The passage of the Protection of Privacy Act[32] introduced what is now Part VI of the Criminal Code.[33] With this change, Parliament followed in the footsteps of its American counterpart and provided a comprehensive scheme for governing interceptions of private communications.[34] It defined “private communications” as “any oral communication, or any telecommunication, that is made ... under circumstances in which it is reasonable for the originator to expect that it will not be intercepted by any person other than the person intended by the originator to receive it.”[35] However, with the onset of communications technologies, the limitations of Part VI’s ability to respond to privacy and law enforcement concerns were repeatedly exposed.[36]

One of the first challenges posed to the scope of Part VI arose from its application to analog pagers.[37] At least two courts concluded that these technologies did not attract a reasonable expectation of privacy, thereby precluding the need for an intercept warrant.[38] Two reasons formed the basis for this conclusion. First, it was possible that a third party would overhear the recorded messages when played back on the pagers’ speakers.[39] Second, it was also possible for third-party pagers to access recorded messages by tuning into the same frequency as the receiving party’s receiver.[40] Despite the fact that the volume of a speaker may be controlled, these courts refused to recognize a reasonable expectation of privacy in the devices.[41]

Similar difficulties arose from public use of cell phones.[42] Cell phones sent unencrypted analog signals that were available over publicly accessible radio waves, thereby giving rise to the question of whether they attracted a reasonable expectation of privacy.[43] In R. v. Solomon,[44] the court concluded that no reasonable expectation of privacy existed because the cell phone signals were publicly accessible. In R. v. Cheung,[45] however, a more detailed assessment of telephony was undertaken. In so doing, the court concluded that because of the many frequencies and transmission towers from which information is transferred over wireless networks used by some phones,[46] it would be rare to intercept any communications from these wireless phones.[47] As such, the user’s expectation of privacy was held to be reasonable.[48]

In the late 1980s, a further issue arose with respect to whether the consent of one party to covertly record a conversation supplanted the other party’s reasonable expectation of privacy. No legislative provision expressly permitted such activity. The police could therefore only rely on the evidence obtained if the accused’s expectation of privacy was unreasonable.[49] As the consenting party could repeat the words in court, there was a basis to conclude that the accused gave up any reasonable expectation of privacy.[50] In R. v. Duarte,[51] however, the Court rejected this argument. As Justice La Forest wrote, “[a] society which exposed us, at the whim of the state, to the risk of having a permanent electronic recording made of our words every time we opened our mouths might be superbly equipped to fight crime, but would be one in which privacy no longer had any meaning.”[52] Given the “wholly unacceptable” danger to privacy brought on by such new technologies, the Court concluded that prior judicial authorization was required.[53]

Shortly after Duarte, the Court in R. v. Wong[54] considered whether Part VI applied to video recordings. As outlined above, Part VI only covered oral or voice communications when it was first enacted. It therefore did not apply to non-audio-equipped video recordings. A few years earlier, the Law Reform Commission of Canada had explicitly concluded that this gap in the legislation would not lead to “unjustifiable intrusion into privacy.”[55] As a result, the police had taken advantage of this loophole and planted a non-audio-equipped video camera in the accused’s hotel room. The Court ultimately found a breach of section 8, since the accused had a reasonable expectation of privacy in his hotel room.[56] As Part VI did not provide for a warrant power, it was again unable to serve legitimate law enforcement interests.

