CIGI’s essay series on data governance in the digital age has shone a spotlight on the need for a national data strategy. My contribution notes that central to any data strategy will be some measure of data control. Given the implications for privacy, security and innovation policies, this includes some control over where data is stored and the conditions under which it is transferred across borders. Yet, despite the mounting data concerns, Canada may have already signed away much of its policy flexibility with respect to rules on both data localization and data transfers, severely restricting its ability to implement policy measures in the national interest.
Wiertz Sebastien - Privacy by Sebastien Wiertz (CC BY 2.0) https://flic.kr/p/ahk6nh
Privacy
Striking the Balance: Privacy and Freedom of Expression in the Digital Age
The Canadian Journalism Foundation and CIPPIC partnered on a terrific event yesterday on privacy and freedom of expression in the digital age. The event, held at the Globe and Mail Centre in Toronto, focused on the right to be forgotten. It included conversations with Privacy Commissioner of Canada Daniel Therrien, Google’s Peter Fleischer, and a debate between David Fraser and Keith Rose. I was featured on the final panel in a conversation with the Globe and Mail’s Susan Krashinsky Robertson. The discussion, embedded below, focused on a wide range of privacy issues, including the need to update PIPEDA, pressure from the EU to improve Canada’s privacy law, how to foster meaningful consent, and the right to be forgotten.
Coming Soon (or at least by November): Government Sets a Date for Data Breach Disclosure Rules To Take Effect
Several years after passing into law, the Canadian government has finally set an effective date for long-overdue data breach disclosure rules. The requirements were included in the Digital Privacy Act that was passed in 2015, but the accompanying regulations literally took years to finalize. Earlier this year, I argued that the failure to expedite security breach disclosure rules was an embarrassing failure for successive Conservative and Liberal governments, placing the personal information of millions of Canadians at risk and effectively giving a free pass to companies that do not adequately safeguard their customers’ information.
No Longer Fit for Purpose: Why Canadian Privacy Law Needs an Update
Canada’s private sector privacy law was first introduced 20 years ago, coinciding with the founding of Google and predating Facebook, the iPhone, and the myriad of smart devices that millions of Canadians now have in their homes. Two decades is a long time in the world of technology and privacy and it shows. There has been modest tinkering with the Canadian rules over the years, but my Globe and Mail opinion piece notes the law is struggling to remain relevant in a digital age when our personal information becomes increasingly valuable and our consent models are little more than a legal fiction.
The House of Commons Standing Committee on Access to Information, Ethics and Privacy last week released the results of a comprehensive study into Canadian privacy law. The report, which features 19 recommendations, provides Innovation, Science and Economic Development Minister Navdeep Bains with a road map for future reforms (I appeared before the committee as one of 68 witnesses from across the policy spectrum).
The Case Against the Bell Coalition’s Website Blocking Plan, Part 14: Failure To Further the Telecommunications Act Policy Objectives
This series has devoted the past several weeks to making the case that the Bell coalition website blocking plan is a disproportionate, ineffective response to piracy that is out-of-step with global standards, will raise consumer Internet costs, result in over-blocking legitimate content, and that is offside Canadian norms on net neutrality, privacy and human rights. Yet even if the CRTC were to still think this terrible idea is worth supporting, it would fall outside its stated rules on approving website blocking. The Commission has made it clear that it will only permit blocking in “exceptional circumstances” and only where doing so would further the objectives found in the Telecommunications Act.
Recent Posts
Canada’s DST Debacle a Case Study of Digital Strategy Trouble 
Canadian Government Caves on Digital Services Tax After Years of Dismissing the Risks of Trade Retaliation 
The Law Bytes Podcast, Episode 238: David Fraser on Why Bill C-2’s Lawful Access Powers May Put Canadians’ Digital Security At Risk 
Ignoring the Warning Signs: Why Did the Canadian Government Dismiss the Trade Risks of a Digital Services Tax? 
Why Bill C-2 Faces a Likely Constitutional Challenge By Placing Solicitor-Client Privilege at Risk
