/* Code Musings */

Bill C-30 and Unwarranted spying

I’m opposed to this bill. It is sly and un-Canadian. But, as much as this blog is about my own opinions, I will try to give the facts that allowed me to come to this conclusion.

Prior to this bill, any sort of information gathered from a service provider, such as internet or phone, always required a warrant. A judge would decree that a suspicious person, proposed by a policing authority such as the RCMP, is a possible danger to society and, therefore, requires monitoring. This is currently done for phone calls and internet access. Phone calls are the simplest to monitor because there is a concrete origin and destination. The stations and servers the signal passes through only relay the data without complicated parsing of information. The internet is rather different because it employs cryptography.

For those that are reading my blog, I’m assuming you know how the underlying structure of the internet work, such as packet routing. I’m also assuming that anyone engaged in criminal behaviour, such as those that this bill is trying to stop, know enough to enact counter measures against logging. The first of which, is encryption. Encrypting your connection makes logging nearly useless. A good example is that of using a VPN. A VPN creates a special type of connection, called a tunnel, which all information goes through. This is mainly used for employees that work outside of the office and require the services of the internal corporate network. The reason why this is so effective, other than that it utilizes cryptography, is because the destination (according to your service provider) is always one server somewhere on the internet. You could be doing anything through this VPN tunnel, utilizing many ports and protocols, but to the service provider it looks like many connections of random data to a single source.

I do have to note, that the law enforcement agencies don’t have the right to open and read the information that I generate, only to acquire it. They need a warrant for the former.

Another problem that I found with this bill is that it puts pressure on the service provider to store all that data. If I take part in downloading torrents, my client software connects to hundreds of IPs and downloads many gigabytes of data (for example, an ubuntu CD). Sorting any sort of logging would require tremendous amount of space. Multiply that by the millions of users of the internet service, and this easily runs into the Terabytes of data. To hold that amount of data, the service provider will obviously have to buy hardware and push down the costs to the users. Many of the telcos have already come out against this policy.

My favourite argument is “You shouldn’t worry if you don’t have anything to hide.” Well, true, but I worry for another reason. If the police want to listen in on my conversations and internet history, by all means go for it. What I find revolting is the fact that this can be done without a warrant, nullifying my rights, and it opens up doors for abuse. Secondly, it is being sold on the pretense of ‘stopping child pornography’, a weak and overused argument that is said only as a fear tactic. Like I said initially, those that engage in illegal activities know they are doing so and will cover up their tracks. If, 90% of criminals cover their tracks, who will this law be used against? The answer is common, law abiding bystanders.

Leave a Reply