The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.
For full contact information and a brief bio, please see David's profile.
The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.
This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.
Monday, November 30, 2009
The New York Times is reporting on an agreement reached between European ministers and the United States for restored access to information about bank transfers processed by the Society for Worldwide Interbank Financial Telecommunications (SWIFT). See: EU Clears Bank Data Transfers to United States - NYTimes.com.
There has been some coverage of this already on blogs, particularly the Brussels Blogger (SWIFT - EU to grant USA nearly unlimited access to all EU banking data). Much of the tone has suggested that wholesale transfers of information will take place with massive datamining operations to be set up, but take a look at the actual agreement between the US and Europeans. It's available at wikileaks: EU draft council decision on sharing of banking data with the US and restructuring of SWIFT, 10 Nov 2009 - Wikileaks.
The agreement doesn't contemplate wholesale, massive data downloads of the kind one would expect if the database were in the United States. Instead, targeted requests must be made and these are directed through European authorities rather than to SWIFT directly. There are covenants on the US side that it will not be used for data mining purposes and other privacy-protective promises. And, to top it off, the term of the agreement is one year so that it can be renegotiated if it's not working out.
While all of this needs to be examined with a critical eye and it's not perfect, the cynic in me was pleasantly surprised by the details of the agreement.
Saturday, May 09, 2009
I was stunned to read that British police use new anti-terror powers to stop and search people every three minutes. Section 44 of the Terrorism Act has been used 170,000 to search people in 2008 alone according to the BBC. (See: BBC NEWS | England | London | Capital sees rise in terror stops.) These searches have led to 65 arrests (0.035% success) and zero convictions (0.000% success). Of course there are no official stats on how many times Section 44 was used as a pretense for some other motive.
Draw your own conclusions.
Saturday, April 11, 2009
Monday, April 06, 2009
As of today, all internet service providers in Europe are required by law to retain information about every e-mail and VOIP call made by their users thanks to the European Data Retention Directive.
BBC NEWS Technology Net firms start storing user dataAnd, as an aside, I'm not sure many will find comfort in the idea that RIPA will act to protect privacy: RIPA surveillance may break human rights laws - ZDNet.co.uk.
Details of user e-mails and net phone calls will be stored by internet service providers (ISPs) from Monday under an EU directive.
The plans were drawn up in the wake of the London bombings in 2005.
ISPs and telecoms firms have resisted the proposals while some countries in the EU are contesting the directive.
Jim Killock, executive director of the Open Rights Group, said it was a "crazy directive" with potentially dangerous repercussions for citizens.
All ISPs in the European Union will have to store the records for a year. An EU directive which requires telecoms firms to hold on to telephone records for 12 months is already in force.
The data stored does not include the content of e-mails or a recording of a net phone call, but is used to determine connections between individuals.
Authorities can get access to the stored records with a warrant.
Governments across the EU have now started to implement the directive into their own national legislation.
The UK Home Office, responsible for matters of policing and national security, said the measure had "effective safeguards" in place.
There is concern that access to our data is widening to include many public bodies ISPs across Europe have complained about the extra costs involved in maintaining the records. The UK government has agreed to reimburse ISPs for the cost of retaining the data.
Mr Killock said the directive was passed only by "stretching the law".
The EU passed it by "saying it was a commercial matter and not a police matter", he explained.
"Because of that they got it through on a simple vote, rather than needing unanimity, which is required for policing matters," he said.
Sense of shock
He added: "It was introduced in the wake of the London bombings when there was a sense of shock in Europe. It was used to push people in a particular direction."
Sweden has decided to ignore the directive completely while there is a challenge going through the German courts at present.
"Hopefully, we can see some sort of challenge to this directive," said Mr Killock.
Isabella Sankey, Policy Director at Liberty, said the directive formalised what had already been taking place under voluntary arrangement for years.
"The problem is that this regime allows not just police to access this information but hundreds of other public bodies."
In a statement, the Home Office said it was implementing the directive because it was the government's priority to "protect public safety and national security".
It added: "Communications data is the where and when of the communication and plays a vital part in a wide range of criminal investigations and prevention of terrorist attacks, as well as contributing to public safety more generally.
"Without communications data resolving crimes such as the Rhys Jones murder would be very difficult if not impossible.
"Access to communications data is governed by the Regulation of Investigatory Powers Act 2000 (Ripa) which ensures that effective safeguards are in place and that the data can only be accessed when it is necessary and proportionate to do so."
Wednesday, March 25, 2009
With Google's recent launch of Street View in Europe and imminent photographing of Canadian cities, I thought I'd do some quick looking around at how effective their "face blurring" technology may be. It only took one minute of wandering around London and I was able to see where it might fall off the rails.
In this particular image, the anti-war protesters are recognizable but - THANKFULLY - the image of what's probably George W. Bush has been blurred out. But not blurred to the point of non-recognition.
Google: You've come a long way, baby, but there's work to be done.
Sunday, March 22, 2009
Google Street View went live in the UK last week. Despite the prevalence of surveillance in Britain, complaints have rolled in and Google has taken down hundreds of pictures. See: Google forced to black out hundreds of Street View photos after privacy protests - but site gets record hits Mail Online.
Thursday, October 16, 2008
The Independent is reporting that the British government is planning to announce a 1 BILLION POUND project that would involve the creation of a database to log every e-mail, telephone call and website click and retain the information for one year.
The project seems to be universally panned: the independent reviewer of UK anti-terrorism laws says "as a raw idea it is awful". The Information Commissioner calls it a "step too far".
If anyone had asked me (which they didn't, but I have constitutional rights here in Canada and get to say what I want), I would have said the idea is not surprising given the way things are going in England, but it is a clear step into the abyss of giving up any sense of private life in the country. See: Exclusive: Storm over Big Brother database - Home News, UK - The Independent. Big thanks to DP thinker: Proposed Database for pointing to the story.
Monday, September 29, 2008
The Open Rights Group in the UK is planning to crowdsource a photographic survey of the United Kingdom's surveillane aparatus on October 11. Participants are encouraged to:
- Spot something that embodies the UK’s wholesale transformation into the surveillance society/database state. Subjects might include your local CCTV camera(s), or fingerprinting equipment in your child’s school library
- Snap it
- Upload it to Flickr and tag it “FNFBigPicture” - please use an Attribution Creative Commons license*
Check out: The Open Rights Group : Blog Archive » Capturing the database state: community photocall. I'll post a selection of the photos on the blog. (Via the ever-vigilant Boing Boing.)
Sunday, September 28, 2008
A system designed to track motorists in the UK is being expanded to collect fifty million automobile movement records for five years, instead of the already intrusive two years originally announced. Alread pervasive CCTV cameras are being upgraded to capture license plates, adding to what is being said to be the largest oracle database in Europe.
Thanks to SpyBlog.org.uk for the link.
Friday, July 25, 2008
It's a busy week for privacy cases in the English courts. The media has widely reported on the case of Max Mosley, the Grand Prix boss, who has successfully sued the News of the World. The publication placed a hidden camera in a private residence and filmed Mosley in an intimate encounter. The paper suggested that he participated in a sadomasochistic orgy that attempted to recreate a Nazi death camp atmosphere.
In seeking to protect his privacy, the whole event has been thrown into the public arena. And consistent with other privacy cases, the quantum of damages is surprisingly low given the impact that this has had on Mosley.
The decision can be found here.
From the New York Times:
British Judge Rules Tabloid Report Tying Grand Prix Boss to ‘Orgy’ Violated Privacy - NYTimes.com
LONDON — In a ruling with potentially wide implications for press freedom in Britain, a judge ruled Thursday that a tabloid newspaper breached the privacy of Max Mosley, the overseer of grand prix motor racing, when it published an article in March claiming that he had participated in a sadomasochistic “orgy” with a Nazi theme.
The judge, Sir David Eady, awarded Mr. Mosley, 68, damages equivalent to about $120,000 and legal costs estimated to be at least $850,000 in his lawsuit against The News of the World.
