Life in Canada

As a sender of goods and you are not a not a party to the actual contract with a dispatch organization it is reasonable to believe that the sender may not have a reasonable expectation of privacy given the contractual terms, but should those terms also extend to the recipient who had not read or consented to them?

Chantal Bernier, Canada's interim privacy commissioner, revealed Tuesday that nine telecommunication companies got a total average of 1,193,630 requests from federal enforcement bodies for private customer information every year. Big Brother is getting nearer

The breadth is difficult to swallow for Halifax privacy lawyer David Fraser.
"The scale of it is really quite shocking. And it raises a bunch of other questions," said Fraser, an attorney with McInnes Cooper.

Eastlink is reassuring customers it will only hand out their information if there's a warrant or under certain legislation, like the Income Tax Act. What do they really mean by certain information - does anyone know

Fraser said that's comforting.
"To put it very shortly, they should have a big sign, a big welcome mat that says, 'Come back with a warrant,'" he said.

What remains a mystery is why the government needs so much information in the first place.
It's also not clear how many of an estimated 35 million Canadians are swept up in the approximately 1.2 million requests.
"The number of times I decide to call my wife in the run of a day and where I am and what number I use, that sort of information is nobody's business but my own," said Fraser.

Canada's interim privacy commissioner wants to know a lot more about what telecoms are doing.
"I would like to know the scope of personal information that is disclosed to government authorities, with or without a warrant, and what type of information is disclosed," Chantal Bernier said.
Bernier said she wants privacy laws changed so service providers have to break out statistics to give Canadians an idea of how many requests they comply with.

According to a known computer security researcher, Microsoft's SmartScreen feature implemented in Windows 8 reports information to Microsoft about every application installed, in an insecure manner

Known computer security researcher Nadim Kobeissi has posted up some interesting information on the behavior of Windows 8 whenever you install an application. According to some quick researching he did, the Windows SmartScreen feature reports every application a user installs to Microsoft, and does so in a way that could be intercepted by malicious hackers.

The Windows SmartScreen feature is enabled by default and is designed to tell end users whether the application they have downloaded from the internet is safe to install on their machine. It does this by gathering some info upon opening the installer, sending it to Microsoft and then waiting for a response to see if said installer has a valid certificate. As Kobeissi mentions, this means information about every single application downloaded and installed is sent to Microsoft.

He dug further to discover the information sent could potentially be intercepted by a malicious hacker, as Microsoft uses an "outdated and insecure" method of HTTPS encrypted communications. If a hacker did manage to steal all the information on a user's application installation habits, they could make a profile of the user and use that to find other exploitable weaknesses.

The issue with SmartScreen is currently only prevalent in Windows 8 as it's the first time Microsoft has integrated SmartScreen at an OS level (Windows 7 only features SmartScreen in applications like Internet Explorer). You can disable SmartScreen so you are no longer reporting your installation habits to Microsoft, but this is apparently not easy to do and results in periodic nags to re-enable it.

Chances are Microsoft will not do anything about their implementation of SmartScreen, so as it stands now it could be a privacy and security risk.

So stick to windows 7 or earlier..OK

OTTAWA - Dozens of workers at Canada's tax agency have been caught snooping on their ex-spouses, mothers-in-law, creditors and others by reading confidential tax files.

Internal reports at the Canada Revenue Agency show that rogue employees are improperly reviewing the private financial affairs of taxpayers without their knowledge.

And some are using agency computers to give favoured treatment to colleagues, friends, family — and themselves.

In one egregious breach last October, a woman accessed 37,500 emails and 776 documents containing confidential financial information about ordinary Canadians. She downloaded the files onto 17 compact discs for her personal use, inexplicably helped by agency technicians.

Documents outlining the forbidden invasions into private tax data were obtained by The Canadian Press under the Access to Information Act.

In one case, a worker secretly operated a business on the side with her spouse, and between 2004 and 2009 "accessed the accounts of two creditors and the spouse of one of those creditors."

Another worker was found to have inspected his spouse's tax information 69 times without permission.

A woman in one unidentified office poked into the agency's data looking for confidential information on colleagues, friends and family — apparently to give them a break on their taxes.

"The employee made unauthorized access to the tax information of three colleagues and to the tax information of a colleague's daughter, spouse and mother," says one report.

"She accessed her own tax information and the tax information (of) 13 relatives.... She provided preferential treatment to colleagues, relatives and acquaintances."

Agency gumshoes then stumbled on a secret cell of snoopers in the same location.