Around the same time Duarte and Wong were decided, the courts were also considering the legality of using digital number recorders to register the metadata relating to outgoing and incoming calls.[57] In R. v. Fegan,[58] the Ontario Court of Appeal found that no warrant was required to use digital number recorders because the service provider was not acting on behalf of the state. Had such activity occurred at the behest of the state, however, pre-authorization would have been required.[59] This conclusion derived from the then-recent decision in R. v. Wise,[60] wherein the Court considered whether police installation of a tracking device on a motor vehicle required prior judicial authorization. Even though the “beeper” device at issue was unsophisticated,[61] the Court found that its use breached the occupant’s reasonable expectation of privacy. If such a minimal infringement required pre-authorization, then it was likely (contrary to an earlier appellate opinion[62]) that a digital number recorder would also require pre-authorization.[63] As the Criminal Code provided neither powers, such searches violated section 8 of the Charter.[64]

Parliament attended to many of these concerns in 1993 with Bill C-109.[65] To address the inapplicability of Part VI to wireless phone communications, Parliament amended the definition of “private communication” to include any “radio-based telephone communication that is treated electronically or otherwise for the purpose of preventing intelligible reception by any person other than the person intended by the originator to receive it.”[66] This ensured that some wireless telephone communications would require the state to meet the higher requirements for a Part VI intercept warrant.[67]

Parliament’s enactment of section 184.2 of the Criminal Code further provided for warrants to allow for consensual interception of communications. This addressed the concerns raised in Duarte. In addition, Parliament enacted provisions that permitted warrantless interception where bodily or imminent harm is reasonably foreseeable.[68] Although the requirements now found in section 184.2 do not provide the added protections of other Part VI warrants,[69] the courts have found the lower standard to be constitutional as the third-party privacy concerns raised by traditional intercepts are not engaged.[70] As Justice Watt observed in R. v. Largie,[71] “[p]articipant surveillance is generally more focused than third-party surveillance, targeting specific conversations with specific individuals.”[72] Thus, not only do captures of third-party communications become less likely, but the state agent’s control over the conversation also reduces the risk of accidentally receiving irrelevant but private information.[73]

To address the gap revealed in Wong regarding the non-applicability of Part VI to non-audio-equipped video recordings, Parliament enacted the general warrant provision under section 487.01. This broad provision offered a means for police to seek a warrant where no other legislative enactment prescribed a suitable power. It also specifically included sections 487.01(4) and (5), which extended Part VI to apply to any observation “by means of a television camera or other similar electronic device” of “any person who is engaged in activity in circumstances in which the person has a reasonable expectation of privacy.”[74] Thus, Parliament not only provided police with a means to lawfully conduct non-audio-equipped video recordings, but also gave police a flexible tool to apply for search warrants where no specific Criminal Code provision applied.

Finally, in response to Wise and Fegan, Parliament enacted sections 492.1 and 492.2 of the Criminal Code. Section 492.1 allowed tracking warrants to be issued if the police had reasonable grounds to suspect an offence had been or would be committed and that information relevant to the offence could be obtained by using a tracking device. Section 492.2 allowed for the use of digital number recorders if police had reasonable grounds to suspect information related to an accused’s telephone calls would aid in an investigation. This lower standard of reasonable suspicion was borrowed from the decision in Wise, wherein the Court concluded that any parliamentary response could allow for authorization on a lower standard given the lower privacy interests inherent in the information revealed by some searches.[75]

The next parliamentary response to digital privacy concerns was less comprehensive, but no less important, as it updated the warrant powers for police officers under section 487 of the Criminal Code. This provision’s scope extended only to “things” found in buildings, places, or receptacles. The problem raised by digital evidence was aptly summarized by Susan Magotiaux:

Is a computer a thing? Is the data on it a thing? Is the string of binary code sent through satellites in pieces and reassembled at some other machine a thing? Is it the same “thing” when it lands as it is when it travels in pieces? And what of the places? Police can’t knock and announce their presence at the door of satellites and clouds and mobile servers. Yet without particularity of place, current tools may be unavailable.[76]

To ensure police could seek warrants for digital “things,” Parliament amended section 487 of the Criminal Code in 1997.[77] Subsections 487(2.1) and (2.2) were added to ensure police may apply to access and use computer systems found in the place of a search. These broad provisions provide that a police officer may “use or cause to be used any computer system at the building or place to search any data contained in or available to the computer system.”[78]

As computer technologies became more prevalent, the modes for committing a diverse amount of crimes were fundamentally transformed.[79] Unfortunately, the wording of many criminal offences did not capture acts committed with computer technologies, while other offences now prevalent in the digital age had not received any criminal prohibition. Parliament spent much of this period attempting to fill these legislative gaps.