The ruling upheld the central arguments by Mr. Mosley and his lawyers: that there had been no Nazi theme to the five-hour sex session in an apartment in the Chelsea district of London that was secretly filmed by the newspaper, and no issue of public interest in its decision to splash the article on its front page and post video on its Web site.
“I found that there was no evidence that the gathering of March 28, 2008, was intended to be an enactment of Nazi behavior or adoption of any of its attitudes,” the judge wrote.
He added that Mr. Mosley had a “reasonable expectation” of privacy for sexual activities that took place on private premises and that did not involve violations of the criminal law.
“There was no public interest or other justification for the clandestine recording, for the publication of the resulting information and still photographs, or for the placing of the video extracts on The News of the World Web site — all of this on a massive scale,” the judge said.
But he denied Mr. Mosley the “punitive damages” he had sought, which could have amounted to millions of dollars. The damage done to Mr. Mosley’s reputation by “the embarrassing personal information” disclosed by the newspaper “cannot be mitigated by simply adding a few noughts to the number first thought of,” the judge said.
Outside the court, Mr. Mosley said he was delighted with the ruling, which he described as “devastating” to The News of the World.
“It demonstrates that their Nazi lie was completely invented and had no justification,” he said. “It also shows that they had no right to go into private premises and take pictures and film of adults engaged in activities which are no one’s business but those of the people concerned.”
The ruling was one of several by Justice Eady and other judges in recent years in privacy cases against British newspapers under a provision of the European Convention on Human Rights. Some legal experts say the rulings have shifted the balance in Britain in favor of celebrity plaintiffs and against newspapers and other media organizations in invasion-of-privacy cases.
Justice Eady, in his finding, said his ruling should not be considered “a landmark case,” but rather “the application to rather unusual facts” in the Mosley case of privacy principles that had been developing in British court judgments in recent years. Still, the ruling caused a stir among lawyers fighting for press freedoms, some of whom said it was a bellwether for a new, more restrictive era of news media coverage of people in the public domain.
Other lawyers cautioned against alarmism, saying British courts would continue to weigh two competing provisions in the European rights convention — Article 8, establishing a right of privacy, and Article 10, protecting press freedoms — and that it was too early to know where the lasting balance would be struck.
“One lesson it teaches is that public figures can have a private life,” said Desmond Browne, a barrister who has represented some of the plaintiffs in headline-making privacy cases.
Editors of some of Britain’s more serious newspapers also were wary about drawing instant conclusions about where press law in Britain was headed.
Roger Alton, editor of The Independent, a newspaper known for the rigor of its investigative journalism, said he was not too troubled by the ruling.
“It’ll affect kiss-and-tell stories,” Mr. Alton told the British Broadcasting Corporation. “But it’s not a landmark. It’s not going to set things up in a completely different way.”
But Colin Myler, editor of The News of the World, said the judgment was based on precedents established by “judges in Strasbourg,” seat of the European Court of Human Rights, and that the issues involved had never been addressed by Britain’s Parliament. “As a result, our media are being strangled by stealth,” he said.
For Mr. Mosley, success in the case represented at least a partial vindication of what amounted to a gamble. Rather than resigning in shame, as have many well-known figures caught in sex scandals, Mr. Mosley chose another route. He admitted to a passion for sadomasochism, which he told the court had continued for 45 years, and discussed, from the witness box, details of what had occurred in the Chelsea apartment.
But the aspect of the article that he, and many of his detractors in the world of motor racing and beyond, considered the most damaging was the claim that the session involved a conscious effort to recreate the atmosphere of a Nazi death camp.
The potential damage to Mr. Mosley was linked, inevitably, to the fact that he is the son of Sir Oswald Mosley, leader of Britain’s National Union of Fascists in the 1930s, whose secret marriage to Mr. Mosley’s mother, Diana, took place at the home of the Nazi propaganda chief Joseph Goebbels in 1936, with Hitler as guest of honor.
In court, lawyers for The News of the World said they based their claim of a Nazi theme, in part, on the use of commands in guttural German or German-accented English by Mr. Mosley and the women involved. But Mr. Mosley and four of the five women involved maintained that what they intended in their role-playing was to recreate a generic prison scene, not a Nazi death camp.
Thursday, July 24, 2008
A colleague just brought to my attention a case handed down yesterday by the High Court of Justice (Queen's Bench Division) of England & Wales: Applause Store Productions Ltd. & Anor v Raphael  EWHC 1781 (QB) (24 July 2008).
The case relates to the misuse of private information and defamation. The defendant in this case had set up a false Facebook profile in the name of the plaintiff and established a Facebook group that was, shall we say, not flattering of the plaintiff. The court found in favour of the defendant on both claims.
What's additionally interesting is the detail with which the Court reviews the logging data generated by Facebook and provided to the Court. The case is an interesting read for privacy issues, but also is a good chance to look under the hood of Facebook, forensically speaking.
Saturday, June 28, 2008
Because actions speak louder than words, one can easily assume that the British populace is completely passive and accepting of the explosion of CCTV surveillance throughout the green and pleasant lands of England. There is some dissent. Witness: Marina Hyde who has an interesting opinion piece in The Guardian.
Marina Hyde: This surveillance onslaught is draconian and creepy Comment is free The Guardian
Closed-circuit TV cameras are the crime-fighting tool so fiendishly sophisticated that they can be foiled by the wearing of a hood. Yet having stuck 4.2 million of the things around this country, with nary a consultation on the matter - nor any significant impact on crime statistics - efforts to pimp them to 2.0 status continue
This week it emerged that scientists at Portsmouth University are developing "listening" cameras. Artificial intelligence software will be able to recognise sounds such as breaking glass, so that, when such a noise is detected, they can rotate in its direction and capture the act of vandalism/terrorism/God that resulted in a milk bottle falling off your doorstep. I paraphrase slightly, but given that the most recent Home Office report on the matter found that better street lighting is seven times more effective at cutting crime than CCTV, the truly suspicious behaviour is our deepening obsession with surveillance.
The past few years have thrown up dozens of instances which made one wince to be a citizen of this septic isle, but a personal low came with the discovery that 500,000 bins had been fitted with electronic tracking devices. Transponders in bins ... Could any morning news item be more designed to force one back against the pillows, too embarrassed about one's country to start the day? Yes, as it turned out. A couple of months ago it was discovered that Poole borough council, in Dorset, had used the Regulation of Investigatory Powers Act - designed to track serious criminals and terrorists - to determine whether a school applicant and her parents lived where they said they did. They did, and were appalled to discover they had been spied on for three weeks, the subject of surveillance notes such as "female and three children enter target vehicle and drive off". Target vehicle, if you please! The thought of some deep-cover council drone jotting this stuff down as though it were an elite Delta Force operation is not as funny as it is horrifying.
Just who are these people, these swelling legions of unelected, ill-qualified monitors who wield such extraordinary power in our surveillance society? Clarification in one case came last year, when the civilian in charge of a Worcester police station's surveillance team was suspended after detectives found, among one day's footage, a 20-minute sequence of close-ups of a woman's cleavage and backside as she walked oblivious through the streets. Whether the woman ever discovered she was the star of a kind of pervert Truman Show is not recorded. But the offending monitor escaped with a warning and was - unbelievably - back in post within weeks.
In some city centres, such as Middlesbrough, speakers have been put on the cameras, so that those monitoring can interact with potential miscreants. Let's hope these remote bossy boots imagine they're involved in some high-level negotiation, in which they talk down a teenager from his decision to drop a hamburger wrapper on the pavement.
The former home secretary John Reid, on whose draconian watch the Middlesbrough scheme was approved, even suggested at its launch that schoolchildren should enter a competition to become the voice of the cameras - once again laying bare the government's desire to co-opt its citizens into the surveillance process at all levels. We are, of course, coming up to the time of year when we are ordered to shop our neighbours for acts of hosepipe, while the Shoreditch Trust recently trialled a scheme encouraging residents to watch live CCTV feeds on a special local channel, the better to assist in policing.
For all this creepy "outreach", though, the only hands-down beneficiaries of our CCTV obsession (apart from the revenue gatherers) have been broadcasters. For no good reason, all manner of TV networks have been furnished with hours of footage to pad out their witless police chase documentaries, or offensively cheap "street crime UK" shows. Britain's CCTV network: proudly supporting the Bravo channel.
