Canadian report on ethical hacking sidestepped

The Canadian government has no plans to follow the recommendations made in a report it commissioned into ethical hacking.

An email exchange obtained by Postmedia News shows that Public Safety Canada had no intention to act on the findings of internet law expert Alana Maurushat, who was paid close to $19,000 to explore the burgeoning development of online “hacktivism.” In her report, Maurushat recommended the government consider creating guidelines for digital activism, given the rise in online protests and civil disobedience such as denial-of-service attacks.

Her report, which was submitted in January 2012, also recommended changes to Canada's copyright legislation—which became law five months later—that would permit researchers to legitimately hack into software. The recommendation addressed concerns that Canadian researchers were vulnerable to prosecution if they used third-party computers or reverse engineering methods to identify vulnerabilities in hardware and software.

The emails obtained by Postmedia illustrated a disagreement between departmental staff and the minister's office. Although bureaucrats proposed responding that the report was one of series commissioned from academics into current online practices, the official answer was less forthcoming: “The Government of Canada takes cybersecurity issues seriously, and has measures in place to address them.”