Critical

🎯 On-Device Tools (ODIT) & Mercenary Spyware Pathways

Parliament’s ETHI committee scrutinized RCMP ODIT use; subsequent reporting surfaced provincial interest in mercenary tooling such as Paragon/Graphite. Oversight must match capability creep and cross-border vendor risk.

RCMP β€” ODIT Programme
Law Enforcement Capability
Oversight: ETHI study/report; Public Safety briefings; OPC analysis
Risk: device compromise (encrypted apps/sensors), scope drift, NDA opacity
Paragon/Graphite (reported Canadian links)
Mercenary Spyware Vendor
Context: 2025 media reporting on OPP interest/use; calls for uniform warrant + disclosure standards
Critical

πŸ“‘ Telecom Signalling Weaknesses (SS7 / Diameter / Roaming)

Signal-layer abuse enables location tracking and message interception without handset compromise. Coordination among CSE/Cyber Centre, carriers, and CRTC resiliency work remains pivotal.

CSE / Canadian Centre for Cyber Security
Advisories & Guidance
Focus: legacy SS7 exposures; roaming/global-title misuse; signalling firewalls; interconnect audits
Moderate

πŸ“± Cell-Site Simulators (IMSI-catchers)

RCMP and municipal deployments risk dragnet capture. Transparency and purge standards are uneven; NDAs constrain public disclosure of capabilities.

IMSI-catcher Deployments
Law Enforcement Capability
Guardrails needed: warrant standard; non-target purge attestations; capability summaries
Critical

πŸ—‚οΈ Data-Broker & Adtech Exposure (Retail, Apps, Genomics)

Retail e-receipts, app SDK telemetry, and consumer genomics breaches illustrate sensitive data flows to platforms and brokers, often without valid consent or adequate safeguards.

Home Depot Canada β†’ Meta (Offline Conversions)
Retail / Adtech
Outcome: OPC finding β€” consent deficient (2023)
Canada Post β€” Smartmail Marketing
Postal / Marketing Data
Finding: personal-info use flagged for compliance concerns (2023)
Tim Hortons (app)
Location Data Collection
Outcome: OPC found unlawful sensitive-location collection; remediation steps required
23andMe (breach)
Genomics / Cross-border
Oversight: OPC–ICO joint investigation and updates (2024–2025)
Moderate

πŸ›οΈ Platform Governance & Legislative Flux (C-27 / C-63 / C-26)

Privacy and online-harms reforms shifted in 2025 (parliamentary resets). Regulators continue under PIPEDA, Competition Act, and sectoral statutes while proposals (CPPA/AIDA; Online Harms; Critical Cyber Systems) evolve.

Guardrails & Precedents

βš–οΈ Oversight Bodies & Precedent Findings

OPC (federal + provincial commissioners), courts, and CSE advisories set expectations of necessity, proportionality, and transparency for any surveillance or data-intensive practice affecting rights.

πŸ•ΈοΈ Corruption Network Visualization (Canada)

Drag nodes to explore relationships between vendors, brokers, telecoms, platforms, and authorities.

Legend: ● Authorities ● Vendors ● Brokers ● Platforms ● Telecom/Programs

πŸ”— Key Relationships (Canada)

ODITs ↔ Courts/Parliament ↔ Vendors

Core: Targeted device access; judicial authorization; ETHI/OPC scrutiny; NDA limitations.

Telecom signalling & roaming

Core: SS7/Diameter interconnect; global-title abuse; carrier mitigations; independent testing.

Retail/app/genomics data loop

Flow: Apps/Retail/Genomics β†’ brokers/platforms β†’ ad/analytics; consent & cross-border controls.

πŸ“… Signal-Power Evolution Timeline (Canada)

2016–2017: IMSI-catcher scrutiny

Citizen Lab/CIPPIC, OPC investigations elevate transparency and minimization expectations.

2021: SS7 risks acknowledged

CSE statements on signalling-layer vulnerabilities and carrier mitigations.

2022: ODIT disclosure & Tim Hortons decision

RCMP confirms ODIT use to Parliament; OPC finds unlawful sensitive-location collection by app.

2023: Retail→Adtech enforcement

Home Depot β†’ Meta data-sharing found non-compliant; Canada Post Smartmail scrutiny in OPC annual.

2024–2025: Reform flux & cross-border cases

Privacy/online-harms bills stall/reset; OPC–ICO pursue 23andMe breach; provincial spyware reporting triggers calls for uniform guardrails.

⚑ Immediate Stop-Gap Actions (Canada-aligned)

Harmonized with PIPEDA/Charter s.8, Criminal Code warrants, CRTC resiliency, and federal/provincial oversight.

πŸ›‘οΈ Spyware / ODIT Safeguards
  1. Prior judicial authorization with necessity & proportionality; minimization + post-use audit trails.
  2. Public DPIA within 30 days of program start; quarterly aggregates (vendor, legal basis, categories).
  3. Vendor NDAs unenforceable against courts, legislatures, and privacy commissioners.
πŸ“‘ Signalling / Interconnect Hardening
  1. Carrier attestations on SS7/Diameter defences and roaming-edge audits; annual third-party testing with public summaries.
  2. Interconnect incident statistics and corrective action logs, published without compromising active ops.
πŸ—‚οΈ Data-Broker Containment
  1. No acquisition of location/behavioural datasets absent lawful basis, DPIA, and minimization plan.
  2. Public broker-relationship log; deletion audits; sensitive-location embargo (clinics, shelters, schools, places of worship, protest sites).
πŸ“± IMSI-catcher Governance
  1. Warrant standard; purge attestations for non-targets; annual capability summaries and oversight reviews.
πŸ“Ί Platform Governance & Transparency
  1. Documented systemic-risk logs; transparent legal-basis registry for government requests; β€œno informal pressure” controls.
  2. User appeals/transparency dashboards; children’s-safety design aligned with Canadian guidance.

πŸ“‹ Implementation Toolkit (Model Resolution / By-law)

Edit inline; then copy or download. Language aligns with Canadian frameworks and telecom/online-safety contexts.