The worst thing is the blithe insistence that this is all necessary and normal. We are watched more closely, by more cameras, with each passing day. But so faultlessly designed is our society that we have never come close to having a say on it.
There's a great bit in Woody Allen's movie Deconstructing Harry when Robin Williams's character goes out of focus, appearing as a sort of fuzzy version of himself, which sounds increasingly like the sort of sickness that should be courted by any attractive woman keen to walk through Worcester. That said, she could always don a hood. Yet there does seem a vaguely depressing irony in governments insisting that constant surveillance is essential to prevent our being overrun by repressive regimes who'd make us all cover our heads and the like. It's these initiatives that drive even the most pliant members of society to dream of taking just that precaution themselves, if only for a bit of privacy.
For over a year now, the United States and the European Union have been negotiating an arrangement so that US law enforcement and national security organizations can have easier access to data in Europe and about Europeans. The New York Times is reporting that that the two parties are closer to an arrangement that would permit trolling through personal information for suspicious activities, such as the review of SWIFT data that the American government undertook as the data was resident in the United States. One of the remaining issues is whether European citizens will have an ability to sue the Americans for misuse of their data.
The fact that Europe and the Bush administration are engaged in this process is a good thing. The alternatives are to shut off the tap entirely, which may not be a good idea, or to allow American authorities to freely troll through European data as easily as information about Americans, which would be worse. In Canada, Maher Arar learned the hard way about what can happen if an unstructured, unregulated information sharing "system" results in the transfer of unreliable information to the Bush administration.
Recently, the Canadian Bar Association presented its recommendations to Parliament, demanding that all information sharing arrangements be in writing with safeguards and oversight to make sure that information is accurate and does not unreasonably invade personal privacy.
The NYTimes article is here: U.S. and Europe Near Accord on Privacy - NYTimes.com.
Thanks to Rob Hyndman for the link.
Sunday, June 01, 2008
Shops track customers via mobile phone - Times Online
The surveillance mechanism works by monitoring the signals produced by mobile handsets and then locating the phone by triangulation measuring the phone’s distance from three receivers.
The Information Commissioner's Office (ICO) expressed cautious approval of the technology, which does not identify the owner of the phone but rather the handset's IMEI code -- a unique number given to every device so that the network can recognise it.
But an ICO spokesman said, "we would be very worried if this technology was used in connection with other systems that contain personal information, if the intention was to provide more detailed profiles about identifiable individuals and their shopping habits.”
Only the phone network can match a handset's IMEI number to the personal details of a customer.
Path Intelligence, the Portsmouth-based company which developed the technology, said its equipment was just a tool for market research. "There's absolutely no way we can link the information we gather back to the individual,” a spokeswoman said. “There's nothing personal in the data."
Liberty, the campaign group, said that although the data do not meet the legal definition of ‘personal information’, it "had the potential" to identify particular individuals' shopping habits by referencing information held by the phone networks.
This is similar to a form of "cookies" for the offline world. On the one hand, we have assurances that the phones' serial number will not be connected with other personal information, but there really is no assurance that will not happen. And once this information is collected, it will be in the system available to law enforcement and others who do have the ability to match it to personal information.
According to Computerworld Security, Google has started collecting images of European streets for its Street View feature, but is holding off putting the data online until it has figured out the local privacy law challenges. See: Google takes Street View snaps in Paris; lawsuits could follow.
Saturday, May 03, 2008
Wednesday, April 16, 2008
Here is a shocking example of why intrusive powers need to be carefully circumscribed and subject to judicial oversight, otherwise they will be abused.
A local council in the UK (not surprisingly) has used the Regulation of Investigatory Powers Act, designed for serious crimes and terrorism, to surveil a three-year-old to determine if her parent's were misrepresenting place of abode to get into a better school. See: Council uses criminal law to spy on school place applicants Society The Guardian.
"The Home Office said the RIPA legislation did not appear to have been used inappropriately."
Friday, April 11, 2008
Some people, I am sure, will savor the irony that many London police officers are complaining about creepy surveillance and Big Brother tactics inherent in a new technology that will allow desk-riding senior cops to keep tabs on the location and activities of cops on the beat.
Apparently they don't like feeling like they're being watched. Some are concerned that innocent and lawful activities could be misinterpreted. Oh, and others are worried that information originally collected for safety and resource planning may be used for some other purpose. Pity.
Check it out:
Met Police officers to be 'microchipped' by top brass in Big Brother style tracking scheme the Daily Mail
Every single Metropolitan police officer will be 'microchipped' so top brass can monitor their movements on a Big Brother style tracking scheme, it can be revealed today.
According to respected industry magazine Police Review, the plan - which affects all 31,000 serving officers in the Met, including Sir Ian Blair - is set to replace the unreliable Airwave radio system currently used to help monitor officer's movements.
The new electronic tracking device - called the Automated Personal Location System (APLS) - means that officers will never be out of range of supervising officers.
But many serving officers fear being turned into "Robocops" - controlled by bosses who have not been out on the beat in years.
According to service providers Telent, the new technology 'will enable operators in the Service's operations centres to identify the location of each police officer' at any time they are on duty - whether overground or underground.
Although police chiefs say the new technology is about 'improving officer safety' and reacting to incidents more quickly, many rank and file believe it is just a Big Brother style system to keep tabs on them and make sure they don't 'doze off on duty'.
Some officers are concerned that the system - which will be able to pinpoint any of the 31,000 officers in the Met to within a few feet of their location - will put a complete end to community policing and leave officers purely at the beck and call of control room staff rather than reacting to members of the public on the ground.
Pete Smyth, chairman of the Met Police Federation, said: "This could be very good for officers' safety but it could also involve an element of Big Brother.
"We need to look at it very carefully."
Other officers, however, were more scathing, saying the new system - set to be implemented within the next few weeks - will turn them into 'Robocops' simply obeying instructions from above rather than using their own judgement.
One officer, working in Peckham, south London, said: "They are keeping the exact workings of the system very hush-hush at the moment - although it will be similar to the way criminals are electronically tagged. There will not be any choice about wearing one.
"We depend on our own ability and local knowledge to react to situations accordingly.
"Obviously we need the back up and information from control, but a lot of us feel that we will simply be used as machines, or robots, to do what we are told with little or no chance to put in anything ourselves."
He added: "Most of us joined up so we could apply the law and think for ourselves, but if Sarge knows where we are every second of the day it just makes it difficult."
Another officer, who did not want to be named, said: "A lot of my time is spent speaking to people in cafes, parks or just wherever I'm approached. If I feel I've got my chief breathing down my neck to make another arrest I won't feel I'm doing my job properly."
The system is one of the largest of its kind in the world, according to Telent, the company behind the technology, although neither the Met nor Telent would provide Police Review with any more information about exactly how the system will work or what sort of devices officers will wear.
Nigel Lee, a workstream manager at the Met, said: "Safety is a primary concern for all police forces.
"The area served by our force covers 620 miles and knowing the location of our officers means that not only can we provision resource more quickly, but should an officer need assistance, we can get to them even more quickly."
Forces currently have the facility to track all their officers through GPS devices on their Airwave radio headsets, but this is subject to headsets being up to date and forces buying the back office systems to accompany them, according to Airwave.
Steve Rands, health and safety head for the Met Police Federation, told Police Review: "This is so that we know where officers are. Let us say that when voice distortion or sound quality over the radio is lost, if you cannot hear where that officer telling you where he is, you can still pinpoint his exact position by global positioning system.
"If he needs help but you cannot hear him for whatever reason, APLS will say where he is."
Monday, April 07, 2008
The BBC is reporting that the Article 29 Working Group in Europe is calling on search engines to render their logs anonymous after six months.
BBC NEWS Technology Search engines warned over data
... The report from the Article 29 Data Protection Working Party said search engine providers had "insufficiently explained" why they were storing and processing personal data to their users.
