Wednesday, March 25, 2015

Cyberbullying for family law practitioners (*not intended to be a how-to guide)

I was invited to speak with the Canadian Bar Association's Nova Scotia Family Law Section on cyberbullying law for family law practitioners. I was very happy to do so, given that many instances of cyberbullying arise from failed relationships and this will be a growing issue for family lawyers.

In case it is of interest, here is the presentation:

Wednesday, March 18, 2015

In Bill C-51, you can be ORDERED to help CSIS violate the Charter

Oh, there are so many things wrong with Bill C-51, the government's proposed Anti-Terrorism Act, 2015. But one aspect that I find particularly frightening has not received much attention. Under new amendments to the CSIS Act, you can be ordered to help CSIS violate the Charter rights of others.

Yup. Bill C-51 expands the sort of warrants that the Canadian Security Intelligence Service can obtain. It used to be that they could make secret applications, in secret, in front of a judge in a secret bunker for secret warrants to do things like wiretap, install bugs, etc. Now, CSIS is given a broader mandate to take measures to reduce "threats to the security of Canada". (Which is an incredibly vague term that should send chills up your spine.) And under C-51, CSIS can apply for warrant permitting its agents to break laws, including the Charter, to reduce such threats:

21.1 (1) If the Director or any employee who is designated by the Minister for the purpose believes on reasonable grounds that a warrant under this section is required to enable the Service to take measures, within or outside Canada, to reduce a threat to the security of Canada, the Director or employee may, after having obtained the Minister’s approval, make an application in accordance with subsection (2) to a judge for a warrant under this section.

So such a warrant would allow CSIS to do things, inside or outside of Canada, that would otherwise violate our criminal law or the Charter. That's bad enough. But Bill C-51 also gives CSIS the ability to get an order requiring others to help them violate our criminal law or the Charter.

Assistance order

22.3 (1) A judge may order any person to provide assistance if the person’s assistance may reasonably be considered to be required to give effect to a warrant issued under section 21 or 21.1.


And to make it worse, the order can include a gag-order preventing you from complaining about it.

Confidentiality

(2) The judge may include in the order any measure that the judge considers necessary in the public interest to ensure the confidentiality of the order, including the identity of any person who is required to provide assistance under the order and any other information concerning the provision of the assistance.


I don't think that this would survive Charter scrutiny, but it's very troubling that the government wants CSIS to be able to deputize anyone and to force them to help in CSIS's "kinetic activities".

That's incredibly troubling.

Monday, March 16, 2015

Privacy Commissioner: Health Canada violated privacy laws by disclosing personal health information of over 40,000 Canadians

A press release issued today by my firm and the other firms listed below, who are representing more than 40,000 Canadians affected by a Health Canada privacy breach:

The Office of the Privacy Commissioner of Canada has completed its investigation of Health Canada's privacy breach affecting over 40,000 licensees of the Marihuana Medical Access Program (MMAP), concluding that Health Canada violated federal privacy laws.

In November 2013, Health Canada sent written notices to over 40,000 individuals, outlining changes to the MMAP. The envelopes used for the mail-out clearly included the words "Health Canada - Marihuana Medical Access Program" on the return address, indicating to anyone who saw the envelopes that the recipient was either licensed to possess medical marihuana or to grow it for medical purposes. The envelopes were oversized so more likely to come to people's attention. Previously, Health Canada had been discreet in its communications with program members.

Three hundred and thirty nine affected individuals complained to the Office of the Privacy Commissioner, who initiated an investigation. The complainants cited several concerns relating to the impact of Health Canada's actions on their personal lives including concerns about losing their jobs, reputational damage and personal safety.

In a finding dated March 3, 2015, the Commissioner determined that Health Canada had violated the federal Privacy Act, which is designed to protect the privacy of Canadians when the federal government handles their sensitive information. The Commissioner's Finding was only sent to the 339 individuals who filed complaints with the Privacy Commissioner, but a copy of the document can be found here. Affected individuals who were not among the original complainants do not have to file additional complaints to the Commissioner, as the investigation is concluded.

The finding rejects the justifications put forward by Health Canada, which include blaming the patients for having gone to the media about the breach, which brought attention to the matter. The government also suggested that including the full name of the program instead of an abbreviation that would protect privacy was one of the "reasonable options" available to it under the law.

McInnes Cooper, Branch MacMaster LLP, Charney Lawyers, and Sutts Strosberg LLP are jointly representing affected users in an intended class action lawsuit against Health Canada filed in the Federal Court.

