Legal issues in computer security research

This Thursday, I gave a talk at AtlSecCon 2014. The weather threw a wrench in the organizers' plans, but they managed to pull off a solid conference. Unfortunately, the talks weren’t recorded this year. The slides are posted on SpeakerDeck, and are embedded below the fold.

I also reprised this talk at NSLUG, and recorded audio, now posted on SoundCloud, and also embedded below the fold.

Finally: late last year, I wrote 3 posts exploring Canada’s computer crime laws (1, 2, 3) which were initial versions of work that eventually became two papers I submitted this semester for a directed studies course. If you were interested in those posts, I’ve embedded the final PDFs below. The talk is a condensed version of that work.

Exploring Canada's computer crime laws: Part 3

Since the exceptions in copyright law for encryption and security research don’t apply if you’re doing anything criminal, I next looked at the Criminal Code [PDF].

Exploring Canada's computer crime laws: Part 2

Since the exceptions in copyright law for encryption and security research don’t apply if you’re doing anything criminal, I next looked at the Criminal Code [PDF].

Exploring Canada's computer crime laws: Part 1

As someone with an interest in technology, security, and the legal issues surrounding them, I often watch relevant legal cases with interest. Typically, those cases come from the United States. The CFAA has been in the news frequently of late, and not always in a good light. I was pleased to see Zoe Lofgren’s proposed changes, which try to make the law less draconian.

This is typical for Canada – we often see more about American news on topics like this than Canadian. I realized that I really didn’t know what the law in Canada said about so-called computer crimes, although I’ve often wondered. A while back, I took an afternoon to do some reading. I was not happy when that afternoon ended. This is part one of a three-part series on what I found.

Applying fair dealing exceptions to TPMs

James Gannon points out that “Critics of the TPM provisions in Bill C-11 often claim to have a “balanced” solution for TPM protection: to create an exception that allows hacking for legal purposes.” That’s certainly correct, however, he proceeds to misconstrue what that suggestion actually means.

On the government's internet surveillance plans

Minister Vic Towes responded to Privacy Commissioner Jen Stoddart’s open letter Friday:

On Bill C-11, Another Act To Amend The Copyright Act

Between April 2006 and March 2011, Canada was governed by a minority Conservative government, meaning the government needed the co-operation of the opposition parties to pass legislation. Despite a lot of talk about minority governments necessarily yielding instability, having a minority government forestalled the worst of the Conservatives' plans. In the last federal election in March, the Conservative Party won a majority of the seats in Parliament – meaning they have enough votes to pass any legislation they want, barring opposition within their own party. Given Prime Minister Stephen Harper’s iron-fisted control over his caucus, that’s unlikely.