It said "search engine providers must delete or irreversibly anonymise personal data once they no longer serve the specified and legitimate purpose they were collected for".
The report said the personal data of users should not be stored or processed "beyond providing search results" if the user had not created an account or registered with the search engine.
The advisory body also said it preferred search engines did not collect and use personal data to serve personalised adverts unless the user had consented and signed up to the service....
Google has recently reduced its log retention to eighteen months while other search engines are in the one year to one-and-a-half year ballpark.
Via the ever vigilant Slaw. For Google's previous announcement on retention, check out Canadian Privacy Law Blog: Google to anonymize older data.
Thursday, March 27, 2008
According to Information Age, privacy concerns have at least delayed the implementation of fingerprint biometrics at Heathrow's new Terminal 5 (For some background, see: Canadian Privacy Law Blog: A small step for biometrics; a giant leap for the UK surveillance state). See: Privacy fears delay Terminal 5 fingerprint biometrics | Information Age.
Sunday, March 09, 2008
According to Reuters, the proposed merger of Google and Doubleclick is expected to clear all regulatory hurdles in the European Union despite protests of privacy advocates. See: EU set to clear Google/DoubleClick merger Technology Reuters.
Saturday, March 08, 2008
Passengers flying through Heathrow Airport, Terminal 5, will be photographed and fingerprinted twice before being permitted to board domestic flights. The British Airport Authority, which runs the new terminal through which all British Airways passengers will travel say this measure is "necessary to prevent criminals, terrorists and illegal immigrants trying to bypass border controls."
The only reason why this may be necessary is that the design of the new terminal permits international and domestic passengers to mingle in the secure area. Theoretically, transiting international passengers would be able to swap boarding passes with a domestic passenger circumventing border controls. On balance, it just makes sense to ramp up the big brother factor if it means the BAA doesn't have to follow the non-intrusive but universal designs used by every other airport I have ever been through.
The BAA also says the fingerprints will be discarded after 24 hours, unless -- of course -- they are of interest to the police. See: Heathrow airport first to fingerprint - Telegraph. Via the ever vigilant Boing Boing: Heathrow Terminal 5 to fingerprint domestic passengers - Boing Boing.
Sunday, January 27, 2008
In stark contrast to Canada's Privacy Commissioner, the Information Commissioner in the UK is looking for stronger powers and penalties. See: IMPACT®: ICO publishes powers and penalties wishlist, which refers to "DATA PROTECTION POWERS AND PENALTIES: The Case for Amending the Data Protection Act 1998".
Wednesday, January 23, 2008
This is an interesting development.
In 2003, the Privacy Commissioner of Canada released a finding that strongly suggested that an IP address is "personal information" for the purposes of PIPEDA (Commissioner's Findings - PIPEDA Case Summary #25: A broadcaster accused of collecting personal information via Web site - November 20, 2001 - Privacy Commissioner of Canada). Now the European Union is taking a similar position.
This determination has implications for a range of businesses that operate websites, but particularly affects companies like Google, Yahoo! and the like.
Wired News - AP News - EU Official: IP Is Personal
By AOIFE WHITE
AP Business Writer
BRUSSELS, Belgium (AP) -- IP addresses, string of numbers that identify computers on the Internet, should generally be regarded as personal information, the head of the European Union's group of data privacy regulators said Monday.
Germany's data protection commissioner, Peter Scharr, leads the EU group preparing a report on how well the privacy policies of Internet search engines operated by Google Inc., Yahoo Inc., Microsoft Corp. and others comply with EU privacy law.
He told a European Parliament hearing on online data protection that when someone is identified by an IP, or Internet protocol, address "then it has to be regarded as personal data."
His view differs from that of Google, which insists an IP address merely identifies the location of a computer, not who the individual user is - something strictly true but which does not recognize that many people regularly use the same computer terminal and IP address.
Scharr acknowledged that IP addresses for a computer may not always be personal or linked to an individual. For example, some computers in Internet cafes or offices are used by several people.
But these exceptions have not stopped the emergence of a host of "whois" Internet sites that apply the general rule that typing in an IP address will generate a name for the person or company linked to it.
Treating IP addresses as personal information would have implications for how search engines record data.
Google led the pack by being the first last year to cut the time it stored search information to 18 months. It also reduced the time limit on the cookies that collect information on how people use the Internet from a default of 30 years to an automatic expiration in two years.
But a privacy advocate at the nonprofit Electronic Privacy Information Center, or EPIC, said it was "absurd" for Google to claim that stripping out the last two figures from the stored IP address made the address impossible to identify by making it one of 256 possible configurations.
"It's one of the things that make computer people giggle," EPIC executive director Marc Rotenberg told The Associated Press. "The more the companies know about you, the more commercial value is obtained."
Google's global privacy counsel, Peter Fleischer, however, said Google collects IP addresses to give customers a more accurate service because it knows what part of the world a search result comes from and what language they use - and that was not enough to identify an individual user.
"If someone taps in 'football' you get different results in London than in New York," he said.
He said the way Google stores IP addresses meant one of them forms part of a crowd, giving valuable information on general trends without infringing on an individual's privacy.
Google says it needs to store search queries and gather information on online activity to improve its search results and to provide advertisers with correct billing information that shows that genuine users are clicking on online ads.
Internet 'click fraud' can be tracked down by showing that the same IP address is jumping repeatedly to the same ad. Advertisers pay for each time a different person views the ad, so dozens of views by the same person can rack up costs without giving the company the publicity it wanted.
Microsoft does not record the IP address that identifies an individual computer when it logs search terms. Its Internet strategy relies on users logging into the Passport network that is linked to its popular Hotmail and Messenger services.
The company's European Internet policy director, Thomas Myrup Kristensen, described the move as part of Microsoft's commitment to privacy.
"In terms of the impact on user privacy, complete and irreversible anonymity is the most important point here - more impactful than whether the data is retained for 13 versus 18 versus 24 months," he said.
But neither of the search engines received a pat on the back from Spain's data protection regulator, Artemi Rallo Lombarte, who criticized them for not trying to make their privacy policies accessible to normal people.
Their privacy policies "could very well be considered virtual or fictional ... because search engines do not sufficiently emphasize their own privacy policies on their home pages, nor are they accessible to users," he said, describing the policies as "complex and unintelligible to users."
Tuesday, January 22, 2008
Google was able to coast through regulatory review in the US without any consideration of privacy, but Europe is a different matter:
Google spars with European lawmakers over privacy | Reuters
Mon Jan 21, 2008 1:54pm EST
By David Lawsky
BRUSSELS (Reuters) - Google attacked European parliamentarians and privacy advocates on Monday for trying to have competition authorities consider the handling of personal information in its $3.1 billion takeover of rival DoubleClick.
The argument was the centerpiece of a European Parliament hearing to consider the burgeoning role of the Internet in impinging on the privacy of citizens.
The U.S. Federal Trade Commission (FTC) signed off last month on Google's $3.1 billion deal, which combines its dominance in pay-per-click Internet advertising with DoubleClick's market-leading position in display ads.
After listening to a visiting FTC commissioner, U.S. and European privacy advocates and European parliamentarians question the impact of the deal on European citizens' on-line privacy, Google's global privacy counsel shot back.
"People (are) trying to take a privacy case and shoehorn it into a competition law review ... I can understand that people continue to peddle this theory in Europe after having lost in the United States," Peter Fleischer said. His attack did little to calm the waters.
"The reason you want to have the data is because it gives you a competitive advantage. It is business. I don't think they can be completely disconnected. And we should discuss that side of things too," said Sophie in 't Veld, the Dutch parliamentarian who sought the hearing.
She called information a competitive factor and declared: "Having that much information is market power."
Federal Trade Commissioner Pamela Harbour said her four colleagues at the FTC had taken a traditional approach and excluded questions of privacy in their decision. She dissented.
"I believe a traditional approach does not capture the interests of all the parties. There is no proxy for the consumer whose privacy is at stake," she said.
The European Commission has said it will not take privacy into consideration. In the past six years, it has not turned down any all-U.S. deal approved by U.S. authorities.
