The 3+3 Project: Koodo

This is the Koodo report for The 3+3 Project: Evaluating Canada’s Wireless Carriers’ Data Privacy Transparency. The 10 criteria used to evaluate carriers and the scoring rubric used for each are included in the chart below. A carrier could earn a full star, half star, or no star on each criterion. The criteria and rubric (with minor alterations as noted) are reproduced from the criteria document prepared by the IXmaps research project for the annual Keeping Internet Users In the Know or In the Dark: Data Privacy Transparency of Canadian Internet Service Providers, by Andrew Clement (Professor, Faculty of Information, University of Toronto) and Jonathan A. Obar (Assistant Professor, Faculty of Social Science and Humanities, University of Ontario Institute of Technology).  The Keeping Internet Users In the Know of In the Dark report is available here. For a fuller explanation of the criteria and the rubric used for each, please consult the full criteria document.

These criteria were originally developed by the IXmaps research project for their 2013 Keeping Internet Users in the Know or in the Dark report.[1] The Centre for Innovation Law and Policy (CILP) assisted with updating them for the 2014-2015 project, including developing the scoring rubric. Where we are aware of any difference in how we have applied these criteria compared to how IXmaps applies these criteria, this is indicated in the chart. For more information about IXmaps, as well as other significant projects engaging with data privacy, please see the project overview.

This report frequently makes reference to PIPEDA, the Personal Information Protection and Electronic Documents Act. This is Canadian legislation dealing with the treatment of personal information by companies while carrying on commercial activities. For more on PIPEDA, please see the project overview.

 

Notes:

  • The Koodo Service Terms were consulted (as of January 25, 2015) but did not count towards Koodo’s final score. Part of the evaluation was related to transparency about privacy practices. Therefore, carriers only received credit for information in their privacy materials, on the theory that this was where privacy-minded users would look for privacy-related information. Where including the Koodo Service Terms would have made a difference to Koodo’s score this is noted. The Koodo Service Terms apply to “the mobility division of Koodo” (per “What are the Koodo Service Terms?”). The Koodo Service Terms have a specific “For Business Customers” section, suggesting they apply to such customers.
  • Koodo is a subsidiary or division of TELUS.
    • At several points in its privacy materials, TELUS indicates that many of its privacy policies and practices apply to Koodo (see Appendix B at the end of this document).
    • However, Koodo does not explicitly indicate in its privacy materials (or the Koodo Service Terms) that Koodo users should consult TELUS’ materials. (The closest it comes is the bare statement in the Koodo Service Terms that “the mobility division of Koodo” is “a registered business name of TELUS Communications Company” [per “What are the Koodo Service Terms?”]).
    • Part of the evaluation was how transparent privacy practices are to a carrier’s users. Therefore, Koodo received no credit for provisions and statements in TELUS materials, since Koodo users would not know to consult TELUS’ materials for information relevant to them.

1. A public commitment to PIPEDA compliance

Full Star: The carrier explicitly indicates that it complies with PIPEDA, or similar applicable legislation, and provides substantive details of its privacy obligations, including that it only transfers personal information to third parties that provide an equivalent level of protection.

Half Star: The carrier only vaguely states that it operates according to applicable legislation or doesn’t mention third party PIPEDA-equivalent protection.

No Star: The carrier makes no indication that it complies with PIPEDA or substantially equivalent privacy legislation.

Score: No Star
Explanation:
  • Koodo does not make any explicit reference to the Personal Information Protection and Electronic Documents Act (PIPEDA), to similar applicable legislation, or to third party PIPEDA-equivalent protection.
  • Koodo does make passing reference to “appropriate safeguards” to protect data. However, this criterion requires a reference to legislation. In addition, the reference to safeguards appears to be a reference to data security alone. PIPEDA goes beyond these considerations.

Provisions:

“Koodo will use appropriate safeguards to protect your personal information, strive to keep it up to date and respond to your requests for access. Personal information collected by Koodo may be stored and processed in Canada or another country. In either case, the information is protected with appropriate security safeguards, but may be available to government agencies under applicable law.” – Koodo Privacy Commitment (“How does Koodo protect my privacy?”).

2. A public commitment to inform users of all third party data requests

Full Star: The carrier clearly indicates that it will notify a user when it has received a third party request for the user’s information, unless explicitly prohibited from doing so by law.

