This Report makes broad recommendations for modernizing key aspects of the POA. We have focused primarily on structural and major process reforms that we hope will support the fair and efficient enforcement of regulatory statutes for years to come. Several other procedural issues were raised in our consultation paper and during the course of our review, but it is beyond the scope of this Report to canvas each in detail. We are also cognizant of our recommendation that the POA be simplified and that the detailed procedural code be transplanted to subordinate authority such as a single set of POA rules or a single regulation. In our view, the body tasked with this important work will be in an excellent position to analyze these further areas of reform, equipped with its own expertise and the POA Reform Framework as a guiding set of principles. Some issues, like the establishment of a “paralegal-client” class privilege, will have implications beyond the enforcement of provincial offences and it may be that they are ultimately considered by another body for further analysis or the court through the common law. Nonetheless, we describe the additional reform areas that were raised and touch briefly upon some legal and policy considerations for each.
A. Modernization of the Search Warrant Provisions
1. Search and Seizure of Electronic Data
The use of computers and the electronic storage of data has been a major technological advance since the POA came into force in 1980. As a result, some of the search warrant provisions appear to be outdated and in need of reform. We discuss two issues: (1) what is seized when a search warrant is issued to obtain electronic data on a computerized system or device; and (2) what parameters ought to be placed within a search warrant so that it is not an overly intrusive invasion of privacy.
Sections 158 to 160 of the POA deal with search warrants. There is no specific provision that deals with the search of computers or electronic data. Subsections 158(1) and (1.1) of the POA would appear to apply when a search of information from computerized systems is needed, but they deal with “things” and do not specifically address electronic data. They state:
(1) A justice may at any time issue a warrant under his or her hand if the justice is satisfied by information upon oath that there are reasonable grounds to believe that is in any place,
(a) anything on or in respect of which an offence has been or is suspected to have been committed; or
(b) anything that there are reasonable grounds to believe will afford evidence as to the commission of an offence.
(1.1) The search warrant authorizes a police officer or person named in the warrant,
(a) to search the place named in the information for any thing described in clause (1); and
(b) to seize the thing and deal with it in accordance with section 158.2. [emphasis added]
The LCO heard from prosecutors who say that in the absence of clear authority, investigators are seizing hard drives and “imaging” those hard drives rather than simply copying the data which would be less disruptive and intrusive to the defendant and easier for investigators. If this is the only approach authorized under the POA, it confirms the practical difficulties raised by prosecutors. Moreover, electronic data today is often saved on remote computer servers rather than individual, stand-alone computers, which can be more difficult to locate and physically seize.
In R. v. Bishop, a criminal child pornography case involving searches of computers, the Ontario Court of Justice described the problem with the traditional use of search warrants in a computerized age:
Computers present particular challenges to the law governing search warrants. Warrants have historically been directed at a particular thing or documents located at clearly identifiable physical locations. Computer technology frees evidence and information from such physical limits and allows data to reside in various places on different media with no version representing an obvious original. Inexpensive mass storage devices permit even unsophisticated computer users to store huge amounts of data on a single physical medium. The search warrant scheme in the Criminal Code is a regime originally designed to deal with physical manifestations of privacy. As such, it does not always blend easily with the world of “virtual evidence”.
These same challenges arise in the POA context. One solution is to expressly amend the POA to permit “electronic data” from computerized systems to be copied and searched, instead of seizing the computerized equipment itself. In 1997 the Criminal Code was amended to specifically deal with searching computer systems and the seizure of data. Subsections 487 (2.1) and (2.2) state:
(2.1) A person authorized under this section to search a computer system in a building or place for data may
(a) use or cause to be used any computer system at the building or place to search any data contained in or available to the computer system;
(b) reproduce or cause to be reproduced any data in the form of a printout or other intelligible output;
(c) seize the print-out or other output for examination of copying; and
(d) use or cause to be used any copying equipment at the place to makes copies of the data.
(2.2) Every person who is in possession or control of any building or place in respect of which a search is carried out under this section shall, on presentation of the warrant, permit the person carrying out the search
(a) to use or to cause to be used any computer system at the building or place in order to search any data contained in or available to the computer system for data that the person is authorized by this section to search for;
(b) to obtain a hard copy of the data and to seize it; and
(c) to use of cause to be used any copying equipment at the place to make copies of the data.
The provisions in the Criminal Code offer a good starting point for POA amendments that would allow “data” to be copied from computers or other devices that hold electronic data. The limitation in the Code on the issuance of a search warrant in respect of “a building, receptacle or place” may be an issue, however, if the data is stored at a different location from the terminal from which the authorities are conducting their search, such as remote servers.
The next issue is whether the scope of data to be seized should be limited, and if so, how might it be limited within a search warrant. The Supreme Court of Canada has commented on the highly intrusive nature of a search of a personal computer:
As I mentioned at the outset, it is difficult to imagine a more intrusive invasion of privacy than the search of one’s home and personal computer. Computers often contain our most intimate correspondence. They contain the details of our financial, medical, and personal situations. They even reveal our specific interests, likes and propensities, recording in the browsing history and cache files the information we seek out and read, watch, or listen to on the Internet.
Therefore, it would seem that restrictions on the scope of data are needed within search warrants, and obligations spelled out for anyone who is carrying out the search warrant so as to protect data or information that is not properly the subject of the search warrant.
When a thorough policy assessment of this issue is undertaken, reference might be had to the Sedona Canada Principles: Addressing Electronic Discovery that puts forward principles and commentary regarding the disclosure of data from electronic sources in civil litigation. It offers practical suggestions for limiting the scope of electronic data disclosure in the civil context, and aspects of it may be transferrable to the POA context or, at a minimum, may serve as a tool for justices who issue search warrants.
Finally, there have been several other amendments to the search warrant powers in the Criminal Code and other provincial regulatory statutes that shou