Privacy interests to be considered in publication ban

A long-time friend of this blog just recently sent me a link to a new decision from the British Columbia Supreme Court (R. v. Pickton, 2010 BCSC 1198 ), in which the Court was asked to issue a publication ban to protect the identity of an individual witness for reasons of privacy.

The individual applicant had previously been a sex worker and drug addict. In 1997, police laid a charge against Robert Pickton, alleging that he had attempted to murder her but the prosecution was discontinued. Her evidence is relevant in the current proceeding against Robert Pickton. No publication ban was entered at the time of the 1997 prosecution.

Since then, the applicant has left the sex trade and is no longer a drug user. She is married, has kids and appears to be living a normal life in the lower mainland of British Columbia.

She brought an application to prevent her name from being disclosed during the current prosecution of Pickton. The application was strongly opposed by the media.

When dealing with publication bans, the courts take their lead from Dagenais v. Canadian Broadcasting Corp., [1994] 3 S.C.R. 835, 1994 CanLII 39 (S.C.C.) and R. v. Mentuck, 2001 SCC 76, [2001] 3 S.C.R. 442, neither of which explicitly address privacy interests.

A publication ban should only be ordered when:

(a) such an order is necessary in order to prevent a serious risk to the proper administration of justice because reasonably alternative measures will not prevent the risk; and

(b) the salutary effects of the publication ban outweigh the deleterious effects on the rights and interests of the parties and the public, including the effects on the right to free expression, the right of the accused to a fair and public trial, and the efficacy of the administration of justice.

In this case, the media argued that the applicant was only "about embarrassment and nothing more". They suggested that her interests could be protected by changing her name.

Justice Williams did not agree:

[20] I am satisfied that the Applicant will suffer a significant breach of privacy if her name is not protected by a publication ban and that this impacts on her personal security and that of her family. The privacy interests of the Applicant are a legitimate aspect of the proper administration of justice and must be considered in the analysis. The Respondents’ submission that the Applicant’s privacy interests are insufficient seems contrary to a number of authorities including the Criminal Code provisions which deal with publication restrictions for victims and witnesses. These provisions expressly recognize the privacy interests of the victims and witnesses. The concept of dignity springs to mind. Although it is nowhere mentioned in the subsection, I cannot believe that it is not a factor worthy of some consideration in the analysis.

Given that the media are free to report on all the details of her previous encounter with Pickton and of any evidence she has given more recently, but without her name, the balance tilted in favour of protecting her identity.

[28] The Applicant, having participated in the proceedings against Mr. Pickton requests that she be able to live in her community free from the public scrutiny that will arise if her name and identity are published. She does not seek to prevent the details of her story from being published. In my view, granting the Applicant’s request achieves the proper balance that the Dagenais-Mentuk framework requires between the open court principle and the proper administration of justice. The temporary publication ban which has thus far protected the Applicant has been shown to minimally impair the ability of the Respondents to perform their function. The publication ban respects the open court principle and allows the public to scrutinize this proceeding. The publication ban protects the proper administration of justice because it permits the Applicant’s story to be told in a way that illustrates that the justice system respects, where possible, the privacy interests of victims and witnesses of crime.

Privacy commissioner OKs modified Barwatch program

According to the CBC, the Information and Privacy Commissioner of British Columbia has approved a modified version of the BarWatch program. Bars, under BC's Personal Information Protection Act, are allowed to swipe a patron's drivers license or other ID, collecting name, gender, date of birth and a photograph of the patron. The information must be deleted within 24 hours, except for "rowdies", whose information can be kept and exchanged with other bars through the BarWatch database. See: Privacy commissioner OKs Barwatch software.

For more information on this controversial practice, click on the link "ID SWIPING" below.

Federal Commissioner settles ID-swiping dispute

The Privacy Commissioner of Canada just recently announced a settlement has been reached in its application to the Federal Court to stop Canad Corporation of Manitoba from ID-swiping patrons of its nightclubs. This followed an investigation by the OPC that recommended the practice be terminated and that the data collected be destroyed. Canad refused to follow the OPC's advice, so the Commissioner commenced an application to the Court to have the matter dealt with there.

Here's the summary from the Commissioner's site.

Recent Court Activity

Settlement between the Privacy Commissioner of Canada and Canad Corporation of Manitoba Ltd.

Legal Update

The Privacy Commissioner of Canada has reached a settlement with the Canad Corporation of Manitoba Ltd (Canad Inns), a hotel chain that operates a number of night clubs in Manitoba. This settlement follows legal proceedings stemming from an investigation into the collection of personal information of bar patrons using a machine that copies and stores personal information appearing on the front of an identification card such as a driver’s licence.

The Office of the Privacy Commissioner’s investigation was prompted by a complaint from a Canad Inns customer who objected to having her licence information scanned.

The Privacy Commissioner’s office understood Canad Inns’ need to effectively verify the age of its patrons and to ensure an appropriate level of security in its night clubs. In addition to the identification machines, Canad Inns also used video surveillance, metal detectors, pat downs, security personnel and lists of banned people in order to secure the safety of patrons.

The investigation ultimately concluded that the machines collected more information than was necessary for those stated purposes and that the information collected was being retained for too long.

Canad Inns disagreed with recommendations to stop using the machines and to remove the personal information already collected by them.

As a result, the Privacy Commissioner filed a notice of application before the Federal Court to enforce the recommendations.

Following court-ordered mediation in early 2009, the Court gave Canad Inns a period of time to determine feasible means to limit the personal information it collects.

