International Law
The Canadian Privacy Law Blog 
The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
Post Frequency: 1.1/day Last Entry: November 17, 2009 at 12:24:00 Recent Entries: 320
Go to The Canadian Privacy Law Blog, find other International Law blogs, or browse all law blogs.
Search
Posts
Commissioner tables annual Privacy Act Report for 2008-2009
Posted on November 17, 2009The Privacy Commissioner of Canada has tabled her annual report on the public sector privacy law, the Privacy Act: Annual Report to Parliament 2008-2009 - Report on the Privacy Act. At the same time, she has also tabled additional privacy audits, related to FINTRAC and the Canadian no-fly list:Audit of the Financial Transactions and Reports Analysis Centre of Canada Audit of the Passenger Protect Program of Transport Canada Here's the media release that accompanied the tabling of the reports: Audits of major national security programs raise concerns for privacy Excessive reporting of personal information to FINTRAC and potential information technology risks with Canada?s ?no-fly list? are among concerns identified in audits highlighted in the Privacy Commissioner?s annual report on public sector issues...
A look at video surveillance in Halifax
Posted on November 15, 2009The Sunday Chronicle Herald has two articles on the increasing use of video surveillance by police and private organizations in Halifax. They are interesting reading, but what I find most interesting is that this is the first time that I've seen any dicussion of how the police manage the feeds and access to recordings...
Social networks for reference checks
Posted on November 15, 2009I am often asked whether potential employers are legally able to use Facebook or other social networking sites to do background checks on candidates. A recent "update" email from LinkedIn contained the following blurb at the bottom:"DID YOU KNOW you can conduct a more credible and powerful reference check using LinkedIn? Enter the company name and years of employment or the prospective employee to find their colleagues that are also in your network...
Regulators agree on proposed global privacy standards
Posted on November 06, 2009Privacy regulators from around the world, meeting this week in Madrid, have agreed to a framework for international privacy standards. From what I've been able to glean, it would all be consistent with what we currently have in Canada under PIPEDA. AFP: Experts agree on proposed global privacy standards Experts agree on proposed global privacy standards MADRID ? Experts from 50 nations meeting in Madrid have reached a draft agreement on international standards for the protection of privacy and personal data, participants said Friday...
Nova Scotia to probe juror vetting
Posted on November 05, 2009From today's National Post: Nova Scotia launches probe into jury vetting Shannon Kari, National Post Published: Thursday, November 05, 2009 The Public Prosecution Service in Nova Scotia is conducting an internal review into whether or not its Crown attorneys have been conducting improper background checks of potential jurors...
Text of Bill 64, Personal Health Information Act (Nova Scotia) now available
Posted on November 05, 2009The text of Bill 64, the Personal Health Information Act has now been posted on the Nova Scotia Legislature website.
Personal Health Information Act introduced in Nova Scotia
Posted on November 04, 2009The Minister of Health for Nova Scotia has today introduced the Personal Health Information Act in the legislature. I'll have a link to the text of the bill tomorrow, but in the meantime you can read the release: Personal Health Information Legislation Introduced News Releases Government of Nova Scotia Personal Health Information Legislation Introduced Department of Health November 4, 2009 2:46 PM Nova Scotian's personal health information would be better managed under proposed legislation introduced today, Nov...
Privacy Commissioner speaks out on lawful access
Posted on October 30, 2009The Privacy Commissioner of Canada has recently provided parliamentarians with her opinion on the new lawful access bills that are winding their way through the Commons. I have to say I was nodding my head while I read it: Letter to the Standing Committee on Public Safety and National Security regarding the Commissioner's initial analysis on the privacy implications on Bills C-46 and C-47 - October 27, 2009 The Privacy Commissioner of Canada, Jennifer Stoddart, sent the following letter to the Standing Committee on Public Safety and National Security, regarding her initial analysis on the privacy implications on Bills C-46, the Investigative Powers for the 21st Century Act (IP21C), and C-47, the Technical Assistance for Law Enforcement in the 21st Century Act (TALEA) October 27, 2009 Mr...
Privacy Commissioner OKs airport body scanners
Posted on October 30, 2009Apparently the Privacy Commissioner has given the thumbs up body scanners for aviations security: The Canadian Press: Privacy watchdog OKs see-through scanners Privacy watchdog OKs see-through scanners By Jim Bronskill (CP) ? 46 minutes ago OTTAWA ? Airport scanners that see through the clothes of travellers have received the blessing of Canada's privacy czar...
University of Akron may demand DNA from job applicants
Posted on October 29, 2009Wow. All I can say is wow. Want A Job In Akron? Hand Over Your DNA - Taking Liberties - CBS News It's not unusual for employers to conduct criminal background checks during the hiring process. But the University of Akron has taken this to a surprising new level...
Reacting To Lawful Access: Comparing the Conservatives, Liberals, and NDP
Posted on October 29, 2009Check out Michael Geist's post: Michael Geist - Reacting To Lawful Access: Comparing the Conservatives, Liberals, and NDP. The title says it all.
Amendments to PIPA tabled, including breach notification and regulation of export of personal information
Posted on October 28, 2009Yesterday (October 27, 2009), the Alberta Government introduced Bill 54, the Personal Information Protection Amendment Act, 2009. The Bill includes notification requirements for export of personal information to a service provider outside of Canada and breach notification...
The future of privacy on the internet
Posted on October 26, 2009I was honoured to be one of the speakers at the Halifax Internet Town Hall hosted at Dalhousie University this evening, sponsored by the Chebucto Community Net and Dalhousie Student Union. My portion of the proceedings -- surprise -- was about privacy...
Laptop searches at airports infrequent, DHS privacy report says
Posted on October 17, 2009Computerworld is reporting on the first report of the Department of Homeland Security Privacy Office since the changeover to the Obama administration. The report itself is interesting, but perhaps most interesting are the statistics related to the number of searches of laptops at border crossings...
Government declines proposed reforms to access and privacy laws
Posted on October 15, 2009The Minister of Justice has responded to the Standing Committee on Access to Information, Privacy and Ethics' reports on reform to the Privacy Act and the Access to Information Act with a robust "thanks, but no thanks". House of Commons Committees - ETHI (40-2) - Reports and Government Responses Report 11 - The Access to Information Act: First Steps Towards Renewal (Adopted by the Committee on June 15, 2009; Presented to the House on June 18, 2009) Government Response: 11th Report of the Standing Committee on Access to Information, Privacy and Ethics, "The Access to Information Act: First Steps Towards Renewal" (Presented to the House on October 9, 2009) Report 10 - The Privacy Act: First Steps Towards Renewal (Adopted by the Committee on June 8, 2009; Presented to the House on June 12, 2009) Government Response: Tenth Report of the Standing Committee on Access to Information, Privacy and Ethics, "The Privacy Act: First Steps Towards Renewal" (Presented to the House on October 9, 2009) Thanks to Michael Geist for the pointer...
The lawful access debate
Posted on October 14, 2009The Ottawa Citizen has an interesting article on the debate surrounding "lawful access". Check it out: Security vs. privacy. Via Michael Geist.
The debate about warrantless access to ISP customer information
Posted on October 09, 2009Just posted on slaw: The debate about warrantless access to ISP customer information >> Slaw In the privacy community, there has been a debate over whether it is lawful, under PIPEDA, for a custodian of personal information to provide customer information when then police come knocking...
New decision on warrantless access to ISP customer data
Posted on October 08, 2009A friend just provided me with a copy of a recent decision of the Ontario Court of Justice considering the admissibility of information obtained without a warrant from the suspect's internet service provider, Bell. R. v. Cuttell is not on CanLii yet, but I've put a copy here...
Privacy Commissioner releases annual PIPEDA report, focus on online privacy
Posted on October 06, 2009The Privacy Commissioner of Canada has this morning tabled her annual report on PIPEDA, the country's private sector privacy law. Not suprisingly, there is much discussion about online privacy and social networking. Here's the release and a link to the report: News Release: Canadians need to take control of their online personal information: Privacy Commissioner - October 6, 2009 Canadians need to take control of their online personal information: Privacy Commissioner Privacy Commissioner of Canada?s annual report focuses on importance of making informed choices about sharing personal information online...
Ontario Commissioner orders end of juror background checks
Posted on October 06, 2009The Information and Privacy Commissioner of Ontario has ordered crown attorneys to immediately stop performing intrusive background checks on prospective jurors. From the IPC: IPC - Office of the Information and Privacy Commissioner/Ontario Commissioner Cavoukian Orders Crown attorneys to stop collecting personal information on prospective jurors ? Recommends single screening process, in light of widespread back News Release October 5, 2009 Commissioner Cavoukian Orders Crown attorneys to stop collecting personal information on prospective jurors ? Recommends single screening process, in light of widespread background checks Investigation finds one-third of Crown attorney offices engaged in excessive background checks, in a practice that ?should have been put to a stop 16 years ago...
Justice Minister mulls breathalyzer testing for all drivers
Posted on October 05, 2009The CBC News is reporting that the Justice Minister is considering amending Canadian laws to allow for random breathalyzer testing of all drivers, regardless of whether there is any reason to believe that the driver is intoxicated. See: CBC News - Canada - Random breathalyzer tests considered for Canada...
Privacy Commissioner releases study of six social networking sites
Posted on September 27, 2009The Privacy Commissioner of Canada has posted a study of the privacy practices of six social networking sites. The report was written by Jennifer Barrigar and delivered in February 2009. I suppose it took that long to translate into both official languages...
Nova Scotia significantly amends public sector privacy law
Posted on September 25, 2009Nova Scotia has just given the privacy provisions of FOIPOP some teeth with the passage of the Privacy Review Officer Act: New Privacy Act Proclaimed News Releases Government of Nova Scotia Department of Justice September 25, 2009 10:34 AM Personal information will be more secure under the Privacy Review Officer Act that takes effect today, Sept...
Privacy Commissioner to look into pollster's use of gun registry info
Posted on September 25, 2009There is a fuss brewing in some circles about the RCMP hiring a polling firm to survey gun owners about the national firearms registry. The issue is that personal information about gun owners has been transferred to EKOS research. I don't see the problem here, as long as EKOS is trustworthy and there is a robust agreement between the RCMP and EKOS...
Facebook shuts down Beacon marketing tool
Posted on September 23, 2009As part of a settlement of a large class-action lawsuit in California, Facebook has agreed to completely shut down its "Beacon" feature, which connects users' activites outside of Facebook to the users' profiles. See: Facebook shuts down Beacon marketing tool Sympatico...
Guilty plea in TJX and Heartland data breach cases
Posted on September 12, 2009A guilty plea in the massive TJX and Heartland Payment Systems data breaches: Gonzalez pleads guilty to TJX, other data heists - Network World.
CATSA orders invasive body scanners for Canadian airports
Posted on September 11, 2009According to the Edmonton Sun, the Canadian Air Transport Security Authority is ordering seven whole body scanners for use in airports. The scanners are controversial because they result in a "virtual strip search" so that the operator is able to make out the details of the passenger's body and supposedly anything that the person may be hiding under his or her clothes...
Privacy Commissioners call for reconsideration of expanded surveillance powers
Posted on September 10, 2009The federal, provincial and territorial Privacy Commissioners meeting together in St. John's have issued a statement calling for "caution" on the expansion of investigative powers proposed by the conservative government. They issued the following media release, referring to resolutions available on the federal Commissioner's website: Privacy commissioners urge caution on expanded surveillance plan ST...
