Privacy Commissioner Rules USA Patriot Act Privacy Risks Mirrored in Canada

Assistant Privacy Commissioner has ruled that the privacy risks posed by the USA Patriot Act are similar to those found in Canada and therefore not grounds to rule that the privacy protection afforded by a U.S. email provider is not comparable to Canadian-based providers.  The finding arises from a complaint launched by CIPPIC against over the use of a U.S.-based provider.  In assessing the USA Patriot Act issue, the Assistant Privacy Commissioner found that:

The risk of a U.S.-based service provider being ordered to disclose personal information to U.S. authorities is not a risk unique to U.S. organizations. In the national security and anti-terrorism context, Canadian organizations are subject to (and may be just as likely to receive) similar types of orders to disclose personal information of Canadians to Canadian authorities. There are also several former bilateral agreements in place between analogous Canadian and U.S. organizations that provide for the cooperation and exchange of relevant information. In light of such arrangements, there are many alternatives to a Section 215 Order to obtain information about Canadians.

I focused on these issues several years ago in a submission to the B.C. Information and Privacy Commissioner co-authored with Milana Homsi.


  1. Routes to Canada are via US!
    Remember that most major Canadian cities are connected to the Internet grid via the US. Canadian Internet infrastructure is barely developed.

    So, could you can try routes to sites hosted in your city and near cities?

    For example, a route from Teksavvy (Toronto) to few university sites in Montreal (RISQ network) goes via Chicago (Teleglobe). And from recent AT&T debacle, one does not need a court order to sniff foreign traffic passing through USA.

  2. Dwight Williams says:

    “Net-CPRail” Needed?
    We need something like that infrastructure, both because of and regardless of the concerns raised by the Privacy Commissioner.

    Yes, it’s a paradox. That’s Canadian life in general, though.

  3. law is funny says:

    law is funny
    didn’t they pass some law regarding a user in canada, using other places , and that in effect local canuck law applied ( was used to the smart ones to catch those sicko child molestors ) but one could argue that that same law means that no matter what service we use according to that law we are all subject to canadian law 1st.

  4. @ Routes to Canada are via US!

    All westcoast traffic here gets routed through Seattle and down to California too.

    When San Francisco had that big router crash, my Burnaby based “Telus” internet ceased to exist for 48 hours until San Fran was running again.

    Canadian companies are far too cheap to create *any* infrastructure. That’s frustrated the CRTC lots of times.

  5. [ link ]

    Here is a network atlas, there are maps from around 2000. For Canada, very little has changed in there.

  6. Software Developer
    What are the implications of a charity sending its data to the US … can they tell their donors that they have a privacy policy that is effective? Most charities have ignored the implications … for a $25.00 a year donor … no problem … what about the bigger donors?
    I am curious!