As part of the settlement between Canad Inns and the Privacy Commissioner, the company has made commitments to:

• Stop collecting personal information at its night clubs via its identification machines;
  
• Destroy the personal information collected with the machines; and
  
• Limit the amount of personal information found on its list of barred people and ensure that this information is adequately secured.

The Office of the Privacy Commissioner of Canada is pleased that Canad Inns has agreed to take steps to ensure that the privacy rights of its patrons are respected.

The Privacy Commissioner has agreed that it would not be unreasonable for Canad Inns to collect limited personal information (names, dates of birth and photos) from bar patrons and to retain that personal information for 24 hours. This is a similar approach to that taken in both British Columbia and Alberta, where provincial privacy commissioners have investigated similar issues.

A case summary of the Office of the Privacy Commissioner of Canada’s investigation is also available at: http://www.priv.gc.ca/cf-dc/2008/396_20080227_e.cfm.

BC Privacy Commissioner issues license swiping decision

Earlier this week, the Information & Privacy Commissioner of British Columbia issued a decision (P09-01) related to the controversial practice of scanning photo IDs of patrons by bars, pubs and night clubs.

From the Commissioner's media release:

FOR IMMEDIATE RELEASE

July 21, 2009

Information and Privacy Commissioner Releases Order on Driver’s Licence
Scanning

VICTORIA — Information and Privacy Commissioner David Loukidelis today released
Order P09-01, in response to a complaint about the scanning of a bar customer’s
driver’s licence. The customer complained that, when he went to the bar, employees
asked him to produce his driver’s licence, swiped it through a card reader and then
required him to have his digital photograph taken. He did not receive what he
considered to be a reasonable explanation for why his personal information was being
collected and later complained under B.C.’s Personal Information Protection Act
(“PIPA”), which regulates the collection, use and disclosure of personal information by
businesses.

The OIPC investigated the complaint twice and a formal hearing was eventually held.
In Order P09-01, the Commissioner has decided that section 7(2) of PIPA does not
allow the organization complained about, the Wild Coyote Club, to force its customers to
give up their personal information, to the extent this is now being done, as a condition of
being allowed into the bar.

Section 7(2) says a business “must not, as a condition of supplying a product or service,
require an individual to consent to the collection, use or disclosure of personal
information beyond what is necessary to provide the product or service.”
The Commissioner accepted that it is “necessary” to collect personal information of
certain customers for the purpose of operating a nightlife establishment, but not
“to develop and maintain a personal profile containing the personal information of all
customers in order to effectively track the few who may be removed from, and
subsequently barred from re-entering, an establishment. Certainly, the full scope of
information which is collected by Wild Coyote and the length for which it is retained is
not necessary to achieve that purpose” (para. 98). The Commissioner therefore found
that “a requirement for consent to the collection of personal information through the
TreoScope system is a requirement for consent to the collection and use of information
‘beyond what is necessary’ for providing the service of operating a nightlife
establishment in the terms I have described” (para. 98).

Section 11 of PIPA says a business “may collect personal information only for purposes
that a reasonable person would consider appropriate in the circumstances”.

The Commissioner found that, under s. 11 of PIPA, the collection of personal
information was not appropriate in the particular circumstances, including given the
nature and amount of personal information being collected. He found that “it is
reasonable, in the case of Wild Coyote, for it to be able, in order to preserve a safe
environment for customers, to identify those individuals who have been determined to
be violent, or otherwise undesirable for re-entry from a safety perspective, and thus
improve customer safety” (para. 127). He went on to say, however, that “much of the
information collected by the TreoScope system”, including driver’s licence numbers,
“does not further this safety purpose”, adding, “Moreover, I have not been provided with
any reason related to improved customer safety for an establishment’s retention of any
information at all relating to customers who are not involved in violent incidents”
(para. 127).

As regards moving forward with a system for keeping banned customers out of bars,
Loukidelis said this:

[132] Of course, I have received no submissions from the other parties on this
alternative, and no details from Wild Coyote on how the system would operate
if it were aimed at only maintaining a list of banned customers. As a result,
I can only decide whether or not the collection as a whole, as it was being
conducted at the time of the Investigation Report, complies with s. 11 of PIPA.
For reasons already given, I conclude that it is not. The alternative proposed in
Wild Coyote’s supplemental submissions would likely involve different
considerations and cannot be addressed here.

In closing, the Commissioner said this:

[151] … I am well aware of, indeed share, public concern about gang violence
and public safety in British Columbia. Some may assert that the technology
involved here is synonymous with safety, such that any decision perceived to
constrain ID scanning is a decision against safety. These are easy claims to
make, but my duty is to apply PIPA based on the evidence and argument
actually before me, which I have done.

[152] On the basis of the material before me, I have decided that it is
reasonable for Wild Coyote to be able, in order to preserve a safe environment
for customers, to identify those individuals who have been determined to be
violent or otherwise undesirable for re-entry from a safety perspective, and thus
improve customer safety. For the reasons given above, however, the collection
of personal information as a whole does not comply with PIPA. In this
light, and in view of the reasons given above, I invite –– indeed, strongly
encourage––those involved to seek the views of this Office if they wish to find
a solution for collecting personal information of a nature, and in a manner, that
complies with PIPA.

Neither the Commissioner nor the OIPC will be giving interviews or commenting on this
decision.

For previous posts on this topic, see the keywrd "id swiping".

