The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.
For full contact information and a brief bio, please see David's profile.
The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.
This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.
Monday, July 10, 2006
According to the CBC, a researcher from Ryerson University will be releasing a study today on surveillance in the workplace. When I get a copy of the report, I'll post a link if I can. In the meantime, here's what the CBC has to say:
CBC News: Employers spying on Canadian workers, study suggests:
Last Updated Mon, 10 Jul 2006 09:32:45 EDT
Canadian employers in a wide range of industries conduct surveillance of employees at work, suggests a report to be released on Monday.
Produced by Toronto's Ryerson University, the study called 'Under the Radar' asked Canadian businesses about surveillance of their employees.
Employers view closed-circuit television cameras, listen to recorded phone calls, monitor e-mails and scan magnetic information from security passes, said lead author Avner Levin.
Levin, a law professor at the university, said he isn't surprised at the methods, but was taken aback by employers' attitudes toward employee privacy.
'Nobody said this is a problem, or even something they have to deal with in a proactive way. It's just simply under the radar,' said Levin.
Human resources executives responsible for workplace privacy often have little knowledge of the potential intrusiveness of technologies at work in their own companies, he said.
They rarely know what information is being collected by colleagues running company computer systems, he said.
'The executives that are responsible for privacy in the workplace are not fully aware of the extent of ... the surveillance activity that is conducted,' he said.
Managers often work without guidelines about how to respond if surveillance reveals an employee behaving suspiciously, said Levin.
E-mails monitored: U.K., U.S. study
The Ryerson study follows a large workplace survey in the United States and Britain, which suggested 40 per cent of employers regularly read employees' e-mails.
University of Ottawa privacy expert Michael Geist says Canadian firms are likely close behind.
"I don’t have any doubt that we're going to find more and more companies doing it," he said. "To move directly to full-on monitoring of e-mail use is as invasive as it comes."
The founder of Ottawa e-mail security firm Roaring Penguin warns companies must carefully consider their policies on e-mail.
"If you just put the technology in place and add a whole bunch of rules without thinking about what you're trying to do, you're probably blocking a lot of mail that shouldn't be blocked, letting stuff out that should be blocked and most importantly, irritating employees," said David Skoll.
Spell out polices: privacy laws
Canada has two federal privacy laws: the Privacy Act and the Personal Information Protection and Electronic Documents Act (PIPEDA).
The Privacy Act limits the personal information federal government departments and agencies can collect from Canadians.
Employees in federally regulated industries and the private sector are protected by PIPEDA, which says employers must let employees know what personal information is being collected and for what purpose. Employees must be able to see that information.
"At a minimum, employers should tell their employees what personal information will be collected, used, and disclosed," says the website of Canada's Privacy Commissioner.
"They should inform employees of their policies on web, e-mail, and telephone use, for example. If employees are subject to random or continuous surveillance, they need to be told so."
I have to correct one statement that appears in the article: "Employees in federally regulated industries and the private sector are protected by PIPEDA". PIPEDA only applies to employees of federal works, undertakings and businesses. It does not (NOT!) apply to private sector employees nationally. Employees in the rest of the private sector only have statutory privacy protections if they are in Quebec, British Columbia and Alberta, since PIPEDA does not apply outside of federally regulated workplaces and those provinces have set up provincial privacy laws.
The Canadian Privacy Law Blog is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License.