IPC issues advice on the "circle of care" under PHIPA
Posted on September 02, 2009The Information and Privacy Commissioner of Ontario has released written guidance on the "circle of care" under that province's Personal Health Information Protection Act, entitled Circle of Care: Sharing Personal Health Information for Health-Care Purposes...
Facebook agrees to address Privacy Commissioner?s concerns
Posted on August 27, 2009This just in: News Release: Facebook agrees to address Privacy Commissioner?s concerns - August 27, 2009 Privacy Commissioner of Canada satisfied that proposed changes to the social networking site?s privacy practices and policies would bring Facebook into compliance with Canadian law...
Commissioner to reveal result of Facebook negotiations tomorrow
Posted on August 26, 2009Apparently both the Privacy Commissioner of Canada and Facebook intend to hold separate press conferences tomorrow to discuss the outcome of the last month of negotiations between the two about whether Facebook is in compliance with Canadian privacy laws...
Privacy commissioner OKs modified Barwatch program
Posted on August 24, 2009According to the CBC, the Information and Privacy Commissioner of British Columbia has approved a modified version of the BarWatch program. Bars, under BC's Personal Information Protection Act, are allowed to swipe a patron's drivers license or other ID, collecting name, gender, date of birth and a photograph of the patron...
Privacy Commissioner to accept Fracebook's friend request
Posted on August 17, 2009According to the Toronto Star, the Privacy Commissioner is going to accept Facebook's friend request, just on the eve of the deadline to comply with the Commissioner's prevous adverse finding: TheStar.com Canada Facebook, privacy commissioner make friends Susan Delacourt Ottawa Bureau OTTAWA ? Friendship, fittingly, appears to have broken out in the dispute between Canada's privacy commissioner and the Facebook social networking site...
Facebook must satisfy Canada's privacy commissioner by Monday
Posted on August 16, 2009Following the Commissioner's adverse finding against Facebook, the social networking site's deadling to respond is tomorrowf (See: Canadian Privacy Law Blog: Canadian Privacy Commissioner calls on Facebook to improve privacy practices). I don't expect a big response from Facebook, so we'll have to wait to see if the Commissioner takes them to court...
Opinion: Give privacy laws teeth
Posted on August 06, 2009The next in the series of three privacy OpEds in the National Post goes to Phillipa Lawson, formerly of CIPPIC: Give privacy laws teeth Internet use in Canada has had enormous economic and social benefits; individuals and organizations can now broadcast their ideas, promote their businesses and build communities of interest instantly, at minimal cost, worldwide...
Privacy needs to be built into the product
Posted on August 05, 2009Jacob Glick, Canadian policy counsel for Google Inc., has a good OpEd piece in today's National Post. I agree that innovators need to build privacy into their products, not only to manage their own risks but as members of society who have responsibilities for their users...
BC Privacy Commissioner issues license swiping decision
Posted on July 23, 2009Earlier this week, the Information & Privacy Commissioner of British Columbia issued a decision (P09-01) related to the controversial practice of scanning photo IDs of patrons by bars, pubs and night clubs. From the Commissioner's media release: FOR IMMEDIATE RELEASE July 21, 2009 Information and Privacy Commissioner Releases Order on Driver?s Licence Scanning VICTORIA ? Information and Privacy Commissioner David Loukidelis today released Order P09-01, in response to a complaint about the scanning of a bar customer?s driver?s licence...
Canadian Privacy Commissioner calls on Facebook to improve privacy practices
Posted on July 16, 2009The Privacy Commissioner of Canada has determined that Facebook needs to improve its privacy practices to comply with Canadian privacy laws. The Report is here: Commissioner?s Findings - PIPEDA Case Summary #2009-008: Report of Findings: CIPPIC v. Facebook Inc...
Privacy Commissioner to issue Facebook privacy finding tomorrow
Posted on July 15, 2009The Privacy Commissioner of Canada is holding a press conference tomorrow to announce her findings after a complaint against Facebook's privacy practices. The Ottawa Citizen is anticipating that the report will not be favourable to the online social networking service used by over 250 million users...
Trojan software compromises Alberta's electronic health record system
Posted on July 08, 2009This is not good and should have been avoidable: Commissioner urges vigilance in wake of computer virus outbreak at Alberta Health Services July 8, 2009 The Office of the Information and Privacy Commissioner has been notified by Alberta Health Services that a virus was present on the Alberta Health Services network in Edmonton...
Facebook to streamline user privacy controls, raise awareness about dissemination of info
Posted on July 05, 2009Facebook is responding to privacy backlash concerns by introducing a new unified privacy interface and making users more aware of where their posted materials may be broadcast on the service. This stems, in part, from their plans to make users postings available system-wide like Twitter...
British intelligence leader's personal details on Facebook
Posted on July 05, 2009A lesson that just because you're not on Facebook, your friends, acquaintances and spouses may have put your information up there. Or information that may compromise your eligibility to be the head of the British Secret Intelligence Service (aka MI6): MI6 chief blows his cover as wife's Facebook account reveals family holidays, showbiz friends and links to David Irving Mail Online...
One privacy step forward, one back for Facebook
Posted on July 01, 2009One step forward and one step backward for privacy on Facebook ... One Step Back: According to the New York Times (The Day Facebook Changed - Messages to Become Public by Default - NYTimes.com), Facebook "feeds" will become publicly available. This is seen as a step to compete with Twitter...
"Clear" may put customer information up for sale
Posted on June 26, 2009Clear, the for profit company that did pre-screening of travelers so they could breeze through security, recently went out of business. Now there's a suggestion that the personal information they've compiled may be put up for sale. According to the release (below), it would be to a company that would provide a similar business and would be approved by the Transportation Security Administration...
Alberta Commissioner fed up with unencrypted laptops
Posted on June 26, 2009I can just imagine Frank Work's expression of exaperation in uttering the quote attributed to him in the following media release: Level of security on stolen laptops simply not acceptable, says Commissioner June 24, 2009 Level of security on stolen laptops simply not acceptable, says Commissioner Information and Privacy Commissioner Frank Work is perplexed with news that two laptops containing health information stolen from Alberta Health Services (AHS) were not encrypted...
CBA Privacy Section's Privacy Pages for June 2009
Posted on June 23, 2009The Canadian Bar Association's National Privacy and Access Law Section's latest edition of Privacy Pages is now up: Privacy Pages, June 2009. I'd also draw your attention to the call for nominations for the position of Secretary and a number of executive positions for the 2009-2010...
Google's Street View complies with Japan privacy law, regulator says
Posted on June 23, 2009The Japanese Communications Ministry has concluded that Google's Street View complies with Japan's data protection laws provided it continues to blur individual faces. It appears to be a preliminary opinion as more public input is being sought over the coming months...
Information Commissioner abruptly retires
Posted on June 22, 2009This was a bit unexpected. From David Akin, via @michaelgeist: Info Commish Marleau quits - not good for ATI reform - On the Hill.Here's the media release: Ottawa, June 22, 2009 ? Canada's fourth and current Information Commissioner, Robert Marleau, announced today his retirement from public life effective June 29, 2009...
OPC's Spring Privacy Perspectives
Posted on June 22, 2009The Office of the Privacy Commissioner of Canada has just released its spring 2009 edition of Privacy Perspectives, including articles on Stree-level imaging, OPC news and recent case summaries. It's available here.
Bozeman rescinds password requirement for job applicants
Posted on June 21, 2009Further to my previous posting, City in Montana requires job applicants to hand over all social network logins and passwords, the City of Bozeman has faced a huge backlash over its incredibly intrusive policy of requiring job applicants to hand over social networking login information...
Text of digital wiretap Bills now online
Posted on June 19, 2009Further to yesterday's post, Canadian Privacy Law Blog: Lawful access to ISP subscriber information reintroduced, the texts of Bills C-46 and C-47 are now online at the Parliament website: C-46 An Act to amend the Criminal Code, the Competition Act and the Mutual Legal Assistance in Criminal Matters Act aka Investigative Powers for the 21st Century Act...
Lawful access to ISP subscriber information reintroduced
Posted on June 18, 2009The Minister of Justice is having a press conference as I type this, unveiling among other things, "lawful access" to telecommunications customers' idenfitying information without a warrant. Stay tuned for more details. Update Here's the media release from the government: Government Of Canada Introduces Legislation To Fight Crime In The 21st Century Government Of Canada Introduces Legislation To Fight Crime In The 21st Century OTTAWA, June 18, 2009 ? The Honourable Rob Nicholson, P...
Google execs testify about Street View and privacy
Posted on June 18, 2009Yesterday, executives from Google Canada testified to the Parliamentary Standing Committee on Ethics, Privacy and Access to Information about their Street View product and how Google is addressing privacy concerns. Here's some of the media coverage from the Ottawa Citizen, which I'll supplement with the actual testimony when it's posted on the Committee's site: Google ?Street View? amended to allay privacy concerns, executive tells MPs OTTAWA ? Google?s controversial ?Street View? feature won?t infringe on Canadians? privacy rights, the company?s head of Canadian operations said Wednesday in advance of an appearance before a House of Commons committee...
City in Montana requires job applicants to hand over all social network logins and passwords
Posted on June 18, 2009Applying for a job with the city of Bozeman, Montana? Check out what's on the application: "Please list any and all, current personal or business websites, web pages or memberships on any Internet-based chat rooms, social clubs or forums, to include, but not limited to: Facebook, Google, Yahoo, YouTube...
The Hidden Cost of Privacy?
Posted on June 15, 2009Forbes has an interesting article on The Hidden Cost of Privacy which suggests that the costs of complying with privacy laws outweigh the benefits gained. Bruce Schneier has a good counterpoint here: The "hidden cost" of privacy and suggests the following points: Broad privacy regulations are better than narrow ones...
Privacy Act report released by parliamentary committee
Posted on June 12, 2009The Parliamentary Standing Committee on Access to Information, Privacy and Ethics has released its long-awaited report on proposed reforms to the Privacy Act. I appeared before the committee on behalf of the Canadian Bar Association and was pleased to see that many of our recommendations to the Committee are also recommendations made by the Committee to the government...
Press freedom trumps privacy in case of wayward tape
Posted on June 09, 2009I can't comment on this as I represented a party to the proceeding, but this is highly relevant to readers of this blog: Judge dismisses bid for injunction - Nova Scotia News - TheChronicleHerald.ca A judge refused to grant an injunction against The Chronicle Herald on Monday, clearing the way for the newspaper to publish a story on the contents of a digital recorder that a former federal political aide left in an Ottawa washroom this winter...
Federal victims advocate calls for warrantless disclosure of ISP subscriber information
Posted on June 03, 2009The thing speaks for itself: Federal Ombudsman for Victims of Crime Recommends Changes to Address Internet-Facilitated Child Sexual Abuse Federal Ombudsman for Victims of Crime Recommends Changes to Address Internet-Facilitated Child Sexual Abuse OTTAWA (Ontario), June 2, 2009 - The Office of the Federal Ombudsman for Victims of Crime (FOVC) today released its first special report Every Image, Every Child which makes nine recommendations to the federal government on how to address the difficult issue of internet-facilitated child sexual abuse...
