Balancing act: Privacy and the use of personal information – Canadian Government Executive

NEWS

SEARCH

Security
October 22, 2013

Balancing act: Privacy and the use of personal information

Elizabeth Denham, British Columbia’s Information and Privacy Commissioner since 2010, believes that although the principles and values underlying privacy laws have endured for 20 years, the challenges to information and privacy rights have grown in such scale and complexity that new approaches, tools and strategies are needed. She is hosting a conference this month called Privacy and Access: A New Vision for Information Rights. She spoke to editor-in-chief Toby Fyfe about her concerns.

What’s been your biggest preoccupation over these first three years of your mandate?

What concerns me is whether or not we’ve got the balance right between privacy and how the government is using personal information. My preoccupation has been to investigate and to provide advice and issue orders that affect how personal information is managed by public sector organizations.

I have been trying to pull back the curtain to demonstrate how these technologies work and how government is processing information behind the scenes so citizens can assert their rights. Many of our files have to do with the use of technology by law enforcement, such as automated license plate recognition and how facial recognition technology is used by the Insurance Corporation of BC. We also looked at smart meters and how smart meters actually process electricity consumption data of citizens.

Is the issue whether the information is being used appropriately by government, or simply that the government is collecting it at all? I’m thinking of the smart meter example.

With the smart meter example, the government was collecting that information according to the law. What we looked at in that act was whether or not they were repurposing it for other use, and whether they were properly securing the data against loss or theft, of tampering or intrusion.

And is the government doing a good job?

I think the government is doing a good job in properly collecting information. What I’m most concerned about is collecting it for one purpose, then using it for something else. Government hasn’t been as transparent as they’re required to be in law so that citizens understand why information is being collected. I also think the government has fallen down, in some cases, in securing personal information. For example, with the BC Ministry of Health investigation that we did, we found large amounts of data shared with third parties on unencrypted USB keys.

In the past, you have referred to the challenges of new technologies in the privacy sphere. What do citizens need to think about?

Data protection and privacy. They are more important now than they’ve ever been, especially in the face of the massive amounts of personal information that’s collected and analyzed by the public and private sectors. An individual’s ability to actually know what’s happening with their personal information and their ability to control their personal information is more challenging than it’s ever been.

This is an education issue, is it not?

It’s partly an education issue because I think that when individuals are using these shiny new tools such as social media and applications on their smartphones they need to be aware of who’s collecting their personal information and what’s happening with it. So it’s important that individuals make themselves aware of how these companies and how these technologies work. That said, what’s really important is that we have comprehensive privacy laws that set out the rules that organizations have to follow when it comes to processing personal information.

My sense is that you’re talking about a whole generation that is largely indifferent to the issues of privacy. How do you reach that group?

I actually think that this next generation, especially individual citizens who are in their twenties and thirties, are actually quite sophisticated when it comes to understanding how these new technologies work. When I talk to young people in their twenties and thirties, they are quite tech-savvy about how to use and engage their privacy controls, especially when it comes to social media.

I agree with you that very young people, teenagers for example, don’t seem to understand the implications and the potential harms that revealing everything online will bring to them, especially as they get older and look for their first job or try to get into a post-secondary education.

How do organizations such as yours deal with large, global organizations like Google or Twitter?

This is one of the greatest challenges that we face right now in enforcing local privacy laws. Now that we are in the Internet age, where data knows no borders, we have to look to models such as cooperative enforcement mechanisms with data protection authorities working together to change the behaviour of some of these global giants and to work together to enforce our laws.

Canada, federally, has been successful in changing the practices of some global companies such as Facebook and Google. What the law says in Canada is, if there is processing of Canadians’ personal information, and if a company has a real connection to Canada, then our laws apply to those companies’ information processing activities.

And do the companies get this issue, or is this a constant battle?

It’s a constant battle. I think that there are good players, companies and governments that want to do the right thing, but there are also bad actors out there, and those bad actors either don’t seem to be aware of the law or they’re working around the law. And that is a constant battle for regulators such as myself. We have to use education, and we have to use our enforcement tools when a company is not playing by the rules. That’s critically important.

How does government strike the right balance between fundamental privacy rights and law enforcement and national security?