Ask the privacy lawyer: Data in transit outside of Canada

I received the following question the other day:

In terms of personal data that was captured by a healthcare company while
a patient in Canada, and relayed to another city in Canada for analysis, further
use, etc., does that patient data have to remain in Canada ? or is it allowed to
traverse the US border at any time during its journey across the continent ?
My concern is that communication networks don't seem to be restricted to
intra-Canada operation or due to congestion or failure, most have to use large
data highways that may cross over into the United States.

Under PIPEDA, is patient or personal data limited to just traverse within Canada ?

In Canada, there are no restrictions on the export of personal information except for personal information that is subject to the Freedom of Information and Protection of Privacy Acts of Alberta, British Columbia and Nova Scotia, and the equivalent in Quebec. Each of those provinces have enacted laws in response to the USA Patriot Act. The Patriot Act gives American law enforcement with much easier access to information, including personal information. The laws in these provinces don't deal with information in transit, but talk about the storage and access to that information. For example, from Nova Scotia's PIIDPA:

5 (1) A public body shall ensure that personal information in its custody or under its control and a service provider or associate of a service provider shall ensure that personal information in its custody or under its control is stored only in Canada and accessed only in Canada, unless...

While there is no caselaw on this issue, I doubt that any of the privacy regulators of those provinces or the courts would find a contravention of this law if data packets containing personal information were routed through the United States on their way between two points in Canada. The information may be intercepted while in transit, but there users have little control over how this data travels. For example, a traceroute function from my home computer to ubc.ca shows that most of the data travels through the US:

Tracing route to ubc.ca [64.40.111.228] over a maximum of 30 hops:

1 2 ms 1 ms 1 ms [REDACTED]

2 20 ms 9 ms 9 ms [REDACTED]

3 17 ms 12 ms 10 ms [REDACTED]

4 11 ms 8 ms 8 ms hlfx-br1.eastlink.ca [24.222.79.205]

5 18 ms 28 ms 18 ms te-3-1.car2.Boston1.Level3.net [4.79.2.89]

6 22 ms 19 ms 18 ms ae-2-5.bar2.Boston1.Level3.net [4.69.132.250]

7 19 ms 19 ms 22 ms ae-0-11.bar1.Boston1.Level3.net [4.69.140.89]

8 46 ms 54 ms 49 ms ae-5-5.ebr1.Chicago1.Level3.net [4.69.140.94]

9 44 ms 52 ms 39 ms ae-68.ebr3.Chicago1.Level3.net [4.69.134.58]

10 73 ms 72 ms 70 ms ae-3.ebr2.Denver1.Level3.net [4.69.132.61]

11 99 ms 90 ms 90 ms ae-2.ebr2.Seattle1.Level3.net [4.69.132.53]

12 90 ms 89 ms 89 ms ae-22-52.car2.Seattle1.Level3.net [4.68.105.35]

13 90 ms 89 ms 88 ms unknown.Level3.net [64.154.178.134]

14 93 ms 91 ms 102 ms p2-1.pr0.yvrx.hgtn.net [66.113.197.5]

15 93 ms 93 ms 91 ms r1-hgtn.netnation.com [64.40.127.254]

16 102 ms 95 ms 93 ms itservices.ubc.ca [64.40.111.228]

Trace complete.

This leads to the question of whether your information is safe from interception during transit through the US. It's really not safe from interception at any point on the internet. At each point above, the signals can be intercepted. There was recent speculation that a collaboration between AT&T the National Security Agency allowed national security organs of the US to vacuum international internet and telco traffic from at least one AT&T facility. (See: EFF's class action against AT&T.) Do they have the tools to single out particular traffic? Probably.

So what to do? If sensitive information is being transferred between two points on the internet, it should be encrypted and sent through a secure "tunnel".

Update: Added reference to Quebec statute. Thanks, commenter.

Ask the privacy lawyer: Use of contact information for marketing purposes

I've been overwhelmed by the number of questions I've received in response to "Ask the privacy lawyer". Some of them are too specific and would cross over the line between legal advice and educational. But I got this question, which is relatively generic and probably is something that many people have to deal with:

HI - In September 2007 I subscribed to a well known Canadian magazine. I did not check a box on the form saying I wanted to receive 'mail' from them. However in December 2007 I and my neighbour (whose subscription to the same magazine had just ended) started receiving unsolicited requests for magazine subscripts at a rate of about 1 a week. I knew where the subscription was coming from since they mispelled my name on all the subscriptions in the same way.

I've emailed the magazine and the company responsible for these bulk mailings and have been told they 'occasionally send mailings we think our customs will enjoy' although that's only if you check the box requesting that 'service'.

They tell me the mailings will stop soon - but they haven't and now the mailing have my correctly spelled name.

I know there is a lot of work being done with SPAM laws and no phone anti-telemarketer laws - but is there any way I can legally stop this magazine for falsely advertising that they would to share my name and information with anyone else?

They don't seem to be taking my angry emails very seriously.

This situation sounds like a classic SNAFU, which might only take some more gentle persuasion to fix. But if one wants to take the legal route ....

The first question one has to ask is what privacy law applies. The questioner wasn't specific, so one should consider the options. This is a private sector matter, since we are not dealing with a government institution. Magazines are engaged in commercial activity, so one of the Canadian private sector laws would apply. The default would be PIPEDA, which applies to the collection, use and disclosure of personal information in the course of commercial activities except where there exists an applicable provincial law that has been declared to be "substantially similar" to PIPEDA. The substantially similar laws are the Personal Information Protection Act (Alberta), the Personal Information Protection Act (British Columbia) and An Act Respecting the Protection of Personal Information in the Private Sector (Quebec). The PIPAs of Alberta and BC are very similar to PIPEDA and are built on the same foundation.

