Canadian Internet Registration Authority Calls for National Dialogue on Online Privacy

A recent survey from the Canadian Internet Registration Authority (CIRA) shows a disturbing trend that online surveillance often happens without transparent judicial oversight, and yet appears to be raising relatively little concern among the public. As a result, the CIRA, which is the organization that manages the .CA Internet domain, is calling for a national dialogue on online privacy.

The survey was prompted by the revelations that the United States government monitors the activities of Internet users around the world via the National Security Administration’s PRISM program. The CIRA polled Canadians for their views on the subject with the help of public opinion research firm Ipsos Reid.

“Trust is the foundation that supports all transactions—social, financial and at the Domain Name System—on the Internet,” said Byron Holland, president and CEO of the CIRA. “When an uninvited third party is introduced into those transactions, it erodes that trust. It erodes all that has enabled the Internet to be the greatest driver of positive social and economic change in centuries.”

According to the results of the CIRA survey, two in ten (20 percent) Canadians say they’ve heard “a lot” about the NSA PRISM program scandal, while a slim majority (51 percent) of Canadians have heard “a little” about this issue; just three in ten (29 percent) Canadians “have not seen, read or heard anything” about the NSA program.

In addition, 49 percent of Canadians believe it is acceptable for the government to monitor email and other online activities of Canadians in some circumstances. This percentage increases to 77 percent if the surveillance includes preventing “future terrorist attacks.”

The CIRA’s survey found that only 18 percent of Canadians believe Internet activity is confidential. Four in ten believe the Canadian government is tracking their Internet activity. These results led the CIRA to surmise that Canadians’ apparent apathy may be rooted in simple ignorance.

Canadian Internet traffic routinely routes through the US, which means that individual Canadians can be as much, or even more under the lens of PRISM as any American, without the benefit of any judicial oversight. Consequently, the US monitoring scandal has an impact on all Internet activity of Canadians, but few seem to care.

Byron Holland thinks that we’re now okay with governments tracking our every move since there is no expression of moral outrage:

“In the 1970s, outrage with unauthorized mail openings and wiretaps without warrants resulted in the MacDonald Commission, and ultimately the creation of the Canadian Security Intelligence Service.”

“Where has this rage gone? Has our moral compass shifted enough in the decades since that we’re now okay with governments tracking our every move?”

Many privacy experts such as Michael Geist believe that it is a matter of Canadian complacency regarding online privacy with a lack of education and awareness on oversight programs.

We could also add it is an issue of the broad public misunderstanding of how the Internet works, how online interactions work, how monitoring and surveillance activities of the government and businesses work, how personal information is shared between countries and the lack of enforcement of privacy laws.

The CIRA believes it is time for a national dialogue on the subject. It is dedicating its Canadian Internet Forum, an online forum for Canadians to discuss the future of the Internet in Canada, to the issue of government and corporate online surveillance. To participate, please visit http://cif.cira.ca.

However, engaging our society in examining where this technology is taking us has always proven difficult and complex. The Internet has rendered users dependent and service providers careless, as well as unable to face awkward inquiries and possible limitations. That is, unless the evidence slaps us in the face. Such awakenings are rare and often come too late (Source: Online Privacy Foundation).

Engaging citizens on the specific issue of online privacy, as well as the more general topics I mentioned above, would require the active participation of online service providers such as Google, Facebook, Microsoft; Internet service providers such as Rogers, Bell, Telus; employers; regulatory bodies; industry associations; and many more. There are countless opportunities to educate Internet users, but little incentive to become educated. Privacy policies are commonly long legal documents that no one wants to spend time reading, and are easily bypassed anyway. Most contemporary online applications are designed to focus the user’s attention away from what is happening in the background—i.e., how the application functions, how information is shared, how data is stored and transferred, who can see information, etc.

To provide Canadians with sufficient context about the Internet, data on the Internet and our rights—sufficient to encourage us to assert those rights—service providers would have to interrupt their streamlined services and processes to offer information and ensure that users understand it. This is not in their immediate interest, and there are no doubt many lobbyists actively discouraging the federal government from pursuing any action that would require them to change their ways.

A better solution—albeit one whose effect might be deferred for some time—is to include contemporary information practices in educational curricula, from elementary school through university. Indeed, it is especially crucial that children learn and understand how service providers may use their information and how others can see their information, and surely the best place to acquire these lessons is in school. They could also benefit from general lessons about how information travels across the Internet.

As children grow and use the Internet more and more—as the Internet increasingly integrates into our lives—these lessons will become important in different ways and will form the foundation of responsible citizens online and offline.

Of course, when it comes to common online activity, users are usually at least aware that they are giving some information away, and the issue is meaningful consent. (Users might not know how much information they are giving away, who can see it or the conditions of that information-sharing.) But the issue with the NSA’s PRISM surveillance program is that the US government is accessing citizens’ (and non-citizens’) information without their knowledge or consent.

Approved school lessons will unlikely tell students how to subvert our government’s (or our neighbour’s) spying efforts. But knowing the context and our rights will allow citizens to decide for themselves whether they wish to challenge such actions.

What do you think? What’s the best way to make Canadians understand the risks associated with online information-sharing and other contemporary information practices?