Rogers says it has no problem digging through customers’ data for police, following a court ruling.
Last week, Justice John Sproat ruled that Peel police violated the Charter of Rights when they ordered Telus Corp. and Rogers Communications Inc. to turn over the cellphone records of 40,000 customers who had used cellphone towers near the sites of a series of jewelry-store heists.
In addition to striking down the police order, Sproat issued a number of guidelines that limited law enforcement’s ability to snoop, a move privacy advocates heralded as a win for anyone with a cellphone.
But Andrea Slane, who researches technology and privacy law at the Ontario University of the Institute of Technology, said she’s concerned that one guideline in particular might require telecoms to investigate their own customers.
Sproat wrote in his guidelines for police and courts that police should also seek to ask for reports from telecom companies about the type of data they are searching for, instead of the underlying data, itself.
In the case of the jewelry heist, police could ask telecoms for a list of only the customers who had connected to many cellphone towers during the exact timeframe of the crime spree, not ask for all records from anyone whose signal had passed through any tower.
Slane said she’s worried this could mean that telecoms customers are required to dig up dirt on their own customers, cross-referring their cell phone records in the service of police investigations.
“I’m not sure how workable that is,” Slane told the Toronto Star last week. “That’s a kind of iffy position to put the telecommunications companies in.”
Aaron Lazarus, a spokesperson for Rogers Communications Inc., said the company is not worried: “We don’t think that’s what the guideline says,” Lazarus said.
Police would still need a court order for information that passed through cellphone towers during a specific timeframe, Lazarus said, only now the guideline puts the onus on police to narrow their request as much as possible.
“It’s simply asking for the request to be more targeted,” Lazarus said, adding that the type of information provided wouldn’t change, only the scope.
“We would still be providing that information. It’s not necessarily a report; it’s still the data.”
Lazarus said if Rogers felt an order did overstep its boundaries, the company would act. “Just as in this case, if an order comes in that we feel violates the privacy of our customers, we would go to court to challenge it,” Lazarus said.
Representatives from Telus declined to comment after last Thursday’s ruling.