Quebec movie theatre ordered to pay $10K in damages for bag search
Posted on May 30, 2009According to CTV News, a Quebec movie theatre is liable for $10,000 in damages when it searched a family's bags (ostensibly for video recording equipment) and exposed the eldest daugther's birth control pills to her unkonwing parents. See: CTV.ca Cinema ordered to pay $10K in damages for search...
Managing privacy in employee relations
Posted on May 28, 2009I was invited to co-chair and present at the Canadian Institute's "Meeting Your Privacy Obligations" conference in Toronto. My presentation was specifically about managing privacy in the workplace, which is below if you're interested. Here's a link if Google Docs aren't giving you due respect: Managing Privacy in Employee Relations I have to say it was one of the best conferences of its kind that I've been to recently...
Halifax police plan to use covert cameras in public places
Posted on May 27, 2009Halifax Police plan to augment their network of surveillance cameras with hidden cameras in public places. Law abiding citizens have nothing to fear, according to the Mayor. Besides, the Mayor says, people are used to being surveilled on private property...
Ann Cavoukian reappointed as Ontario Privacy Commissioner
Posted on May 27, 2009The Information and Privacy Commissioner of Ontario has been reappointed for third term. Here's the media release: IPC - Office of the Information and Privacy Commissioner/Ontario Dr. Cavoukian reappointed as Information and Privacy Commissioner for an unprecedented third term: Blazes the trail with new priorities TORONTO ? Dr...
Government proposes to fingerprint before charges
Posted on May 25, 2009The federal government introduced legislation in Parliament to "modernize" criminal procedure in Canada. What it means, among other things, is that police will get the authority to fingerprint suspects even before charges are laid. Bill C-31 amends the Identification of Criminals Act (but oddly doesn't rename it the Identification of Criminals and People We Don't Have Enough Evidence to Charge Act)...
Ontario Commissioner releases 2008 annual report and prepares for battle with Victoria University
Posted on May 13, 2009The Information and Privacy Commissioner of Ontario has released her 2008 Annual Report, which makes broad recommendations for changes to the laws in Ontario and calls for the adoption of better practices: IPC - Office of the Information and Privacy Commissioner/Ontario Commissioner Cavoukian lays out path for increased privacy protection & accountability ? doing battle with Victoria University Commissioner Cavoukian lays out path for increased privacy protection & accountability ? doing battle with Victoria University TORONTO ? Ontario?s Information and Privacy Commissioner, Dr...
British anti-terror laws lead to searches every three minutes
Posted on May 09, 2009I was stunned to read that British police use new anti-terror powers to stop and search people every three minutes. Section 44 of the Terrorism Act has been used 170,000 to search people in 2008 alone according to the BBC. (See: BBC NEWS | England | London | Capital sees rise in terror stops...
Attorney Can?t Ask 3rd Party to ?Friend? Witness on Facebook, Opinion Says
Posted on May 08, 2009Here's something interesting ... An advisory opinion by the Philadelphia Bar Association says it's unethical to ask a third party to friend someone on Facebook to obtain information about them: Attorney Can?t Ask 3rd Party to ?Friend? Witness on Facebook, Opinion Says ABA Journal - Law News Now Attorney Can?t Ask 3rd Party to ?Friend? Witness on Facebook, Opinion Says Posted May 5, 2009, 07:38 pm CDT By Martha Neil A lawyer who wants to see what a potential witness says to personal contacts on his or her Facebook or MySpace page has one good option, a recent ethics opinion suggests: Ask for access...
Amendments to Alberta liquor legislation to re-permit info collection
Posted on May 05, 2009Presuably to counteract the effects of the Information and Privacy Commissioner's decision that bans siping licenses at bars in the province (Alberta Commissioner forbids license scanning), the Alberta legislature is considering Bill 42 which permits the collection of similar information: Legislative Assembly of Alberta - Bill 42: Gaming and Liquor Amendment Act, 2009 Collection of personal information by licensee 69...
Canadian anti-spam bill introduced
Posted on April 27, 2009The Industry Minister tabled the Electronic Commerce Protection Act (ECPA) in Parliament at the end of last week. Here's the government's press release and backgrounder: Industry Canada Site - Government of Canada Protects Canadians with the Electronic Commerce Protection Act Government of Canada Protects Canadians with the Electronic Commerce Protection Act OTTAWA, April 24, 2009 ? The Honourable Tony Clement, Minister of Industry, today announced that the Government of Canada is delivering on its commitment to protect consumers and businesses from the most dangerous and damaging forms of spam...
Presentation on Twittering Lawyers
Posted on April 18, 2009I was honoured to be invited to the ABA Business Section's spring meeting in Vancouver to give a presentation on Twitter and Lawyers. For those who are interested, here's the presentation: If Google isn't showing you proper respect, here's a PDF of the slides: http://www...
New technology watches the watchers to tell them what they should have watched
Posted on April 14, 2009Or, a new technology that supervises the people who are paid to stare at screens, tracking their eyes to let them know what parts of the screens they've been missing. See: Eyeball spy turns the tables on Big Brother - tech - 14 April 2009 - New Scientist via Boing Boing, which doesn't miss a thing and never needs a newfangled gadget tell it that...
Live from the ABA in Vancouver
Posted on April 13, 2009If you're going to be in Vancouver for the American Bar Association's Business law meeting later this week, drop by my sessions on Thursday from 1:30 - 3:00 to talk about lawyers and social networking and on Saturday from 8:30 - 9:30 for lawyers on twitter...
Next generation in CCTV
Posted on April 12, 2009The New York Times has an interesting piece on developments in CCTV technology. The Digital Window D7 uses a number of compact cameras to piece together a full 180 degree panorama without any distortion. This means that a small camera installation can have a very wide field of view, capturing more than you might think...
Statebook: A place to access your citizens' information
Posted on April 11, 2009The ever vigilant Boing Boing is linking to "Statebook", a spoof site about UK surveillance of citizens. Check it out:
If you want to fly, show us your body or we'll feel you up
Posted on April 09, 2009An interesting review of the increasing intrusiveness of airport security: The expanding invasion of the naked body scanners. - By William Saletan - Slate Magazine.
Mind your trash
Posted on April 09, 2009The Supreme Court of Canada today released its decision in R. v. Patrick, 2009 SCC 17 (CanLII), an important privacy decision. The case considers whether it is an unreasonable invasion of privacy for the police to rummage through your trash without a warrant...
Lessons From the Identity Trail
Posted on April 09, 2009Ian Kerr and Val Steeves have been heading up "On the Identity Trail" (research on privacy and identity in the networked world) for the last few years and are launching a book by Oxford University Press. But it's available online under a CC license. Read on: On the Identity Trail - Lessons From the Identity Trail Book Launch...
European internet firms must start logging communications as of today
Posted on April 06, 2009As of today, all internet service providers in Europe are required by law to retain information about every e-mail and VOIP call made by their users thanks to the European Data Retention Directive. BBC NEWS Technology Net firms start storing user data Details of user e-mails and net phone calls will be stored by internet service providers (ISPs) from Monday under an EU directive...
Cheating husband caught on Google Street View
Posted on April 01, 2009The Sun in the UK is reporting that a cheating husband has been caught by his curious wife after she checked out a friend's house on Google Street View and noticed her husband's Range Rover parked in front of the house. She says he was supposed to be away on business at the time, which seems a bit hard to understand as the time the photos are taken aren't published by Google...
EU to warn internet companies about consumer profiling
Posted on March 31, 2009According to the New York Times, European consumer affairs regulators plan to go after internet companies for privacy practices, particularly the profiling and targeting of consumers. See: E.U. Warns Internet Companies on User Privacy - NYTimes.com.
Hospital staff fired for peeks at Nadya Suleman's files
Posted on March 31, 2009The LA Times' blog "Dish Rag" is reporting that fifteen employees of Kaiser Permanente have been fired and eight disciplined for looking at the medical records of Nadya Suleman (aka the Octomom). Hospital staff fired for peeks at Nadya Suleman's files The Dish Rag Los Angeles Times...
Schneier: It's Time to Drop the 'Expectation of Privacy' Test
Posted on March 27, 2009In a Wired column, Bruce Schneier hits the nail on the head by calling for the end of the "expectation of privacy test". To put it simply: "The problem is, in today's information society, that definition test will rapidly leave us with no privacy at all...
Alberta court upholds Commissioner's order against licence scanning at bar
Posted on March 26, 2009According to the CBC, an Alberta court has upheld Information and Privacy Commissioner Frank Work's order that prohibited the wholesale scanning of drivers licenses at a nightclub. See: Court upholds privacy ruling against nightclub scanning IDs.
Saskatchewan abandons RFID licence scheme
Posted on March 26, 2009Apparently Saskatchewan is planning to abandon using embedded RFIDs in licenses that can be read up to thirty feet away, while Ontario is trying to find a solution that allows individuals to turn off the broadcast of personal information. See: Saskatchewan cancels RFID licences while Ontario looks for off-switch...
Google Street View's privacy enhancing technology?
Posted on March 25, 2009With Google's recent launch of Street View in Europe and imminent photographing of Canadian cities, I thought I'd do some quick looking around at how effective their "face blurring" technology may be. It only took one minute of wandering around London and I was able to see where it might fall off the rails...
Commissioner taking Air Canada to court over customer access to info
Posted on March 24, 2009According to CanWest, the Privacy Commissioner is taking Air Canada to court over access to customer information that the airline claims is covered by solicitor-client privilege: Air Canada sued over passenger info case OTTAWA ? Canada's privacy commissioner is taking Air Canada to court to compel the airline to release records involving a so-called "unruly" customer, arguing passengers should be able to know the information air carriers are collecting about them...
Google Street View coming to Canada
Posted on March 24, 2009Google Street View is coming to Canada. According to Google, the camera cars are going to be hitting the streets in major Canadian cities any time soon. They plan to blur faces and license plates and, one can infer, they think this is enough to deal with privacy issues here...
Google forced to black out hundreds of UK Street View photos after privacy protests
Posted on March 22, 2009Google Street View went live in the UK last week. Despite the prevalence of surveillance in Britain, complaints have rolled in and Google has taken down hundreds of pictures. See: Google forced to black out hundreds of Street View photos after privacy protests - but site gets record hits Mail Online...
Geist on privacy rights buried in the fine print
Posted on March 17, 2009Michael Geist's most recent Toronto Star Column addresses the fine print in ISP customer agreements that purport to permit the ISP to hand customer names and addresses to the police without a warrant. Read Michael's column: Michael Geist - Canadian Privacy Rights Buried in the Fine Print Appeared in the Toronto Star on March 16, 2009 as Canadian Privacy Rights Buried in the Fine Print Scott McNealy, the former CEO of Sun Microsystems, has achieved considerable notoriety for having warned Internet users ten years ago that "you have no privacy, get over it...
AdSense webmasters told to update privacy policies
Posted on March 14, 2009Google has just sent webmasters who use Google's AdSense a notice suggesting that privacy policies need to be updated because the ad service is going to be much more targeted. Here's what landed in my inbox:Hi, We're writing to let you know about the upcoming launch of interest-based advertising, which will require you to review and make any necessary changes to your site's privacy policies...
