|
Ottawa, 12 February 1991
|
Telecom Decision CRTC 91-2
|
CRIMINAL INTELLIGENCE SERVICE OF ONTARIO - RELEASE OF INFORMATION BY BELL CANADA
|
I THE APPLICATION
|
On 25 January 1990, the Commission received an application from the Criminal Intelligence Service of Ontario (CISO), representing police forces throughout Ontario. CISO stated in its application that Bell Canada (Bell) will not release to the police technical information relating to certain Bell facilities, i.e., cables and pairs, wire out locations and special circuits. CISO stated that Bell had informed it that the information could not be released because of Commission regulations, specifically, Article 11.1 of the Terms of Service.
|
Article 11.1 states as follows:
Unless a customer consents in writing or disclosure is pursuant to a legal power, all information kept by Bell Canada regarding the customer, other than the customer's name, address and listed telephone, is confidential and may not be disclosed by Bell Canada to anyone other than:
|
- the customer
|
- a person who, in the reasonable judgement of Bell Canada, is seeking the information as an agent of the customer;
|
- another telephone company, provided the information is required for the efficient and cost-effective provision of telephone service and disclosure is made on a confidential basis with the information to be used only for that purpose.
|
CISO noted that Bell had asserted that the information sought is confidential customer information within the meaning of Article 11.1. CISO stated, however, that Bell does not release such information to the customer. CISO submitted that Bell will release the information pursuant to a search warrant, but that a search warrant cannot legally be used in this situation, since the information is not in itself evidence of any criminal offence.
|
CISO argued, among other things, that the information it seeks describes the location of Bell facilities outside the customer's premises and should not be considered confidential customer information within the meaning of Article 11.1. CISO submitted that confidential customer records should be considered to pertain only to information of a strictly personal nature. CISO further submitted that the technical information sought should be released only to accredited police agencies and only for the purposes set out in its application.
|
CISO stated that the police require the technical information sought for use in emergency situations and in various circumstances during the investigative process. CISO argued that police require the information for the installation of devices to intercept private communications, for the detection and removal of unlawful interception devices, and for the installation of Dialed Number Recorders (DNRs).
|
II FURTHER SUBMISSIONS
|
Bell filed its answer to CISO's application on 28 February 1990. CISO filed its reply on 19 March 1990.
|
On 11 May 1990, the Commission issued CRTC Telecom Public Notice 1990-46, inviting comment on the issues raised by CISO's application. In response to that Public Notice, the Commission received submissions from several interveners, including: Association coopérative d'économie familiale du Centre de Montréal, Fédération nationale des associations de consommateurs du Québec, and Ligue des droits et libertés (ACEF et al); British Columbia Civil Liberties Association; British Columbia Old Age Pensioners' Organization, Council of Senior Citizens' Organizations of British Columbia, West End Seniors' Network, Senior Citizens' Association, Federated Anti-Poverty Groups of British Columbia, and Local 1-217 IWA Seniors; British Columbia Telephone Company (B.C. Tel); New Democratic Party of Canada; Office of the Information and Privacy Commissioner, Ontario (Ontario Privacy Commissioner); Privacy Commissioner of Canada; Telecentre; Telecommunications Workers' Union; and Walling Corporation.
|
Bell filed further comments dated 13 July 1990. CISO filed its final comments on 26 July 1990.
|
III POSITIONS OF PARTIES
|
A. Interveners
|
Without exception, the interveners were of the view that the Commission should not approve CISO's application.
|
ACEF et al and Telecentre submitted that the information sought by CISO is clearly customer-specific. The Privacy Commissioner of Canada urged the Commission to recognize that the information sought is confidential information pursuant to Article 11.1. These interveners submitted that the police are seeking such information precisely because it does relate to an identifiable subscriber.
|
All of the interveners expressed concern with respect to the possible impact on subscriber privacy if CISO's application is approved. Generally, the interveners were of the view that the protection of the individual's right to privacy must be balanced against society's interest in law enforcement, and that the Parliament of Canada has enacted legislation to provide that the courts are to determine when it is in the public interest to allow a law enforcement agency access to such information. Several interveners expressly supported this system of judicial review of police requests for access to information such as that sought by CISO.
|
The Ontario Privacy Commissioner submitted that, to ensure a measure of accountability, Bell should record all requests by CISO for the use of technical information and file an annual report with the Commission concerning those requests.
