In the last act of an incredibly intense digital policy stretch, the government today tabled new private sector privacy legislation in the form of Bill C-36, the Protecting Privacy and Consumer Data Act. It is a big bill, and my initial take will be divided into two: this post will focus on the seismic shift the bill creates for privacy administration and enforcement, and a second post (hopefully tomorrow) will discuss the substantive changes and additions. I start with the enforcement side because the most consequential feature of C-36 is the question of who will administer the rules. The bill firmly cements the Digital Safety Commission as a new digital super-regulator in Canada, stripping the Privacy Commissioner of authority over private sector privacy law and handing it instead to the same five-member commission the government created a few days ago to police online harms. I believe the approach is unprecedented among peer countries and will have negative repercussions for Canada’s standing in the privacy world. Indeed, removing an Agent of Parliament from private-sector privacy enforcement after decades isn’t something you tuck into a lengthy bill, but rather requires extended public consultation and analysis on how best to ensure Canada has effective privacy enforcement. This is a stunning abrogation of good policy development and a poorly conceived vision of the breadth and importance of privacy.
Post Tagged with: "privacy commissioner"
Bill C-22’s Clause-by-Clause Problem: The Government Includes Agencies Seeking Lawful Access Powers But Blocks the Privacy Commissioner’s Return
The House of Commons public safety committee started its clause-by-clause review of Bill C-22 last week, the stage at which the lawful access bill’s actual statutory language is settled and the privacy safeguards are either written in or left out. The witnesses the committee included said a lot about the government’s commitment to addressing privacy concerns and to ensuring a balanced bill. Clause-by-clause reviews typically include departmental officials as witnesses, who provide support to the committee by answering technical questions. Years ago, officials were viewed as non-partisan, but today officials invariably defend the government’s position and subtly (or not so subtly) argue against amendments. Including non-departmental witnesses is very rare since they have already had the chance to make their case to the committee. Yet the RCMP and CSIS, the agencies that have lobbied for these powers and will wield them, were on hand last week to guide members through the Bill C-22 amendments. Those witnesses will be unlikely to support potential privacy-focused amendments. Even more astonishing, efforts to include Philippe Dufresne, the Privacy Commissioner of Canada, whose recommendations several of the amendments under consideration are drawn from, were rejected by Liberal MPs on the committee.
The Law Bytes Podcast, Episode 168: Privacy Commissioner of Canada Philippe Dufresne on How to Fix Bill C-27
It has taken many months, but Bill C-27, the government’s long overdue effort at privacy reform finally is headed to committee for review. Philippe Dufresne, the Privacy Commissioner of Canada, has been patiently waiting for this moment, armed with a comprehensive review of the bill and a wide range of recommendations for amendments that include a more explicit framing of privacy as a fundamental right.
Dufresne was appointed as Canada’s privacy commissioner nearly one year ago and in months since has made numerous committee appearances, issued high profile findings involving companies such as Home Depot, battled Internet companies in the courts, and worked on the privacy implications of AI. He joins the Law Bytes podcast to reflect back on his first year in the position and to outline his proposals to strengthen Canada’s best shot at a modernized privacy law.
The Law Bytes Podcast, Episode 93: Lex Gill on the RCMP, Clearview AI and Canada’s History of Surveillance
Earlier this month, the Privacy Commissioner of Canada released a scathing report on the RCMP’s use of facial recognition technology, particularly its work with Clearview AI. The report was particularly damaging as the Commissioner found that the RCMP wasn’t truthful when it said it didn’t work with Clearview AI and then gave inaccurate information on the number of uses when it was revealed that it did. In fact, even after these findings, the RCMP still rejected the Privacy Commissioner’s findings that it violated the Privacy Act.
Lex Gill is a Montreal-based lawyer where she is an affiliate at the Citizen Lab and teaches at McGill University’s Faculty of Law. She has also worked at the Canadian Civil Liberties Association and the Canadian Internet Policy and Public Interest Clinic. She joins the podcast to discuss the Commissioner’s findings and to explain why this is best viewed as part of a long cycle of surveillance that has often targeted social movements or vulnerable populations.
The LawBytes Podcast, Episode 37: The Future of Privacy in Canada – A Conversation with Privacy Commissioner of Canada Daniel Therrien
The Lawbytes podcast resumes for another season with a special episode on privacy as I’m joined on the podcast by Daniel Therrien, the Privacy Commissioner of Canada. Commissioner Therrien recently used Data Privacy Day to deliver a speech at the University of Ottawa focused on privacy reforms and a new consultation on AI and privacy. He joined me on the podcast to talk about his term as commissioner, the major challenges he’s faced, the state of Canadian privacy law, and the prospect for reform. Following our conversation, the podcast features audio of the Commissioner’s bilingual speech at the law school.
Recent Posts
Midnight Madness: The Government Rushes Lawful Access Bill Through the House Without Debate or a Recorded Vote 
One Step Forward, Two Steps Back: Bill C-36 Modernizes Canada’s Privacy Law, Then Delays It to 2030 
Gary Anandasangaree’s Vic Toews Moment Shows the Government Has Lost Its Way on Lawful Access 
Government Moves to Shut Down Lawful Access Hearing In Order To Fast Track Passing the Bill This Week 
Canada’s Digital Super-Regulator: Bill C-36 Pushes Out the Privacy Commissioner and Hands Private Sector Privacy to an Overloaded Commission
