Lawful Access – Consultation Document

Legislative Proposals

General Requirements

The legislation would apply to all service providers operating a telecommunications facility in Canada. All service providers would be required to provide, at a minimum, a basic intercept capability before providing new services or a significantly upgraded service to the public. The requirements of the legislation would come into effect as of a date to be proclaimed by the Governor-in-Council (Cabinet).

Regulations

It is crucial that service providers know what is required of them. The legislation would set out the definitions and the general approach and would provide authority for the Cabinet, on the advice of the Minister of Industry and the Solicitor General, to make regulations within the authority provided in the statute. Technical standards and details could be specified in the regulations.

The scope of the regulations is open to discussion but could include authority relating to the setting of technical and other standards or requirements for a service provider. Regulations could describe what service providers must do to provide access to their facilities, security requirements relating to how intercepted information is handled, issues related to costs, and the manner in which the regulations are to be developed.

Transmission apparatus
any apparatus that is used for
  1. the switching of information transmitted by telecommunication;
  2. the input, capture, storage, organization, modification, retrieval, output or other processing of information transmitted by telecommunication; or
  3. control of the speed, code, protocol, content, format, routing or similar aspects of the transmission of information by telecommunication
Issues to be considered
  1. How could regulations prescribe technical and other standards or requirements for:

    1. apparatus to be installed, attached or otherwise related to its facility, and the capacity requirements for the maximum number of simultaneous interceptions pertaining to such apparatus?
    2. terms and conditions pertaining to the security of interceptions and of the delivery of the product of interceptions?
    3. the competence, reliability and deployment of employees?
  2. Should regulations provide for fees to be paid to a service provider for operational assistance?

    Before recommending any regulation to Cabinet, the Minister of Industry and the Solicitor General would consult with appropriate persons representing the interests of those affected by the regulations.

Forbearance

Since the requirement to ensure intercept capability would apply to all service providers, the legislation needs to be flexible and able to adapt to special situations. One mechanism to provide flexibility and avoid problems such as the creation of "intercept safe-havens" would be a system of forbearance. This forbearance would remove the obligation to comply with the requirements of the statute or regulations, in whole or in part, for a limited time.

The way by which forbearance may work, for example, is that the Cabinet would have the authority to forbear but would delegate this authority jointly to the Solicitor General and the Minister of Industry.  Administrative guidelines would be prepared by the two departments to govern their management of requests for forbearance, and those guidelines would be made publicly available.  During the period when the Ministers are considering a request for forbearance, the service provider would not be subject to penalty.

Compliance mechanism

Provisions for monitoring compliance would help ensure that the legislation is effective and that service providers have a mechanism to help ascertain compliance with the law.  The provisions could authorize or require inspections or analyses to be conducted. However, these mechanisms would need to minimize the costs for both industry and government.

Issues to be considered

Costs of Ensuring Intercept Capability

The government is exploring how costs could be allocated within a regime that covers three main sets of circumstances. As of a date to be proclaimed by Cabinet:

  1. service providers would be responsible for the costs associated with providing the lawful access capability for new technologies and services, and

  2. service providers would be responsible for the costs associated with providing a lawful access capability when a significant upgrade is made to their systems or networks, however

  3. they would not be required to pay for necessary changes to their existing systems or networks.