For the purposes of considering this question, I'll assume that PIPEDA applies. PIPEDA requires the knowledge and consent of all individuals for all collection, use and disclosure of personal information. Importantly, an organization cannot require an individual to consent to uses that are not necessary.

4.3.3 - An organization shall not, as a condition of the supply of a product or service, require an individual to consent to the collection, use, or disclosure of information beyond that required to fulfil the explicitly specified, and legitimate purposes.

Privacy lawyers often refer to marketing as "secondary purposes" as they are secondary to the original purpose for the collection, use and disclosure of personal information (which, in this case, would be sending a subscriber the magazine and for billing purposes). There is some debate as to whether "opt in" or "opt out" is sufficient for these secondary purposes.

In any event, consent ,if previously granted, may be withdrawn:

4.3.8 - An individual may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. The organization shall inform the individual of the implications of such withdrawal.

Even if an individual had previously consented to the use of personal information for marketing purposes, this consent can be withdrawn "subject to legal or contractual restrictions and reasonable notice". Assuming there is no such impediment, a subscriber should be able to tell a magazine publisher that he or she no longer wishes to receive marketing materials or to have personal information disclosed to other publishers. This is consistent with the Commissioner's finding in Summary #308:

Commissioner's Findings - PIPEDA Case Summary #308: Opting-out of marketing inserts in account statements - April 7, 2005

"The Assistant Commissioner therefore determined that by not providing a means of withdrawing consent to secondary marketing, the bank was requiring the complainant to consent to a use of his personal information beyond that required to fulfil the purpose of servicing his credit card account, in contravention of Principles 4.3.3 and 4.3.8 of Schedule 1."

So what recourse does an indvidual have? He or she can complain to the Office of the Privacy Commissioner, who will investigate and hopefully persuade the publisher to change their practices. If they do not comply, the individual or the Commissioner can take the matter to the Federal Court.

Elizabeth Denham appointed BC Commissioner

Elizabeth Denham has just been appointed as the Information and Privacy Commissioner for British Columbia, replacing David Loukidelis who has assumed the role of Deputy Attorney General for BC.




Currently the Assistant Privacy Commissioner of Canada, responsible for the administration of PIPEDA, Liz has previously worked in the Information and Privacy Commissioner of Alberta's office. She is well regarded among privacy professionals in Canada and has been very vocal recently, particularly in high-profile investigations of Facebook.




The Vancouver Sun has more info here: New privacy watchdog has clashed with Facebook.




Her official bio from the OPCC is here: Biography of Elizabeth Denham - Assistant Privacy Commissioner of Canada.




This is a significant change in the federal office, as Jennifer Stoddart is scheduled to end her term this fall.

Collection of Driver’s Licence Numbers Under Private Sector Privacy Legislation

The Canadian, Alberta and British Columbia Privacy Commissioners have today jointly released a guidance document on the collection of drivers' license information by retailers.

It's here: Collection of Driver’s Licence Numbers Under Private Sector Privacy Legislation - Privacy Commissioner of Canada.

And here's the media release:

Retailers must limit collection of driver's licence information, Commissioners say

Ottawa, December 2, 2008 - Retailers have to exercise caution when it comes to collecting information from consumers' driver's licences and recording the numbers, according to three of Canada's privacy guardians. And Canadians are concerned about this growing trend.

To address consumers' unease and retailers' confusion, the Privacy Commissioner of Canada and the Information and Privacy Commissioners of Alberta and British Columbia today released new guidance on this issue.

"More and more retailers are asking to see driver's licences and are recording numbers, often in contravention of privacy laws," says the federal Privacy Commissioner, Jennifer Stoddart.

The new guidelines will help retailers determine whether it is appropriate to collect driver's licence numbers.

Retailers say they are asking for driver's licence information for a number of reasons. For example, they use it to verify the identity of someone using a credit card or picking up merchandise that has already been paid for. Many also use driver's licence numbers to deter and detect fraud, particularly when merchandise is being returned without a receipt.

"A driver's licence is proof that someone is allowed to drive a car. It is not a universal identity card. Nor is it an appropriate identifier for use in analyzing shopping return habits," says B.C. Information and Privacy Commissioner David Loukidelis.

The Commissioners noted that a driver's licence number is a particularly sensitive piece of information which can be valuable to identity thieves.

All three Commissioners have received many complaints about retailers requesting driver's licence information.

"Many Canadians are uncomfortable with retailers recording their driver's licence numbers. In most cases, we agree that this going too far," says Frank Work, Alberta's Information and Privacy Commissioner.

Polling by the Office of the Privacy Commissioner of Canada has found that more than half of Canadians say they are concerned about giving their personal information to retailers.Alberta, British Columbia and Quebec have adopted privacy laws covering the private sector. Everywhere else in Canada, federal privacy legislation applies.

The common criteria in all this legislation requires that the collection of the personal information from the driver's licence must be for a specific and reasonable purpose.

Retailers need to limit the collection of personal information to the least amount needed to achieve a specific purpose – such as confirming a customer's identity. They must be able to explain to customers why they are collecting this information. They are also required to protect it with appropriate security measures.

The new guidelines explain that many business purposes can be satisfied by simply looking at identification, or, at most, recording the name and address appearing on the licence.