The main area addressed by Parliament was broadly concerned with the sexual exploitation of minors. Digital technologies provided new and difficult-to-trace means of possessing and distributing child pornography.[80] The typical means of “possession” in the physical sense applied to those who downloaded child pornography.[81] However, determining whether accessing an image on an internet website constituted “possessing” the data posed conceptual difficulties.[82] Although evidence stored in the cache may provide sufficient evidence of knowledge and control, these core elements of possession will often be difficult to prove with such evidence.[83] Equally concerning, the definition of distributing child pornography did not extend to digital means of distribution, which had become increasingly common at the turn of the century.[84]

In response to these issues, Parliament enacted Bill C-15A in 2002.[85] This bill created the “accessing” child pornography offence now found in subsections 163.1(4.1) and (4.2) of the Criminal Code.[86] Parliament’s purpose in making these arrangements was to “capture those who intentionally view child pornography on the net but where the legal notion of possession may be problematic.”[87] Bill C-15A also amended the distribution of child pornography offence found in subsection 163.1(3) to include “transmission” and “making available” within the scope of the offence. This had the effect of ensuring that the “offence extends to distribution of child pornography in electronic form on the Internet by such means as e-mail and posting items to websites.”[88] Parliament further passed section 164.1, which allowed for courts to order the removal and destruction of child pornography on the internet.[89]

Bill C-15A also introduced an offence for child luring by way of a “computer system.”[90] The internet enabled the increased prevalence of this sort of predatory behaviour and, as such, the prohibition was tailored to combat the digital commission of these crimes.[91] Similarly, voyeurism offences had become increasingly prevalent with increased technological capacity. Parliament responded with a specific prohibition against recording people in private circumstances.[92] These and the child pornography provisions would not require any substantial amendments during this time period.

Parliament also updated several other offences to account for contemporary technology. For instance, the illegal gambling provisions in paragraph 202(1)(i) were amended in 2008 to include digital means for promoting or facilitating betting.[93] Section 342.01 was amended to include copying of “credit card data” as opposed to prohibiting only “forging or falsifying” credit cards, since the latter definition did not apply to the mere possession or use of a credit card’s data.[94] Parliament also introduced a criminal prohibition for using recording technology (i.e., small cameras) to record private productions such as movies on display in a theatre.[95]

In addition to creating new or amending old criminal offences, Parliament passed its first production order scheme in 2004.[96] Production orders allow police to compel third parties who are not under investigation for any offence to produce data or documents that may be relevant to the commission of an offence by another person.[97] The impetus to pass this scheme arose from Canada’s 2001 signing of the Council of Europe’s Convention on Cybercrime.[98] The convention requires that all signatories criminalize certain offences commonly committed on computers and improve investigative techniques for detecting online crime. By adopting this framework, the signatories aimed to facilitate increased co-operation between countries investigating cybercrime.[99]

Parliament’s legislation furthered these goals by providing police with two types of production orders: a general production order issuable on reasonable grounds to believe an offence occurred and a specific order relating to financial or commercial data issuable on reasonable suspicion.[100] Subsequent attempts in 2005,[101] 2009,[102] 2010,[103] and 2012[104] to bring in more narrowly tailored production orders, as well as provide a variety of other police powers necessary to ratify the Cybercrime Convention,[105] were unsuccessful. Either the Conservative government received limited opposition party support when in a minority position, an election was called causing the proposals to die on the order table, or, as discussed in detail below,[106] public backlash caused government to retract its proposal.[107]