"The investigation also determined that 13 other employees of the same office made unauthorized accesses to taxpayer information. Of the 13 employees, 10 provided preferential treatment to taxpayers, five accessed their own tax information, four received preferential treatment ..."

Another worker peeked at secret agency information about two companies she operated on the side — while those firms were undergoing tax audits.

"In addition, the employee made extensive unauthorized accesses to the taxpayer information of friends and family members and hundreds of other individuals."

Yet another investigation found an employee peering into the electronic tax files of two of her spouse's business partners, though the motive is not specified.

The documents show that ex-spouses are sometimes targeted, for reasons not made clear in the heavily censored material from September and October last year. Family members were also a favoured target.

Some workers who were caught claimed they were simply helping relatives file their income-tax forms.

But one worker admitted using the CRA computer system and confidential tax information to issue himself a false charitable donation receipt for $3,000, thus reducing his income-tax payable.

Agency records for 2008-2009 show there were 29 cases in which workers were caught accessing taxpayer records without authorization, about the annual average for the last five years. And there were a dozen instances in 2008-2009 in which tax records were improperly disclosed to third parties.

All information about disciplinary measures taken against staff who broke the rules is censored in the released documents. But in several cases, the agency appeared to be lenient with long-term employees.

"The employee admitted that she accessed the taxpayer information belonging to a former employer, her relatives including her mother, her father, her sister and her brother, as well as the information belonging to her former spouse," says one report.

In deciding on discipline, "management took into consideration the employee's years of service, her good employment record and her co-operation with the investigation."

A spokesman for the agency said the number of breaches is relatively small, given that there are more than 40,000 employees.

"While the number of unauthorized access incidents is not large, the agency consistently continues to review its activities to enhance ... prevention, detection and deterrence," Noel Carisse said in an email response to questions.

Carisse said taxpayers are not always informed when workers improperly access files because the breach may be judged too minor. But taxpayers whose information is improperly disclosed to third parties are almost always alerted by telephone or mail.

"The (CRA) assessment will almost always lead to the conclusion that injury to the taxpayer is likely, or has already occurred," he said, referring to disclosures.

Carisse did not provide information on the numbers of employees suspended, fired or criminally charged for such breaches, but said the agency has a "strict and enforced Code of Ethics and Conduct."

"While any unauthorized access is unacceptable, the agency believes that the current numbers indicate that the agency is doing a good job protecting taxpayer information."

He declined to provide any further information on the worker who downloaded 37,500 emails and 776 documents, saying only that the investigation continues.

There have been previous reports of isolated security breaches by insiders at the tax agency.

CTV News reported last year, for example, that a tax agency worker was found to be leaking confidential information to a violent gang in British Columbia. The worker was suspended months after the agency was first alerted to the problem through a police wiretap.

Lawyer Misconduct Rises With Foreclosure Record

USA - Canada next?
Hundreds of foreclosure attorneys investigated in California for duping desperate homeowners


Warren Jacobs was desperate when he received a "robo-call" promising to help him stave off foreclosure of his home near Dallas.

The father of six had lost his construction job, lacked health insurance and couldn't pay bills for his 17-year-old daughter's cancer treatment, let alone his mortgage.

So on Jan. 21, he dialed the return number and was connected to the United Law Group. Minutes later Jacobs agreed to scrape together $2,000 to pay the Irvine, Calif. law firm.

He unwittingly became one of the many thousands of homeowners authorities allege have been taken in by unscrupulous or incompetent loan modification attorneys who rushed into a burgeoning legal niche: helping financially struggling homeowners re-negotiate their mortgages.

Ripoffs of homeowners have become so commonplace that state bar associations from Florida to Arizona are warning their members of the many ethical pitfalls awaiting those who exploit the mortgage crisis. The California State Bar launched a task force a year ago to examine thousands of homeowner complaints about foreclosure lawyers.

Currently, the California Bar is investigating more than 400 attorneys who are suspected of ripping off thousands of homeowners across the country.

The organization that licenses and disciplines California's more than 250,000 lawyers already has suspended or obtained the resignations of 15 lawyers while disciplinary charges are pending.

The first to be charged was Sean Rutledge, founder of the law firm that purported to represent Jacobs and 13 other homeowners.

Just months after securing a law license, Rutledge had been flying high. His United Law Group ramped up to several lawyers and opened offices in other states.

Today his license is suspended, his nascent career lies in tatters and he is under investigation in California and Ohio for taking fees of up to $3,500 from desperate homeowners then allegedly doing little — or nothing — to save their homes.

Could this Happen in Canada?