Fleischer, asked about the deal rationale, said Google wanted to get into banner advertising. He said his firm did not build dossiers on individuals through searches, instead using the words of each search to decide what ads to display with it.
Contractual limits would prevent Google from using DoubleClick information from individuals, he said.
Stavros Lambrinidis of Greece, who chaired the meeting, asked whether Google turned information over to government authorities.
Fleisher said that if authorities go "through a valid legal process we will respond to it".
(Editing by Dale Hudson)
Sunday, January 20, 2008
The Register reports that a laptop containing the personal information of 600,000 UK military recruits was on a laptop stolen from a naval officer's car. See: Join the army, get your ID pinched - MoD laptop goes AWOL | The Register.
Friday, January 04, 2008
This is an interesting development. In response to the huge data breach in the UK (Canadian Privacy Law Blog: UK loses sensitive personal data on 25m people), the Parliamentary Justice committee is calling for criminal penalties for large data breaches. See: U.K. Needs Tougher Laws to Protect Private Data, Lawmakers Say - Bloomberg.com: U.K. & Ireland.
For some additional comments, see: IMPACT®: Data protection - more signs of unrest.
Saturday, December 29, 2007
In the wake of the UK's recent huge privacy incident, parliamentarians are considering a proposal that executives be directly accoutable for information security and perhaps even have to certify -- a la Sarbox -- its information practices. See: Call for CEOs to carry can for data leaks - Times Online.
Sunday, December 23, 2007
I think we'll be seeing even more of these out of the UK as government authorities and the media turn their attentiont to the issue.
It's being reported that a number of National Health System trusts have "lost" the personal information of hundreds of thousands of British residents in the past little while. See: BBC NEWS UK Nine NHS trusts lose patient data
Thursday, December 06, 2007
Just when you thought it couldn't get any worse: Scotsman.com News - Missing discs 'hold witness protection scheme IDs'.
Tuesday, November 20, 2007
A lot of stuff I read about privacy incidents leaves me scratching my head in wonder. In thinking about the staggering number of privacy breaches coming out of governments (Canadian, US, UK, etc.), I wonder:
I am thinking that it probably isn't #2.
The latest is from the UK. An employee of the Revenue & Customs sent CDs of unencrypted personal information about almost every child and parent in the UK via regular internal mail. The CDs never reached their destination. The minister responsible has admitted that this has occurred on multiple occasions. When are governments going to learn?
Tuesday, September 18, 2007
Out-Law, run by Pinsent Masons, has an exclusive article on a European Commission report that concludes the United Kingdom has not adequately implemented the Data Protection Directive. Check out the article: Europe claims UK botched one third of Data Protection Directive | OUT-LAW.COM.
Sunday, September 16, 2007
A comment in the Guardian by Henry Porter decries preceived intrusions into the private lives of the British and suggests that Canada is a good model to follow. He agrees strongly with what Pierre Trudeau said, that the Government has no business in the bedrooms of the nation.
Our sex lives are our own business Comment Guardian Unlimited Politics
... A few years ago, this sentence appeared at the beginning of a bill: 'Her Majesty by and with the advice of the House of Commons enacts as follows: rules to govern the collection, use and disclosure of personal information in a manner that recognises the right of privacy of individuals with respect to their personal information.'
The only words I have missed out are the 'senate' and 'of Canada'. Same queen, but different country and one which has placed the respect for privacy at the heart of its national life. It seems extraordinary that two countries which used to share so many political values have taken such different directions. There's a lot that Canada can teach the Mother of Parliaments, especially the opposition, which has lost the habit of thinking outside the terms that Labour has set for the national agenda.
There are two important acts which serve as good templates for the sorts of reforms Liberty calls for. The first is the Privacy Act which took effect in 1983 and which imposes obligations on some 150 government and federal departments and agencies to respect the privacy rights by limiting the collection, use and disclosure of personal information. It gives the individual a right to access and correction of personal information held by agencies. The second act is the Personal Information Protection and Electronic Documents Act (Pipeda), a law which means a company like Tesco, which accumulates enormous amounts of personal data, must have consent from its customers. Underlying these is the Canadian charter of rights and freedoms which states: 'Everyone has the right to be secure against unreasonable search and seizure', a guarantee which I would like to see in a British bill of rights.
It is argued that we have the Data Protection Act and the information commissioner, but despite the latter's agitation, nothing has stopped the 500,000 interceptions of private communication each year, the total surveillance of motorways, the building of the ID card data base, the creepy children's database and expansion of the police DNA database.
The Canadian system hasn't worked perfectly, especially since 9/11, but Canadians shudder at what is happening in the UK, at the abandon with which we allow government more and more control over our lives and our futures....
Monday, September 03, 2007
I just heard about a new website, www.yourprivacy.co.uk, from its creators. The site, based in the UK, provides over sixty articles related to privacy. They say they'll be adding ten articles a month to the site. They also have an rss feed to keep up on what they're publishing.
Protecting Your Privacy and Anonymity at yourprivacy.co.uk
- Biometric Finger Print Scanning
- Disposing of Personal Information
- Disposing of Personal Information
- Financial Security and Privacy
- ID Cards
- Telephone Monitoring at Work
- Loyalty Cards
- Your Privacy on Your Mobile Phone
- Your Privacy on the Telephone
- Your Privacy Rights at Work
Monday, August 27, 2007
DP Thinker has posted a few developments in UK data protection law:
DP thinker: A few developments
Just a few developments to note on data protection in the UK:
1) The draft Data Retention (EC Directive) Regulations 2007 will take effect on 1st October 2007. These regulations implement the Data Retentions Directive 2006/24/EC and will apply to public electronic communications providers. Data will be retained for a period of 12 months from the date of communication (Regulation 4(2)). The types of data to be retained are telephone numbers and mobile numbers (Regulation 5(1) and 5(2)). The regulations do not apply to data from internet access, e-mail and internet telephony (VoIP). The Information Commissioner will monitor the application of these regulations (Regulation 8). A comparison of the other European Member States' Laws implementing the Data Retentions Directive 2006/24/EC can be found here.
2) On 24 October 2007, the transitional exemptions under the UK Data Protection Act 1998 will end. This means that structured manual filing systems containing personal records will be covered under the Data Protection Act, but would apply to data that was held before October 1998. The Durant case will be relevant, which took the view that most manual file files are not relevant filing systems.
3) Draft Freedom of Information and Data Protection (Appropriate Limit and Fees) Regulations 2007 - The Government has drafted amended freedom of information (FOI) fees regulations which will allow public authorities to take into account more comprehensively the work involved in dealing with an FOI request. The consultation was completed in June, but further details can be found here.
Friday, July 27, 2007
The Lawyer.com has an interesting article on the use of the Human Rights Act in the United Kingdom to dramatically extend individual privcy rights. It also includes a brief overview of some significant cases:
Privacy on parade - 16 July 2007
Five key cases
Lord Browne v Associated Newspapers, 2007
Eady J decided BP's shareholders had the right to know that Lord Browne had lied in court. But what they did not need to know were details of his personal conversations with ex-boyfriend Jeff Chevalier, which remain private.
McKennitt v Ash, 2005
One of the first real tests of Article 8. Eady J went through a number of passages from an exposé of singer Loreena McKennitt, deciding on each one whether it breached privacy rules. The result? A win for privacy.
Prince of Wales v Associated Newspapers, 2006
Blackburne J weighed up Articles 8 and 10 of the Human Rights Act and found that the former was stronger than the latter in the case of publishing the prince's diary.
Douglas v Hello!, 2007
The Lords' decision on Douglas has given celebrities greater control over their images and the way they are portrayed in the press.
Campbell v MGN, 2004
The Lords found that the photographs of Naomi Campbell attending a Narcotics Anonymous meeting had a far greater effect than just words and so had invaded her privacy.
Saturday, April 28, 2007
IT Business is running an article entitled SWIFT scandal exposes PIPEDA holes, in which the Privacy Commissioner of Canada and Phillipa Lawson of the Canadian Internet Policy and Public Interest Clinic lament that PIPEDA allows the disclosure of personal information without consent in response to a foreign subpoena.