The advent of email and text messaging introduced novel challenges for Part VI intercepts. Under section 183, the meaning of “intercept” includes to “listen to, record or acquire a communication or acquire the substance, meaning or purport thereof.”[108] Courts and academics had long argued that inclusion of the word “acquire” made it necessary to apply for a Part VI warrant to access retrospective email and text messages.[109] Others, however, concluded that the plain meaning of “intercept” required that the acquisition of the message occur during its transmission.[110] As this distinction fundamentally alters the prerequisites for obtaining private communications,[111] several courts heard arguments with respect to when a state act qualified as an “intercept.”[112]

The Supreme Court of Canada partially addressed this issue in Telus.[113] Unlike other telecommunications providers, Telus stores all messages sent through its infrastructure on a computer database for thirty days.[114] The police wanted to retrieve historical messages from this database, as well as future messages throughout the course of a warrant.[115] Rather than applying for a production order and an intercept warrant, the police applied for a general warrant under section 487.01.[116] A plurality of the Court found the acquisition of the future messages to be an “intercept,” since any prospective capture of communications engages the purpose of Part VI.[117] The remaining members of the majority concluded that this technique was “substantively equivalent” to an intercept.[118] The dissent found that Part VI drew a distinction between interception and use, retention, or disclosure of a communication.[119] As Telus was disclosing to police what it had independently intercepted during its delivery process, the practice did not qualify as an “intercept.”

The issue of whether an intercept warrant was required for purely historical emails or text messages reached the Court four years later in R. v. Jones.[120] The Court adopted the dissenting view in Telus that the statutory scheme supported the distinction between disclosure and interception. As such, police need only apply for a production order to obtain historical messages. Although this issue is now settled (barring a constitutional challenge),[121] it is notable that Parliament failed to update its legislation despite these ambiguities being known to the federal government for well over a decade.[122]

The use of peer-to-peer file sharing networks in the context of child pornography investigations also posed difficulties for police investigations. These networks allow users to download files directly from another user’s computer. As users are anonymous online, police must begin such investigations by procuring the Internet Protocol (IP) address that obtained the child pornography files.[123] The investigating officer can then run the IP address through a database that matches IP addresses with approximate locations and service providers.[124] The officer then makes a “law enforcement request” to the relevant service providers requesting that it release the subscriber information related to the IP address.[125] With this information, the police may then obtain a warrant to seize and search the suspect’s computer.[126]

These were the facts underlying the Court’s decision in R. v. Spencer,[127] as well as a series of earlier lower court decisions dating back to the mid-2000s.[128] The accused in Spencer successfully argued that he had a reasonable expectation of privacy in his subscriber information.[129] As such, the Court concluded that state requests for Internet Service Provider (ISP) subscriber information qualify as a search under section 8 of the Charter, thereby requiring lawful authority to conduct the search. As there was no suitable provision authorizing the state to make such requests,[130] the search was found to be unconstitutional.[131]

Technological change also affected the intrusiveness of tracking warrants. Tracking warrants are frequently attached to objects, such as vehicles, but now are also available to monitor mobile devices frequently carried on the person. The ability to track a person’s precise location with Global Positioning System (GPS) technology, as opposed to the unsophisticated methods at issue in Wise, poses significantly more serious threats to privacy. As such, it was questionable whether tracking a person based on “reasonable suspicion” still struck an appropriate balance between privacy and law enforcement interests.[132]

The utility of digital number recorders was also impacted by technological developments. Section 492.2 of the Criminal Code originally stipulated that a “number recorder” was “any device that could be used to record or identify the telephone number or location of the telephone from which a telephone call originates, or at which it is received or is intended to be received.”[133] As people now frequently communicate with other media such as email and text, it was necessary to create a broader framework for capturing metadata with respect to such communications. It was also unclear if the retrievable data under section 492.2 included the place at which the call was made and received. Arguably this would also be constitutional, but the legislation needed to explicitly allow for such a search.[134]

