Just as the federal government has begun consultations on cyber security, the country’s chiefs of police have opened up the lawful access debate once more.
This time, the Canadian Association of Chiefs of Police (CACP) has passed a resolution which calls for legislation that would allow police, in the course of their investigation, to compel individuals to provide authorities the passwords to their mobile and other computer devices.
The police chiefs said access to information from password-protected devices can aid them in the investigation of or even prevention of criminal activities.
The CACP “urges the Government of Canada, for the purpose of community safety, to identify a legislative means for public safety agencies inclusive of law enforcement, through judicial authority, to compel the holder of an encryption key or password to reveal it to law enforcement.”
Currently, there is nothing in Canadian law that would allow the police to order someone to provide his or her cell phone password. The Canadian Association of Chiefs of Police (CACP) wants to change that because, they say, access to an individual’s mobile device could provide authorities access to information that may be critical to criminal investigations.
The CACP’s resolution comes at a time when the federal government has opened up consultations on cyber security. Among the issues being discussed in the consultations which run until October 15, is how to balance online and mobile freedoms with security.
In a press conference yesterday, Royal Canadian Mounted Police Assistant Commissioner Joe Oliver told journalists current mobile and online communication technologies have allowed criminal groups and individuals to operate in near anonymity and cover up their activities.
“Canada’s law and policing capabilities must keep pace with the evolution of technology,” he said.
The CACP referred to recent comments by Chief Terrence Cunningham, president of the International Association of Chiefs of Police (IACP) who had spoken on what he calls the issue of “going dark” and the challenges of collecting electronic evidence.
RELATED CONTENT
The cloudy state of mobile security
“The increasing inability of law enforcement with lawful authority to access electronic communications is a global problem that transcends all boundaries,” said Cunningham, who is chief of Wellesley, Massachusetts, Police Department. “The proliferation of electronic communications has enabled criminals, even unsophisticated ones, to take advantage of encrypted communications.”
The IACP’s position on the issue and the changes there are seeking are contained in the document: Data, Privacy, and Public Safety.
The challenge of balancing the demand of police authorities to access data on people’s mobile devices and computers and the need to protect individual privacy has been a festering issue for several years now.
Early this year, there was a storm of debates over the first-of-its-kind ruling by U.S. Judge Sheri Pym instructing Apple to assist law enforcement authorities to decrypt the iPhone belonging to Syed Farook. Farook and his wife Tashfeen Malik killed 14 of Farook’s co-workers during a December 2015 holiday luncheon. The massacre has been called the deadliest terrorist attack on U.S. soil since the 2001 attack on the World Trade Centre and the Pentagon.
While law enforcement agencies argued for better access to encrypted data, many technology leaders and privacy advocates countered that creating a backdoor access to peoples’ devices would not increase public safety but rather erode individual privacy rights.
In Canada, David Christopher, a spokesperson for the OpenMedia, a group that advocates against online surveillance, told the Canadian Press that CACP’s proposal “clearly unconstitutional.”
He said giving police the power to get someone’s password is “wildly disproportionate” since “in the case of a laptop computer, it could mean handing over the key to your whole life.”