|
B.C. Tel stated that it had received no recent requests by any police or criminal intelligence service for the type of information requested by CISO. B.C. Tel also stated that, as a matter of procedure, the technical work necessary to attach listening devices to its network is done by the company, upon receipt of a request from the police, accompanied by the appropriate legal authorization. B.C. Tel stated that, to date, there has been no complaint that this arrangement handicaps the activities of police forces.
|
B. Bell
|
Bell noted that, when proper authorization is obtained by the police pursuant to the Criminal Code, it performs the installation and bridging of circuits required for wiretaps. Bell stated that this procedure was developed in 1985 in response to a request from CISO. Bell stated that it has had no complaints from police regarding delays in the implementation of authorizations, and that present procedures are adequate.
|
Bell noted that it cooperates with police to provide the necessary technical support in life threatening situations. Bell stated that, on police request, it searches its network for unlawful interception devices, and that it would be inappropriate for the police to conduct a physical investigation of the company's network.
|
Bell submitted that the technical information sought is customer-specific and, as such, is "information kept by Bell Canada regarding the customer". Bell stated that, while technical information is customer-specific, it does not release such information to the customer in order to protect its network from unauthorized intrusions and to ensure the confidentiality of telecommunications. Bell submitted that the facilities in question are Bell property and that customers do not require information with respect to them.
|
Bell noted that the unauthorized interception of a private communication is an offence under the Criminal Code. Bell stated that a recent decision of the Supreme Court of Canada had held that certain interceptions currently permissible under the Criminal Code are contrary to the prohibition against unreasonable search and seizure contained in the Canadian Charter of Rights and Freedoms (the Charter). On the basis of this decision, Bell was of the opinion that some of the uses proposed by CISO for the technical information may be contrary to the Criminal Code or the Charter. Bell noted that, to the extent that this may be so, an amendment to Article 11.1 would not alter the company's legal liability regarding its assistance with or participation in such activities. Bell submitted that the law is unclear on this point and that the Parliament of Canada, which has the jurisdiction to amend the Criminal Code, is the appropriate forum for the debate.
|
Bell cited several legal cases concerning DNRs, and argued that the case law is unsettled as to the need for an authorization for the installation of such devices. Bell argued that its own use of DNRs in investigating toll frauds and thefts is specifically permitted under the Criminal Code.
|
In its comments filed pursuant to Public Notice 1990-46, Bell noted the opposition of interveners to amendments to Article 11.1 that would permit, without a legal power, the release of confidential technical information to law enforcement agencies.
|
Bell also noted the Ontario Privacy Commissioner's submission that the company should file an annual report detailing all requests from CISO for technical information. Bell submitted that there is no need for such a report, as Bell already files an annual report on the disclosure of confidential information. Bell also submitted that the preparation of the report suggested would involve the development of an internal system, the costs of which are unknown.
|
C. CISO
|
In its reply to Bell's initial answer in the proceeding, CISO submitted that the information it seeks is not customer-specific and that, consequently, Article 11.1 does not apply. CISO also argued that a direction from the CRTC to release the information would constitute a "legal power" within the meaning of Article 11.1.
|
CISO disagreed with Bell's interpretation of the recent decision of the Supreme Court of Canada, cited by the company as standing for the proposition that certain interceptions currently permissible under the Criminal Code are contrary to the prohibition against unreasonable search and seizure contained in the Charter. In addition, CISO stated that police forces only conduct interceptions under the authority of court orders or with consent. CISO reiterated that a search warrant is not the proper vehicle for obtaining the information it seeks.
|
CISO stated that the procedures instituted by Bell in 1985 are becoming increasingly cost prohibitive in all regions of Ontario except the local calling area of Metropolitan Toronto. CISO submitted that it is imperative that Bell release the information sought in order for police forces to exercise the option of using the Bell service or relying on their own resources. CISO also submitted that, in connection with witness protection and witness relocation, it is necessary to exclude Bell personnel from knowledge of the situation. CISO also stated that police personnel are more capable of conducting certain procedures. Further, in certain circumstances regarding internationally protected persons, where security is tantamount, Bell technicians (as civilians) cannot receive sufficient security clearance.
|
CISO cited a Working Paper of the Law Reform Commission of Canada in support of the submission that the use of a DNR does not constitute an unlawful interception, and an opinion of the Senior Crown Counsel, Attorney General's Crown Law Office, Criminal Division, in support of the submission that the use of such a device does not contravene section 8 of the Charter.