Finally, the Court was presented with the issue of whether searching cell phones incident to arrest was constitutional.[135] This issue has especially important implications for digital privacy.[136] As such, the Court’s decision to allow warrantless cell phone searches incident to arrest—when many cell phones are functionally equivalent to computers[137]—was controversial. For a variety of reasons, the Court’s ruling has been heavily criticized.[138] Anticipating its institutional shortcomings to develop a comprehensive rule, the majority invited Parliament to pass legislation governing when police may conduct such searches.[139]

Parliament addressed some of these concerns in 2014 with Bill C-13.[140] To address the gap in Spencer, as well as other more general gaps in the production and preservation order scheme, Parliament overhauled sections 487.011 to 487.0199 of the Criminal Code. Three main production orders were created, all issuable upon reasonable grounds to suspect an offence has been or will be committed. Sections 487.015 and 487.016 were added to allow police to trace and have third parties produce “transmission data.”[141] Transmission data is effectively metadata—that is, the contextual information surrounding a communication.[142] Acquiring such data allows police to trace the origin of any telecommunication.[143] Section 487.017 allows police to apply for “tracking data,” being data that “relates to the location of a transaction, individual or thing.”[144] The amendments also provided police with the ability to compel third parties to preserve documents in their possession for a prescribed period. As such information is routinely destroyed (sometimes intentionally but often inadvertently), this provision was necessary to preserve evidence for crimes committed with digital technologies.[145]

Parliament further responded to concern over the constitutionality of tracking device warrants available under section 492.1 of the Criminal Code by raising the standard from reasonable suspicion to reasonable grounds to believe when the device being tracked is commonly on the person.[146] Parliament simultaneously updated the digital number recorder provision to include the broader term “transmission data.”[147] This allowed police to obtain data indicating the origin and intended recipient of internet and text communications, not just telephone communications.[148] The revised definition also clarified that location data during the transmission of a call may be obtained, a question left open by the previous provisions.[149] The fact that it took until 2014 to update these provisions, however, is evidence of Parliament’s difficulty keeping pace with digital technologies.

Finally, Bill C-13 updated the Criminal Code by providing an offence for what has come to be known as “cyberbullying.”[150] A legislative gap arose because digital technologies made it easy for young persons to distribute sexually explicit photos of their peers. Because charging youth with distribution of child pornography was too harsh a sanction,[151] Parliament introduced subsection 162.1(1) of the Criminal Code. Although the section in many ways mirrored the existing child pornography offences, it provided prosecutors with more moderate sentencing options for prosecuting youth and young adults than the child pornography provisions.[152]

Several conclusions may be drawn from the above review. Parliament’s first few responses to gaps or constitutional issues with its legislative framework governing complex technologies were relatively quick.[153] At the turn of the century, however, Parliament became much less efficient. Despite having undertaken to provide a comprehensive lawful access scheme with its signing of the Convention on Cybercrime in 2001,[154] Parliament’s legislation was patchwork and slow. Parliament did, however, manage to meet the requirements of the convention fourteen years after it was adopted.[155] In the interim, the Crown pursued drawn-out litigation in the courts trying to find lawful access provisions where none existed.[156] Disputes surrounding Part VI warrants fared no better, as Parliament’s refusal or inability to address the confusion surrounding the definition of “private communication” and “intercept” was ultimately left to the courts.[157] Although the digital number recorder warrant was eventually updated, the provision was inapplicable to many of the most common mediums of communication for two decades. Other issues with significant digital privacy implications, such as searches of cell phones incident to arrest or guidelines for searching computers under subsections 487(2.1) and (2.2), have so far received no response from Parliament.[158]

Parliament did fare better in defining offences—a domain where it could not rely on courts to fill in legislative gaps. Several offences were modified in the early- to mid-2000s to allow prosecution of new ways of committing crime brought on by digital technologies. Parliament’s record with respect to updating offences, however, is not perfect. As Peter McKay observed, given the seriousness of the child pornography offence, the delay in updating these provisions was “virtually inexcusable.”[159] The well-known practice of cyberbullying had also been an issue long before Parliament’s legislation passed. More than anything, the response was a reaction to high profile teenage suicides.[160] Moreover, other desirable offences—such as a criminal prohibition for accessing and stealing historical data—have still not received criminal sanction.[161] Overall, although Parliament has responded reasonably quickly when updating offences, its record has blemishes.[162]

