The Government of Canada released its Speech From the Throne (SFT) last week, spelling out its priorities and governing agenda for the next two years. While there were no explicit references to privacy law reform as some had hoped, there were still policy commitments made that will have implications for privacy in the coming Parliamentary session. I touch on some of these below.
Canadians have been shaken by the stories of Amanda Todd and Rehtaeh Parsons, whose lives ended in tragedy following acts of cyberbullying involving social media and the sharing of deeply embarrassing and compromising digital photos. In the wake of these tragedies, the Government has committed in the SFT to “introduce legislation giving police and prosecutors new tools to effectively address cyberbullying that involves criminal invasion of privacy, intimidation and personal abuse. This legislation would create a new criminal offence prohibiting the non-consensual distribution of intimate images (p.13).”
Cyberbullying, and the more general issue of online reputation management, is a significant social challenge with no easy solutions. While gossip, innuendo and bullying have existed forever, the Internet has dramatically accelerated the velocity and intensity of its consequences. Societies and their governments will naturally search for ways to contain the ills of cyberbullying, but as I have argued elsewhere, it will not be easy.
Leaving aside the practical difficulties of enforcing the prohibition in sharing certain kinds of digital images, the greatest challenge for any government will likely be the degree to which such efforts run up against freedom of expression considerations. The definition of intimate images is slippery at best, and there is likely to be a very fine line between an individual’s right to privacy, and another’s right to free expression.
2. Genetic Testing and Discrimination
As part of its bid to safeguard families and communities, the Government has also committed in the SFT to, “prevent employers and insurance companies from discriminating against Canadians on the basis of genetic testing (p.14).”
Unlike in the United States where the Genetic Information Nondiscrimination Act (GINA) prevents employers and insurance companies from making hiring and underwriting decisions based on genetic information, Canada has no such law in place. As a result, the Canadian Life and Health Insurance Association has taken the position that while insurance providers cannot require an individual to undergo a genetic test, they will request access to such information if an applicant has done so of their own accord. Genetic personal information could thus factor into the insurance premiums individuals pay for health insurance.
While Canada lacks specific genetic privacy legislation, its private sector privacy law – the Personal Information and Protection of Electronic Documents Act, or PIPEDA – is an economy-wide law spelling out how organizations engaging in commercial activity in Canada can collect, use and disclose personal information. It is under its PIPEDA mandate that the Privacy Commissioner of Canada has been studying and engaging with stakeholders on the question of genetic information and privacy, making the issue one of its top four privacy priorities in recent years.
Given the Government’s stated interest in strengthening Canada’s rules with respect to genetic discrimination, the Commissioner may now have a receptive audience in its research work in this area, and a partner in applying tougher genetic privacy standards to commercial activity.
3. National Security and Privacy
As I noted in my previous entry, the ongoing public debate in the United States about the appropriate balance between national security/public safety and privacy has by and large not spilled over into Canada. Nonetheless, the issue remains ripe for exploration.
In its Throne Speech, the Government indicated that it will, “respond to emerging threats to our sovereignty and economy posed by terrorism and cyber-attacks, while ensuring Canadians’ fundamental privacy rights are protected (p.17).” The reference to privacy protection is a clear indication that in the wake of the NSA leaks, no national security or public safety initiative will now be able to move forward without a substantive privacy impact assessment.
A public debate on state surveillance in Canada may yet materialize this fall. On October 21 the Privacy Commissioner published on its website an exchange of letters on metadata with the Chief of the Communications Security Establishment Canada (CSEC), the Canadian equivalent of the NSA, in which the Commissioner urges greater openness and transparency in CSEC’s work. The following day, the British Columbia Civil Liberties Association launched legal proceedings against CSEC to have it cease certain surveillance activities. It remains to be seen whether Parliamentarians, the media and the Canadian public will push for further action and scrutiny.
And What of Privacy Law Reform?
With the SFT silent on privacy law reform, it does not appear that reforming PIPEDA will be a priority for the Government before the next general election, due sometime in 2015. At the time of writing, the Government has yet to even re-introduce into Parliament its previous privacy reform legislation, C-12, which dates back to 2006.
Nonetheless, Parliament is overdue to conduct a legislative review of PIPEDA, and a Parliamentary Committee may yet still initiate one this fall. The two possible Committees where such a review would be conducted are the Access to Information, Privacy and Ethics Committee, and the Industry, Science and Technology Committee. The first meetings for these Committees in the new Parliamentary session are October 24 and 28 respectively, and it will be worth keeping an eye on their activities in the coming weeks.
Kevin Chan, a Non-Resident Fellow at Stanford’s Center for Internet and Society, was previously Director of Policy, Parliamentary Affairs and Research in the Office of the Privacy Commissioner of Canada (OPC). His thoughts and writings are his own, and do not represent the views of the OPC. He can be reached at firstname.lastname@example.org
Photo Credit: Stephen Harper