Half Star: A carrier does not indicate that it will notify users when it receives requests, however it indicates that users may send an inquiry in order to acquire such information.*

*Note: This criterion was applied generously: carriers who indicated users could learn about disclosures of their information were scored a half star.

 

No Star: The carrier makes no mention of how users may learn of third party requests for their personal information.

Score: No Star

Explanation:

  • Koodo states that it may disclose personal information to third parties, but does not indicate whether it will notify customers of any, let alone all, third party data requests.
  • Koodo does not indicate that users can obtain information about requests for their information by sending an inquiry.

Provisions: None

For provisions related to when Koodo may disclose personal information, see Criterion #4 (Transparency about conditions for third party data disclosures).

3. Transparency about frequency of third party requests and disclosures

Full Star: The carrier has published, in an annual or semi-annual report or in some other form, statistics regarding:
  • The number of requests from third parties, broken down by government (law enforcement, etc.), commercial and non-commercial entities.
  • How many requests it complied with.
  • How many accounts the requests applied to.
  • How many disclosures of information there were.

Half Star: The carrier has published SOME information but leaves many important statistics out.

No Star: The carrier has published no information relating to these types of statistics.

Note: This criterion was edited for ease of use and clarity in presentation here. In highlighting the absence of specific important statistics, we may have applied this criterion more strictly than IXmaps. However, we are not aware of any divergence with IXmaps as to the final score awarded to any carrier.

Score: No Star

Explanation:

  • Koodo has published no information about third party data requests and disclosures.
    • While Koodo’s parent company, TELUS, published a 2013 transparency report, neither Koodo nor TELUS indicates whether Koodo statistics are included in this report. (For Koodo to receive credit for TELUS’ report, Koodo statistics would have had to be clearly included in TELUS’ report, and Koodo would have had to clearly indicate this in its own privacy materials. Neither was true here).

Provisions: None

4. Transparency about conditions for third party data disclosures

Full Star:

(1) The carrier explicitly states the circumstances under which personal information will be disclosed to third parties.

(2) It must make clear what standard must be met by the third party in order for this disclosure to be made (e.g. whether a warrant is required).

(3) It must be clear whether or not a subscriber/user will be notified in the case that his or her information is disclosed to a third party and especially the specific conditions under which such information will be disclosed without consent.

Half Star: The carrier refers to some but not all of (1), (2) and (3) or is vague about them.*

*Note: In order to achieve consistency, this criterion was applied generously: carriers that had some discussion of when disclosure of user information could occur received a half star. A carrier would have had to fail entirely to discuss disclosure to receive no star, which none did. This criterion is likely to be revised and simplified in future years to improve consistent application and permit more meaningful distinctions between carriers.

No Star: The carrier fails to indicate any of (1), (2), or (3).

Note: Our evaluation of this criterion looked at discussion of disclosure to any third party, including sharing with affiliated companies, while IXmaps focused on disclosure when compelled by law. However, both approaches yielded the same score on this criterion.

Score: Half Star

Explanation:

  • Koodo explicitly states the circumstances in which personal information will be disclosed to third parties without consent. However, a lack of clarity as to whether Koodo provides an exhaustive list of such circumstances should be noted:
    • The Koodo Privacy Commitment states: “Koodo will not disclose any personal information without your express consent, other than in the following circumstances…” followed by a list of circumstances. The phrase “other than in the following circumstances” suggests this is a closed list.
    • In a later section the Koodo Privacy Commitment states: “Koodo will not collect, use or disclose your personal information for any purpose other than those identified above or in your Customer Service Agreement or our Service Terms, except with your consent”, suggesting the previous list is not a closed list.
    • The Koodo Service Terms state: “Unless you provide your express consent or unless disclosure is required under the law, your information [other than your name and address] may not be disclosed by Koodo to anyone, other than…” followed by a list of circumstances. This list is similar to the list in the Koodo Privacy Commitment, but contains at least one additional circumstance. The Koodo Service Terms are not formally part of Koodo’s evaluation, but this discrepancy should be noted.
  • Thus, while Koodo appears to provide a significant amount of information about the circumstances when personal information will be disclosed without consent, the lack of clarity about whether various lists of such circumstances are or are not exhaustive undercuts the value of these lists.
  • Koodo is unclear as to what standards various third parties must meet in order for disclosure to be made.
  • Koodo is unclear as to whether users will be notified when their information is disclosed.