Any attempt at explaining Parliament’s slow response time will, to some extent, be guesswork. However, it is not unreasonable to at least partially explain significant delays by observing that Canadian governments are often in a minority position. This was the case from 2004 to 2011, a period where legislative amendments regarding controversial privacy issues such as “lawful access” were repeatedly stifled.[163] A great deal more legislation was passed in the following years, which witnessed a Conservative majority government. It is also important to note, however, that all opposition parties during the Conservative government’s time in power cited instances where the cause of delay was the Conservative government’s tendency to shelve bills containing criminal justice issues, and then re-raise the bills to distract from scandals or to drum up political support around election time.[164] The “tough on crime” angle suggests that majoritarian politics were at play, and that the government was willing to sacrifice privacy interests for political gain.

Parliament’s 1993 amendment to the definition of “private communication” ensured that all encrypted digital signals sent via wireless phones came within the ambit of the term.[165] However, the various technologies used by different “generations” of cordless phones resulted in many then-current technologies falling outside of the amended definition of private communication. First generation cordless phones, which at the time of the amendments were used by 95 per cent of telephone users,[166] were susceptible to interception by simple scanner devices.[167] As a result, some courts held that communications via these phones did not attract a reasonable expectation of privacy.[168] These phones, like their analog pager predecessors, could therefore be tapped by anyone, including police, at will.

Other courts, in line with modern jurisprudence on section 8 of the Charter, concluded that the technical capabilities of private communication technology and their ability to be intercepted should not be the only factor considered.[169] To exclude 95 per cent of then-current cordless phone users was arguably not in line with what the average consumer would expect, as it is unlikely that anyone other than the police was frequently trying to intercept phone calls.[170] Moreover, placing emphasis on the type of phone one owns allows those who can afford to purchase newly available technologies to have greater privacy protections.[171] Parliament, then, arguably drew an arbitrary and unfair distinction in its first amendment to the definition of private communication.

In its 2014 amendments, Parliament elevated the grounds necessary for issuance of a tracking device warrant if the device is commonly found on the person. Given the onset of GPS tracking, this sounds like a principled approach. However, this approach may unduly limit police, depending on what technique is used to track a device. Tracking a cell phone, for instance, may involve police using a tactic known as “pinging.” This practice indicates to police the cell phone tower with which a cell phone is exchanging signals. In Grandison, the expert testimony revealed that the information gained from this tactic told police that the accused was anywhere from a 50- to 4,894-metre radius from a tower.[172] The court also noted that pinging does not involve constant tracking of the subject, but instead requires that police make specific requests to the telecommunication service provider to determine the subject’s approximate location at any given time.[173] This is contrary to GPS tracking, wherein an accused’s exact location can be determined at any time.[174]

With a fuller understanding of the technology used for tracking the accused’s phone, the court rejected the accused’s contention that using the previous reasonable grounds to suspect standard was unconstitutional.[175] It came to this conclusion despite the amendments raising the relevant burden of proof having been implemented between the time the charge arose and when the court rendered its decision. Although the technique at issue was somewhat more sophisticated than the vehicle tracker used in Wise, the court concluded that the information revealed did not, unlike the use of GPS technologies, significantly touch on the biographical core of personal information required to constitutionally impose the higher reasonable and probable grounds standard.[176] Parliament’s amendment, although well intended, therefore inadvertently prevented police from using other reasonable and less invasive methods of cell phone tracking.