"It was clear to me, as soon as my phone started ringing in November 2013, that there was no justification for the careless error made by Health Canada in this case," said privacy lawyer David Fraser of McInnes Cooper. "It's one thing to acknowledge making a mistake, which Health Canada did, but immediately turning around to blame the victims is repulsive."

"We are pleased that the Privacy Commissioner of Canada agrees that Health Canada violated the law in its mishandling of patients' personal information," said David Robins of Sutts Strosberg LLP.

"Hundreds of people have reached out to us through our secure website for the class action to tell us how the breach has affected them, from lost jobs, effects on family relationships and social stigma. Each person who was a part of the MMAP was promised by Health Canada that their confidentiality would be protected," said Ted Charney of Charney Lawyers, adding that "the Commissioner is not able to award compensation to the victims or penalize Health Canada for its unlawful conduct, so the class action lawsuit is important in pursuing justice."

"We expect that the court hearing to ask that the case be blessed as a certified class action will take place in the early summer. If the judge agrees, we can move forward with the merits of the case," said Ward Branch of Branch MacMaster. "The privacy commissioner's report serves as a helpful roadmap for the case."

Affected class individuals are encouraged to register at www.marijuanaclassaction.com. While class members are not required to "opt in" to participate in the intended class action lawsuit, providing contact information and advising class counsel about how this privacy breach has affected you individually will help class counsel in bringing the case forward. Those who have already registered on the secure website do not need to re-register, but may want to update their information if their circumstances have changed or if they have experienced additional harms as a result of the breach.

About Branch MacMaster LLP

Branch MacMaster LLP is a boutique litigation law firm established in 1998 and located in Vancouver, British Columbia. The firm focuses on class actions, health, insurance, and personal injury. The firm provides responsive, flexible, and cost-effective service to their clientele.

About Charney Lawyers

Charney Lawyers is a Toronto, Ontario firm with an established reputation for excellence in advocacy. The firm is experienced in personal injury, class proceedings, commercial litigation, insurance defence, employment law, medical malpractice, food borne illness, construction law and appeals.

About McInnes Cooper

McInnes Cooper is among the top business and litigation law firms in Canada, with more than 200 lawyers in seven Canadian offices, serving clients across North America and abroad. The firm is a market leader in energy and natural resources, business, litigation, employment, tax, real estate and insurance law. McInnes Cooper is the exclusive member firm in Newfoundland, New Brunswick, Nova Scotia and Prince Edward Island for Lex Mundi – the world's leading network of independent law firms with in-depth experience in 100+ countries worldwide.

About Sutts Strosberg LLP

Sutts, Strosberg LLP is a nationally recognized law firm committed to excellence in litigation, with offices in Windsor and Toronto. The firm has a special interest in class actions, having represented groups or classes of individuals in every province and territory, and in every level of court, and is experienced in complex civil and commercial disputes, corporate, commercial and financial transactions, medical malpractice cases, personal injury cases, family law and criminal law.

Monday, March 09, 2015

Canadian "revenge porn" and lawful access law is now in effect

Bill C-13, entitled the "Protecting Canadians from Online Crime Act", is now in effect. It received royal assent on December 9, 2014 and states that it comes into effect three months after that. (See: LEGISinfo - House Government Bill C-13 (41-2))

For previous commentary on the Bill, check out my past posts labelled "Bill C-13".

Thursday, March 05, 2015

Quebec man charged with obstruction for not giving up smartphone password to customs officer

The CBC (Quebec resident Alain Philippon to fight charge for not giving up phone password at airport and the Halifax Chronicle Herald (Quebec man faces charge for refusing to let Halifax border guards check his phone) are reporting that a man from Quebec has been charged with obstruction for not giving this smartphone password to a Canada Border Services Agency inspector upon his return to Canada at Halifax International Airport.

It would appear that the individual has been charged under s. 153.1 of the Customs Act, which deals with "hindering" a customs officer:

Hindering an officer 153.1 No person shall, physically or otherwise, do or attempt to do any of the following:

(a) interfere with or molest an officer doing anything that the officer is authorized to do under this Act; or

(b) hinder or prevent an officer from doing anything that the officer is authorized to do under this Act.

To my knowledge, this is the first case of its kind. I haven't been able to find any case where this provision has been used in similar circumstances.

There is little doubt that there is a reduced expectation of privacy at the border, and past cases have found that a warrantless search of a laptop for child pornography was as justifiable as a search of a suitcase. What will be most interesting to watch as this cases progresses is whether the Courts will take into account more recent Supreme Court cases dealing with laptop and cell phone searches and if there is a positive duty on the part of a traveler to unlock or provide the password to a digital device.

