Surveillance programs, data retention, and online privacy in Canada have garnered little global attention in comparison to the now notorious examples of privacy violations in the US and in the UK following Snowden’s NSA and GCHQ leaks. Since the revelations, however, Canadian citizens face increasing legislation in favor of mass surveillance and privacy intrusion. In this short guide we consider the most pertinent privacy concerns faced by Canadians in recent years, as well as recommending six of our favorite VPN services for protecting user privacy in Canada.
Canada and the NSA
In the wake of Snowden’s disclosures, Canada’s involvement in the NSA program, and other possible surveillance programs, is still coming to light. Speaking in March this year, Snowden said that Canada’s intelligence agencies have “one of the weakest oversight” infrastructures in the western world, making citizens particularly susceptible to surveillance. Snowden referred directly to Canada’s Bill C-51, which was passed in January this year and grants law enforcement agencies, and the Canadian Security Intelligence Service (CSIS), greater powers to share private data on individuals regardless of criminality. Snowden likened the bill to the U.S Patriot Act, which many argue created the ideal conditions for the bulk collection of data conducted by the NSA.
Shortly after the NSA’s operations became publicly known, it also came out that Canadian citizens were victims of aggressive monitoring and data retention by the U.S surveillance program dragnet. Canada’s government were accused of poor oversight because of obvious backdoors in the legal framework that allow surveillance programs easy access. One such program, which was also disclosed by Snowden, was conducted by the New York-based telecommunications company Verizon. What’s concerning is that Verizon entered Canada’s wireless market only months after Snowden shed light on their shady operations.
Canada’s involvement with the NSA fiasco doesn’t stop there. According to journalist Glenn Greenwald’s latest book, No Place to Hide, the NSA paid the Canadian government to help develop their surveillance program. In 2012, Canada was the fourth largest recipient of money from the NSA, at an estimated sum of $300,000 to $400,000. Aside from the NSA, Canada are increasingly influenced both directly and indirectly by American legislation and by large tech corporations, many of which are American. Canada’s geographical proximity to the U.S makes them especially vulnerable to increasing internet regulation, but this is only half of the picture.
Canada are also embroiled in their own privacy concerns. In May, it was revealed that spy agencies in Canada have been targeting millions of smartphone users through links to Google and Samsung app stores. In February 2012, the Canadian government proposed the Protecting Children from Internet Predators Act, legislation that would have allowed law enforcement agencies the ability to monitor the online and cell phone activities of Canadian citizens, regardless of criminal behavior.
However, critics suggested that the “snooping bill” might be used against protesters and activists, which led to widespread opposition. The legislation was withdrawn by the government in 2013. For many, the strong opposition to the bill reflected Canada’s staunch beliefs about the individual’s right to privacy. That said, internet privacy in Canada is an increasing concern for many critics. In May 2012, the largest Canadian social networking site for teenagers, Nexopia, breached the country’s federal privacy law. The biggest violations were intrusive default privacy settings and the retention of personal data indefinitely, even after accounts were deleted.
In 2014, the government proposed a Cyber Bullying Bill whereby law enforcement agencies would have extended powers to monitor and retain online user behavior without obtaining warrants. Later that year, however, the Supreme Court ruled that “Police need a search warrant to get information from internet service providers about their subscribers’ identities when they are under investigation”.
When it comes to peer-to-peer file sharing, Canada has often been portrayed as a safe haven, though the government has begun tightening regulation in the last six months. In January, the Copyright Modernization Act took effect, which requires internet providers to notify users when downloading from torrent sites. In the unlikely event that individuals are taken to court, non-commercial downloaders can face a maximum fine of $5,000 per case, while commercial violators can be charged up to $20,000. According to Canadian e-law expert Michael Geist from the University of Ottawa, the legislation has not led to any significant change in law enforcement and there are hundreds of thousands of notifications being sent to users and no judicial action is taken. Geist also said that the notification system has been in place for the last ten years and operates more as a deterrent rather than leading to court proceedings, though it is now formally legislated and could potentially lead to prosecution.
