin Ling published an article on VICE NEWS titled “The RCMP Spent $1.6 Million to Run an Unconstitutional Spying Program”. The main points that Mr. Ling addresses are: (1) records obtained under the Access to Information Act show that the RCMP obtained subscriber information from the major telecommunication companies without warrants; (2) that the warrantless seizure process dates back until at least 2004; (3) that the seizures were made under the Personal Information Protection and Electronic Documents Act, S.C. 2000, c. 5 (known as PIPEDA); and, (4) the process continued after the Supreme Court of Canada held in R. v. Spencer, 2014 SCC 43 that the warrantless seizure of subscriber information held by a telecommunication company is unconstitutional because it violates the right to be secure from unreasonable search and seizure under s. 8 of the Charter of Rights.
I discussed the decision in Spencer in my post titled “Internet Engages Privacy as Anonymity” dated August 16, 2014, and I applauded this landmark judgment for its protection of the privacy rights of all Canadians. In Spencer, Justice Thomas A. Cromwell recognized at para. 66 that, “…disclosure of subscriber information will often amount to the identification of a user with intimate or sensitive activities being carried out online, usually on the understanding that these activities would be anonymous.” It appears from the information obtained by Mr. Ling that Telus and Bell, “…continued to fork over Canadians’ information even after that decision was handed down.” The big three telephone service providers – Bell, Telus and Rogers – have been implicated in the use of PIPEDA by the police to circumvent the warrant requirement.
Litigation involving PIPEDA has been sparse. The use of this legislation by law enforcement agencies to obtain confidential information that Canadians give to their telecommunication companies, in order to obtain mobile telephone and internet services, has been unsupervised by the courts. In 2013, I was retained with my Edmonton co-counsel, Tara E. Hayes, by one of the defendants in a case reported as R. v. Croft, 2013 ABQB 665, 304 C.C.C. (3d) 80 where Justice Brian R. Burrows, in the Court of Queen’s Bench of Alberta, concluded that there is no reasonable expectation of privacy in subscriber information at para. 41: “I find that in obtaining the subscriber information in this case, the police did not intrude upon anyone’s reasonable expectation of privacy and therefore did not conduct a search or seizure within the meaning of Charter s. 8. Therefore the police did not violate Charter s. 8 rights.”
Justice Burrows was clearly wrong in Croft. Although the Supreme Court of Canada did not consider Croft in Spencer it is reasonable to conclude that Croft has been implicitly overruled and is not good law.
The RCMP has circumvented judicial supervision by sending a request, usually by fax or email, to a telecommunication company under s. 7(3)(c.1) of PIPEDA. Specifically, sub-sec. 7(3)(c.1)(ii) provides that, “…an organization may disclose personal information without the knowledge or consent of the individual only if the disclosure is…made to a government institution that has…identified its lawful authority to obtain the information and indicated that…the disclosure is requested for the purpose of enforcing any law of Canada…[or]… carrying out an investigation relating to the enforcement of any such law…”. This statutory provision therefore allows a commercial entity such as a telecommunication company, otherwise required by PIPEDA to maintain the privacy of the personal information of its customers, to disclose that information to a law enforcement agency such as the RCMP.
The constitutionality of this section was challenged in Croft based on the argument that the section authorizes an unreasonable seizure of private information. In dismissing the motion for a declaration of unconstitutionality, Justice Burrows concluded at para. 45 that police authority to obtain the information must already exist under s. 7(3)(c.1) of PIPEDA before an organization possessing personal information may disclose it pursuant to the section. He stated: “The entity authorized to do something by the section already has the information. The entity obtaining it, the police, must have authority from a source external to the impugned section before it can obtain it.”
Justice Burrows further held at para. 46 that, “…since there was no reasonable expectation of privacy in the subscriber information in this case, even if the impugned provision somehow could be read as being a source of the police authority, no search or seizure within the meaning of Charter s. 8 occurred when police obtained the information.”
Justice Burrows was wrong on the threshold issue – whether there is a reasonable expectation of privacy in subscriber information. Since it has been held in Spencer that prior judicial authorization is required to seize subscriber information, it is now redundant for the police to send a PIPEDA request when they have already obtained a warrant or production order. Why bother? But that is not what the RCMP did here. It is in the interest of the police to ignore the warrant requirement because a PIPEDA request is cheaper, much less time consuming and not likely to be reviewed by the courts.
The fourth point made by Mr. Ling is that the RCMP continued to make warrantless requests for subscriber information, and telecommunication companies continued to “fork over” private information, after Spencer was decided. For example, the RCMP in British Columbia sent 129 requests to Telus and 27 to Bell. This is not an invasion of privacy on the scale of the dragnet data mining program conducted by the National Security Agency in the United States that I discussed in my post titled “Privacy and Telephony Metadata” dated October 2, 2014. It is, however, significant. The RCMP has collected private information on Canadians in 156 instances in British Columbia alone. These seizures appear to have been made without warrants in breach of the targets’ privacy rights and were thus unlawful. The information gathered probably continues to be retained in RCMP databanks. The documents obtained under the Access to Information Act by VICE did not include data from provincial police services, the Canadian Security Intelligence Service, Communications Security Establishment Canada or the Canada Revenue Agency.
According to Mr. Ling: “VICE asked the RCMP for clarification on when exactly the warrantless requests stopped, but did not receive a response.”