The Lawbytes podcast resumes for another season with a special episode on privacy as I’m joined on the podcast by Daniel Therrien, the Privacy Commissioner of Canada. Commissioner Therrien recently used Data Privacy Day to deliver a speech at the University of Ottawa focused on privacy reforms and a new consultation on AI and privacy. He joined me on the podcast to talk about his term as commissioner, the major challenges he’s faced, the state of Canadian privacy law, and the prospect for reform. Following our conversation, the podcast features audio of the Commissioner’s bilingual speech at the law school.
Post Tagged with: "opc"
A Failure of Enforcement: Why Changing the Law Won’t Fix All That Ails Canadian Privacy
Canadian Privacy Commissioner Daniel Therrien renewed his call for an overhaul of Canada’s private-sector privacy legislation this week. Responding to a national data consultation launched by Innovation, Science and Economic Development Minister Navdeep Bains, Therrien recommended enacting a new law that would include stronger enforcement powers, meaningful consent standards and the extension of privacy regulations to political parties. My Globe and Mail op-ed argues that while the need for a modernized privacy statute has been evident for some time, Canada’s privacy shortcomings are not limited to a decades-old legal framework struggling to keep pace with technological change.
Why the Privacy Commissioner Doesn’t Need Legal Reforms To Require Transparency Reports
Privacy Commissioner of Canada Daniel Therrien was in the news this week as he expressed concern with the evasiveness of Canada’s spy agencies and the ongoing refusal of some of Canada’s telecom companies (namely Bell) to issue transparency reports. I’ll have more to say about privacy and government agencies in my technology law column next week, but on the issue of telecom transparency reports, I believe that Therrien already has the necessary legal mandate to act now. Therrien urged all telecom companies to release transparency reports, noting:
“I think Canadians are telling us, first of all, that they would much prefer that data be shared from telcos to government only with a warrant, with a court authorization. But when that does not happen, Canadians expect that there be transparency…frankly, if there’s not more progress I will continue to call for legislation on this issue.”
I wrote about why Canada’s telecom transparency reporting still falls short late last month, emphasizing that a non-binding approach to transparency reporting has been a failure.
Secret Memo Reveals RCMP Records on Requests for Subscriber Data “Inaccurate and Incomplete”
Last fall, Daniel Therrien, the government’s newly appointed Privacy Commissioner of Canada, released the annual report on the Privacy Act, the legislation that governs how government collects, uses, and discloses personal information. The lead story from the report was the result of an audit of the Royal Canadian Mounted Police practices regarding warrantless requests for telecom subscriber information.
The audit had been expected to shed new light into RCMP information requests. Auditors were forced to terminate the investigation, however, when they realized that Canada’s national police force simply did not compile the requested information. When asked why the information was not collected, RCMP officials responded that its information management system was never designed to capture access requests.
While that raised serious concerns – the RCMP has since promised to study mechanisms for reporting requests with recommendations expected in April – my weekly technology law column (Toronto Star version, homepage version) reports that documents recently obtained under the Access to Information Act reveal that the publicly released audit results significantly understated the severity of the problem. Indeed, after the draft final report was provided to the RCMP in advance for comment, several of the findings were toned down for the public release.