There is a major difference between examining a driver's licence and recording the number on it – or even photocopying the whole document. Recording this kind of sensitive information raises the risk of a privacy breach down the road, while a photocopy involves the collection of information well beyond a name and address, including a photo, signature and physical descriptions.

"Retailers want to foster good relationships with their customers, and they understand that respecting their privacy is a key issue. These guidelines help clarify the rules for both consumers and retailers, and we encourage all our members to ensure that they put the appropriate practices in place," says Derek Nighbor of the Retail Council of Canada.

Consumers should ask for an explanation of why their driver's licence information is being requested – particularly when a retailer attempts to record the number or photocopy the licence. If consumers are not satisfied with the explanation, they can ask to speak to a manager or the person responsible for privacy issues.

Consumers can also contact the appropriate Privacy Commissioner's Office if they still have doubts about whether the collection of their personal information is appropriate.

The guidelines are available on the Commissioners' websites: http://www.privcom.gc.ca/; http://www.oipc.ab.ca/; and http://www.oipcbc.org/.

Collection of Driver's Licence Numbers Under Private Sector Privacy Legislation – A Guide for Retailers (PDF Version)

Privacy in the cloud for Canadian universities

This past week, I was invited to speak at the annual get-together of The Canadian University Council of CIOs (CUCCIO) in Toronto on the topic of cloud computing. Many universities in Canada are struggling with the legal and privacy issues of adopting cloud computing, particularly when Google and Microsoft are both offering very attractive (and free!) offerings that would relieve universities of the costs and burdens of administering student and alumni e-mail.

Universities in Alberta, British Columbia and Nova Scotia are particularly hampered by legislation that was designed to thwart the boogeyman represented by the USA Patriot Act.

BC and Nova Scotia have each adopted legislation that either categorically prohibits the "export" of personal information by public bodies, or put in place administrative hurdles. Alberta joins this pack by making it an offense under their public sector privacy law to disclose personal information in response to a "foreign demand for disclosure".

Part of the problem is that the legal framework is not particularly nuanced, as each decision about whether to outsource a service should be guided by a detailed risk assessment and privacy impact assessment instead of ham-fisted categorical rules that don't take particular circumstances into account.

Here is my presentation, which was well received.

If the embedded slideshow isn't showing you the love, click here: https://docs.google.com/present/view?id=ddpx56cg_320fx7rkbhh&interval=30

BC employee fired over social assistance info breach

A British Columbia government employee has been fired and the Commissioner has launched an investigation after it was discovered that a spreadsheet with sensitive personal information on social assistance recipients was taken to the employee's home. See: Privacy czar to probe files breach.

BC NDP demanding social media login credentials

In the last week, there have been reports that the British Columbia New Democratic Party has been demanding the social media login credentials from candidates for the leadership of the party (see: B.C. NDP candidate in social-media standoff with party bosses - The Globe and Mail). All of the candidates have provided this info, except for one who -- quite rightly -- challenges this an an invasion of privacy.

We've heard in the past about employers asking for this sort of information and then backing off when facing a fire-storm of criticism. I can appreciate that the party is hoping to avoid any surprises, but this, in my view, seriously crosses the line. People use their Facebook accounts not only as a trove of embarrassing photos and journals of indiscretions, but also as a primary means of communicating with friends and family. I have close friends who I exclusively communicate with via Facebook. Would it be reasonable for an employer or a political party to ask for my GMail login? Phone records? All my photo albums? My journals? Crappy poetry written in high school (for the record: that was hypothetical; I wrote no poetry in high school)? The notes my mother left me in my lunchbox?

Come on, people. Just because it's easy and just because some people relent and hand it over, does not make it reasonable. It is not reasonable to ask and it is not reasonable to provide it.

It should also be noted that handing over your Facebook login credentials is a violation of the site's terms of use, which could not be more clear:

4.8 You will not share your password, (or in the case of developers, your secret key), let anyone else access your account, or do anything else that might jeopardize the security of your account.

The Information and Privacy Commissioner of BC is on the case and it will be interesting to see what she concludes.

My personal conclusion: any political party that demands this sort of information doesn't care at all about privacy and doesn't deserve to govern. Any candidate who acquiesces to this doesn't deserve to be elected.

Privacy Commissioner OKs airport body scanners

Apparently the Privacy Commissioner has given the thumbs up body scanners for aviations security:

The Canadian Press: Privacy watchdog OKs see-through scanners

Privacy watchdog OKs see-through scanners

By Jim Bronskill (CP) – 46 minutes ago

OTTAWA — Airport scanners that see through the clothes of travellers have received the blessing of Canada's privacy czar.

Chantal Bernier, the assistant federal privacy commissioner, said Friday the national air security agency has successfully answered her office's questions about the project. The system, tested in British Columbia at the Kelowna airport, allows a screening officer to see whether someone is carrying plastic explosives or other dangerous items.

The proposal has stirred controversy because the scanner produces a three-dimensional outline of a person's naked body.

"It is a very touchy issue, and we have addressed it with exactly that level of care," Bernier told a gathering of security officials and academics.

Under the plan approved by the privacy chief, the officer would view the image in a separate room and never see the actual traveller.

Only people singled out for extra screening would be scanned, and they would have the option of getting a physical pat-down instead.

Bernier said the holographic image generated by the scanner makes it difficult to identify the traveller's face.

"You would not know who it is, even if you knew the person was in line," she said at the annual meeting of the Canadian Association for Security and Intelligence Studies. "We've actually tested it.

"In addition, the image would be deleted the moment the person leaves the screening portal.