This is definitely a case to watch: if a Court finds this accused has obstructed or hindered a customs officer in this case, it would likely also be an offense to refuse to unlock a smartphone for a police officer carrying out a lawful search.

CRTC issues first CASL penalty: $1.1 million levied against Compu-Finder

The CRTC has levied its first penalty under Canada's Anti-spam Law (CASL): a whopping $1.1 million against Compu-Finder for sending commercial electronic messages without consent and for not meeting the unsubscribe requirements under the law.

It would appear that Compu-Finder got the CRTC's attention quite vividly thanks to a huge number of complaints made to the CRTC's anti-spam reporting centre. Apparently 26% complaints received for this industry segment related to this company.

Here's the CRTC's media release:

CRTC Chief Compliance and Enforcement Officer issues $1.1 million penalty to Compu-Finder for spamming Canadians - Canada News Centre

March 5, 2015 – Ottawa-Gatineau - The Canadian Radio-television and Telecommunications Commission’s (CRTC’s) Chief Compliance and Enforcement Officer today issued a Notice of Violation to Compu-Finder, which includes a penalty of $1.1 million, for breaking Canada’s anti-spam law. Compu-Finder has 30 days to submit written representations to the CRTC or pay the penalty. It also has the option of requesting an undertaking with the CRTC on this matter.

Further to an investigation, the Chief Compliance and Enforcement Officer finds that Compu-Finder sent commercial electronic messages without the recipient’s consent as well as emails in which the unsubscribe mechanisms did not function properly. The emails sent by Compu-Finder promoted various training courses to businesses, often related to topics such as management, social media and professional development. The four alleged violations occurred between July 2, 2014 and September 16, 2014. Furthermore, an analysis of the complaints made to the Spam Reporting Centre of this industry sector shows that Compu-Finder accounts for 26% of all complaints submitted.

The CRTC is assessing complaints submitted to the Spam Reporting Centre that are under its legislative mandate and a number of investigations are currently underway. The CRTC is working with its partners, both within Canada and internationally, to protect Canadians from online threats and contribute to a more secure online environment.

The CRTC can discuss corrective actions with individuals, firms or organizations, which may lead to an undertaking that includes an amount to be paid and other corrective measures. As part of its powers, the CRTC can also issue warning letters, preservation demands, notices to produce, restraining orders and notices of violation.

Canadians are encouraged to report spam to the Spam Reporting Centre. The information sent to the Centre is used by the CRTC, the Competition Bureau, and the Office of the Privacy Commissioner to enforce Canada’s anti-spam law.

Quick Facts

  • The CRTC’s Chief Compliance Officer has issued Compu-Finder a Notice of Violation, which includes a penalty of $1.1 million, for four violations of Canada’s anti-spam law.
  • Compu-Finder had sent commercial emails without consent, as well as messages in which the unsubscribe mechanisms did not function properly.
  • To help Canadian businesses comply with the law, the CRTC has provided numerous information sessions across the country and made guidance materials available on its website.
  • The CRTC is working with its partners, both within Canada and internationally, to protect Canadians from online threats and contribute to a more secure online environment.
  • Canada’s anti-spam law protects Canadians while ensuring that businesses can continue to compete in the global marketplace.
  • Canada’s anti-spam legislation was adopted by Parliament in December 2010 and came into force on July 1, 2014.
  • Penalty amounts are calculated using the factors outlined in section 20 of Canada’s anti-spam legislation.

Quote

“Prior to the coming into force of the anti-spam law, the CRTC conducted numerous outreach initiatives to increase the awareness of businesses on the new requirements. Creating a secure online environment for Canadians is also the responsibility of industry. Despite the CRTC’s efforts, Compu-Finder flagrantly violated the basic principles of the law by continuing to send unsolicited commercial electronic messages after the law came into force to email addresses it found by scouring websites. Complaints submitted to the Spam Reporting Centre clearly indicate that consumers didn’t find Compu-Finder’s offerings relevant to them. By issuing this Notice of Violation, my goal is to encourage a change of behaviour on the part of Compu-Finder such that it adapts its business practices to the modern reality of electronic commerce and the requirements of the anti-spam law. We take violations to the law very seriously and expect businesses to be in compliance.”

Manon Bombardier, Chief Compliance and Enforcement Officer, Canadian Radio-television and Telecommunications Commission

Edit: Corrected/clarified the information in italics above.