(For some background, see my previous posts on SWIFT.)
Is this a loophole or something that should be remedied? Certainly the European Union thinks that disclosing European info in this way is not OK.
I'm not sure there is really anything that can be done about this, other than to keep data out of jurisdictions with laws that you consider offensive. Certainly, we have seen that the EU and some Canadian provinces think that the USA Patriot Act is overbroad and a threat to privacy. Unlike some public sector laws in Canada, PIPEDA is completely silent with respect to the export of personal information. But if data is in a jurisdiction with a lawful power to compel the production of that information, the practical impact of a foreign law is virtually nil. Particularly if the foreign law is as toothless as PIPEDA.
Practically speaking, the solution is really to keep those data warehouses out of those jurisdictions. While SWIFT is a European outfit, they had a data centre in the US that was within the lawful jurisdiction of the US authorities armed with subpoenas. As an international clearing system, it would obviously have to transmit some data back and forth between HQ and the US. But there doesn't seem to be any compelling argument to suggest that all that data should have been kept there.
Canada, with it's European-accepted privacy laws, would have been an ideal place to locate the SWIFT data centre. Miliseconds from New York and Brussels, but a world away from the US as far as privacy laws go. Any international company doing business with personal information in the United States really should think about this. What SWIFT did may have been completely lawful in the US, but it certainly has caused more than its fair share of headaches and has opened it up to potential liability in the EU.
Sunday, April 08, 2007
The British Royal Academy of Engineers has published a very interesting report on privacy and technology: Dilemmas of Privacy and Surveillance. It is important that those that design technology have an appreciation of the privacy impact of that technology and this report is an encouraging step in that direction.
1. Executive Summary
This study identifies likely developments in information technology in the near future, considers their impact on the citizen, and makes recommendations on how to optimize their benefits to society. The report focuses on an area where the developments in IT have had a particularly significant impact in our everyday lives - the use of IT in surveillance, data-capture, and identity management. It looks at the threats that these technologies may pose and at the role engineering can play in avoiding and managing these risks. The following is a summary of the central concepts and issues that the report investigates and the judgments the report makes about them.
Technological development: Technologies for the collection, storage, transmission and processing of data are developing rapidly. These technological developments promise many benefits: improved means of storing and analysing medical records and health data could lead to improvements in medical care and in management of public health; electronic logging of journey details can promise improved provision of public transport and more logical pricing for road use; and more details of peoples' everyday behaviour offer the possibility for developing better public policy generally.
However, the development of these technologies also has the potential to impact significantly on privacy. How they develop is to a large extent under the control of society. They can be allowed to develop in a way that means personal data are open to the view of others - either centralised spies or local peeping toms. Or, they can be allowed to develop so that personal data are collected and stored in an organised, controlled and secure manner. There is a choice between a 'Big Brother' world where individual privacy is almost extinct and a world where the data are kept by individual organisations or services, and kept secret and secure. The development of technology should be monitored and managed so that its potential effects are understood and controlled. The possibility of failures of technologies needs to be explored thoroughly, so that failures can be prepared for and, where possible, prevented. Designing for privacy: There is a challenge to engineers to design products and services which can be enjoyed whilst their users' privacy is protected. Just as security features have been incorporated into car design, privacy protecting features should be incorporated into the design of products and services that rely on divulging personal information.
For example: means of charging road users for the journeys they make can be devised in such a way that an individuals' journeys are kept private; ID or 'rights' cards can be designed so that they can be used to verify essential information without giving away superfluous personal information or creating a detailed audit trail of individuals' behaviour; sensitive personal information stored electronically could potentially be protected from theft or misuse by using digital rights management technology. Engineering ingenuity should be exploited to explore new ways of protecting privacy.
Privacy and the law: British and European citizens have a right to privacy that is protected in law. The adequate exercise of that right depends on what is understood by 'privacy'. This notion needs clarification, in order to aid the application of the law, and to protect adequately those whose privacy is under threat. In particular, it is essential that privacy laws keep up with the technological developments which impact on the right to and the expectation of privacy, especially the development of the Internet as a networking space and a repository of personal information. The laws protecting privacy need to be clarified in order to be more effective. As well as making the letter of the law more perspicuous, the spirit must be made more powerful - the penalties for breaches of the Data Protection Act (1998) are close to trivial. The report backs calls for greater penalties for misuse of data - including custodial sentences.
Surveillance: The level of surveillance of public spaces has increased rapidly over recent years, and continues to grow. Moreover, the development of digital surveillance technology means that the nature of surveillance has changed dramatically. Digital surveillance means that there is no barrier to storing all footage indefinitely and ever-improving means of image-searching, in tandem with developments in face and gait-recognition technologies, allows footage to be searched for individual people. This will one day make it possible to 'Google spacetime', to find the location of a specified individual at some particular time and date.
Methods of surveillance need to be explored which can offer the benefits of surveillance whilst being publicly acceptable. This will involve frank discussion of the effectiveness of surveillance. There should also be investigation of the possibility of designing surveillance systems that are successful in reducing crimes whilst reducing collateral intrusion into the lives of law-abiding citizens.
Technology and trust: Trust in the government is essential to democracy. Government use of surveillance and data collection technology, as well as the greater collection and storage of personal data by government, have the potential to decrease the level of democratic trust significantly. The extent of citizens' trust in the government to procure and manage new technologies successfully can be damaged if such projects fail. Essential to generating trust is action by government to consider as wide a range of failure scenarios as possible, so that failures can be prevented where possible, and government can be prepared for them where not. There also need to be new processes and agencies to implement improvements. If a government is seen as implementing technologies wisely, then it will be considered more trustworthy.
Protecting data: Loss or theft of personal data, or significant mistakes in personal data, can have catastrophic effects on an individual. They may find themselves refused credit, refused services, the subject of suspicion, or liable for debts that they did not incur. There is a need for new thinking on how personal data is stored and processed. Trusted third parties could act as data banks, holding data securely, ensuring it is correct and passing it on only when authorised. Citizens could have their rights over the ownership, use and protection of their personal data clarified in a digital charter which would specify just how electronic personal data can be used and how it should be protected.
Equality: Personal data are frequently used to construct profiles and the results used to make judgements about individuals in terms of their creditworthiness, their value to a company and the level of customer service they should receive. Although profiling will reveal significant differences between individuals, the results of profiling should not be used for unjustifiable discrimination against individuals or groups. Profiling should also be executed with care, to avoid individuals being mistakenly classified in a certain group and thus losing rights which are legitimately theirs.
Reciprocity: Reciprocity between subject and controller is essential to ensure that data collection and surveillance technologies are used in a fair way. Reciprocity is the establishment of two-way communication and genuine dialogue, and is key to making surveillance acceptable to citizens. An essential problem with the surveillance of public spaces is that the individual citizen is in no position either to accept or reject surveillance. This heightens the sense that we may be developing a 'Big Brother' society. This should be redressed by allowing citizens access to more information about exactly when, where and why they are being watched, so that they can raise objections to surveillance if it is deemed unnecessary or excessively intrusive.
R1 Systems that involve the collection, checking and processing of personal information should be designed in order to diminish the risk of failure as far as reasonably practicable. Development of such systems should make the best use of engineering expertise in assessing and managing vulnerabilities and risks. Public sector organisations should take the lead in this area, as they collect and process a great deal of sensitive personal data, often on a non-voluntary basis.
R2 Many failures can be foreseen. It is essential to have procedures in place to deal with the consequences of failure in systems used to collect, store or process personal information. These should include processes for aiding and compensating individuals who are affected.
R3 Human rights law already requires that everyone should have their reasonable expectation of privacy respected and protected. Clarification of what counts as a reasonable expectation of privacy is necessary in order to protect this right and a public debate, including the legal, technical and political communities, should be encouraged in order to work towards a consensus on the definition of what is a 'reasonable expectation'. This debate should take into account the effect of an easily searchable Internet when deciding what counts as a reasonable expectation of privacy.