"In our view, these privacy safeguards meet the test for the proper reconciliation of public safety and privacy," Bernier said.

The Canadian Air Transport Security Authority has done thorough threat assessments that reveal a need to search passengers for weapons that might elude a conventional metal detector, she said.

Giving a traveller who undergoes secondary screening the choice of either a full-body scan or a pat-down reduces the "sense of invasion" posed by the new tool, Bernier added.

In a preliminary assessment early last year, the air-security authority said the scanner project amounted to a "low privacy risk" due to the built-in safeguards.

The scanners are already in use at airports in cities including Amsterdam, Moscow and Phoenix. They are also found in the high-security "green zone" of Baghdad and at some U.S. courthouses and prisons.

The air-security authority says the low-level radio frequency wave emitted by the body scanner meets Canadian health-and-safety standards.

Data from the Kelowna pilot project will help the security authority determine which Canadian airports would most benefit from scanners.

Transport Canada would then decide whether to approve use of the devices across the country.

Bar watch program coming to Halifax

Following in the footsteps of British Columbia and Alberta, bar owners in Halifax are talking about rolling out a "Bar Watch" program. You can read about other programs here: id swiping.

What is particularly troubling or at the very least needs close scrutiny is the suggestion that the banned list is going to originate from the police. So far, I haven't seen what gives the police the right to decide who goes into licensed establishments and what criteria they will use. I haven't seen any detail about how it with be implemented and what information will be demanded from all bar patrons.

Stay tuned.

Bar owners see police role in managing ban (UNews)

The group spearheading a citywide bar-goer blacklist may rely on police to provide personal information of banned patrons, according to a spokesperson for the group.

"I'm assuming that the police would hand it over to us, I can't see why they wouldn't," said Richard Stevens of the Restaurant Association of Nova Scotia. "I'm fairly certain that that's the way it would go."

Stevens is a co-owner of the Pogue Fado Irish Public House, as well as chair of the association's government-affairs committee. That committee met Thursday with its partners in this project - the municipality, police and provincial liquor enforcement officials - and agreed in principle to proceed with the plan.

The Bar Watch program, as it's been dubbed, may begin as early as April, but there's a lot still up in the air. Though Stevens said he's just speculating at this point, maintaining a database of patrons barred from Halifax's drinking establishments would be key.

This list would likely contain "very basic biographical information about the person," such as name and address, he said. Some details of the incident that earned them their spot on the list may also be included, including names of witnesses and security staff involved.

The list would be maintained by the association, and only bar owners and general managers would be able to add people to it. Bar security would only see the names of banned patrons, not their full details.

"It would take a significant incident (to get on the list). This isn't anything that any of the owners take lightly," Stevens said.

"I'm assuming that probably 75 to 80 per cent of the people that end up getting barred, the police would probably end up getting involved anyway ... because it would be that serious."

Even if bar security have to restrain patrons involved in a fight or another serious incident, the bouncers have no right to search them for ID, he said.

"If they fail to provide identification, if and when they've been restrained after an incident, we'd call the police," he said. "The police would come and the police would get that information."

Stevens said he believes the police will provide the information necessary for the blacklist. Arrest records are public.

Police advising, but no word on further role

Halifax Regional Police spokesperson Cst. Brian Palmeter said the police's role "is to provide any guidance or assistance that they would ask from us."

"All that we're really saying about it is that we're aware the Restaurant Association has had some preliminary discussions about this ... We would support anything that any business would do to make it safer for their customers ... but as far as this goes, this is something that they're looking at doing. It's not a police matter."

At the time, Palmeter was not asked and did not comment on whether police would provide the association with personal information of patrons.

Stevens said the police have been advising the association on the administration of the program.

"They have a lot more experience with these programs than we do," he said. "They're guiding us along, providing advice, and they're going to stay by our side ... until we get this thing up and running."

Stevens said the police could be involved in this capacity for one to two years.

The next step in getting this program off the ground is a meeting with "the key stakeholders around HRM," which Stevens said he expects within the next two or three weeks.

"We'll target, with the help of the police force, 10 or 12 key establishments, contact the owners, and call them in for a meeting where we'll describe the program, its objectives, what we hope to accomplish, and ask them to get onboard."

British Columbia bridge implements plate-based tolling

The Golen Ears Bridge in British Columbia is the first toll highway/bridge in Western Canada to follow the lead of Toronto's 407 ETR to implement electronic tolling using plate identification.

Spokespeople are attempting to soothe privacy fears, but I'm not sure it goes far enough:

Vehicles crossing Golden Ears Bridge will be tracked, TransLink says

...

But TransLink spokesman Ken Hardie said people shouldn't worry about their privacy being invaded.

He said billing agents who send toll bills by mail will be the only ones who usually have access to who crosses the bridge.

Police conducting criminal investigations will also have access, he said, just as they are able to access digital video recorded at SkyTrain stations.

Private individuals will be out of luck.

"If a jealous husband comes along and says, 'I want to know if my wife went across the bridge at a certain time', he won't be able to. That information is protected," he said.

Hardie said TransLink conducted a privacy impact assessment on Golden Ears bridge tolling, and had it approved by the Freedom of Information and Privacy office in Victoria.

"We've taken all the steps to satisfy them [privacy officials] that the records will be kept and managed in an appropriate way," he said.

"The key issues are what kind of record is being created, how long do you keep it, how do you store it and who has access to it," said Hardie.

