Canadian firms warned to encrypt client data or risk surveillance threat

The Canadian Anti-Terrrorism Act, now passing through parliament, could mean that law firms which do not encrypt data will imperil the confidentiality of clients - as the security forces will find it easier to get warrants that breach privacy.

The Act paves the way for greater powers for the Canadian Security Intelligence Service to undertake mass transfers of data from government departments. David Fraser, technology and privacy specialist at McInnes Cooper, said: 'There’s all kinds of mischief that can take place under the provisions.' He continued: 'Could a judge theoretically override solicitor-client privilege in one of these scenarios? Yes. Would it take place in secret? Absolutely.'

Unable to decrypt

The obvious solution is encrypting data so that the security forces cannot access it. For firms on the cloud this would mean that the service provider itself could not decrypt data that it holds even when warrants are issued. Source: Canadian Lawyer Magazine

Email your news and story ideas to: [email protected]