R4 The powers of the Information Commissioner should be extended. Significant penalties - including custodial sentences - should be imposed on individuals or organisations that misuse data. The Information Commissioner should also have the power to perform audits and to direct that audits be performed by approved auditors in order to encourage organisations to always process data in accordance with the Data Protection Act. A public debate should be held on whether the primary control should be on the collection of data, or whether it is the processing and use of data that should be controlled, with penalties for improper use.
R5 Organisations should not seek to identify the individuals with whom they have dealings if all they require is authentication of rightful access to goods or services. Systems that allow automated access to a service such as public transport should be developed to use only the minimal authenticating information necessary. When organisations do desire identification, they should be required to justify why identification, rather than authentication, is needed. In such circumstances, a minimum of identifying information should be expected.
R6 Research into the effectiveness of camera surveillance is necessary, to judge whether its potential intrusion into people's privacy is outweighed by its benefits. Effort should be put into researching ways of monitoring public spaces that minimise the impact on privacy - for example, pursuing engineering research into developing effective means of automated surveillance which ignore law-abiding activities.
R7 Information technology services should be designed to maintain privacy. Research should be pursued into the possibility of 'designing for privacy' and a concern for privacy should be encouraged amongst practising engineers and engineering teachers. Possibilities include designing methods of payment for travel and other goods and services without revealing identity and protecting electronic personal information by using similar methods to those used for protecting copyrighted electronic material.
R8 There is need for clarity on the rights and expectations that individuals have over their personal information. A digital charter outlining an individual's rights and expectations over how their data are managed, shared and protected would deliver that clarity. Access by individuals to their personal data should also be made easier; for example, by automatically providing free copies of credit reports annually. There should be debate on how personal data are protected - how it can be ensured that the data are accurate, secure and private. Companies, or other trusted, third-party organisations, could have the role of data banks - trusted guardians of personal data. Research into innovative business models for such companies should be encouraged.
R9 Commercial organisations that select their customers or vary their offers to individuals on the basis of profiling should be required, on request, to divulge to the data subjects that profiling has been used. Profiling will always be used to differentiate between customers, but unfair or excessively discriminating profiling systems should not be permitted.
R10 Data collection and use systems should be designed so that there is reciprocity between data subjects and owners of the system. This includes transparency about the kinds of data collected and the uses intended for it; and data subjects having the right to receive clear explanations and justifications for data requests. In the case of camera surveillance, there should be debate on and research into ways to allow the public some level of access to the images captured by surveillance cameras.
Thanks to DP thinker for the link.
Monday, April 02, 2007
Canada's Privacy Commissioner has wrapped up her investigation of the SWIFT information sharing fuss and has concluded that SWIFT is subject to PIPEDA but did not violate the law when it handed over Canadian information in response to US subpoenas.
From the Commissioner:
News Release: Privacy Commissioner concludes investigation of SWIFT (April 2, 2007)
Privacy Commissioner concludes investigation of SWIFT
Ottawa, April 2, 2007 —The Privacy Commissioner of Canada, Jennifer Stoddart, today announced the conclusion of her Office’s investigation of the Society for Worldwide Interbank Financial Telecommunication (SWIFT), a European-based financial cooperative, that supplies messaging services and interface software to a large number of financial institutions in more than 200 countries, including Canada.
In her Report of Findings, made public today, the Commissioner confirmed that SWIFT is subject to the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s private sector privacy law, and that the organization did not contravene the Act when it complied with lawful subpoenas served outside the country and disclosed personal information about Canadians to foreign authorities. However, she emphasized that making use of existing information-sharing regimes, with built-in privacy protections, would allow for greater transparency for citizens.
Since her appointment, Ms. Stoddart has raised concerns about the personal information of Canadians flowing across borders. In her Report, the Commissioner stressed that organizations operating and connected in a substantial way to Canada are subject to PIPEDA and they must abide by the Act. “Simply because companies might operate in two or more jurisdictions does not relieve them of their obligations to comply with Canadian law,” said Ms. Stoddart.
It was alleged that SWIFT inappropriately disclosed to the US Department of Treasury (UST) personal information originating from or transferred to Canadian financial institutions. Ms. Stoddart launched a commissioner-initiated investigation into the matter to determine if there was a breach of PIPEDA, the federal law which covers the collection, use and disclosure of personal information in the course of commercial activities.
Following September 2001, the UST began issuing subpoenas to SWIFT for certain data held in SWIFT’s US-based operating centre. SWIFT obtained a series of privacy protections for the data it transferred to the UST.
In her Report, the Commissioner explained that PIPEDA allows an organization such as SWIFT to abide by the laws of other countries in which it operates. An organization that is subject to PIPEDA and that has moved personal information outside the country for business reasons may be required at times to disclose it to the legitimate authorities of that country. It is clear that in response to a valid subpoena issued by a court, person or body with jurisdiction to compel the production of information, an organization must disclose personal information and PIPEDA makes it permissible to comply with this obligation. The Commissioner stressed that multi-national organizations must comply with the laws of those jurisdictions in which they operate.
The Commissioner noted, however, that if US authorities need to obtain information about financial transactions that have a Canadian component, they should be encouraged to use existing information mechanisms that have some degree of transparency and built-in privacy protections. Accordingly, she signaled her intent to ask Canadian officials to work with their US counterparts to persuade them to use Canadian anti-money laundering and anti-terrorism financing mechanisms instead of the subpoena route.
“These alternate avenues would allow far greater Canadian involvement in the scrutiny of personal information and would better respect the value we give privacy protection,” said Ms. Stoddart. “Democratic societies must ensure that the fundamental rights and freedoms of the individual are respected to the extent possible, including the right to the protection of personal information.”
In addition to its investigation of SWIFT, the Privacy Commissioner’s Office also received complaints against six Canadian financial institutions and conducted an investigation into their involvement in the matter.
The Office reviewed the contractual documentation that exists between SWIFT and the banks, and concluded that the banks are meeting their obligations under the PIPEDA, noting that when an organization that contracts with a firm that operates both within and outside of Canada, it must respond to lawfully issued subpoenas in other jurisdictions as well as in Canada, and PIPEDA permits this.
Moreover, she found that each of the banks has very clear language in their privacy policies. These policies inform customers that the banks may send their personal information out of the country for certain purposes and that while such information is out of the country, it is subject to the laws of the country in which it is held.
The Privacy Commissioner of Canada is mandated by Parliament to act as an ombudsman, advocate and guardian of the privacy and protection of personal information rights of Canadians.
View the Executive Summary.
View the Commissioner’s full Report of Findings.
Saturday, March 10, 2007
Richard Thomas, the Information Commissioner of the UK is calling for international privacy standards, particularly focusing on the ongoing squabbles between Europe and the United States. (See: UK official calls for international privacy standards.).
I agree that harmonization should be a goal, but I am concerned that this may lead to a "lowest common denominator" system which would reduce the protection that some jurisdictions afford to their citizens' privacy. The following quote suggests this may be the outcome:
"There could be 'scope for less bureaucracy, less emphasis on prior authorization and a more concrete focus on preventing real harm', he said."
"Privacy" is not just about preventing fraud and indentity theft. Most modern privacy regimes are about giving people choices about how (and whether) their information is collected, used and disclosed. Reducing emphasis on "prior authorization" would likely undermine this.
Canada's PIPEDA, for all its faults, has shown that you can have a comprehensive privacy law that is based on consent and still permits legitimate business use of personal information.
Friday, March 02, 2007
A UK court has sentenced a 67 year old man to four months in prison for consipring to install spyware on the compuer of the accused's estranged wife, whom he suspected was hiding assets. See: DP thinker: First UK case on Spyware.
Monday, February 26, 2007
DP Thinker is reporting on his blog that the UK Government intends to add prison time to the penalties available for misuse of personal information in the UK Data Protection Act: DP thinker: Data Protection Act 1998.
Monday, February 05, 2007
Tuesday, January 30, 2007
In the wake of the SWIFT privacy scandal, the European parliament will be debating the scandal, European data protection laws and broader issues of access to personal data. Should be interesting to watch:
theparliament.com - EU parliament debates personal data rules
EU parliament debates personal data rules
MEPs are this week expected to intensify pressure on the European commission to act over the controversial Swift case.