In other news, the file sharing website isoHunt, which was launched by Canadian Gary Fung in 2003 and is based in Vancouver, quickly became one of the most popular torrent sites. In 2009, isoHunt was found to have violated US copyright laws, though it wasn’t until 2011 that the Canadian Recording Industry Association (CRIA) and major record labels sued the site for millions of dollars. In 2013, isoHunt shut down following a $110 million fine after losing in court to the Motion Picture Association of America (MPAA). However, isoHunt quickly established mirror sites and continues today in clear defiance of ongoing legal disputes.
In terms of internet censorship in Canada, content is not regulated nationwide though local laws apply to certain websites. In 2011, Canada’s Supreme Court ruled that linking sites to defamatory material cannot be prosecuted unless the linking site itself is defamatory. In 2007, the BitTorrent tracker and website Demonoid was allegedly threatened with legal action by CRIA, and the website began blocking traffic from Canadian IP addresses as a result. This has since been lifted.
VPNs in Canada
Even though the U.S, the U.K, and others have stolen the limelight on the global stage when it comes to online privacy, Canada is facing increasing data legislation and expanding surveillance powers in terms of both federal agencies and tech corporations.
Rather than spending hours researching possible privacy violations, data retention laws, and blocked sites, it’s much simpler to connect to an encrypted Canada-based VPN server. When connecting to an encrypted server, you will be able to enjoy optimal internet performance without a significant loss in your bandwidth. Once connected, the endpoint will immediately alter your computer or mobile device’s IP address to a shared IP, effectively changing your virtual location in Canada. What’s more, inbound and outbound traffic will be encrypted according to the level of encryption (protocols) you have chosen. Below we have recommended six VPN providers especially for Canada.
|Private Internet Access||Read Review
BTGuard is a VPN and SOCKS5 BitTorrent proxy provider. We’ve placed BTGuard at the top of the list for several reasons, including the fact that they are a local company with their headquarters in Toronto. Unlike other major providers, the service operates discreetly on the VPN market and rarely announces major upgrades. Since day one, however, BTGuard has built up a strong reputation as an authentic no-log anonymizer, which makes it an excellent choice for torrenting fans.
Instead of building up a large-scale server range, BTGuard focuses its efforts on running and maintaining a modest network in three key countries, including locally in Canada, as well as in the Netherlands and Singapore, covering customers residing in North America, Europe, and Asia. According to their FAQ section, Canada and Amsterdam nodes are capable of up to 10Gb/s, while encryption protocols include OpenVPN with AES 256-bit keys and PPTP with 128-bit keys. One thing to mention is that the VPN will need to be installed through third party clients, such as OpenVPN, VPNetmon, VPNLifeguard or VPNautoconnect (for Linux). The ‘knowledgebase’ section on their website provides detailed step by step instructions as well as downloads for the BTGuard configuration files. There are also downloable command lines for configuring the VPN on DD-WRT routers.
In terms of the BitTorrent proxy, this is essentially a SOCKS5 proxy that works by spoofing your IP address specifically within the torrent client. This is the slightly cheaper option and does not implement actual encryption. The proxy can be configured to work in different clients, including uTorrent, Vuze, qBitTorrent and Deluge. Additionally, BTGuard provides a light side installation, which works specifically with uTorrent.
Pricing for the BitTorrent proxy starts at $6.95, while the VPN costs $9.95 per month.
Pros: Strict no-log policy (including no IP logging); fast servers
Cons: No native apps; no bundle subscription for VPN and Proxy
In second place is IPVanish, a US-based VPN service that is one of the largest providers on the market. Currently, it has six servers based in Canada, including a cluster in Toronto and two more in Vancouver. It offers VPN access via numerous additional, nearby locations, just on the other side of the border in the US. These nodes are located in New York, Chicago, and Seattle. Moreover, IPVanish boasts an enormous server range around the world, including Europe, Africa, Asia, and Australia/Oceania.
Applications are available for Windows, Mac OS X, iOS and Android, with slightly different compatibility for each operating system in terms of available protocols. For example, iOS supports only L2TP/IPSec and IKEv2, while desktop versions support OpenVPN (with the choice of UDP or TCP), along with L2TP/IPSec and PPTP. The service also provides its own private DNS server addresses on a per-request basis. It’s also worth mentioning that the IPVanish desktop client has a recommended server selection feature labelled “Canada Media or Gaming”, meaning that when the option is selected, the app will connect the user to VPN servers in Canada that are specifically optimized for performance-demanding tasks like streaming and live online gaming.