Ontario commissioner calls for "privacy filters" on whole-body scanners
Posted on March 12, 2009The Information and Privacy Commissioner of Ontario is calling for implementing privacy filters to mitigate part of the damage to privacy caused by whole body scanners that are appearing soon in an airport near you. IPC - Office of the Information and Privacy Commissioner/Ontario Whats New Summary Whole Body Imaging (WBI) technologies ? which have been described in the media as ?naked scanners? ? raise significant privacy concerns that must to be addressed, says Ontario?s Information and Privacy Commissioner, Dr...
Chicago Links Street Cameras to Its 911 Network
Posted on March 06, 2009In this story from the New York Times, the headline says it all: Chicago Links Street Cameras to Its 911 Network - NYTimes.comCHICAGO ? At first glance, Chicago?s latest crime-fighting strategy seems to be plucked from a Hollywood screenplay. Someone sees a thief dipping into a Salvation Army kettle in a crowd of shoppers on State Street and dials 911 from a cellphone...
Google wins Street View privacy suit
Posted on February 18, 2009I blogged a while ago about a lawsuit brought against Google by the Boring family, alleging that Google's Street View was an invasion of their privacy by showing images of the Borings' house. (Google moves to have lawsuit thrown out, arguing complete privacy does not exist , Boring lawsuit over Google's "Street View" )...
R. v. Wilson: Police get warrantless access to Sympatico customer's data
Posted on February 18, 2009I blogged earlier this week about a decision from the Ontario Superior Court of Justice that held that Bell Sympatico customers do not have a reasonable expectation of privacy when the police come knocking for the name and address behind an IP address...
Another Canadian privacy voice: Brian Bowman On the Cutting Edge
Posted on February 18, 2009I've just discovered that Brian Bowman of Pitblado LLP has a blog. Brian's not only a great guy, but a heck of a privacy lawyer. Watch his blog: Brian Bowman - On the Cutting Edge.
Extreme data disposal
Posted on February 17, 2009If you're serious about data destruction, Lifehacker has some interesting how-to videos: Video: Hard Drive Disposal with Extreme Prejudice.
Police get warrantless access to Sympatico customer's data
Posted on February 13, 2009Another case from Ontario about police getting warrantless access to personal information from an internet service provider, in this case Bell Sympatico. For previous cases, see this link. The justification is based on a particular reading of Section 7 of PIPEDA, and Bell Canada deciding it should hand over the information...
Lawful access rears its head again
Posted on February 13, 2009Here we go again .... the government is preparing a new "lawful access" law. The media coverage seems to suggest that it covers both eavesdropping of internet based communications (with a warrant) and obtaining subscriber data (without a warrant). globeandmail...
UK pub required to install CCTV to get police approval for liquor license
Posted on February 10, 2009A little over a year ago, I blogged about a Halifax bar that had its suspended liquor license back by promising to provide the cops and liquor inspectors with off-site access to expanded surveillance in the bar. (See: Canadian Privacy Law Blog: Halifax bar gets liquor license back on condition that cops have off-site access to surveillance system...
European court rules that photo without consent is breach of privacy and human rights
Posted on February 08, 2009The European Court of Human Rights has ruled that taking a person's photograph (even if not for publication or commercial use) violates that person's human rights. The case stems from a photograph taken of a newborn baby in a Greek hospital by a company that was hired by the hospital to take such photos...
10 Privacy Settings Every Facebook User Should Know
Posted on February 07, 2009The title says it all. If you use Facebook, you should read this: 10 Privacy Settings Every Facebook User Should Know. And act on it.
4th Annual Payment Card Compliance In Canada
Posted on February 06, 2009I had the pleasure of speaking this morning at the Canadian Institutes 4th Annual Payment Card Compliance In Canada. I was on a panel with Art Dunfee, Director General of Investigations and Inquiries at the Office of the Privacy Commissioner of Canada and Sandy Stephens, Senior Manager, Legal CounselCapital One Canada...
Tell your friends (and Google) where you are
Posted on February 04, 2009Google has just launced "Latitude", which uses the GPS on your smartphone to share your location with your friends. Though it looks very customizable from a privacy perspective, you will always need to remember that Google will know where you are at all times...
Cross-border laptop searches: the view from Canada
Posted on February 03, 2009I had the opportunity this morning to speak at the Ontario Bar Association's annual CLE extravaganza on the topic of cross border laptop searches. I was joined by David P Sanders of Williams Mullen in Washington, DC. For those who may be interested, here is my presentation that was given at the session: The ultimate conclusion is that Canadian border authorities have similar powers to search your laptop when you cross into Canada...
Time for a privacy check-up
Posted on January 28, 2009Today's Halifax Chronicle Herald has an opinion piece by Bob Doherty, the former head of privacy and access with the Nova Scotia Department of Justice: Time for a privacy check-up - Nova Scotia News - TheChronicleHerald.ca Time for a privacy check-up Laws need to be understandable, consistentBy BOB DOHERTY Wed...
Happy data privacy day!
Posted on January 27, 2009Happy Data Privacy Day! Tomorrow is data privacy day and there are a range of events taking place all over the world. I'll be at a lunch today at Dalhousie (Data Protection Day) and then in St. John's tomorrow at Memorial University (Information Access and Privacy Protection Data Privacy Day)...
Telling community stories with Street View
Posted on January 26, 2009Here's a nice departure from the usual privacy complaining about Google's Street View. The concept is simple: turn Google Street View into a community event. Its execution was perfect. I'll let the authors describe it: STREET WITH A VIEW: a project by Robin Hewlett & Ben Kinsley Street With A View introduces fiction, both subtle and spectacular, into the doppelganger world of Google Street View...
Heartland data breach could be bigger than TJX's
Posted on January 20, 2009Heartland Payment Systems has announced that it suffered a significant data breach last year after it was discovered that hackers had installed software on their systems to capture credit card information. The firm apparenly processes over 100 Million tranactions a month, leading to speculation that this may dwarf the 2007 TJX breach...
Alberta pawnshop owner loses privacy battle
Posted on January 13, 2009According to the Edmonton Journal, an Edmonton pawnshop owner who has been waging a battle against the mandatory uploading of personal information of those who pawn items to a central database has lost his battle, at least in the Court of Queen's Bench...
A rare peek at Homeland Security's files on travelers
Posted on January 11, 2009In case you were wondering how much information the Department of Homeland Security keeps on travelers in the United States, look no further: A rare peek at Homeland Security's files on travelers - This Just In - Budget Travel. Via Gadling.
New system takes ID swiping to a new level
Posted on January 07, 2009I've written on this blog before about the practice of swiping drivers' licenses and other IDs at bars. The Omega--an independent student newspaper from Thompson River University--is reporting about a company that takes it to a new level by photographing all bar patrons:Big brother at the bar? - Cactus Jacks implements new way to screen attendees ?We have a new monitoring system called Treoscope that everyone that comes into the pub must go through,? said Cactus Jack?s manager Pete Backus...
Privacy in public
Posted on January 07, 2009According to Yahoo! News, a Wisconsin court has held that a person who is voluntarily naked in front of others still has a reasonable expecation not to be videotaped. (See: Wis. court: Nude people still have privacy rights - Yahoo! News.) Unusual case but make sense to me...
CBSA opens lawyer's mail
Posted on January 05, 2009Cyndee Cherniak, at Trade Lawyers Blog, reports on receiving a peice of mail addressed to her -- clearly a lawyer -- that had been opened and "inspected" by the Canada Border Services Agency. She is understandably angry. See: BEWARE - Canada Border Services Agency WILL Read Lawyer's Mail...
Log retention initiatives
Posted on January 02, 2009Just posted on Slaw: Slaw: Log retention initiatives I wrote two weeks ago about privacy issues related to the log files that are created and retained by internet companies. The moral of that story was that there is a significant amount of information that is collected in these logs and when they are retained and collated, they can reveal a lot of personal information...
The Canadian Privacy Law Blog is Five!
Posted on January 02, 2009Five years ago, on January 2, 2004, a new age of privacy was creeping across Canada and this blog was born. The day before, at the stroke of midnight, the Personal Information Protection and Electronic Documents Act (Canada) had come fully into force...
A Christmas story from the Commissioners
Posted on December 15, 2008T'was just weeks before Christmas T?was just weeks before Christmas, and all through the land privacy commissioners were taking a stand. While shoppers were lined up to purchase their treasures, The commissioners were urging them to take privacy measures...
Canada's Privacy Commissioner Launches 6th Annual Privacy Research Contributions Program
Posted on December 02, 2008The Commissioner has launched the sixth year of the research contributions program. From the Government of Canada website: Canada's Privacy Commissioner Launches 6th Annual Privacy Research Contributions Program Ottawa, December 1, 2008 ? The Office of the Privacy Commissioner of Canada (OPC) today announced the launch of the 2009-2010 privacy research Contributions Program...
Slaw Makes the ABA?s Top 100 List of Legal Blogs
Posted on December 02, 2008Congratulations to Slaw, the Canadian collaborative weblog of all things legal on being named to the American Bar Association's Top 100 list of blogs. Very cool. See: Slaw: Slaw Makes the ABA?s Top 100 List.
Collection of Driver?s Licence Numbers Under Private Sector Privacy Legislation
Posted on December 02, 2008The Canadian, Alberta and British Columbia Privacy Commissioners have today jointly released a guidance document on the collection of drivers' license information by retailers. It's here: Collection of Driver?s Licence Numbers Under Private Sector Privacy Legislation - Privacy Commissioner of Canada...
Paris to dramatically boost surveillance cameras
Posted on October 22, 2008Paris plans to try to bridge the gap between London's thousands of CCTV cameras and the city of lights' paltry 330 surveillance cameras linked to the police. It's an initiative dubbed "A Thousand Cameras for Paris." But in an effort to out-do London, the French plan to deploy spy drones to keep an eye on evil-doers...
Ontario Commissioner speaks out about RFID licenses
Posted on October 21, 2008The Information and Privacy Commissioner of Ontario is speaking out about the proposed new ehanced drivers license, which is planning to use an RFID chip: New ID card threatens our privacy Canada News Toronto Sun.
CCTV walk in Halifax
Posted on October 20, 2008This past Saturday I found myself with an hour to kill downtown. I had my camera with me and my GPS-equipped blackberry, so I decided to do a quick inventory of surveillance cameras. I only took photos of cameras that are in public spaces or were pointed at public spaces...
The British Government plans to step in to the abyss with massive telecom database
Posted on October 16, 2008The Independent is reporting that the British government is planning to announce a 1 BILLION POUND project that would involve the creation of a database to log every e-mail, telephone call and website click and retain the information for one year. The project seems to be universally panned: the independent reviewer of UK anti-terrorism laws says "as a raw idea it is awful"...
Web 2.0 and online evidence
Posted on October 15, 2008Chris Pierre of the Evince Blog and I recently had an interesting discussion about privacy and investigations that garner evidence from the internet. You can check it out here: The Evince Blog » Blog Archive » Picture and Video Evidence Found on the Web...
British Colubmbia bridge implements plate-based tolling
Posted on October 13, 2008The Golen Ears Bridge in British Columbia is the first toll highway/bridge in Western Canada to follow the lead of Toronto's 407 ETR to implement electronic tolling using plate identification. Spokespeople are attempting to soothe privacy fears, but I'm not sure it goes far enough: Vehicles crossing Golden Ears Bridge will be tracked, TransLink says ...