Provisions:

The Koodo Privacy Commitment contains provisions pertaining to whom and in what circumstances personal information will be disclosed without a user’s consent. As the full provision is long, the exact text is in Appendix A below. However, to paraphrase, it indicates Koodo will only disclose personal information without consent to:

  • Someone it reasonably believes is the user’s authorized representative or agent
  • Another telecommunications company involved in providing telecommunications services, for the purpose of providing a user with services
  • Other business units “related to Koodo”
  • Phone directories and listing services
  • Credit agencies (to check creditworthiness) and collection agencies (to collect money owed to Koodo)
  • Public authorities where there is an emergency
  • “[A] government agency or other third party, if required to meet legal and regulatory requirements, such as responding to a court order.”

– Koodo Privacy Commitment (“How does Koodo protect my privacy?”).

The Koodo Service Terms have a similar provision, relating to disclosure of information “other than [user] name and address”. In the Koodo Service Terms, however, there is the addition of disclosure to “[a] law enforcement agency if Koodo reasonably believes that you or anyone using your device is engaged in fraudulent or unlawful activities against Koodo.” The absence of this circumstance from the Koodo Privacy Commitment list calls into question whether that list is a truly exhaustive list of circumstances where disclosure can occur without consent. Note that the Koodo Service Terms are not formally included in Koodo’s evaluation, and in any event would not have changed Koodo’s score on this criterion. Still, this discrepancy should be noted. See “Explanation” above for details. The full text of both the Koodo Service Terms and Koodo Privacy Commitment provisions is in Appendix A at the end of this document.

“What Koodo won’t do with my personal information

Koodo will not collect, use or disclose your personal information for any purpose other than those identified above or in your Customer Service Agreement or our Service Terms, except with your consent. For greater clarity, unless you provide express consent Koodo will not:

  • share your personal information with or sell it to third-party marketers; or
  • use your personal information to enable third-party targeted advertisements.”

– Koodo Privacy Commitment.

5. An explicitly inclusive definition of ‘personal information’

Full Star: The carrier explicitly states all forms of data that fall under ‘personal information’. This should include subscribers/users’ IP addresses, IMSI/IMEI numbers, or MAC addresses, as well as their userIDs, meta-data (e.g. who subscriber communicated with, when and where this communication occurred), browser history (pages accessed, date of access, location when accessed), personal account information, credit card information etc.

Half Star: The carrier only implicitly states forms of data included in a definition of ‘personal information’, and/or provides a definition which (a) incorporates a closed list of what constitutes personal information that (b) excludes one or more of IP addresses, IMSI/IMSEI numbers, MAC addresses, userIDs, meta-data, browser history, personal account information, or credit card information.

No Star: The carrier gives no definition of ‘personal information’.

Note: IP addresses, IMSI/IMEI numbers and MAC addresses are all used to identify individual devices connected to the Internet. This information could be used to identify individuals and track their locations. For more information, click here.

Score: No Star

Explanation:

  • Koodo gives no definition of “personal information”.

Provisions: None

6. The normal retention periods for personal information

Full Star: The carrier discloses how long personal information is routinely retained for, specifying retention time periods for each data type.

Half Star: The carrier only states the retention period for limited types of information. For example, a company may state that it retains consumers’ browsing history for 2 weeks, but provides no information on call log retention.

No Star: The carrier either provides no information on data retention periods OR provides a statement so vague as to not inform the consumer beyond what PIPEDA requires. For instance, “[Our company] shall retain personal information only as long as necessary for the fulfillment of the purposes for which it was collected.” (Example wording is from Bell’s privacy policy.)

Score: No Star

Explanation:

  • Koodo makes no mention of retention periods.

Provisions: None

7. Transparency about where personal information is stored and/or processed

Full Star: The carrier clearly indicates the storage and/or processing locations of user’s data and whether data storage and/or processing has been outsourced to a foreign company. This should include whether data may be stored in, or otherwise subject to other jurisdictions, what those jurisdictions are, and what sort of disclosure such data may be subject to.

Half Star: The carrier only indicates that there is a possibility that data may be stored and/or processed subject to a foreign jurisdiction. No jurisdiction is noted or details are not provided.

