Wat is Privacy graffiti, door, Shoreditch, Hackney, London, UK by Cory Doctorow (CC BY-SA 2.0) https://flic.kr/p/pgokPc

Wat is Privacy graffiti, door, Shoreditch, Hackney, London, UK by Cory Doctorow (CC BY-SA 2.0) https://flic.kr/p/pgokPc

News

Why is the Canadian Government So Indifferent to Privacy?

Over the past several weeks, there have been several important privacy developments in Canada including troubling privacy practices at well-known organizations such as the CBC and Tim Hortons, a call from business organizations for privacy reform, the nomination of a new privacy commissioner with little privacy experience, and a decision by a Senate committee to effectively overrule the government on border privacy rules. These developments raise the puzzling question of why the federal government – led by Innovation, Science and Industry Minister François-Philippe Champagne, Public Safety Minister Marco Mendicino, and Canadian Heritage Minister Pablo Rodriguez – are so indifferent to privacy, at best treating it as a low priority issue and at worst proposing dangerous measures or seemingly hoping to cash in on weak privacy laws in order to fund other policy priorities.

The privacy alarm bells have been ringing for weeks. For example, the Globe and Mail recently featured an important story on children’s privacy, working with Human Rights Watch and other media organizations to examine the privacy practices of dozens of online education platforms. The preliminary data suggests some major concerns in Canada, most notably with the CBC, whose CBC Kids platform is said to be “one of the most egregious cases in Canada and really all around the world.” The CBC responded that it “complies with relevant Canadian laws and regulations with regard to online privacy, and follows industry practices in audience analytics and privacy protection.” Yet that is the problem: Canada’s privacy laws are universally regarded as outdated and weak, thereby enabling privacy invasive practices with no consequences. Soon after, the Privacy Commissioner of Canada released findings in an investigation involving the Tim Hortons app tracking location data. First identified by then-National Post reporter James McLeod, the commissioner found privacy violations, yet Canadian privacy law does not include penalties for these violations.

Despite the obvious need for privacy reform – outgoing Privacy Commissioner of Canada Daniel Therrien reiterated the necessity for reform in his final speech as commissioner and business groups have made a similar call for privacy reform – the government seems indifferent to the issue. The nomination of Philippe Dufresne as the new privacy commissioner is a case in point. I don’t know Mr. Dufresne and I’m hoping that he proves to be a great commissioner. He certainly said many of the right things in his appearance before committee yesterday. However, the government’s choice is instructive. In choosing someone with no obvious privacy experience, the government sided instead with government managerial experience. Good managerial experience is valuable, but a career spent within government is not a training ground for pushing the policy envelope, pressuring governments to reform the law, and demanding that the private sector comply with it. The Dufresne choice signals that the government may be more comfortable with a well-managed agent of Parliament than with an agent of change.

The government’s dangerous approach to border privacy is indicative of its indifference or even hostility to privacy. Yesterday a Senate committee reviewing Bill S-7 rejected the government’s proposed standard for border searches of electronic devices over the objection of Minister Marco Mendicino and Senator Marc Gold, the government’s representative in the Senate (who, incidentally, was the sponsor of the unnecessary pre-study of Bill C-11). As Senator Mobina Jaffer noted, “We did not have one witness except the minister and the officials say that the new standard ‘was a good idea’.”

Mendecino has company when it comes to weak privacy. The failure of the government to prioritize privacy reform remains one of the more discouraging aspects of its digital policy approach. A big reason behind the failure surely rests with Minister Champagne. Now nearly a year and a half into the job, Champagne is increasingly regarded as one of the least effective and consequential Industry Ministers of the past two decades, particularly with respect to digital policies. His department has been absent on issue after issue: Internet regulation, news media, copyright term extension, and privacy among them. Over the past 25 years of digital policy, few Industry Ministers have demonstrated less interest, engagement or commitment to the issue.

The problems with the government’s approach extends beyond Mendicino’s hostility and Champagne’s indifference, however. Canadian Heritage Minister Pablo Rodriguez has effectively linked his digital cultural policy to the ongoing commercial success of the Internet platforms, viewing the companies as the source of funding for film and television production, music, and local news. Moreover, his plans envision the companies also paying for the regulatory frameworks themselves, including for news and online harms. The irony that the government prioritizes “getting money from web giants” over safeguarding Canadians from those companies should not be lost anyone. In fact, the incentive structure for Heritage is to keep the data taps flowing: more data to tech companies means more revenues which means more money for the cultural sector. Rather than seeking to regulate privacy and data governance, Rodriguez wants to profit from it by funding his policy objectives.

For years, the challenge associated with privacy reform in Canada was the likely opposition from business groups, who viewed privacy as costly regulation that might limit their business plans. Today, the Canadian business community is actively calling for privacy reform. So what is the hold up? The unfortunate answer appears to be government ministers such as Champagne, Mendicino, and Rodriguez, who are either indifferent, hostile, or beneficiaries of weak privacy.

5 Comments

  1. Why doesn’t the government care about privacy? My guess is they benefit from weak privacy laws because it provides them with lots of data that they believe helps gets them elected.

  2. The problem of reforming quickly and immediately is a bit difficult. Reforms take a long time to succeed, and there are often mixed arguments.

    • The thing is, privacy reform was tabled in the last government. What’s more is that this has been an issue even as GDPR was being formed. It was clear, even all those years ago, that Canada needed privacy reform to five some of the most glaring issues (such as an inability for the privacy commissioners – or anyone from the government for that matter – to hand out fines. Even the US’s weird patchwork system has figured that out).

      Now, the GDPR is four years old. For European’s, the question is how to get these laws effectively enforced (given that DPA’s over there sometimes don’t do a whole lot despite their power – ala Ireland). Canada has yet to get out of the starting gates to try and fix an obviously broken system to protecting people’s personal information.

      Companies know full well that all they will get when they break the law is a strongly worded letter. Because of this, Canada is quickly becoming the doormat for privacy abusing companies all over the world. Yet, as Geist says, the current government still sits on their hands and does nothing because they just don’t care.

      If privacy reform is tabled tomorrow, it would be a long overdo thing.

  3. Pingback: “Privacy” seems to be an archaic concept that doesn’t matter to the Canadian government « Quotulatiousness

  4. Pingback: Links 17/06/2022: Wine 7.11 and Summary of a Week in GNOME | Techrights

Leave a Reply

Your email address will not be published.

*

*