National Do Not Call List comes online (and goes offline)
Posted on September 30, 2008Today is the first day for consumers to add themselves to the Canadian Do Not Call List (https://www.lnnte-dncl.gc.ca/) but the online system has been overwhelmed with people looking to get added to the list. If you want more info on the national DNCL, you can check out some past posts and these resources: Canadian Do Not Call List - Wikipedia, the free encyclopedia; C-37, amending the Telecommunciations Act permitting the Do Not Call List; National Do Not Call List (DNCL) info from the CRTCUnsolicited Telecommunications Rules and Amendment to the Unsolicited Telecommunications Rules; And if you're inclined to tell telemarketers not to call you, you should also take advantage of iOptOut, which also appears to be down...
Unsurprising expansion of UK surveillance project
Posted on September 28, 2008A system designed to track motorists in the UK is being expanded to collect fifty million automobile movement records for five years, instead of the already intrusive two years originally announced. Alread pervasive CCTV cameras are being upgraded to capture license plates, adding to what is being said to be the largest oracle database in Europe...
More from Ontario courts on warrantless ISP disclosures
Posted on September 24, 2008This recent case was brought to my attention today: R. v. Ward, 2008 ONCJ 355 (CanLII). The decision is a ruling on a charter motion on whether evidence in a child pornography investigation should be admissible after the police obtained the identity of an internet user from an ISP without a warrant...
Sarah Palin's personal/semi-official e-mail account hacked
Posted on September 18, 2008Here's an interesting intersection of privacy and access to information. There's been some buzz on the internets suggesting that Republican VP nominee Sarah Palin has been using personal e-mail accounts to thwart freedom of information legislation. But in the past days, someone has hacked into her Yahoo! mail account (gov...
US government tips on avoiding prying eyes of foreign governments
Posted on September 13, 2008The US Department of Homeland Security is warning government types travelling internationally that their electronic devices may be subject to seizure or intereception. Oh noes! Imagine such a threat to privacy and security! Thank goodness they've provided some tips on how to avoid the prying eyes of oppressive governments...
Globe series on privacy and social networking
Posted on September 13, 2008The Globe & Mail is running a series on privacy and social networking sites, particularly Facebook. I'm not sure that readers of this blog will be shocked at what's posted online but it's still an interesting read: Friday, September 12, 2008: Faceless no more: Social networking comes with a price Saturday, September 13, 2008: The not-so-private price paid for social networking On Monday, look for Part 2 of the series in Report on Business: Matt Hartley looks at how social networks have affected consumer privacy and reports on the federal privacy commissioner's plans to safeguard consumer information...
Your privacy, your responsibility says Ontario Privacy Commissioner
Posted on September 12, 2008ITBusiness has an interesting article on the collaboration between the Ontario Privacy Commissioner and Facebook, including a video interview with the commissioner: Your privacy, your responsibility says Ontario Privacy Commissioner.
Nova Scotia introduces and then drops intrusive licence renewal form
Posted on September 10, 2008Earlier today, the Nova Scotia government came under fire for introducing a new form for driver's licence renewals that asked applicants to say whether they had any kind of mental illness. (Critics: Don?t tie driver?s licence renewal to psychiatric history) Too much information, I say...
Google reduces log retention times
Posted on September 09, 2008Google has just announced that they are cutting their log retention period in half: from 18 monts to 9 months. From the Official Google Blog: Official Google Blog: Another step to protect user privacy Today, we're announcing a new logs retention policy: we'll anonymize IP addresses on our server logs after 9 months...
PIPEDA self-assessment tool
Posted on September 03, 2008Just in time for Privacy Awareness Week (last week), the Privacy Commissioner has released a PIPEDA Self-Assessment Tool which is worth checking out.Here's some backgound and further info from the Commissioner's website: News Release: Canada celebrates Privacy Awareness Week by helping businesses improve privacy practices (August 27, 2008) - Privacy Commissioner of Canada Canada celebrates Privacy Awareness Week by helping businesses improve privacy practices Ottawa, August 27, 2008 ?The Office of the Privacy Commissioner of Canada (OPC) today launched a new tool to help businesses evaluate their privacy practices and compliance with Canada?s private sector privacy law...
Mass surrender of online privacy
Posted on September 02, 2008One of the most interesting phenomena (at least to me) is that privacy is not only being taken away on a number of fronts, the wider front is the mass surrender of privacy by the millions of people who put loads of personal data online. Some people may think it's ironic that I'm on Facebook or Flickr, but I'm pretty mindful of what I put online and who is my "friend"...
Newly noticed: Photo Attorney
Posted on August 31, 2008After a very long hiatus, I've been reinfected with the photography bug thanks to acquiring a new digital SLR (some of my recent work is at http://www.privacylawyer.ca/photo or can be found on Flickr here (RSS)). And of course, everything has to do with privacy and civil liberties, so I've also become quite interested in the recent "war against photography" (examples here, here, here and here)...
Future of Privacy in Scientific American
Posted on August 28, 2008I hope to have the time this weekend to make my way through the incredible variety of privacy-related articles in the most recent Scientific American. Thanks to Library Boy for pointing to this, which I surely would have missed had it not been for his link...
Privacy? We Got Over It.
Posted on August 26, 2008Yesterday's Wall Street Journal had an interesting Op/Ed on privacy, highlighting contemporary expectations of privacy. Information Age - WSJ.com Privacy? We Got Over It. August 25, 2008; Page A11 In 1988, Congress banned video stores from disclosing the titles of films that people rent...
CBA urges Government to reform Privacy Act
Posted on August 18, 2008I am currently in Quebec City attending the Canadian Bar Association's annual Canadian Legal Conference. On behalf of the CBA's National Privacy and Access Law Section, I had the honour of presenting a resolution to the National Council calling for reforms to the Privacy Act...
Commissioner launches her "Legal Corner"
Posted on August 17, 2008The Federal Privacy Commissioner has launched on her website a "Legal Corner" which contains a wide range of resources that will be of interest to practitioners in the area of privacy law. See: http://www.privcom.gc.ca/leg_c/index_e.asp.
Supposedly secure ePassports easily cloned
Posted on August 07, 2008Cynics, who may say that "chipped" passports are more about control than security, may point to articles like this one to support their position: ?Fakeproof? e-passport is cloned in minutes - Times Online New microchipped passports designed to be foolproof against identity theft can be cloned and manipulated in minutes and accepted as genuine by the computer software recommended for use at international airports...
New pain at the pump: Card skimming
Posted on August 06, 2008Gas stations and convenience stores are probably among the most reported locales for card skimming, in which debit and credit cards are double-swiped and PINs are observed to commit fraud. Since my own debit card was skimmed a few weeks ago (Canadian Privacy Law Blog: Cloned!), I've stopped paying for gas inside and opting to pay at the pump where I am sure that my card does not leave my hands...
Student complains about Kiwi can cam
Posted on August 06, 2008Sorry about the headline. I thought I could do beter than the one written by Stuff.co.nz. I have reported on toilet cams on this site in the past, but all of those I've heard about installed by businesses have ended up to be fakes. That is until this report from New Zealand where a drunk student was roughed up by bouncers who were covertly watching him rip down a poster above the urinal...
Who do our privacy laws protect?
Posted on August 06, 2008I was intereviewed by a New Brunswick journalist last week who was writing an article on how privacy laws can be used in a knee-jerk way to limit access to government information. The article, I expect, is a reaction to a number of stories out of NB where reporters were given the excuse of privacy laws to limit their access to information about potential high-risk offenders, the investigation of a motor vehicle accident that claimed a number of lives and public sector salaries...
Charges following TJX breach investigation
Posted on August 05, 2008The New York Times is reporting that 11 people have been charged in connection with the massive data breach that dominated the headlines for months after January 2007: 11 Charged in Theft of 40 Million Card Numbers - NYTimes.com ...The charges focus on three people from the United States, three from the Ukraine, two from China, one from Estonia and one from Belarus...
OT: Now appearing on slaw.ca
Posted on August 03, 2008I've been invited to be a regular contributor on Slaw.ca (the Canadian cooperative weblog on things legal), which is a great opportunity to write about things other than privacy. I'll be posting there on Fridays. My initial contribution is the first of a series on contentment in the practice of law...
SCC to hear case about privacy in garbage
Posted on August 03, 2008Dan Michaluk reports in All About Information that the SCS is getting ready to hear a case from Alberta about reasonable expectation of privacy in garbage. See: One to Watch - Garbage case ready for hearing at SCC « All About Information.
Nomadic laptops can expect the rubber glove treatment
Posted on August 01, 2008There's been a bit of a buzz lately about laptop inspections by the Department of Homeland Security (Crossing the border? Consider the possibility of laptop searches, Hands off my laptop, Your papers and laptops, please?, US Customs confiscating laptops)...
Google moves to have lawsuit thrown out, arguing complete privacy does not exist
Posted on July 31, 2008In the "Street View" lawsuit with the Borings (see: Boring lawsuit over Google's "Street View"), Google has filed a motion to have the suit dismissed. Google argues that in the 21st century, complete privacy does not exist. The Smoking Gun has Google's motion here: Google: "Complete Privacy Does Not Exist" - July 30, 2008
Nova Scotia begins consultation on Personal Health Information legislation
Posted on July 31, 2008The Province of Nova Scotia has for some time been consulting with inside stakeholders on the development of health information legislation. It has just launched a consultation, seeking input from interested parties. I haven't had a chance to look at the discussion paper yet, but I understand they've been using Ontario's PHIPA as the model: Personal Health Information Legislation for Nova Scotia Department of Health Government of Nova Scotia For the past several years the Department of Health has been working with health sector partners on initiatives related to the protection and use of personal health information...
PIPEDA Finding: Residental property appraisal is the owner's personal information
Posted on July 29, 2008It's been a while since we've seen a published PIPEDA finding that wasn't from a high-profile case. In this case, a bank refused to provide a customer with access to the appraisal conducted by the bank of the customer's property. The bank argued it was about the property and not about him...
Michigan seeks private sponsors for police surveillance cameras
Posted on July 29, 2008Apparently the municipality of Flint, Michigan is looking for businesses to pony up $30,000 each to sponsor one of 14 surveillance cameras. See: Michigan City Wants Sponsors for Police Cameras: Top News Stories at Officer.com. Sponsors get to have their logo affixed to the device, along with a police crest and a blue light...
Mosley's privacy win in English courts
Posted on July 25, 2008It's a busy week for privacy cases in the English courts. The media has widely reported on the case of Max Mosley, the Grand Prix boss, who has successfully sued the News of the World. The publication placed a hidden camera in a private residence and filmed Mosley in an intimate encounter...
English case looks under the hood of Facebook in privacy case
Posted on July 24, 2008A colleague just brought to my attention a case handed down yesterday by the High Court of Justice (Queen's Bench Division) of England & Wales: Applause Store Productions Ltd. & Anor v Raphael [2008] EWHC 1781 (QB) (24 July 2008). The case relates to the misuse of private information and defamation...
ALA calls for a privacy revolution
Posted on July 23, 2008At the end of June, I blogged about a new initiative by the American Library Association calling for a "privacy revolution" (Canadian Privacy Law Blog: "If you need privacy, you should get your own computer."). The initiative now has its own website and an interesting concept paper...
Canadian IT Law Association annual conference
Posted on July 23, 2008The Canadian IT Law Association's annual conference is in Halifax this year. In addition to famous Maritime hospitality, attendees can expect to learn the latest in IT, IP and privacy law. The brochure is online here.It should be great, and I'm not just saying that because I'm the conference co-chair...
