The federal government has listened to complaints from the telecom industry and has changed some of the provisions of its lawful access proposals. It hopes to have a full legislative package to present to Parliament by the spring. Last year, the government released a consultation paper on new potential lawful access measures (NL, Sept. 23/02). The industry raised concerns about how intrusive authorities could be when seeking information. But federal officials, speaking at the Canadian Telecommunications Forum in Toronto last month, reassured telcos, Internet service providers (ISPs) and others that they will only tweak existing legislation and update regulations to account for technological advances, and they will not intrude more deeply. Normand Wong, counsel in the criminal law policy section of the Department of Justice, cited the example of preservation orders. These are essentially "do not delete" orders, rather than general data retention orders, he stated. If an ISP regularly cleans its cache of messages on a certain day, law enforcement agencies may only obtain data from that day onward. In addition, police and other authorities would be required to obtain the proper search warrants or production orders. Wong’s colleague, Annie LeBlanc of the Department of the Solicitor General, said industry concerns led to a change in the Customer Name and Address (CNA) provisions. Service providers will only be required to turn over information they gather as part of their regular business practices. Wong reported that the dissemination of computer viruses could be considered a criminal act under new Criminal Code rules. ISPs would be required to produce information about the sources of such attacks, even if the data were stored offshore. Industry representatives on the conference panel reminded delegates that they must balance security interests with privacy concerns. This will require walking a fine line between the lawful access rules and the Personal Information Protection and Electronic Documents Act (PIPED). David Elder, Bell Canada’s assistant general counsel, regulatory law, appeared in his role as chair of the security committee of the Canadian Association of Internet Providers (CAIP). He reminded the government that PIPED says businesses must limit the collection, use and disclosure of personal information from subscribers. This is of particular concern to ISPs, where customer trust is an integral component of doing business. "The proposal would alter the balance between individuals’ rights to keep their communications ‘private’ and the ability of law enforcement agencies to monitor and access those communications," Drew McArthur, VP corporate affairs and privacy officer for Telus Corp., remarked. Both telco executives wondered who would foot the bill for lawful access. McArthur said that some police forces are reluctant to pay for wiretaps, believing the companies should shoulder the cost as a public service. He dismissed such talk. "The police don’t ask General Motors for free cars," he noted. "They pay for cars, gasoline, guns, bullets. They should pay for this as well."Elder also questioned the cost factor and wondered why authorities had not consulted with equipment manufacturers. Since some network equipment will need to be upgraded to handle increased legal requests, the people who make that equipment should be allowed input, he said. Allan MacGillivray, the director of industry framework policy at Industry Canada, said consultations with the sector are continuing. Justice Canada had scheduled a roundtable discussion for last week but promotions in the bureaucracy made that untenable. The talks were postponed until this week. For more on lawful access concerns relating to the wireless industry, see the Nov. 18/03 issue of NL affiliate publication Report on Wireless.