No Star: The carrier fails to clearly indicate whether or not data may be stored and/or processed such that it may be subject to a foreign jurisdiction.

Score: Half Star

Explanation:

  • Koodo mentions that personal information may be stored and processed outside Canada and “may be available to government agencies under applicable law”, but without providing any details on specific jurisdictions.
  • Note that Koodo does not highlight the fact that information stored and processed outside Canada may be subject to the laws of other jurisdictions.

Provisions:

“Personal information collected by Koodo may be stored and processed in Canada or another country. In either case, the information is protected with appropriate security safeguards, but may be available to government agencies under applicable law.” – Koodo Privacy Commitment (“How does Koodo protect my privacy?”).

“You acknowledge that while roaming outside Canada the storage, treatment and transfer of your personal information and data may be subject to regulation different from the regulation in Canada.” – Koodo Service Terms (“Your Privacy: What limitations apply to any claim made against Koodo?”).

(Note that the Koodo Service Terms are not formally included in Koodo’s evaluation, and in any event would not have changed Koodo’s score on this criterion.)

8. Transparency about where personal information is routed

Full Star: The carrier clearly indicates whether Canadians’ personal domestic communication data might be routed through the United States or otherwise subject to foreign jurisdiction while in transit. It clearly indicates the geographical locations where domestic communication is routed and what jurisdictions it is subject to. Similarly, it indicates whether or not communications with third countries is subject to U.S. jurisdiction.

Half Star: The carrier is vague about the geographical locations or jurisdictional exposure of personal data routing.

No Star: The carrier gives no indication of the geographical locations or jurisdictions where personal data is routed.

Score: No Star

Explanation:

  • Koodo gives no indication of the geographical locations or jurisdictions through which personal data is routed.

Provisions: None

9. Domestic Canadian routing when possible

Full Star: The carrier clearly states on its privacy pages a policy of domestic Canadian routing when possible, and indicates the concrete measures it takes to achieve this goal. A carrier that verifiably peers openly at all the Canadian IXPs in its service region(s) will also receive a full star. Only Canadian carriers are eligible for a full star, as foreign carriers by definition subject the data they carry to non-Canadian jurisdictions.

Half Star: The carrier is vague about its policies for ensuring Canadian routing of domestic traffic and the measures it takes to ensure this. In the absence of a clear policy statement, a carrier (whether Canadian or foreign) that peers openly at some but not all Canadian public IXPs in its operating regions will earn a half star.

No Star: The carrier gives no indication of any policy or concrete measures to promote domestic routing when possible, nor does it peer openly at any Canadian public IXPs.

 

Note: Due to minor changes in wording during the evaluation process, we may have applied this criterion more strictly than IXmaps. However, we are not aware of any divergence with IXmaps as to the final score awarded to any carrier.

Score: No Star

Explanation:

  • Koodo gives no indication that they promote domestic routing where possible.
  • Koodo does not peer openly at any Canadian public IXPs as of January 25, 2015. The IXPs reviewed were:
  • Koodo is a subsidiary of TELUS. If TELUS had been peering openly at Canadian IXPs during the research period, we might have asked whether that meant Koodo’s traffic was being routed domestically as well. However, since TELUS earned no star on this issue, the question of whether Koodo should get credit for actions by TELUS has been left for the future.

Provisions: None

For an explanation of IXPs and open and conditional peering, see the project overview.

10. Open advocacy for user privacy rights

Full Star: The carrier makes clear reference on its privacy pages to its support for user privacy rights via at least one of the following:
  • Involvement in public debates over mass state surveillance;
  • Involvement in privacy or surveillance related legislative initiatives (e.g. the current Bill C-13 on lawful access);
  • Defending user privacy rights in court; or
  • Ties to advocacy organizations or initiatives promoting user privacy rights.

Half Star: The carrier has defended user privacy rights politically, in court or legislatively, but there is no reference to this in its privacy pages.

No Star: There is no readily available public evidence that the carrier has taken a positive pro-privacy position in any of the above areas.

Note: While this criterion was edited for ease of use and clarity in presentation here, we are not aware of any divergence with IXmaps with regard to application.

