Borders Conference - Rethinking the Line: The Canada-U.S. Border / Child Pornography on the Internet Session

Appendix I: Questions and Discussion

Jacquelyn Nelson, Senior Policy Analyst
Thank you to everybody. At this point I'd like to open the floor to questions, comments, or observations. It's been a lot to comprehend and take-in, but I found it very interesting.
Myron Claridge, Crown Counsel, Ministry of Attorney General of British Columbia
What we hear from ISPs is that they can't afford to keep logs of their clients longer than just a very short period of time. What's the answer to that?
Dr. Max Taylor
You'll hear the industry say that it's not making money these days. Now I don't think that's true, but we expect agencies to exercise social responsibility. It would not be acceptable in any other setting for a commercial organization to facilitate the commission of a crime. But that's what's happening here. So I think the ISP industry really has a duty to make adequate provisions to address this problem. There is a big issue, which I'm very aware of, of the international level of the dilemma of encouraging the development of e-commerce, for example, and the requirements of freedom, which are very important. Then there's the management of the problems like we're discussing. There's a bit of a tension there, but I still think that the ISP industry has a social responsibility.
Jacquelyn Nelson, Senior Policy Analyst
Professor Taylor, you've mentioned self-regulation, why self-regulation of ISPs?
Dr. Max Taylor
It seems to be, in principle, better to have organizations regulate themselves. It's a mark of maturity. After all, that's what professions do. Doctors regulate themselves, they may not do a very good job of it, but they do. Solicitors regulate themselves. It's meant to be a sign of maturity. It's cost-effective as well. It gives the ISP industry the opportunity to influence things in ways that would maximize the regulatory process to their benefit. So I think self-regulation in that sense is desirable to move to. So if you talk about regulation of ISPs you have to talk about regulation on a much bigger scale than a national scale. But first of all address the national issues and deal with that. But there is also an international problem, which I don't know how it could be dealt with except through a UN agency or a large agency like that. However, that also would necessarily need to be a consensus-based activity. You're not going to be able to impose views on the ISPs from other countries.
Sgt. Emmett Milner
We met with a group of ISPs about three weeks ago and one of the points that came out of the discussion was that a lot of the ISPs are not aware of what's expected of them from law enforcement. So I think we pushed that idea forward. We are working with the Canadian Association of Internet Service Providers (CAIP) and they do have a code of conduct for their clients. So we are trying to assist the ISPs in letting them know what law enforcement wants. So that's one positive step that we have taken. In May 1999 the CRTC (Canadian Radio-television and Telecommunications Commission) decided that they were not going to regulate the ISPs so that put us a bit behind the eight ball for the time being. Unfortunately, it may take someone actually getting hurt before something actually happens.
Det.-Sgt. Wayne Harrison
I find it hard to believe that there's no responsibility for an ISP who knows that some of the newsgroups they are providing access to are titled, for example, alt.sex.paedophilia.girls. To me, if that's a newsgroup that's being channelled through their service, then they are involved in the distribution of child pornography. I don't see how they could avoid any type of responsibility for this.
Dr. Max Taylor
But then certainly you don't prosecute the postal service when they carry obscene mail, because they are a common carrier. We have also heard claims from ISPs, that they also have this status.
Andrew Oosterbaan, Deputy Chief for Litigation
There are companies like AOL and Microsoft who are doing a pretty good job in monitoring and policing themselves, and they are looking for guidance from law enforcement on what it is they should do with the information they get. But then we have so many ISPs that don't fall into the same category as AOL and Microsoft, who are not going to police themselves as well no matter what we do and no matter what the body of self-regulation would be. So the issue is multi-dimensional. I've been in meetings with security people from AOL and Microsoft, and they tell us, “You know they come back up just as quick as we take them down. We take them down, they come back up. We take them down, they come back up.” So we're trying to work out a method by which they give to us the information that we need to try and prosecute the folks and hopefully terminate that endless process. I've been to the same meetings where I was told that we can give them the information but they don't have the resources to deal with the problem. There are hundreds that pop up on a daily basis and it really is too much for a law enforcement agency to handle. We have statutes and regulations that are being implemented now and we'll just have to see how it goes.
Myron Claridge, Crown Counsel
What is the penalty for not following the legislation?
Andrew Oosterbaan, Deputy Chief for Litigation
The statute was set a long time ago and we have yet to implement the regulations. I think we're going to find that it will be very easy to deal with the big ISPs and difficult to deal with the smaller ones.
Jacquelyn Nelson, Senior Policy Analyst
We'll have to wind up now. Again, I would just like to thank everyone for their presentations.
Date modified: