Digital service providers, including mobile carriers and internet companies, may have to retain some user metadata for up to one year under the government’s proposed Bill C-22, Public Safety Canada says.
“We have done a lot of country comparisons within our analysis. And so one year actually was quite common in being the average, like I said, Australia is on the higher end with the two-year,” Hiegel told the Standing Committee on Public Safety and National Security.
She said Ottawa has not yet decided what types of metadata would have to be kept on record, adding that the government will discuss the types of data and retention periods with industry leaders and law enforcement. Metadata typically includes information about a communication or digital activity, such as phone numbers, IP addresses, timestamps, locations, and device identifiers, rather than the actual content of the message or conversation itself.
“We will develop analysis with the agencies as to what is the most valuable when it comes to investigative processes, as well as companies,“ she said. ”We need to take the time to be able to do that analysis and come back with a thoughtful scheme.”
Opposition MPs repeatedly asked why Parliament is being asked to pass a legal framework around metadata and storage timelines when the specific details of the proposed requirements have not yet been determined.