As noted in the preceding section, the initial language of section 492.2 (“digital number recorder”) was not broad enough to encompass metadata relating to technologies other than telephone calls. This had the effect of leaving metadata related to technologies such as email and text to be sought under the general warrant or production order provisions.[177] As these provisions require reasonable grounds to believe, they raised the standard for receiving what is effectively the same information from the lower reasonable suspicion standard required under section 492.2.[178] This was undesirable from a law enforcement perspective, since metadata is often used early on to further an investigation and therefore is needed to make out reasonable and probable grounds for a warrant.[179] Although the 2014 amendments corrected this mistake, it had persisted in the Criminal Code for twenty-one years.

Parliament enacted the general warrant provision found in section 487.01 to allow courts to issue warrants authorizing police to “use any device or investigative technique or procedure or do any thing described in the warrant that would, if not authorized, constitute an unreasonable search or seizure.”[180] Although section 487.01 provides police with a flexible law enforcement tool,[181] it must be acknowledged that it abdicates authority for governing many novel search technologies to the courts. For instance, the following investigative techniques have all been governed under section 487.01: Forward Looking Infrared (FLIR) thermal imaging,[182] installation of “amp meters” to measure electricity usage,[183] making electronic copies of data on a computer system,[184] review of third-party forensic files,[185] the ability to program failures into a criminal suspect’s computer hardware,[186] use of forensic fluorescent light technologies to covertly search for bloodstains,[187] and the ability to perform phallometric testing.[188] As Daniel Scanlan observes, it is reasonable to anticipate that the general warrant “will [continue to] have broad application to the investigation of offences involving computers and the capture of data.”[189]

The addition of subsections 487(2.1) and (2.2) of the Criminal Code allow police to use “any computer system” to search for “any data” available to the computer system.[190] As Susan Magotiaux observes, “[t]he scope of the[se] subsection[s] ... [is] potentially boundless. ... Depending on the configurations and active connections of a given device, there could be data accessible to the device from other people, other networks, other countries, or other businesses.”[191] The privacy interests implicated by such computer searches were aptly summarized by Justice Fish. As he wrote in R. v. Morelli, “[i]t is difficult to imagine a search more intrusive, extensive, or invasive of one’s privacy than the search and seizure of a personal computer.”[192] The need to ensure such searches respect privacy interests is therefore of the utmost importance.

Unfortunately, Parliament has not elaborated upon the process for searching computers. Indeed, until 2013 the Crown maintained that special authorizations for computer searches are unnecessary, because computers are no different than filing cabinets or cupboards.[193] Although the Court unanimously rejected these analogies,[194] by far the more difficult question requires asking how computer searches must be conducted.[195] This concern prompted the Court in Vu[196] to suggest that the broad scope of computer searches may require Parliament or the courts to devise search protocols.[197] By enacting subsections 487(2.1) and (2.2), and then refusing to update these sections in response to the Court’s decision in Vu, Parliament has again effectively left it to the courts to determine the rules with respect to a complex search technology.

Although some commentators believe that developing computer search protocols is not possible,[198] others have proposed ways forward.[199] The capacity and functionality of modern computers give rise to some basic questions.[200] Should police be able to look through every file and folder on a computer?[201] Does the type of crime investigated limit police to reviewing certain types of files? Should police searches be restricted to use of certain keywords? How does the plain view doctrine operate within computer searches?[202]

It is important to explore the answers to these and related questions because leaving computer searches to ex post review is inconsistent with the purpose of section 8 of the Charter: to prevent unreasonable searches and seizures.[203] This is especially important as the case law is replete with instances where police have grossly overstepped the boundaries of what would qualify as a “reasonable” search.[204] Moreover, new technological developments allow police to search in manners much more respectful of privacy interests.[205] It is unlikely that the adversarial system will be able to stay on top of these developments, since a court’s ability to respond to technological developments is limited by the evidence provided to it in a given case.[206] Parliament’s approach so far has not, however, fared any better.