If you ask me, police shouldn't get any of the information unless they show a warrant and spouses should know that an ordinary civil subpoena will probably pry that info loose from TransLink without too much hassle.

Trend to privacy seen as hurting research

An article in the September 24, 2008 National Post cites a new journal article that concludes that privacy laws are hampering important health research. I haven't read the journal article yet, but plan to. While this argument is not new, I don't agree with the conclusions. I have served on Research Ethics Boards and on a special privacy committees of an REB and I haven't seen that happen.

One researcher is quoted as saying that health research should be exempted from privacy laws, which is, in my view, a very bad idea. Perhaps some tweaking is called for, but a blanket exemption would be a very bad idea and may lead to a backlash against research using identifiable personal information.

Trend to privacy seen as hurting research

Many scientists deprived access to patient data

Tom Blackwell , National Post

Published: Wednesday, September 24, 2008

As Canadians place more and more emphasis on safeguarding personal privacy, the trend is taking an inadvertent toll on medical research, often impeding access to intimate but crucial health information, scientists are warning.

Privacy laws not only make public-health studies more time-consuming and costly, they can also significantly skew research results, argue University of British Columbia epidemiologists in a recent journal article.

"I think it's something that everyone should consider because good research is basically how we make advances in public health," said Anne Harris, lead author of the paper. "We need to be able to trust the results we get."

The paper in the Canadian Journal of Public Health suggests that medical research be exempted in some way from privacy rules.

A leading Ontario scientist echoed the B. C. group's concerns: "A lot of the advances we have had in the past might not happen because of privacy legislation and the way it's interpreted," said Dr. Jack Tu, a cardiac health researcher with a University of Toronto-affiliated institute.

Privacy Commissioner's Annual Report on the Privacy Act tabled

Jennifer Stoddart has today tabled her Annual Report to Parliament on the Privacy Act (2009-2010). The report deals with her duties and the administration of the federal public sector privacy law.

Some highlights from her accompanying press release include:

• Wireless audit: Of five federal entities examined, none had fully assessed the threats and risks inherent in wireless communications. Gaps in policies and/or practices resulted in weak password protection for smart phones and inadequate encryption for Wi-Fi networks and data stored on mobile devices. Shortcomings were also noted in the disposal of surplus handheld devices and the use of PIN-to-PIN messaging, a form of direct communication between two smart phones that is vulnerable to interception.
• Disposal audit: Satisfactory policies and procedural rules were in place for paper shredding and the disposal of surplus computer equipment among the federal institutions audited. There were, however, disturbing deficiencies in practice. For example, tests on a sample of computers donated to a recycling program for schools revealed that 90 percent of the donating institutions had not properly wiped their computers’ hard drives, leaving behind data that was confidential, highly sensitive and, in some cases, even classified.
• Unauthorized access to tax records: An OPC investigation confirmed that a former Canada Revenue Agency worker had posted to an Internet chat group some personal tax information of high-profile sports figures, which he appears to have gleaned while working at the agency. The investigation further found that other staff still with the agency had similarly accessed tax records without authorization. They were subsequently suspended or fired and new measures were introduced to safeguard the data.
• RCMP Automated Licence Plate Recognition Program: A surveillance technology rolled out by the RCMP in British Columbia, which aims to spot stolen or uninsured vehicles, raised concerns about the collection and retention of incidental licence plate data from cars that were lawfully on the roads. In response to OPC recommendations, the RCMP made privacy-sensitive modifications to the program.
• Political Impartiality Monitoring Approach: The OPC reviewed a Privacy Impact Assessment for the Political Impartiality Monitoring Approach, a program developed by the Public Service Commission to monitor media outlets, personal websites and social networking sites for signs of inappropriate political activity by government employees and appointees. The review raised concerns about the scope and privacy implications of the initiative. In response, the Commission undertook to modify its approach and to provide the OPC with a new Privacy Impact Assessment in the fall of 2010.
• Technical malfunctions: Several investigations turned up mechanical or computer glitches that led to the unauthorized disclosure of personal information by federal institutions. For instance, a programming flaw allowed a hacker to access personal information submitted through the Canada Post Ombudsman’s online complaint system.
• Federal administrative tribunals: The OPC continues to express concerns about the disclosure of personal information by administrative tribunals and other quasi-judicial bodies. In one case, the Public Service Staffing Tribunal improperly shared sensitive medical information about an individual with hundreds of his former colleagues. In 2009-2010, the Office published guidelines for tribunals on balancing transparency and privacy in the Internet era.

Nova Scotia significantly amends public sector privacy law

Nova Scotia has just given the privacy provisions of FOIPOP some teeth with the passage of the Privacy Review Officer Act:

New Privacy Act Proclaimed News Releases Government of Nova Scotia

Department of Justice

September 25, 2009 10:34 AM

Personal information will be more secure under the Privacy Review Officer Act that takes effect today, Sept. 25.

The new act provides authority to a review officer to investigate breaches of privacy when people and organizations are not satisfied with how information shared with government or public bodies such as hospitals, universities and school boards is handled.

"This act demonstrates government's commitment to the security and safety of the personal information Nova Scotians entrust to their public bodies," said Justice Minister Ross Landry.

The government has appointed Freedom of Information Review Officer Dulcie McCallum, to this new position. A former ombudsman for the Province of British Columbia, Ms. McCallum was appointed the Freedom of Information Review Officer in 2007 for a five-year term.

Nova Scotia joins all other Canadian provinces and the federal government which have some kind of legislative authority for external review or oversight.