|
In its final comments in the proceeding, CISO reiterated its earlier arguments in support of its application. In response to the comments filed by interveners, CISO repeated that a search warrant is not the appropriate avenue for obtaining the information in question because what is searched for under a warrant must be tangible and must afford evidence with respect to the commission of an offence. CISO stated that the information it seeks is not evidence of a criminal offence. CISO noted that police could obtain the information pursuant to judicial authorization. CISO submitted, however, that such an authorization also allows the police to intercept private communications, and is thus too intrusive and an abuse of the system in such circumstances. CISO stated that it wishes to attempt to establish a procedure within the system that is not as invasive as a judicial authorization.
|
CISO objected to the submission that some of the uses it proposes for the information may be contrary to the Criminal Code. CISO stated that police do not intercept private communications without a judicial authorization.
|
CISO submitted again that technical information is not customer-specific, but pertains to physical locations rather than to individuals. CISO requested that, if the Commission agrees with Bell's interpretation, it provide a definition of the words "legal power" in Article 11.1 that would permit the release of technical information other than pursuant to a search warrant or a judicial authorization.
|
IV CONCLUSIONS
|
CISO argued in this proceeding that the information in question does not, or should not, fall within the scope of Article 11.1, because the information pertains to Bell facilities that are outside the customer's premises and to physical locations rather than to individuals. However, while the technical information in question relates to physical facilities, those facilities are clearly associated with a specific customer. Indeed, as the Privacy Commissioner of Canada and other interveners submitted, police seek such information precisely because it does relate to an identifiable individual.
|
The Commission does not consider Bell's refusal to supply the information in question to the customer to be inconsistent with its position that the information falls within the scope of Article 11.1. Article 11.1 does not require that information be provided by the customer or be known to the customer before it can be considered confidential. In the Commission's view, the fact that information is neither customer-provided nor known to the customer is irrelevant to any potential threat to the customer's privacy posed by the release of that information.
|
The Commission concludes that the technical information that CISO wishes to have released, namely, information with respect to cables and pairs, wire out locations and special circuits, is "information kept by Bell Canada regarding the customer" within the meaning of Article 11.1 of the Terms of Service.
|
CISO also requested that, if the Commission were to find that the technical information in question falls within the scope of Article 11.1, it amend Article 11.1 or define the term "legal power" so as to permit the release of such information to the police.
|
In the Commission's view, provisions concerning the release of customer information for the purposes of law enforcement must, among other things, strike an appropriate balance between the subscriber's interest in privacy and the public's interest in law enforcement. The Commission considers that the current Article 11.1 strikes the appropriate balance between those interests.
|
As noted by Bell and by interveners in this proceeding, subject to the Charter, Parliament has set out, in the Criminal Code criteria relating to legal powers, such as authorizations, that may be exercised in order to obtain information for law enforcement purposes. These criteria provide for the control of law enforcement procedures through the judicial process. The Commission considers Parliament and the courts to be the appropriate arenas for determining what are, or should be, the proper procedures for authorizing the release of the information described in CISO's application.
|
In light of the above, the Commission considers it inappropriate to amend Article 11.1 to permit the release to the police of the technical information described by CISO. Similarly, the Commission considers it inappro- priate to define the term "legal power" to permit the release of the information under the terms of the current Article 11.1. Accordingly, the Commission denies CISO's application.
|
The Ontario Privacy Commissioner suggested that, to ensure a measure of accountability with respect to police access to technical information, Bell be required to file annual reports with the Commission describing all CISO requests for Bell technical information or equipment.
|
Pursuant to Telecom Order CRTC 86-593, 22 September 1986, Bell files an annual report on the disclosure of customer confidential information. The report sets out (1) the nature of the information disclosed, (2) the purposes for which the information was disclosed, (3) the recipients, by category, to whom the information was disclosed, (4) the safeguards employed to ensure compliance with the intent of Article 11.1, and (5) the number and nature of subscriber complaints regarding the disclosure of confidential customer information and a summary of the disposition of these complaints.
|
The Commission considers the current reporting requirements sufficient to protect the privacy of the customer. Details of all requests that the company receives, including those it declines, would be of little assistance to the Commission. Accordingly, the Commission denies the Ontario Privacy Commissioner's request that Bell be directed to file an annual report on all requests made by police for Bell technical information.
|
Allan J. Darling
Secretary General
|
|