Unlike most major VPN services, IPVanish does not provide live chat support. Instead, it offers the standard ticket-based (email) support system. Since 2012, their website has also hosted a customer support and discussion forum.
IPVanish offers one subscription package, with a choice out of three billing cycles. A monthly subscription costs $10; a three month subscription $26.99, while the annual plan is $77.99.
Pros: Zero logging policy; apps for all common operating systems; optimized Canada servers for streaming and gaming
Cons: No live chat support
3. Hide My Ass!
UK-based Hide My Ass! (HMA) is at third place. HMA is arguably the world’s largest and most recognized VPN. The service, which was sold in May 2015 to IT securities giant AVG, prides itself on its enormous server range that includes close to a 1000 nodes, spread across each populated continent. North America alone is covered with nearly 500 endpoints. What’s more, over the past year, HMA has expanded its network by approximately a third of its current size. At the time of writing, HMA has 29 individual servers placed in Canada, including 14 in Montreal, 8 in Toronto, 5 in Vancouver and 2 servers in the state of New York in the US, which act as spoof virtual endpoints in Canada. There are other nearby, US-based servers with several more in New York, as well as nodes in Illinois, Washington (state), and Alaska.
HMA states that it collects and keeps basic connection logs (IP and timestamps) for a period between two to three months, after which logs are deleted, unless the provider needs to handle an instance of service abuse. It states clearly that it does not monitor or record usage logs, such as the customers’ internet traffic history. The company websites also says that it will never pass on any customer information to a third party unless it is obliged to do so under English Law. It’s important to add that despite HMA operating as a company in the United Kingdom, the connection logs that they do keep are not stored in the UK. For security reasons, their support team would not specify where they are stored, but this workaround is the reason why HMA logs are not kept for the entire twelve-month period that is required of internet companies under strict UK data retention laws.
It’s likewise important to note that HMA is not the best choice for torrent fans, as the provider runs a kind of ‘grey’ policy on what it allows customers to do. During our chat with the company’s support agent, we found out that HMA tend to frown on P2P downloading of pirated content, and more so towards sharing. Torrenting is technically allowed, however your HMA account could face a warning or even suspension, should the provider receive DMCA requests from content owners.
HMA use OpenVPN, L2TP/IPSec and PPTP protocols with the OpenVPN protocol using Blowfish 128-bit keys. It would be ideal if OpenVPN was available with AES 256-bit keys, at least in terms of optimising encryption efficiency, however, its default Blowfish encryption will still work quickly while offering strong security. Also, its L2TP/IPSec protocol works with the stronger AES-256-CBC keys.
Windows, Mac OS X, Android, and iOS users can use this VPN with standalone HMA applications. However, like the other providers in this list, HMA is manually configurable on all VPN-compatible platforms. HMA offers a free public proxy via their website as well as a premium encrypted email service.
Pricing starts at $9.99 per month. The semi-annual subscription costs $49.99, while the yearly plan is $78.66.
Pros: Many-many server locations; avoids UK data retention by storing logs outside UK;
Cons: OpenVPN does not support AES 256-bit encryption; not the best choice for torrenting
4. Private Internet Access
US-based Private Internet Access (also known as PIA) is at fourth place and is a well-known provider on the VPN market. Although it does not offer quite as many different server locations as its competitors, the actual number of servers provided in the available spots is nothing short of huge. For instance, at the time of writing, PIA has just under 800 servers in Toronto alone, with another 60+ endpoints in New York. To add to that, nearby US locations include 100 nodes in New York, over 60 servers in Seattle and almost 300 more servers around the Midwest. For security reasons, PIA did not disclose which Midwestern states are in question. Other international locations include multiple EU locations, as well as servers in Russia, Turkey, Hong Kong, Singapore, Israel, Mexico, Brazil, and Australia.
By default, PIA implements the OpenVPN protocol on its software and customers are able to select AES 128-bit, AES 256-bit, Blowfish 128-bit CBC and None (the last applies no cipher, and acts very similarly to a SOCKS6 proxy). Not only that but the client also lets customers choose between various data authentication algorithms (SHA1, SHA256) and handshake encryption levels RSA 2048, RSA 3072, RSA 4096, ECC-256k1, ECC-256r1, and ECC-521 for key exchange and certificate.