BC Privacy Commissioner's resignation leaves office in limbo

I posted earlier this week that David Loukidelis has resigned as Information and Privacy Commissioner for British Columbia to take on the post of Deputy Attorney General for the province. He resigned effective January 19, 2010. This has apparently left a significant gap, as there was no interim Commissioner appointed. Without a commissioner, the operations of the office have ground to a halt:

CBC News - British Columbia - Privacy official sounds 'urgent' alarm

Work at the office of B.C.'s Information and Privacy Commission in Victoria is reported to have ground to a halt after the commissioner resigned suddenly this week.

Privacy Commissioner David Loukidelis resigned unexpectedly Wednesday to take a job as deputy attorney general.

Commission executive director Mary Carlson circulated a letter labelled "extremely urgent" at the B.C. legislature Friday calling for a quick resolution of the situation.

The letter was addressed to the legislature Speaker Bill Barisoff and copied to Premier Gordon Campbell, Opposition Leader Carole James and senior legislative staff.

In the letter, Carlson said she sent an urgent request to Campbell Thursday.

"I wrote to the premier's office to raise this pressing concern," she wrote.

"Despite having attempted to learn if an acting commissioner has been appointed or, if not, when this will occur … this office has received no response."

Work was piling up quickly in the busy commission office, but her hands were tied, according to Carlson.

She said she had received legal advice that the office could not perform its job of reviewing requests for information and could not provide independent oversight for 3,000 public bodies until an appointment is made.

"It has been necessary to suspend the entire operations of the office," Carlson said.

The Office of the Information and Privacy Commissioner is independent from government and monitors and enforces British Columbia's Freedom of Information and Protection of Privacy Act and Personal Information Protection Act.

Canada may introduce "naked naked" machines for airport security

Yesterday was the Canadian Bar Association's first full-day continuing education event in Ottawa. The first panel of the morning was particularly interesting, composed of the information and privacy commissioners from British Columbia, Saskatchewan, Quebec and the two federal offices. Each commissioner was asked what keeps them up at night and Jennifer Stoddart foreshadowed the possible introduction of "naked naked" machines in Canadian airports. Sarah Schmidt from CanWest was in the audience and reported on it:

'Naked' screening may land at Canadian airports, says privacy czar

OTTAWA — Canada's privacy watchdog has warned that even more intrusive "naked" screening machines at airports could be in the works with the federal government's emphasis on national security.

Speaking to members of the Canadian Bar Association, Jennifer Stoddart on Monday highlighted national security as one of the pressing issues that keeps her "up at night" and mused openly about second generation full-body scanners coming to Canada in the future, calling them "naked, naked" scanners.

"National security pressures — they're real, they're constant," Stoddart, Canada's privacy commissioner since 2003, told participants of the special symposium about privacy in the age of technology.

"Are we going to get naked, naked machines? Apparently, not for the moment." ...

BC Commissioner to leave post, become Deputy AG

BC Information and Privacy Commissioner David Loukidelis is leaving the post to become Deputy Attorney General of BC. Here's the official release:

GOVERNMENT ANNOUNCES KEY APPOINTMENT

Jan. 20, 2010

Office of the Premier

GOVERNMENT ANNOUNCES KEY APPOINTMENT

VICTORIA – David Loukidelis has been appointed Deputy Attorney General. The appointment will be effective February 1, 2010.

Loukidelis will replace acting Deputy Attorney General, Jerry McHale, Q.C., who was appointed in October 2009 on an interim basis after Allan Seckel, Q.C., was appointed Deputy Minister to the Premier, Cabinet Secretary and Head of the British Columbia Public Service.

Loukidelis previously served as the Information and Privacy Commissioner for the Province of British Columbia since 1999. Loukidelis has become an internationally-recognized expert in access to information and privacy protection issues, and has written hundreds of access-to-information and privacy decisions under B.C.’s public and private sector access and privacy laws. In addition to serving as Information and Privacy Commissioner, he has served as Registrar of Lobbyists under the Lobbyists Registration Act.

Loukidelis received his law degree in 1984 from Osgoode Hall Law School and qualified as a lawyer in British Columbia in 1985. He served as a clerk to a Justice of the Supreme Court of Canada before moving on to the University of Oxford, where he received his bachelor of civil law in 1987. In 1980, he received a master of arts degree in English language and literature (medieval studies) from the University of Edinburgh.

An all-party committee of the legislature will select a new Information and Privacy Commissioner. An acting Information and Privacy Commissioner will be named in the near future.

From local media:

C-FAX 1070 - News

PRIVACY COMMISSIONER TO MOVE TO DEPUTY ATTORNEY GENERAL

Jan 20, 2010

BC'S PRIVACY COMMISSIONER, DAVID LOUKIDELIS IS CHANGING JOBS. IN A STATEMENT FROM THE PROVINCE TODAY, IT WAS ANNOUNCED THAT LOUKIDELIS HAS BEEN APPOINTED DEPUTY ATTORNEY GENERAL EFFECTIVE FEBRUARY 1. AN ALL PARTY COMMITTEE WILL SELECT THE NEW PRIVACY COMMISSIONER, NONE OF THE CANDIDATES WERE NAMED WEDNESDAY. LOUKIDELIS REPLACES ACTING DEPUTY ATTORNEY GENERAL JERRY MCHALE, APPOINTED IN OCTOBER 2009 AFTER ALLAN SECKEL WAS APPOINTED DEPUTY MINISTER TO THE PREMIER.

- LIZ MCARTHUR