Very, very tough issue. I think that the recent whistleblowing of Edward Snowden and the revelations about the U.S. Foreign Intelligence Surveillance Act, and even about our own Canadian Security Exchange, have really brought to light that thorny issue of how to strike that right balance. Excessive surveillance in the name of national security and public safety can threaten the freedoms we depend on. I think that awareness of widespread surveillance of our communications make people very nervous about speaking their minds or doing anything that arouses suspicion.

So what I could say, in answer to that question, is that in this age of Internet technologies and fear of terrorism, we need to decide what the limits are and how much secret snooping, and under what conditions, we’re prepared to accept as a society. I think, in Canada, governments and commissioners should carefully assess existing and proposed initiatives to make sure that they don’t improperly diminish privacy. I think this is probably the most important file that we have seen in a very long time.

You talk about a “new vision for information rights.” What do you have in mind?

I think that new technologies, social media, big data, facial recognition technology, smartphones that can track your location everywhere you go, mean that while the principles and values that underlie our legislation might still endure, the challenges to these rights have really grown in scale and complexity. I think it’s time for reform of our laws to make sure that they are keeping up to date with the technology. Right now they’re not.

About this author

0 comments

There are no comments for this post yet.

Be the first to comment. Click here.

Security
 
In the wake of the WannaCry outbreak, corporate executives, IT professionals,...
 
Facebook Pages can be an essential tool for businesses and charities,...
 
Cybersecurity professionals have sounded the alarm for years, and they are...
 
CBC deserves full credit for exposing the presence of IMSI catchers...
 
Security professionals have an obligation to communicate risks and recommendations to...
 
Over the decades, technology has been grafted into governments around the...
 
In this episode, J. Richard Jones talks about being candid about...
 
Criminals have reportedly threatened to take over 250 million Apple accounts...
 
In this episode, hear more about how Canada is a prime...
 
While the incoming administration of President-elect Donald Trump is being buffeted...
 
In the world that we are living in today, free and...
 
The RCMP adopted a new media strategy earlier this month by...
 
What would tomorrow’s cybersecurity look like? That’s an intriguing question to...
 
Terrorism operates with deadly regularity. In June 2016, a gunman who...
 
Just as the federal government has begun consultations on cyber security,...
 
Efforts by the government to counter the radicalization of young Canadians...
 
Canadian healthcare organizations and businesses in the financial industry are the...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
The challenge is clear: a fast-paced industry pressures organizations to simultaneously...
 
As populations grow and age, the demand for services increases. As...
 
By Michael Murphy Not all assets can and should be equally...
 
Please to view this Content. (Not a member? Join Today! )...
 
Now more than ever, organizations in both the public and private...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
As the battle between the FBI and Apple continues to escalate,...
 
Please to view this Content. (Not a member? Join Today! )...
 
Meet Bob Heart.  He is an outstanding employee who works hard...
 
A new study released yesterday, Securing the C-Suite, Cybersecurity Perspectives from...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Yesterday, Ontario Supreme Court Justice John Sproat ruled that the Peel...
 
I wrote about accountability more than a year ago. Recently, a...
 
Intelligence agencies have had widespread and long-running programs to gather, analyze...
 
What concerns me is whether or not we’ve got the balance...
 
One of the consequences of the Information Age in which we...
 
In March of 2011, the east coast of Japan was rocked...
 
BYOD is hot! But is it for you? If yes, which...
 
Protecting critical infrastructure from cyber threats is the shared responsibility of...
 
In numerous interviews with senior military commanders over the past several...
 
In early February, James R. Clapper, the U.S. director of national...
 
The widespread adoption of mobile devices as enterprise-level tools is occurring...
 
CGE Vol.13 No.2 February 2007 Public security, once a task relegated...
 
CGE Vol. 14 No.4 April 2008 In recent years, policy makers...
 
L’univers de la sécurité des TI évolue rapidement. À mesure que...
 
The world of IT security is rapidly evolving. As quickly as...
 
Cyber attacks don’t have to look highly sophisticated. Hackers are purposely...
 
The announcement regarding the establishment of Shared Services Canada (SSC) was...
 
There was probably a day in spring of AD 72 that...
 
The changing face of public and personal privacy in the face...
 
What role should governments and public servants play in safeguarding personal...
In the wake of the WannaCry outbreak, corporate executives, IT professionals,...

Member Login

Forgot Password?

Join Us

Password Reset
Please enter your e-mail address. You will receive a new password via e-mail.