Airport kiosks suspected in fraud probe
Posted on July 23, 2008This morning's Globe & Mail ran a story about an apparent connection between a rash of credit card fraud and the check-in kiosks at Toronto's Pearson International Airport. The Airport Authority has said they've checked them out and think all is well: WestJet suspends credit-card kiosk check-ins amid fraud probe ...
A promise like that would require lawyers, money, and probably guns
Posted on July 21, 2008This is brilliant: FAQs about Mailinator What is Mailinator's official privacy policy? The official policy is something like: At Mailinator, THERE IS NONE. Expect that any email you send or have sent here can be viewed by anyone. Mailinator/ManyBrain does NOT ask, require or even want any of your personal information...
Federal Commissioner funds research into surveillance in Canada
Posted on July 20, 2008As part of its contributions program (Contributions Program 2008-2009 - Backgrounder - Privacy Commissioner of Canada), the Ofice of the Privacy Commissioner of Canada is funding a project to look into surveillence in Canada: Organization: Queen?s University ?The Surveillance Project, Department of Sociology Location: Ontario Funding amount: $50,000 Project title: Camera Surveillance in Canada: Current Trends Project description: There is a surprising lack of Canadian research to date on the development of camera surveillance, and the proliferation of surveillance cameras in Canada is occurring without enough oversight or public debate...
Privacy dilemma illustrated in Vermont library
Posted on July 20, 2008The local Halifax paper is running an AP story about the tough choices that custodians of personal information are sometimes called upon to make. After a young girl went missing, the police showed up at the public library demanding to take the public access computers that the girl had apparently used to communicate on MySpace...
Supreme Court rules on Privacy Commissioner's power to review privileged documents
Posted on July 17, 2008The Supreme Court of Canada has just handed down its decision in Canada (Privacy Commissioner) v. Blood Tribe Department of Health, which was a question of whether the Privacy Commissioner could review documents to determine whether claims of privilege have been properly applied...
Google and Viacom agree to protect user privacy
Posted on July 16, 2008When the order was made that Google provide Viacom with its raw user logs (a move which significantly compromised user privacy), I wrote that the court could have ordered that the information be anonymised. (Canadian Privacy Law Blog: Commentary on the YouTube / Viacom order) I don't think I can take any credit for this next move, but I'm sure the loud outcry has had an influence: Google and Viacom have agreed to anonymise the data using a one-way function so that the actual IP addresses cannot be reverse-engineered and Viacom has agreed to not even try...
Ask the privacy lawyer: Data in transit outside of Canada
Posted on July 15, 2008I received the following question the other day: In terms of personal data that was captured by a healthcare company while a patient in Canada, and relayed to another city in Canada for analysis, further use, etc., does that patient data have to remain in Canada ? or is it allowed to traverse the US border at any time during its journey across the continent ? My concern is that communication networks don't seem to be restricted to intra-Canada operation or due to congestion or failure, most have to use large data highways that may cross over into the United States...
Privacy protections disappear with a judge's order
Posted on July 11, 2008More commentary on the Viacom v. Google/YouTube case, this time from MIT's Technology review: Technology Review: Privacy protections disappear with a judge's order Privacy protections disappear with a judge's order By Associated Press NEW YORK (AP) _ Credit card companies know what you've bought...
Edmonton addresses perception of public safety with surveillance cameras
Posted on July 10, 2008The police in Edmonton, Alberta are proposing to place surveillance cameras on the city's popular strip. Frank Work, the Information and Privacy Commissioner of Alberta is not impressed. And in case you were wondering if this is about perceptions, here you have it directly from Sgt...
Judge Protects YouTube's Source Code, Throws Users To The Wolves
Posted on July 10, 2008It is not often that a columnist for a major national newpaper calls a federal court judge a moron, but that's just what Michael Arrington on the Washtington Post website calls Judge Stanton, referring to Viacom v. Google/YouTube. See: Judge Protects YouTube's Source Code, Throws Users To The Wolves - washingtonpost...
Ontario Commissioner calls on Google to appeal Viacom / Youtube ruling
Posted on July 10, 2008Hot off the presses: The Information and Privacy Commissioner of Ontario has written to Google calling for Google to appeal the recent Viacom v. Google disclosure order:CNW Group OFFICE OF THE INFORMATION AND PRIVACY COMMISSIONER/ONTARIO Privacy Commissioner Ann Cavoukian urges Google to appeal YouTube ruling Privacy Commissioner Ann Cavoukian urges Google to appeal YouTube ruling TORONTO, July 10 /CNW/ - Ontario Information and Privacy Commissioner Ann Cavoukian is urging Google to appeal the recent ruling of U...
Commentary on the YouTube / Viacom order
Posted on July 08, 2008I had the chance yesterday to read the decision in Viacom International v. YouTube (previously: Canadian Privacy Law Blog: Judge orders that YouTube hand over viewer records). The request and the order are appalling from a privacy point of view, in my humble opinion...
UK Commissioner calls for complete overhaul of European DP laws
Posted on July 07, 2008The UK Information Commissioner is calling for a complete overhaul of privacy/data protection in Europe. Think-tank RAND Europe has been commissioned to review the whole state of affairs and report back in April 2009. Watch this space for the results ...
Keep your friends close, but your laptop closer ... Especially in airports
Posted on July 05, 2008According to a recent study conducted by the Ponemon Institute, 10,000 laptops are lost/stolen each week in US airports. While the commentary on this study talks about confidential business information, I am confident that the majoriy of these laptops also contain personal information...
Saskatchewan Commissioner releases annual report
Posted on July 03, 2008The Information and Privacy Commissioner of Saskatchewan, Gary Dickson QC, has released his annual report today. Here is the "Quick Overview": A Quick Overview This is my fifth Annual Report as Saskatchewan?s first full-time Commissioner. Some good progress has been achieved in terms of access to information and privacy compliance in a number of areas...
Judge orders that YouTube hand over viewer records
Posted on July 03, 2008This is some pretty scary stuff. Not only has Viacom (shame on Viacom) demanded that Google hand over the records of all users who viewed certain YouTube videos (yup, viewed not uploaded) but a Judge has actually ordered this. Perhaps not surprisingly, Google's argument that IP addresses are not personal information has been used against its arguments that handing over this information would be unduly intrusive of personal privacy...
Most Canadians resist sharing personal details with stores: Poll
Posted on July 02, 2008When I give presentations on Canadian privacy law, the number one question I get -- without exception -- is whether a retailer can ask for your phone number or postal code at the point of sale. Sometimes I'm asked about asking for ID when making returns...
Stop watching us watching you!
Posted on June 29, 2008Slate always has a good selection of editorial cartoons here. This one's pretty good ...
Cross-border movement of personal health information
Posted on June 29, 2008Earlier this week, I co-chaired Insight Information's conference on electronic health records here in Halifax. I was very pleased to see a lot of expertise in privacy developing in Atlantic Canada, which is necessary as Nova Scotia, New Brunswick and Newfoundland move towards developing and implementing health privacy laws and as electronic health record projects are driving forward...
Marina Hyde: This surveillance onslaught is draconian and creepy
Posted on June 28, 2008Because actions speak louder than words, one can easily assume that the British populace is completely passive and accepting of the explosion of CCTV surveillance throughout the green and pleasant lands of England. There is some dissent. Witness: Marina Hyde who has an interesting opinion piece in The Guardian...
US and Europe closer to information sharing pact
Posted on June 28, 2008For over a year now, the United States and the European Union have been negotiating an arrangement so that US law enforcement and national security organizations can have easier access to data in Europe and about Europeans. The New York Times is reporting that that the two parties are closer to an arrangement that would permit trolling through personal information for suspicious activities, such as the review of SWIFT data that the American government undertook as the data was resident in the United States...
CCTV can cut both ways
Posted on June 28, 2008Sometimes CCTV can prove that someone is innocent. And that the cops framed them. wcbstv.com - Undercover NYPD Officers Frame 4 On Drug Charges ....The undercover NYPD officers are seen on video dancing in the street, then attempting to frame four innocent men...
"If you need privacy, you should get your own computer."
Posted on June 28, 2008The American Library Association has always been a reasoned and reasonable voice for privacy in libraries and the wider community. I was interested to learn they are doing a panel tomorrow at their annual get-together in Anaheim, California entitled "Privacy: Is it time for a revolution": Protecting reader privacy and confidentiality has long been an integral part of the mission of ALA and its members...
Maritime noon phone-in
Posted on June 24, 2008I was the guest on Maritime Noon's phone-in show today, discussing privacy and protecting personal information. (Someone who shall remain nameless doubted one could fill an hour with privacy questions, but she was proven wrong. Apparently the board lit up for the hour...
Cloned!
Posted on June 24, 2008Last week, I got a call first thing in the morning from my bank. According to their fraud department, it appeared that my debit card had been used fraudulently. Someone had taken a few hundred bucks out of my account at what appeared to be a no-name cash machine...
Marketers, meet the privacy officer. Privacy officer, meet the marketers.
Posted on June 23, 2008According to a study by the Ponemon Institute and reported in Forbes today, there is a large disconnect between marketing departments and those charged with overseeing privacy compliance. This underscores the importance of a multi-disciplinary approach to privacy within large organizations...
Data Breaches Made Possible By Incompetence, Carelessness
Posted on June 21, 2008A study by Verizon Business Security Solutions has found that 87% of data breaches are the result of incompetence and carelessness. Even when hacking was to blame, the intrusion was made possible by systems that were unpatched after fixes had been available for some time...
Passengers virtually stripped naked by 3-D airport scanner being tested in Canada
Posted on June 21, 2008We've seen this coming up through development, but the electronic virtual stripping machine is finally making its way to an airport in Canada, though just for a pilot project. The scanner was unveiled on Thursday. It uses "millimetre waves" to create a detailed 3-D image of the subject's body and any contraband they may have under their clothes...
Ask the privacy lawyer: Use of contact information for marketing purposes
Posted on June 18, 2008I've been overwhelmed by the number of questions I've received in response to "Ask the privacy lawyer". Some of them are too specific and would cross over the line between legal advice and educational. But I got this question, which is relatively generic and probably is something that many people have to deal with: HI - In September 2007 I subscribed to a well known Canadian magazine...
Pedophile fears as student profiles, pictures go in Queensland education database
Posted on June 16, 2008Just because you can doesn't mean you should. Parents' groups are up in arms in Australia after it was revealed that an intranet database of all students in Queensland State is being implemented that will be available to all employees of the education system...
Watch those Facebook apps!
Posted on June 14, 2008One of the most problematic features of Facebook, from a privacy point of view, is that Facebook shares data with the owners of Facebook Apps, whose privacy practices are not well articulated or well understood. This week, the Washington Post had an interesting article highlighting this problem...
Youth Privacy Online: Thursday, September 4, 2008
Posted on June 11, 2008The Information and Privacy Commissioner of Ontario is hosting a special one-day conference, Youth Privacy Online: Take Control, Make It Your Choice, being held on September 4, 2008, at the Marriott Eaton Centre in downtown Toronto. According to the Commissioner's invitation: "My office is hosting this conference in order to provide a forum for discussion, debate and inquiry that will focus on exploring approaches to safeguarding the privacy of children and youth on the Internet...