Score: No Star

Explanation:

  • No indication of Koodo publicly supporting user privacy rights was found.
  • A search of legal databases for Canadian cases involving Koodo did not turn up any case law where Koodo defended user privacy rights in court.
  • Koodo is a subsidiary of TELUS. TELUS has publicly supported user privacy rights, in particular via one past and one current Canadian court case (see the TELUS report for details). However, Koodo did not make any reference to TELUS’ actions in its privacy materials, nor was it obviously involved in any TELUS privacy-related litigation. Therefore, it cannot receive any credit for TELUS’ actions.

Google searches used in seeking public evidence of a pro-privacy position (The most recent search date is given next to each search term. Material up to 5 years old was reviewed.)

Koodo “privacy” (January 23, 2015).

Koodo privacy (January 25, 2015).

Koodo transparency (January 25, 2015).

Koodo “Personal information” (January 23, 2015).

Koodo “customer information” (January 25, 2015).

Koodo “subscriber information” (January 25, 2015).

Koodo disclosure (January 25, 2015).

Koodo “user privacy” (January 23, 2015).

Koodo “Bill C-13” (January 25, 2015).

Koodo “lawful access” (January 25, 2015).

Koodo “Customers’ privacy” (January 23, 2015).

Koodo “personal information” (January 25, 2015).

Koodo “warrant” (January 25, 2015).

Koodo “legal authority” (January 25, 2015).

Searches used in seeking case law where Koodo defended user privacy rights in Canadian courts (The most recent search date is given next to each search term. Material up to 5 years old was reviewed.)

Westlaw Canada:

  • Koodo back to 01/01/2010 (January 25, 2015).

Quicklaw:

  • Koodo in Case Name, limited to previous 5 years (January 25, 2015).
  • Koodo & intervener limited to previous 5 years (January 25, 2015).

CanLii:

  • Koodo (January 25, 2015).

Appendix A: Provisions related to Transparency about conditions for third party data disclosures (Criterion #4)

“…Koodo will not disclose any personal information without your express consent, other than in the following circumstances, to:

  • your representative, or an authorized user under your account, if we are satisfied that the person is authorized to receive the information;
  • another telecommunications company, but only if the information is used to establish or to efficiently provide telecommunications service, such as information required for porting services between carriers;
  • another business unit related to Koodo – to help us serve you better or provide services from different parts of the TELUS company;
  • a directory or listing service company for the purpose of listing your name, address and phone number;
  • a third party used by Koodo to evaluate your creditworthiness or collect outstanding balances;
  • a public authority or its agent – if Koodo reasonably believes that there is imminent danger to life or property that could be avoided or minimized by disclosure of personal information, such as in response to a 911 call; or
  • a government agency or other third party, if required to meet legal and regulatory requirements, such as responding to a court order.”

– Koodo Privacy Commitment (“How does Koodo protect my privacy?”).

Note:

Comparison with other carriers’ materials and with a similar provision in the Koodo Service Terms (below) lead us to believe this Koodo Privacy Commitment provision is intended to say that Koodo will not disclose personal information without consent except to these listed people/entities in these circumstances. It is important, however, to note that this is not what the provision literally says. Due to the comma after “circumstances” in the introductory paragraph before the list, the provision literally says that Koodo will not disclose personal information without consent to these listed people/entities, except in the circumstances listed – which means the provision, as written, does not address when personal information would be disclosed without consent to people/entities not listed here.

In addition, it should be noted that despite this language indicating the list in the Koodo Privacy Commitment is a complete list of when Koodo will disclose information without consent, this may not be the case:

  • A later section in the Koodo Privacy Commitment states: “Koodo will not collect, use or disclose your personal information for any purpose other than those identified above or in your Customer Service Agreement or our Service Terms, except with your consent”, suggesting the previous list is not a closed list.
  • The Koodo Service Terms state: “your information [other than your name and address] may not be disclosed by Koodo to anyone, other than…” followed by a list of circumstances. This list is similar to the list in the Koodo Privacy Commitment, but contains at least one additional circumstance, also suggesting the Koodo Privacy Commitment list is not a complete list of when disclosure can occur without consent.

