Canadian Web Hosting Blog and News
31Jan/130

How WhatsApp Violated Canadian Privacy Law? Unencrypted messages.

Canadians know that we have much stricter online privacy laws than most of our counterparts around the world and with that said, as a company, Canadian Web Hosting, always follows and keeps track of stories that breach our Canadians laws. Why? Because Canadian people and Canadians businesses care very much about where their own data are stored which is right here on Canadian soil. Both of our data centres are located in Vancouver, BC, and Toronto, ON and as you can imagine, we pride ourselves in protecting our customers' data very seriously. Your online data.

WhatsApp
Photo © abulhussain on Flickr

Now, if you are the kind of user who enjoys apps and texting, you are probably familiar with WhatsApp Messenger, a cross-platform mobile messaging app which allows you to exchange messages without having to pay for SMS since the app uses your data plan instead of your texting plan. The app is readily available for iPhone, BlackBerry, Android, Windows Phone and Nokia.

A few days ago, the media reported that privacy commissioner Jennifer Stoddart said that the mobile chat app WhatsApp violated Canadian privacy law and needed to be updated to comply with all her concerns. The article states:

Investigators found messages were being transmitted unencrypted, which left them vulnerable to being intercepted by hackers, particularly on public WiFi hotspots. The company did begin encrypting messages in September in response to the privacy agencies. But Stoddart says WhatsApp still has work to do to resolve all its identified issues. She was unhappy that users were not getting adequate disclosure about how their status messages could be seen by people not on their contact list. The company says it will address the complaint in a new release expected in the fall.

If you're a heavy app user, you might want to think twice about the purpose of the apps that you are using and how one company is utilizing your personal contact information. We often blog about privacy and you can keep up by following our "privacy" tag. Recently, we wrote about data centre physical security, our deployment of SecureIT Botnet and Malware Prevention, and the roles of StopTheHacker and prevention.

If you're looking for additional information on this topic, you may email us at sales@canadianwebhosting.com, or call us at 1-877-871-7888. You may also contact us through social media on Twitter at @cawebhosting, through our Facebook Page or leave us a comment below.

Kevin Liang
CTO / SEO Guru

28Dec/110

Should Canadians be Concerned About SOPA

We’ve been seeing more questions about SOPA and what it means for our Canadian Web Hosting customers.  The Stop Online Piracy Act (SOPA) is an U.S. bill that, if passed, would give law enforcement and copyright holders a new level of recourse whenever it appears that their intellectual property has been infringed.   In short, it gives law enforcement the ability to target third parties that have helped “facilitate” or “enable” copyright infringement and gives the copyright holders a more active role in the process where alleged copyright violations have occurred.

What does this have to do with us, we’re Canadians not Americans?

As a matter of fact, a whole lot.  As an example, do you use Google? YouTube? Facebook?  If you do, you better think twice because these service providers (and many others) will become responsible for their users actions.  If you want to show a video to your friends of you playing a Beatles song, then you would be subject to these new regulations and because the service provider has to comply with these new requirements, they would be forced to restrict you/your account including surrendering the video, verifying your identity, etc.  In reading various blogs around the web, it is easy to see that there is a lot of concern and it isn’t hard to see the severity of the situation.

A company offering backup solutions recently sent out an email to its users, which (in part) discusses SOPA:

What is SOPA? This act allows content owners - movie companies, music labels, etc. - to obtain court orders requiring search providers such as Google to filter their search results to exclude websites that host allegedly infringing material, and requiring the net registrars to block DNS servers from providing the correct IP address for such sites. The act also makes site owners civilly liable for the availability of copyright material on their sites. In addition, it makes the posting of a link to a third party website that has copyright material on it the same as hosting the material on your own site.

Again, think about the sites that we all use everyday and the impact that it could potentially have on us.  There is one other very impact aspect that we will keeping our eyes on as this discussion continues.

Because of the broad manner by which SOPA sets up “censorship” safe guards, it could have a very real impact on how IP addresses are used within this law:

It defines “domestic Internet Protocol addresses” — the numeric strings that constitute the actual address of a website or Internet connection — as “an Internet Protocol address for which the corresponding Internet Protocol allocation entity is located within a judicial district of the United States.”  Yet IP addresses are allocated by regional organizations, not national ones. The allocation entity located in the U.S. is called ARIN, the American Registry for Internet Numbers. Its territory includes the U.S., Canada and 20 Caribbean nations. This bill treats all IP addresses in this region as domestic for U.S. law purposes.  To put this in context, every Canadian Internet provider relies on ARIN for its block of IP addresses. In fact, ARIN even allocates the block of IP addresses used by federal and provincial governments. The U.S. bill would treat them all as domestic for U.S. law purposes.

For the purposes of SOPA, it would essentially “pretend” that all foreign sites and providers are domestic potentially including Canadian web sites.   While we don’t think our Canadian customers will be directly impacted by this, it does create a scenario where future iterations of this law could impact us directly through the creation of cross-border agreements or access to entities that control distribution and access to the internet.  What do you think?

Tagged as: , No Comments