Wednesday , June 4 2025
flag

Canadian police need warrant to obtain IP address

The Canadian Supreme Court ruled that police must have a warrant before asking for the internet protocol address of Canadians. The Supreme Court ruled 5-4 that Canadians have privacy rights protected by the Charter when police ask for information about their online activities.

“Personal privacy is vital to individual dignity, autonomy, and personal growth. Its protection is a basic prerequisite to the flourishing of a free and healthy democracy,” the majority ruling read.

CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

IBM has issued a security advisory for vulnerabilities in its QRadar Suite Software and Cloud Pak for Security platforms. These...
Read More
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

ALERT
Thousands of IP addresses compromised nationwide: CIRT warn

As Bangladesh prepares for the extended Eid-ul-Adha holidays, the BGD e-GOV Computer Incident Response Team (CIRT) has issued an urgent...
Read More
ALERT  Thousands of IP addresses compromised nationwide: CIRT warn

New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries

In March 2025, the Threatfabric mobile Threat Intelligence team identified Crocodilus, a new Android banking Trojan designed for device takeover....
Read More
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries

Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks

Qualcomm has issued security patches for three zero-day vulnerabilities in the Adreno GPU driver, affecting many chipsets that are being...
Read More
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks

Critical RCE Flaw Patched in Roundcube Webmail

Roundcube Webmail has fixed a critical security flaw that could enable remote code execution after authentication. Disclosed by security researcher...
Read More
Critical RCE Flaw Patched in Roundcube Webmail

Hacker claim Leak of Deloitte Source Code & GitHub Credentials

A hacker known as "303" claim to breach the company's systems and leaked sensitive internal data on a dark web...
Read More
Hacker claim Leak of Deloitte Source Code & GitHub Credentials

CISA Issued Guidance for SIEM and SOAR Implementation

CISA and ACSC issued new guidance this week on how to procure, implement, and maintain SIEM and SOAR platforms. SIEM...
Read More
CISA Issued Guidance for SIEM and SOAR Implementation

Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora

The Qualys Threat Research Unit (TRU) found two local information-disclosure vulnerabilities in Apport and systemd-coredump. Both issues are race-condition vulnerabilities....
Read More
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora

Australia enacts mandatory ransomware payment reporting

New ransomware payment reporting rules take effect in Australia yesterday (May 30) for all organisations with an annual turnover of...
Read More
Australia enacts mandatory ransomware payment reporting

Why Govt Demands Foreign CCTV Firms to Submit Source Code?

Global makers of surveillance gear have clashed with Indian regulators in recent weeks over contentious new security rules that require...
Read More
Why Govt Demands Foreign CCTV Firms to Submit Source Code?

“The Internet requires that users reveal subscriber information to their ISP to participate in this new public square, and Canadians are not required to become digital recluses in order to maintain some semblance of privacy in their lives.”

The issue was a 2017 investigation by the Calgary police into fraudulent online purchases from a liquor store.

Police went to the liquor store’s payment processing company, Moneris, and requested internet protocol (IP) addresses related to the purchases. They did not get a warrant.

Moneris handed over two IP addresses used for the transactions, which the police used to obtain a court order requiring an internet service provider to turn over the names and addresses associated with the IP addresses.

The email you need for the day’s top news stories from Canada and around the world.
That led to a search of Andrei Bykovets’ residence, and to Bykovet’s arrest on charges of possessing other peoples’ credit cards and identification documents. Bykovet challenged the cops’ right to obtain his IP address from Moneris, arguing it violated his Charter rights against unreasonable search and seizure.

Both the trial judge and the Alberta Court of Appeal ruled that Canadians had no reasonable expectation of privacy for their IP address. The Supreme Court disagreed.

“Activity associated with the IP addresses can be correlated with other online activity associated with that address available to the state. An IP address can also set the state on a trail of Internet activity that leads directly to a user’s identity,” the decision read.

“Access to IP addresses without judicial pre-authorization poses intense privacy risks.”

Police agencies used to routinely request what they called “basic subscriber information” from telecommunications companies – information such as names, IP addresses, physical addresses and telephone numbers.

But the Supreme Court ruling does not stop police from accessing IP addresses – just requires them to get a court order first, a process that law enforcement agencies have said takes time particularly for urgent cases.

The BC Civil Liberties Association, which intervened in the case, welcomed the court’s majority decision Friday and said it was “heartened” by the court’s recognition that privacy has become “ever more important” in the digital age.

“The reality today is that in order to engage in society to any degree, we really have to be able to go online. And so if the police have easy access to all of our online activity, which website we’re going to, who we’re talking to online, that creates a huge chilling effect on people’s behaviour,” Vibert Jack, the BCCLA’s director of litigation, told Global in an interview.

“Privacy rights are obviously implicated, but our freedom of expression, freedom of association, those rights would all be curtailed if we know the police could be watching us while we’re online.”

While the Supreme Court decision notes that the determining a reasonable expectation of privacy under the Charter is an “exercise in balance,” it also noted that the internet has vastly expanded the amount of personal information

“The intensely private nature of the information an IP address may betray strongly suggests that the public’s interest in being left alone should prevail over the government’s interest in advancing its law enforcement goals,” the decision read.

Police used to regularly ask telecommunications companies for “basic subscriber information,” which includes names, IP addresses, physical addresses, and telephone numbers.

The Supreme Court ruling doesn’t prevent police from accessing IP addresses. It just requires them to get a court order first, which law enforcement agencies have said takes time, especially for urgent cases.

The BC Civil Liberties Association, which participated in the case, is pleased with the court’s decision. They are encouraged by the court’s acknowledgment that privacy is increasingly crucial in the digital era.

“The reality today is that in order to engage in society to any degree, we really have to be able to go online. And so if the police have easy access to all of our online activity, which website we’re going to, who we’re talking to online, that creates a huge chilling effect on people’s behaviour,” Vibert Jack, the BCCLA’s director of litigation, told Global in an interview.

“Privacy rights are obviously implicated, but our freedom of expression, freedom of association, those rights would all be curtailed if we know the police could be watching us while we’re online.”

While the Supreme Court decision notes that the determining a reasonable expectation of privacy under the Charter is an “exercise in balance,” it also noted that the internet has vastly expanded the amount of personal information

“The intensely private nature of the information an IP address may betray strongly suggests that the public’s interest in being left alone should prevail over the government’s interest in advancing its law enforcement goals,” the decision read.

Check Also

mobile

Bank server compromised using customer’s mobile, steal ₹11 crore

Cyber fraudsters hacked the Himachal Pradesh State Cooperative Bank’s server using a customer’s mobile phone. …

Leave a Reply

Your email address will not be published. Required fields are marked *