When police in Windsor began looking into an alleged international auto‑theft ring in late 2022, they turned to familiar investigative techniques. Some officers went undercover, others conducted long hours of surveillance, while the courts gave police permission to hide a tracking device in the alleged ringleader’s car and to intercept his cellphone location. Within a few months, cellphone data placed the main suspect’s phone near 23 car thefts, sometimes hours apart. Yet, police never caught him actually stealing any vehicles. Up to this point, it was an investigation like many others — but the police believed it wasn’t enough. In April 2023, Ontario Provincial Police and Windsor Police Service asked a judge for something far more intrusive: authorization to wiretap phones, plant audio probes in homes and vehicles, and to secretly deploy what law enforcement calls “on‑device investigative tools,” or ODITs. Far more than a simple wiretap, these allow police to not just intercept calls, but to directly hack into a target’s phone or computer to extract everything from call logs and photos to encrypted messages, and more. Essentially spyware, an ODIT can grant almost unlimited access. Investigators can capture screenshots, monitor keypresses, access emails and text messages — including those that are encrypted — and even remotely activate microphones and cameras. All without the owner knowing. By August, police announced 23 arrests, 279 charges, and more than $9 million in recovered vehicles. But the case has also done something else: It has pulled back the curtain on how police forces in Ontario — not just in Windsor, but in Toronto and Peel Region — are now using these powerful technologies to reach deep inside suspects’ devices. And despite ODITs growing use in major prosecutions in the province, government lawyers and police are fighting tooth and nail to keep almost everything about them secret: how they work; what safeguards, if any, govern their use; even the names of the companies that sell them. The secrecy around the tool is so extreme that the Crown may abandon the prosecution rather than reveal the vendor’s identity and details of the ODITs capabilities and limitations, according to a court document filed in Windsor Superior Court. The Canadian Civil Liberties Association says the lack of openness is troubling. “If police want to make the case that use of spyware is justified, they need to do this in a transparent manner that fully explains the details and level of intrusiveness of the tool,” Tamir Israel, the CCLA’s director of privacy, surveillance and technology, wrote in an email in response to the Star’s questions. An OPP info card for Project Fairfield — a case that prosecutors may let collapse rather than disclose information about the police spyware tool. OPP If the secrecy makes it impossible for police to provide the information courts need to assess these tools, “then these tools are inappropriate for police investigations, and police should not be using them.” The Information and Privacy Commissioner of Ontario — which has previously raised alarms about police use of artificial intelligence, facial recognition technology and genetic genealogy — shares the concern and says the office is “closely monitoring” ODITs in terms of technical capacity, privacy risks, guardrails and ongoing court cases where their use is involved. Given the privacy and security risks, “it is critical that police adopt and apply an appropriate transparency and accountability framework,” the privacy commissioner’s office said in a statement.
How Ontario police are using ODITs
On Tuesday, a highly secretive court case involving the use of ODITs is set to resume in Brampton, where prosecutors are fighting to keep details about the spyware under wraps. Most of the court documents in the opium-smuggling investigation are under seal, pretrial arguments have been held behind closed doors, and the judge’s 146-page decision relating to ODIT-related disclosure remains under a publication ban — at least for now. The type of ODIT used in both the Windsor and Brampton cases has been “shrouded in secrecy,” defence lawyers Kim Schofield and Miranda Brar wrote in their factum filed in Ontario Superior Court in the Windsor case. Although based in Toronto, the lawyers also represent some of the accused in Project Fairfield, the name of the Windsor vehicle theft investigation. Schofield and Brar are challenging the constitutionality of the ODIT warrant, saying police did not release volumes of related information to the authorizing judge, nor did they tell him such documentation even existed. They also didn’t tell the judge about the agreement between the police and the Crown to end the prosecution in the event the court orders them to disclose the identity of the ODIT vendor. This “novel technique” demands “scrutiny and fully informed judicial oversight,” Schofield and Brar write in their filings, arguing they need these details to ensure there was no infringement of their clients’ constitutional rights. They’re also arguing the warrant is invalid. Police obtained a general warrant when they should have requested a search warrant — hacking into a phone to seize data is essentially a search of the device, they argue. The CCLA’s Israel says that because police in Ontario appear to be using commercial spyware tools, the public absolutely needs to know whether the currently secret vendor can see, store or access any of the data being collected. “A court needs to understand the full scope of how the tool is going to operate if it’s going to fully assess its impact,” he wrote. “This capability is among the most intrusive in terms of the detailed window it can open into any individual’s life and in a democratic society.” He noted that regimes around the world lacking strong human rights protections have misused spyware tools to spy on political dissidents, journalists, civil society groups, political opponents and others in their home countries and around the world, including Canada.Why so secret?
In court documents reviewed by the Star, the Public Prosecution Service of Canada says that, like other police techniques, details about how the spyware works must be kept secret if revealing them would compromise future investigations. The accused still gets full access to the evidence gathered — just not the technical play‑by‑play of how police obtained it, the Crown argues. If disclosure “results in the police no longer having access to an effective technological tool that allows it to intercept communications, then that will have a profound impact on public safety and the ability of the police to do their job,” they write. In the separate Brampton case, Schofield, Brar and lawyers Leora Shemesh and Michael Little are representing three brothers charged in connection with opium smuggling. They all declined to comment as their cases are before the court. Dubbed Project Vegas, the Crown’s case against the accused drug dealers relies almost entirely on ODIT-derived messages. Defence lawyers are demanding access to the tool’s manuals, configuration details and vendor information, arguing it’s the only way they can make a full answer and defence. The Windsor court documents indicate that federal prosecutors in Brampton have refused to release more than 140 documents related to the ODIT, citing Section 37 of the Canada Evidence Act. That section allows the Crown to object to disclosure of information on the grounds “of a specified public interest.” The Windsor court documents reveal ODITs in Ontario are managed by the Joint Technical Assistance Centre (JTAC), a little‑known unit that pools resources from multiple police agencies — the OPP and the local services in Toronto, Ottawa and York, Peel and Durham regions — and is funded by the province. The court documents say JTAC has a relationship with a private company vendor. But the information is so secret that JTAC is making the Crown and local police sign an agreement to potentially drop major prosecutions rather than reveal the name of the company that made the tool, Brar and Schofield write in their factum. Disclosure of sensitive information — including the vendor’s identity, where they’re located, the name of the tool, its capabilities and its technical infrastructure — could impact “relationships with domestic and international partners, and undermine the JTAC’s ability to use the tools and techniques in the future,” reads an “engagement agreement” in the Windsor court documents. There are a number of reasons why the vendor should be known, Israel argues. “Different companies have different track records when it comes to their data handling practices, their respect for human rights and more,” he writes, crediting the University of Toronto’s Citizen’s Lab for putting information about specific spyware tools and companies in the public domain. “This is not a tool that police buy and operate themselves, and as a result, you cannot separate the vendor from the tool.” A parliamentary committee report on the RCMP use of ODITs stated the Mounties have dropped a number of prosecutions rather than reveal key details. The scrutiny pushed the Mounties, in 2024, to publish a “transparency bulletin” that said ODITs had been used in 32 investigations between 2017 and 2022. However, in an email responding to the Star’s request for updated information, the RCMP indicated ODITs have only been used in three additional investigations since 2022. “To be clear, ODITs are used extremely rarely and in limited cases,” involving serious criminal and national security investigations, a spokesperson wrote in an email. They’re also expensive. A former senior intelligence officer and expert on national security and intelligence told a parliamentary committee that just one operation involving an ODIT “will easily reach half a million dollars. That’s just to make one interception on one target with maybe one device only.”Source link