 

“All information that Koodo keeps with respect to you and your service, other than your name and address, is confidential. Unless you provide your express consent or unless disclosure is required under the law, your information may not be disclosed by Koodo to anyone, other than:

  • You or a person who, in the reasonable judgement of Koodo, is seeking the information as your agent;
  • Another telecommunications company, but only if the information is used to establish or to efficiently provide telecommunications service, if the disclosure is made on a confidential basis, and if the information is used solely for that purpose;
  • An affiliate involved in supplying you with telecommunications and/or broadcasting services, provided the information is required for that purpose and disclosure is made on a confidential basis with the information used only for that purpose;
  • A directory or listing service company for the purpose of listing your name, address and phone number if you consent and if that company agrees to use the information only for that purpose;
  • An agent used by Koodo to evaluate your credit or collect outstanding balances owed to Koodo by you, if the agent requires the information and agrees to use the information only for that purpose;
  • A public authority or its agent if Koodo reasonably believes that there is imminent danger to life or property that could be avoided or minimized by disclosure of the information;
  • A law enforcement agency if Koodo reasonably believes that you or anyone using your device is engaged in fraudulent or unlawful activities against Koodo.

By “express consent”, we mean:

  • Written consent;
  • Oral confirmation verified by an independent third party;
  • Electronic confirmation through the use of a toll-free number;
  • Electronic confirmation via the Internet;
  • Oral consent, where an audio recording of the consent is retained by Koodo; or
  • Consent through other methods, as long as an objective documented record of your consent is created by you or by an independent third party.”

– Koodo Service Terms (“Your Privacy: What limitations apply to any claim made against Koodo?”). (Note that these Terms and this provision was not formally a part of Koodo’s evaluation.)

Appendix B: TELUS Statements Regarding Applicability of TELUS Policies to Koodo

Note: Part of the evaluation was how transparent privacy practices are to a carrier’s users. Therefore, despite the below provisions, Koodo received no credit for provisions and statements in TELUS privacy materials, since Koodo did not indicate in its privacy materials that Koodo users should consult TELUS’ materials. Koodo users would therefore not know to consult TELUS’ materials for information relevant to them.

“What’s new?

We have updated the language in our Privacy Commitment to make it more clear and simple. We have not changed any of our TELUS privacy practices, expanded the ways that we use or disclose your personal information, or lessened any safeguards. Also, our Privacy Commitment continues to extend across our brands1, as it always has.”

1Including TELUS Mobility, TELUS Quebec, Koodo, Black’s and PC Mobile, but excluding TELUS Health”

– About TELUS’ Privacy Commitment (last consulted January 25, 2015).

“1In this Privacy Commitment, the words “we” or “TELUS” refer to TELUS Corporation and its subsidiary companies, as they may exist from time to time, including those subsidiaries or divisions that carry on business under the names TELUS, TELUS Communications Company, TELUS Mobility, TELUS Quebec, Koodo, Black’s and PC Mobile, but not including TELUS Health. The words “we” and “TELUS” do not include independent dealers and distributors of TELUS products and services.” – TELUS’ Privacy Commitment to You (Endnote 1) (last consulted January 25, 2015).

“TELUS – TELUS Corporation and its subsidiary companies, as they may exist from time to time. These include, without limitation, the subsidiaries or divisions which carry on business under the following names: TELUS, TELUS Communications Company, TELUS Mobility, TELUS Québec, Koodo, Black’s and PC Mobile, but not including TELUS Health. “TELUS” does not include independent dealers and distributors of TELUS products and services.” – TELUS Privacy Code (“Definitions”) (last consulted January 25, 2015).

Appendix C: Sources

Koodo Privacy Commitment

  • Koodo does not specify who the policy applies to or define who “we” or “Koodo” are. The policy has been assumed to apply to Koodo’s wireless services.
  • Last consulted January 25, 2015.

Note: Note: Koodo does not appear to have a news or press release archive on its website. The working group reviewed TELUS’ press release archive on the TELUS website back to 2009: http://about.telus.com/community/english/news_centre/news_releases (Last consulted January 25, 2015). Had relevant Koodo press releases been found in that archive, or had statements clearly related to Koodo and its practices and position on privacy been found in TELUS' releases, this might have affected Koodo's score on criterion #10. However, as no such releases or statements were found, the point did not arise.

 

[1] Andrew Clement & Jonathan A. Obar, “Keeping Internet Users in the Know or in the Dark: Data Privacy Transparency of Canadian Internet Service Providers” (27 March 2014), online: IXmaps & New Transparency Projects <http://ixmaps.ca/>. The report is available online at <http://ixmaps.ca/transparency/img/DataPrivacyTransparencyofCanadianISPs.....