Although the Court reconciled the competing interpretations with respect to the meaning of “intercept” in Jones,[207] two main issues persist. The first concerns the prospective acquisition of “untransmitted” communications. As Professor Steven Penney observed, the definition of “private communication” should be amended “to include the prospective interception of electronic communications before they are transmitted.”[208] Given that the current definition of “private communication” includes only “oral” communications and “telecommunications” (the latter of which requires the “emission, transmission or reception” of communicative content “by any wire, cable, radio, optical or other electromagnetic system, or by any similar technical system”), Part VI intercepts are not required to prospectively intercept non-oral communications.[209] As such, covertly installed key logger software could be used to record emails and other communications before they are sent, but these would not be afforded the protections in Part VI despite implicating identical privacy interests.[210]

Second, the result of relying on the prospective–retrospective distinction may cause constitutional issues in other contexts. In Jones,[211] the police had applied for a production order under section 487.012 (now 487.014) to produce historical text messages stored on Telus’s database. In his concurring opinion in Jones, Justice Rowe raised a problem with the scheme as interpreted in Justice Cromwell’s decisions in Telus and in Jones. The prospective–retrospective distinction may break down in practice, as it leaves the possibility of police applying for a transmission data warrant, and then subsequently applying for production orders to retrieve the stored messages a short time after they receive notice that a call or text was made.[212] If the moment of authorization is what matters, then there is nothing stopping police from exploiting this loophole.[213] As I have argued elsewhere, by narrowing the definition of “intercept,” the constitutional problem with its definition has simply been shifted to Parliament’s production order scheme.[214]

In Re Subscriber Information,[215] the Provincial Court of Alberta considered whether subscriber information to a cell phone could be retrieved by police without warrant. Because the phone in question was internet-connected, the court concluded that its subscriber information attracted a reasonable expectation of privacy, even if the subscriber information for non-internet-connected phones did not.[216] As such, the Crown sought to have the cell phone’s subscriber information produced through sections 487.016 and 487.017. To qualify, the information sought must relate to “telecommunication functions of dialling, routing, addressing or signalling” (487.016) or “the location of a transaction, individual or thing” (487.017). The Crown argued that cell phone subscriber information meets these tests because it is accumulated and stored to facilitate billing and collection of payment.[217] However, as subscriber information does not relate to the functioning of telecommunications as required by these sections, it was held not to fall within the ambit of the provisions.[218] Other cases and legal commentary support this conclusion.[219] Parliament’s 2014 amendments therefore created an anomalous result by permitting police to obtain transmission and location data on a lower standard (reasonable suspicion via sections 492.1 and 492.2) than basic subscriber information to internet-connected cell phones (reasonable and probable grounds via section 487.014).[220]

In most of the areas where Parliament has responded to the challenges of governing digital privacy, noticeable gaps have been revealed via judicial or academic review. Again, it is difficult to provide a definitive reason for why holes in Parliament’s legislative scheme frequently arise. However, it is reasonable to conclude that in some circumstances Parliament was not provided with the relevant information when passing laws. It is likely that technology is not presented to legislators with a list of all current or possible future applications and interaction effects with other technologies. Even with the advantage of time to study technologies in depth, it is difficult to anticipate their transformative potential. Moreover, there is no guarantee that legislatures thoroughly understand digital technologies.[221] This lack of understanding has resulted in lacklustre debates that fail to expose all weaknesses in the proposed legislation.[222]

In other instances, it may be that Parliament is acting in haste or without much interest in protecting privacy. Its response to early wireless phone technology is indicative of a lack of study or outright neglect of privacy interests in early cordless telephones. Parliament’s difficulties passing lawful access legislation also resulted in the Conservative government, with its first majority, taking advantage of this position by significantly expediting the legislation. In yet other instances, Parliament has made a deliberate choice to allow courts to create governing frameworks for digital technologies. The general warrant provision in section 487.01, as well as the broad computer search powers found in subsections 487(2.1) and (2.2), are illustrative. These responses demonstrate that Parliament often fails to respond adequately or intelligibly to digital privacy challenges despite its theoretical advantage over courts.