International standard for privacy impact assessments
Posted on June 09, 2008The International Standards Organization has earlier this year established ISO 22307:2008, which is a new international standard for privacy impact assessments. Here is the blurb, but you'll have to shell out 114 Swiss Francs for the real deal: ISO 22307:2008 - Financial services -- Privacy impact assessment ISO 22307:2008 recognizes that a privacy impact assessment (PIA) is an important financial services and banking management tool to be used within an organization, or by ?contracted? third parties, to identify and mitigate privacy issues and risks associated with processing consumer data using automated, networked information systems...
TSA announces new ID policy
Posted on June 09, 2008According to the website of the Transportation Security Administration, the policy on flying without ID has been changed. If you refuse to provide ID, citing your constitutional rights, you'll be denied boarding. But if you tell them you would show them ID if you could, they'll let you fly...
ID required to buy spray paint in St. Louis
Posted on June 08, 2008Want spray paint in St. Louis? You'll have to show some ID. See: Paintless in St. Louis? St. Louis Alderwoman Donna Baringer wants to treat cans of spray paint like they're handguns., page 1 - News - Riverfront Times - Riverfront Times.
Ask the privacy lawyer
Posted on June 07, 2008Despite the disclaimer on the side of this blog, I often get e-mails from people asking questions about privacy laws and how they affect their own particular circumstances. They are usually from people who are not in a position to pay for legal advice...
CBA calls for sweeping reform of federal Privacy Act
Posted on June 06, 2008The Canadian Bar Association has been urging a comprehensive review of Canada's public sector Privacy Act for some time. Two years ago, the national assembly of the organization representing more than thirty thousand Canadian lawyers unanimously called for a review of the law...
Commissioners launch youth privacy initiative
Posted on June 05, 2008The federal, provincial and territorial privacy commissioners are meeting this week in Regina and have jointly started a new initiative, youthprivacy.ca. Here's the media release describing it: News Release: Privacy Advocates Express Concern About Child Privacy Online (June 4, 2008) - Privacy Commissioner of Canada Privacy Advocates Express Concern About Child Privacy Online Regina, June 4, 2008 ? As Canadian youth spend more time online, they run the risk of losing control of their personal information and, potentially, facing complications at home, school or work...
Bastionhost debuts "Dataville"
Posted on June 05, 2008I am thrilled that a client of mine just successfully debuted its secure data centre concept at an industry event in Florida. The company, Bastionhost Ltd., is building secure data centres to take advantage of the lower risk and European/Canadian privacy compliance to serve customers in both New York and London from Canada...
Privacy Commissioner tables annual PIPEDA report
Posted on June 04, 2008The Privacy Commissioner of Canada tabled her annual report to Parliament on the Personal Information Protection and Electronic Documents Act for 2007 on June 3, 2008. The report is here: Annual Report to Parliament 2007 Report on the Personal Information Protection and Electronic Documents Act - Privacy Commissioner of Canada...
UK daycare starts fingerprinting parents
Posted on June 02, 2008The BBC says that two daycares in the UK have started fingerprinting parents (BBC NEWS England Kent Nursery scans parent fingerprints), but I prefer the comments at Boing Boing:English nurseries fingerprinting parents "for security" - Boing Boing Two nurseries in Kent, England are fingerprinting parents as they drop off and pick up kids "for safety...
Mobile phones used as "cookies" in the offline world to track shoppers
Posted on June 01, 2008According to the Times, some shopping centres in the UK have started using a system that tracks shoppers using the unique signals produced by customers' mobile phones. The Information Commissioner has cautiously approved the technology: Shops track customers via mobile phone - Times Online The surveillance mechanism works by monitoring the signals produced by mobile handsets and then locating the phone by triangulation measuring the phone?s distance from three receivers...
Google starts collecting street view data in Europe
Posted on June 01, 2008According to Computerworld Security, Google has started collecting images of European streets for its Street View feature, but is holding off putting the data online until it has figured out the local privacy law challenges. See: Google takes Street View snaps in Paris; lawsuits could follow...
Canadian Internet Policy and Public Interest Clinic files complaint with the Privacy Commissioner about Facebook
Posted on May 31, 2008The Canadian Internet Policy and Public Interest Clinic (CIPPIC) - Canadian Internet Policy and Public Interest Clinic (CIPPIC) has filed a 35 page complaint with the Privacy Commissioner of Canada, alleging that Facebook violates the Personal Information Protection and Electronic Documents Act in at least eleven ways...
IRS employee charged after snooping through stars' returns and records
Posted on May 30, 2008The Smoking Gun is reporting that an IRS employee is being charged with a misdemeanor offence after having been found to have looked at hundreds of celebrities records "out of curiosity". IRS Worker Snooped On Stars - May 30, 2008 MAY 30--An Internal Revenue Service employee snooped on the tax records of about 200 celebrities and athletes, confessing to investigators that he accessed the confidential material out of "curiosity...
Hands off my laptop
Posted on May 28, 2008The Canadian Press and CanWest are reporting that the Canadian government is seriously considering implementing an Anti-counterfeiting law that would, among other things, permit ex parte searches for allegedly infringing materials. This raises the spectre of customs and border enforcement authorities searching laptops, ipods and other electronic devices...
Upcoming dot-ca whois privacy irks law enforcement
Posted on May 26, 2008Upcoming changes to the Dot-CA domain name directory, which are designed to protect the privacy of registrants, are causing concerns among police and IP lawyers who have used the directory as a very easy way to track down the owners of dot-ca domain names: Nova Scotia News - TheChronicleHerald...
NYPD's new eyes in the sky
Posted on May 24, 2008The New York Police Department is proud of its new surveillance helicopter, which is said to be the most advanced of any police department in the country. It's unmarked and the pilots pride themselves on being able to observe people who "don't even know we're here...
Commissioner launches book to assist with privacy law compliance
Posted on May 23, 2008The Federal Privacy Commissioner of Canada has today launched a new book, available online, to assist businesses in complying with PIPEDA. Here's the news release: News Release: New book launched to help businesses comply with privacy law (May 23, 2008) - Privacy Commissioner of Canada New book launched to help businesses comply with privacy law TORONTO, May 23, 2008 ? The Office of the Privacy Commissioner of Canada (OPC) today launched a new book to help businesses comply with the Personal Information Protection and Electronic Documents Act (PIPEDA), the federal private sector privacy law...
Ontario Commissioner releases 2007 annual report
Posted on May 22, 2008The Information and Privacy Commissioner of Ontario tabled her Annual Report 2007 this past week. Apparently it was a good year: IPC - Office of the Information and Privacy Commissioner/Ontario Major advances made in Access and Privacy, says Commissioner Ann Cavoukian Major advances made in Access and Privacy, says Commissioner Ann Cavoukian Court rulings, key decisions by her office and other developments all helped to make 2007 a year of significant progress in advancing both freedom of information and protection of privacy, Ontario Information and Privacy Commissioner Ann Cavoukian said today, as she released her 2007 Annual Report...
Schneier calls for a data privacy law
Posted on May 22, 2008In Wired, security and privacy guru Bruce Schneier is calling for a comprehensive privacy law in the United States: Our Data, Ourselves.
Alberta Commissioner confirms right to have personal health information masked
Posted on May 18, 2008The Alberta Information and Privacy Commissioner's office, in Investigation Report H2008-IR-001, has confirmed that individuals have the right to have their personal health information masked and its distribution restricted on Alberta Netcare: Investigation confirms Albertans' right to ask custodians to limit disclosure of health information through Alberta Netcare May 15, 2008Investigation confirms Albertans' right to ask custodians to limit disclosure of health information through Alberta NetcareInformation and Privacy Commissioner, Frank Work, has confirmed that individuals can ask that disclosure of their health information through Alberta Netcare, Alberta?s electronic health record, be limited...
Cleanse or secure your electronics before crossing the border
Posted on May 17, 2008Over the past weeks, I've done a lot of travelling. First to Geneva and then to the US. On both occasions, I had to be very mindful of what information I have on my laptop and my USB drives, since I am subject to the Personal Information International Disclosure Protection Act...
Building China's high-technology surveillance society, with help from the US
Posted on May 17, 2008Naomi Klein has an interesting piece in the most recent Rolling Stone on the emerging high-technology surveillance state being built in China, with help from some of largest US defence contractors: China's All-Seeing Eye : Rolling Stone ... Now, as China prepares to showcase its economic advances during the upcoming Olympics in Beijing, Shenzhen is once again serving as a laboratory, a testing ground for the next phase of this vast social experiment...
Hong Kong Privacy official jailed for fiddling expenses
Posted on May 17, 2008Anthony Lam Wing-hong has been sentenced to nine months in jail for "flddling" travel expenses: The Standard - Hong Kong's First FREE English Newspaper Privacy official jailed for fiddling expenses Former deputy privacy commissioner Anthony Lam Wing-hong was yesterday jailed for nine months for fiddling his travel expenses to Australia involving more than HK$100,000...
Google starts blurring faces on Street View
Posted on May 15, 2008According to the CBC, Google has started implementing an algorithm to automatically blur peoples' faces in Google Street View. This follows complaints that the online service violates privacy by showing people without their consent. See: Google starts blurring faces on Street View...
London supermarket secretly photographs alcohol/cigarette buyers, wants national database
Posted on May 14, 2008If you guessed this scheme was developed in the UK, you guessed correctly: London supermarket secretly photographs alcohol/cigarette buyers, wants national database - Boing Boing Budgens, a London supermarket chain, secretly records biometric facial photos of people who buy cigarettes and alcohol and compares it to a database of known underage buyers, and they're hoping to link their database with other grocery chains around the country...
Band "shoots" video by sending Data Protection Act requests to CCTVs that caught them performing
Posted on May 09, 2008This is too funny. Apparently Manchester band "The Get Out Clause" recorded a music video by performing in the vicinity of CCTV cameras and then requesting the footage under the UK Data Protection Act. Band "shoots" video by sending Data Protection Act requests to CCTVs that caught them performing - Boing Boing
Ontario and B.C. Privacy Commissioners issue joint message: personal health information can be disclosed in emergencies and other urgent circumstances
Posted on May 09, 2008This just crossed the wires and is likely of interest to those who followed the earlier discussions about using privacy legislation as an excuse for inaction. CNW Group OFFICE OF THE INFORMATION AND PRIVACY COMMISSIONER/ONTARIO Ontario and B.C. Privacy Commissioners issue joint message: personal health information can be disclosed in emergencies and other urgent circumstances Ontario and B...
Apologies for the light blogging
Posted on May 09, 2008Sorry for the lack of posts during the past week. I was in Geneva for business and didn't have any time to keep my ear to the ground for privacy happenings. But I'm back and I hope to catch up ...
Turkey to implement privacy laws in bid to join EU
Posted on May 03, 2008The parliament in Turkey has introduced privacy legislation, as part of the country's move to join the European Union. See New law to safeguard privacy.
Avoiding camera noise for anonymous photos
Posted on May 02, 2008You learn something new every day. Apparently each digital camera, in addition to EXIF info, has its own ditigal signature in the form of digital noise in your photos. A bunch of your photos can be correlated and can then be used to connect them to a particular camera...