In November, an independent panel found that the Belgian-based money transfer company Swift had breached EU privacy laws by secretly giving personal financial data to the US authorities.
Swift denied breaking the law, saying it was subpoenaed to give limited data for use in the fight against terrorism.
On 31 January, in the first Brussels parliamentary plenary of the year, deputies will debate the issue of current personal data legislation and table a series of questions to the commission on the Swift case.
Included in the list of questions is a demand to know whether the commission is aware of any other requests to private companies to make their data available to the US.
MEPs also want to know what action the commission intends to take given that access to data handled by Swift makes it possible to get information on the economic activities of individuals and businesses.
The ongoing row involving Swift, which handles 11 million transactions a day, could further exacerbate tensions between the EU and the US over the use of personal flight data in the fight against terrorism.
The EU and US recently resolved a long-running dispute over the issue and is confident of reaching an agreement on passenger name records (PNR).
US negotiator Michael Chertoff and his EU counterpart Wolfgang Schauble said at the weekend that despite continued differences of opinion on the use of the personal data they were confident of reaching a deal by July.
Some MEPs, however, are currently raising concerns which they would like the commission to take on board when the executive alone negotiates a new agreement with the US.
The plenary, though, will be urged by British Conservative MEP Timothy Kirkhope to back the deal brokered by the EU and US.
"Some of these concerns are warranted but the most important thing to adopt are appropriate air safety and anti-terrorism measures and provide certainty for the airlines, while also ensuring that data protection norms are respected,” Kirkhope said.
Monday, January 29, 2007
I just checked my calendar to see if I accidentally slept in and woke up on April 1. According to Yahoo News, the British government is considering taking all encompassing surveillance to the next level by installing cameras in public places that can see through clothes. According to a memo obtained by the Sun, the measure will make the detection of weapons and explosives easier.
X-ray cameras 'see through clothes' - Yahoo! News UK:
However, officials acknowledged that it would be highly controversial as the cameras can "see" through clothing.
"The social acceptability of routine intrusive detection measures and the operational response required in the event of an alarm are likely to be limiting factors," the memo warned.
"Privacy is an issue because the machines see through clothing."
The Sun reported that the memo, dated January 17, was drawn up by the Home Office for the Prime Minister's working group on security crime and justice.
It noted that some technologies used for airport security had already been used in police operations searching for drugs and weapons in nightclubs.
"These and other could be developed for a much more widespread use in public places," it said.
"Street furniture could routinely house detection systems that would indicate the likely presence of a gun for example."
A Home Office spokeswoman said: "We don't comment on leaked documents".
Wednesday, January 17, 2007
I just got an e-mail from Dr. Jóri András ügyvéd in Budapest to let me know about his new online resource on European Data Protection. I've had a chance to check it out and I'm definitely bookmarking it. You can find it here: Data protection in Europe.
Here's the welcome message from the main page:
Welcome to www.dataprotection.eu!
There is much talk about the crisis of data protection legislation in Europe. I've been dealing with data protection law for seven years. I can still recall the atmosphere in the late 90s that was pervasive in the office led by the first data protection commissioner of Hungary. We were enthusiastic, our task was to make a new constitutional right known for the public. We were more members of a workshop, champions of the new constitutional right, than mere bureaucrats.
I am no longer involved in this work: for six years I've been helping my clients - companies and goverment agencies - in complying with data protection law, and sometimes I have the opportunity to contribute to the creation of legal instruments with data protection relevance. Standing on the "other side" my perspective is not the same, of course. From this point of view you can see what is hidden to civil servants: how hard is it - even with great efforts - to apply legal texts that have deficiencies, how important it is to formulate coherent, acceptable and concistent interpretations in this field of law, and what are the results (and costs) of a given decision by the data protection authority. On the "other side", one can think more freely, and can ask questions like "is informational self-determination worth its price?"; "is an institution organized following the ombudsman-model the best one to control the compliance with data protection law?". The answer is not necessarily "no" - but the arguments raised by the sceptics of data protection are sometimes worth the consideration.
Is data protection in crisis? Is informational self-determination just a toy for constitutional lawyers? Can it be reinvented to meet the challenges of the information age?
These are questions yet to be answered. My aim with this project - www.dataprotection.eu - is to carry out a comparative analysis of European data protection legislations, that can help the data protection community of Europe to answer them.
Sunday, January 14, 2007
People who want to stay on top of the UK terror alert level can sign up to receive periodic e-mail updates from MI5. Sorta but not quite, since MI5 has outsourced managing the e-mail service to an American company. See: MI5 terror alert blunder sends private data to US mailshot firm | the Daily Mail.
This is not a disaster, but clearly the UK intel folks didn't think about the perception of doing things this way.
What's the lesson here? When you are dealing with personal information, think about every facet of how the service is being offered and how it may be perceived.
Update (20070117): According to Spy Blog, MI5 is now handling its email subscriptions in-house.
Monday, November 27, 2006
Google Video is hosting a great documentary featuring Henry Porter of the Observer on widespread surveillance in the US and the UK that assumes everyone's a subject. Check it out: Suspect Nation - Google Video. From the Google Video blurb:
Since Tony Blair's New Labour government came to power in 1997, the UK civil liberties landscape has changed dramatically. ASBOs were introduced by Section 1 of the Crime and Disorder Act 1998 and first used in 1999. The right to remain silent is no longer universal. Our right to privacy, free from interception of communications has been severely curtailed. The ability to travel without surveillance (or those details of our journeys being retained) has disappeared. Indeed, as Henry Porter (the Observer journalist famous for his recent email clash with Tony Blair over the paring down of civil liberties) reveals in this unsettling film, our movements are being watched, and recorded, more than ever before.
Thanks to Open and Shut for the link.
Friday, November 24, 2006
Thursday, November 23, 2006
I blogged some time abo about Loreena McKennitt's successful bid in the UK High Courts to have an unflattering book pulled from shelves (Canadian Privacy Law Blog: Canadian folk singer opens the door to expanded privacy for celebrities in Europe ). Now the story is back in the news as she takes the battle to the Court of Appeal:
Canadian singer's privacy case back in London court Entertainment Entertainment News Reuters.co.uk:
Tue Nov 21, 2006 4:28 PM GMT
LONDON (Reuters) - Canadian singer Loreena McKennitt's action to prevent details of her life appearing in a book by a former friend was challenged in court on Tuesday, the second case this week that could influence English privacy law.
She won a High Court ruling in London last year in which the judge prevented the disclosure of details of her private life in a book by Niema Ash called "Travels With Loreena McKennitt".
Ash and the book's publishers, Purple Inc Press, are seeking to overturn the ruling in the Court of Appeal, arguing that it struck a "triple whammy" against freedom of expression.
A successful appeal could pave the way for the book to go back on sale -- about 300 copies were sold before it was withdrawn from shelves.
On Monday, celebrity magazines OK! and Hello! took their protracted row over photographs of the 2000 wedding of Michael Douglas and Catherine Zeta-Jones to the House of Lords, the upper house of Parliament which is also England's highest court.
That case is also being closely watched for which side the lords favour -- the celebrities and OK! magazine, who had an exclusive deal for the photographs, or Hello! which published unauthorised "spoiler" images of the event.
Legal experts say protecting people's private lives is one of the areas of the law most affected by the introduction of human rights legislation six years ago.
David Price, lawyer for Ash and Purple, told the court that considerable uncertainty surrounded privacy laws in the country.
"There is a perception that the law relating to breach of confidence and misuse of private information is in a state of some uncertainty," he said. "This uncertainty is undesirable. It has a chilling effect on freedom of expression."
He said the original judgement in McKennitt's favour set a "low hurdle" on what qualified as private information and a difficult and restrictive test for justifying information that is private.
He said it blurred the distinction between defamation and privacy which was a "particular concern for book publishers".
The court ruled last year that McKennitt was entitled to an injunction restricting publication of passages of the book which fell into categories including personal relationships, emotional vulnerability and her feelings for her late fiancé who drowned.
The Canadian Privacy Law Blog is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License.