Applications are available for Windows, Max OS X, and Android devices, while iOS, Linux, and other VPN-compatible platforms are also supported yet require manual configuration. Desktop software includes useful features such as the Internet Kill Switch (blocking all web traffic should the VPN connection drop) and DNS leak protection (which routes DNS requests through the VPN connection). A Socks5 proxy is also available to customers. Torrent transfers are permitted on all server locations.
In general, PIA has enjoyed lots of popularity online. The provider has made a particular name for itself on the /r/vpn sub-Reddit (Reddit.com), where forum contributors regularly discuss all aspects of the service. Speaking of forums, PIA hosts its own user-generated support forum which, to date, has over two and a half thousand posts. All troubleshooting posts also appear to have a reply from a PIA support agent. In a nutshell, much is discussed here, and it’s quite likely that you will stumble upon even the rarest of inquiries.
Out of the well-known VPN providers, PIA is one of the cheapest. And by a wide margin too. Monthly subscriptions cost $6.95 per month. A six month subscription costs $35.95, while an annual subscription is only $39.95 – well below average, and almost twice as cheap as other major providers’ yearly plans.
Pros: Allows up to 5 simultaneous device connections; very cheap for major provider; no traffic or connection logs
Cons: No free trial available
ExpressVPN is in fifth place. This major VPN provider has its headquarters in British Virgin Islands and operates out of the United States. In Canada, it offers servers in Montreal and Toronto. Nearby US-based nodes include locations in New York and Seattle. Together with this, ExpressVPN has many more international locations available, spanning the rest of the Americas, EU, Russia, Africa, Asia, and Oceania.
Available protocols include OpenVPN (UDP or TCP), L2TP/IPSec, SSTP, and and the weaker PPTP, with ciphers ranging between 128-bit and 256-bit keys. ExpressVPN offers applications for Windows, Max OS X, Android, and iOS operating systems, though there isn’t a great deal of bonus features to explore. This is a fairly simple and down-to-the-point service, which has made a name for itself largely thanks to its reliability and fast speeds.
On the price front, ExpressVPN is one of the more expensive options out there. A monthly subscription costs $12.95. Six months will set back $59.95. A yearly account costs a rather dear $99.95.
Pros: Fast and reliable; apps for all platforms; torrents allowed; “offshore” jurisdiction
Cons: Not cheap
VyprVPN is a US-based VPN provider that comes in at sixth place. Its parent company Golden Frog offers additional anonymity-oriented services such as encrypted storage and a messenger service. But focusing on the VPN, it’s safe to say that VyprVPN is a very established provider with a large network and an array of extra features.
The provider has a cluster based in Toronto, as well as New York and Seattle from other nearby locations. On top of that, it offers clusters across other US states, Europe, Asia, Africa, and Oceania. In short, there’s a great deal of locations to choose from.
With regards to encryption protocols, OpenVPN is available with 128-bit or 256-bit AES keys; L2TP/IPSec runs using 256-bit keys, while PPTP is also available with 128-bit keys. VyprVPN has also designed its own custom protocol, built for bypassing DPI and subsequent blocking of VPN traffic. The protocol is called Chameleon and is an OpenVPN modification that encrypts using 256-bit keys.
Custom-built applications are available for Windows, Mac, Android, and iOS systems, while the VPN can also be set up on all other VPN-compatible platforms. The desktop and Android clients particularly stand out, as they exclusively offer additional features such as VyprDNS (VyprVPN’s automatically configured, private DNS servers), the aforementioned Chameleon protocol, plus the option of additional DNS leak protection. Free encrypted storage is available to all subscribers. Torrenting is permitted across all nodes.
Subscription plans are divided into three tiered packages. The Basic plan starts at $9.99 per month and $80 annually. Th Pro plan is $14.99 per month and $99.95 annually. The most expensive – Premier plan is $19.99 per month, or $120 for the yearly account. VyprVPN also offer a very basic free service, which comes with 500Mb of monthly data usage.
Pros: Good all-round service; private DNS servers available, anti-firewall and DPI protocol available; torrents allowed on all servers
Cons: Website does not clearly outline yearly billing cycle prices