As witnesses line up to warn about the dangers associated with Bill C-51, Canada’s anti-terrorism bill, it is increasingly clear that the proposed legislation is an unprecedented undermining of Canadian privacy protection. Much of the focus on the bill has related to oversight: the government implausibly claims that it increases oversight (it does not), the Liberals disappointingly say they support the bill but would like better oversight, and much of the NDP criticism has also centered on oversight. Yet with respect to privacy and Bill C-51, lack of oversight is only a part of the problem.
The privacy-related concerns stem from Bill C-51’s Security of Canada Information Sharing Act (SCISA), a bill within the bill, that goes far further than sharing information related to terrorist activity. It does so in three steps.
First, the bill permits information sharing across government for an incredibly wide range of purposes, most of which have nothing to do with terrorism. The government has tried to justify the provisions on the grounds that Canadians would support sharing information for national security purposes, but the bill allows sharing for reasons that would surprise and disturb most Canadians.
Second, the scope of sharing is exceptionally broad, covering 17 government institutions with government granting itself the right to expand sharing to other departments. In fact, the bill even permits further disclosure “to any person, for any purpose.” In other words, there are few limits on how information the government collects can be shared internally, with other governments, or with any entity it sees fit.
Third, oversight is indeed a problem since the privacy protections found in Privacy Act are widely viewed as already outdated. In fact, Bill C-51 effectively neuters the core protections found in the Privacy Act by opening the door to the very kind of information sharing that the law is intended to prevent.
In recent weeks, all privacy commissioners from across the country have spoken out. For example, Privacy Commissioner of Canada Daniel Therrien, appointed by the government less than a year ago and described as an expert by Prime Minister Stephen Harper, slammed the bill:
the scale of information sharing being proposed is unprecedented, the scope of the new powers conferred by the Act is excessive, particularly as these powers affect ordinary Canadians, and the safeguards protecting against unreasonable loss of privacy are seriously deficient. While the potential to know virtually everything about everyone may well identify some new threats, the loss of privacy is clearly excessive. All Canadians would be caught in this web.
All provincial privacy commissioners have offered a similar analysis, jointly calling on the government to withdraw the information sharing aspects of the bill. They also warn of routine surveillance of large portions of the population:
It could be used to authorize, in effect, surveillance across governments in Canada, and abroad, for virtually unlimited purposes. Such a state of affairs would be inconsistent with the rule of law in our democratic state and contrary to the expectations of Canadians.
The privacy community may be unanimous in condemning Bill C-51, but perhaps the biggest disappointment is to see how Harper has flipped on the importance of privacy protection over the information collected by governments.
Nearly twenty years ago, he was a Reform MP commenting on a proposed electronic voter registry and warning that “the first and main concern is the privacy issue … since the information is to be shared by different levels of government and different governmental bodies. There is a risk that privacy can compromised.”
Today, the Prime Minister is fast tracking a bill that represents the biggest ever reduction in Canadian public sector privacy protection and even blocking the Privacy Commissioner of Canada from appearing before the committee studying the bill. This is a remarkable about-face and one that could leave Canada with some of the weakest safeguards against government information sharing in the developed world.
Michael Geist holds the Canada Research Chair in Internet and E-commerce Law at the University of Ottawa, Faculty of Law. He can be reached at email@example.com or online at www.michaelgeist.ca.