First stats on National Security Letters
Posted on May 01, 2008According to EPIC, the first public reporting on National Security Letters has been released, showing over twelve thousand NSLs were issued in 2006. FISA Orders Up, Government Reporting on National Security Letters Begins. According to the 2007 FISA report (broken link), the Foreign Intelligence Surveillance Court approved 2,370 application to conduct electronic surveillance and physical searches in the United States in 2007, up from 2,176 applications approved in 2006...
A new place to put cameras: Lollipops!
Posted on April 30, 2008England, well beyond the cutting edge of surveillance, has found a new place to put cameras: in the lollipop-shaped signs used by crossing guards. Campaign to lick lollipop rage UK news guardian.co.uk For generations, lollipop men and women have shepherded schoolchildren safely across roads armed only with their trusty signs...
Air Marshals denied boarding due to no-fly list
Posted on April 30, 2008I think I may need an "Ironic" tag for this one ... The Washington Times reports that it is not uncommon that Air Marshals are denied boarding on aircraft because they are misidentified as terrorism suspects and other baddies. Hmm. See: Air marshals grounded in list mix-ups - - Breaking News, Political News & National Security News - The Washington Times...
If you handle personal information, you'd better know the exceptions in privacy laws
Posted on April 29, 2008If you handle personal information and only read one privacy law article, this one should be it: Far too often, bureaucrats, cops and others use poorly understood privacy laws as a justification for inaction. Maybe it's just that they don't fully understand the myriad rules and the multiplicity of exceptions...
Blawg Review #157
Posted on April 28, 2008Michael Fitzgibbon was just called upon to prove his dedication to legal blogging: He put together a very interesting Blawg Review while trying to clear his desk to take a vacation. Check it out: Thoughts from a Management Lawyer: Blawg Review #157.
California takes lead on DNA crime-fighting technique - Los Angeles Times
Posted on April 27, 2008In an effort to fully exploit DNA databases, investigators in California are planning to look for partial matches from crime scenes. If a forensic sample partially matches a sample on file, it likely means that it was left by a relative of the person on file...
Wacky Canadians Still Believe in Privacy
Posted on April 27, 2008Washtington Post columnist Al Kamen has picked up on the Canadian Privacy Commissioner's response to the Secretary of Homeland Security's statement that fingerprits are not "personal" (see: Canadian Privacy Law Blog: Privacy Commissioner's response to US Homeland Security Secretary's statement on biometrics)...
Radwanski's lawyer to challenge admissibility of evidence
Posted on April 27, 2008According to Canwest, the defence lawyer for George Radwanski is talking about having certain evidence against him excluded. See: Lawyers to challenge eligibility of evidence against Radwanski. I'm not sure why anyone involved on his behalf would be speaking to the media, as no trial is scheduled and I can't imagine that reminding people of the saga would be a good thing for George...
Feds to leave disclosure of data security breaches to businesses: legislative plan
Posted on April 26, 2008One thing that was relatively consistent in the submissions at PIPEDA's five year review was to follow in the footsteps of more than half the US states to require notification of security and privacy breaches. Canwest is reporting on leaked draft legislation which will surely disappoint many in the privacy community...
Supreme Court of Canada throws out evidence of drugs obtained by fly-by sniff
Posted on April 25, 2008In a decision released today, the Supreme Court of Canada has upheld a decision that excluded evidence obtained in a sweep of an Ontario school by sniffer dogs. In this case, the police were invited by a school principal to walk a sniffer dog through the building to enforce the "zero tolerance" policy for drugs...
The irony of privacy enhancing technologies
Posted on April 24, 2008I reported last month that the Information and Privacy Commissioner has issued a report on the proposal to dramatically increase video surveillance on public transit in Toronto. (Canadian Privacy Law Blog: Ontario Commissioner releases detailed report on TTC surveillance cameras)InterGovWorld...
Micromanaging employee expenditures
Posted on April 24, 2008I'm not sure how I feel about this. Apparently, MasterCard is introducing a feature for corporate cards that allows employers to set very strict parameters on spending. Economy class? Ok. Business class. Nope. HoJo's? Ok. Strip clubs? Not so much. The card also has detailed reporting that allows employers to keep close tabs on spending...
Hong Kong ex-privacy boss found guilty in dishonest expense claims
Posted on April 23, 2008It appears that Canada is not the only place to experience an expeses scandal within the office of its Privacy Commissioner. (See Radwanski Scandal.) Apparently the Deputy Commissioner of Hong Kong is awaiting sentencing for submitting dishonest expense claims...
Vista features that phone home
Posted on April 23, 2008Softpedia has an interesting article on the twenty features in Windows Vista that collect and transmit potentially personally identifiable information back to Microsoft: Forget about the WGA! 20+ Windows Vista Features and Services Harvest User Data for Microsoft - From your machine! - Softpedia ...
UK authorities reported to have signed pact to share real time video with foreign intelligence services
Posted on April 22, 2008The Inquirer is reporting that UK authorities have signed a secret pact that would allow real-time access to video surveillance feeds to foreign intelligence services. The scheme is said by critics to be a violation of UK data protection laws. See: Secret pact allows the US to spy on UK motorists - The INQUIRER...
NJ court says law enforcement needs a warrant for subscriber information
Posted on April 22, 2008Some interesting news from the courts of New Jersey. The New Jersey Supreme Court has ruled that law enforcement need warrant or subpoena to get information about internet users. This goes against jurisprudence from the US Supreme Court, but may be the beginning of a trend (fingers crossed)...
US border agents given unfettered access to travelers' laptops
Posted on April 22, 2008A US Federal Appeals Court has overruled a lower court ruling that had previously restricted laptop searches at the border. The 9th Circuit Court of Appeals, in a unanimous three judge ruling, held that border agents do not need any probable cause to rummage through portable electronics...
PIPA review released in BC
Posted on April 21, 2008The Special Committee of the BC Legislature reviewing the Personal Information Protection Act has recently released its report: April 17, 2008: Special Committee Recommends Changes to Streamline B.C.?s Private-Sector Privacy Law Media Releases Special Committee to Review the Personal Information Protection Act 4th Session 38th Parliament Committees SPECIAL COMMITTEE RECOMMENDS CHANGES TO STREAMLINE B...
Liveblogged at Leg@l IT 2008 ? Social Networking and Privacy
Posted on April 21, 2008I've never been liveblogged before, but there's a first time for everything. I'm currently in Montreal at http://legalit.ca/en/2008program. I had the honour of being on a panel with the Privacy Commissioner of Canada, Jennifer Stoddart, and Professor Pierre Trudel...
One Nation Under CCTV graffiti in London
Posted on April 18, 2008World famous British street artist Banksy has a message about the widespread CCTV in England and has chosen a large wall as the medium to express it. Via ONE NATION UNDER CCTV graffito in London - Boing Boing. See also Banksy pulls off daring CCTV protest in London - Telegraph...
Privacy Commissioner Concerned With Ticketmaster's Privacy Practices
Posted on April 18, 2008The Privacy Commissioner doesn't often "name names", but she's named Ticketmaster in this most recent finding released from her office. Here's the press release: Privacy Commissioner Concerned With Ticketmaster's Privacy Practices, Encourages Companies to Adopt High Privacy Standards Across Operations OTTAWA, April 18, 2008 ? Privacy Commissioner of Canada Jennifer Stoddart expressed concern with the information collection and privacy practices of a major online ticket vendor...
Incident: Ontario patient files found in dumpster
Posted on April 17, 2008The Ontario Information and Privacy Commissioner is investigating after old medical records were found in a dumpster behind a coffee shop by a retiree. The affected patients will have to be notified as the information is subject to PHIPA, which contains Canada's only mandatory breach notification...
Britis local council uses criminal law to spy on school place applicants
Posted on April 16, 2008Here is a shocking example of why intrusive powers need to be carefully circumscribed and subject to judicial oversight, otherwise they will be abused. A local council in the UK (not surprisingly) has used the Regulation of Investigatory Powers Act, designed for serious crimes and terrorism, to surveil a three-year-old to determine if her parent's were misrepresenting place of abode to get into a better school...
Austrialian Commissioner seeks comments on draft breach notification guidelines
Posted on April 15, 2008The Australian Privacy Commissioner has issued draft breach notification guidelines and is seeking comments by June 16, 2008. See: Voluntary Information Security Breach Notification Guide - Consultation Draft (April 2008).
Consumer groups urge "do not track" registry
Posted on April 15, 2008According to Reuters, a number of consumer groups are lobbying the US Federal Trade Commission to estblish a "do not track" registry to prevent online advertisers from collecting information about consumers who opt out. See: Consumer groups urge "do not track" registry - Yahoo! News...
Toronto Police Chief calls for DNA samples regardless of conviction
Posted on April 12, 2008CityNews in Toronto is reporting that the city's chief of police is calling for forced DNA samples for a national database even before an individual is convicted, and the retention of those samples even if the individual is acquitted. See: CityNews: Toronto Police Chief Calls For Forced DNA Samples...
B.C. introduces law governing access, privacy of electronic health records
Posted on April 11, 2008British Columbia's government has just recently introduced legislation specifically tailored for privacy and access to electronic health records. E-HEALTH STATUTE INCREASES PATIENT ACCESS AND PRIVACY April 10, 2008 Ministry of Health E-HEALTH STATUTE INCREASES PATIENT ACCESS AND PRIVACY VICTORIA ? A new e-Health (Personal Health Information Access and Protection of Privacy) Act introduced today moves British Columbia a step closer to the goal of giving citizens access to their health records and medical information, while strengthening privacy protection, said Health Minister George Abbott...
Big Brother is watching, but he doesn't seem to care
Posted on April 11, 2008I was interviewed some time ago for a feature article in the Toronto Star on privacy issues associated with loyalty cards. These products are very popular in Canada, with Air Miles and Shopper's Drug Mart's Optimum card leading the way. Many of these programs have the potential to collect a vast amount of shopping data, but most of the companies interviewed by Paul Brent didn't really seem to care about collecting the sort of detailed individual data that most assume is being collected...
Privacy Commissioner's response to US Homeland Security Secretary's statement on biometrics
Posted on April 11, 2008Jennifer Stoddart has released a letter addressed to Minister of Public Safety Stockwell Day in response to remarks made by the U.S. Secretary of Homeland Security suggesting fingerprints are not ?personal data?.Letter to the Minister of Public Safety and Emergency Preparedness Canada The Honourable Stockwell Day, P...
London beat cops upset over Big Brother surveillance scheme
Posted on April 11, 2008Some people, I am sure, will savor the irony that many London police officers are complaining about creepy surveillance and Big Brother tactics inherent in a new technology that will allow desk-riding senior cops to keep tabs on the location and activities of cops on the beat...
Canadian companies global leaders in privacy
Posted on April 10, 2008The Globe & Mail has an interesting article on Canadian privacy practices, based on a study from Forrester Research which says Canadian companies are global leaders in implementing privacy programs. See: globeandmail.com: Canadian firms putting a lock on data privacy...
The bottom's fallen out of the stolen data market
Posted on April 10, 2008A scary example of the laws of supply and demand. Apparently stolen credit card data is so abundant on the black market, the price has fallen through the floor. See: Techdirt: Stolen Data So Plentiful, The Market For It Has Collapsed. Thanks to Rob Hyndman for sending the link to me...
Warrantless disclosure in the news
Posted on April 09, 2008The trial of an accused trader in child pornography has brought the question of warrantless disclosure of ISP subscriber information to the national media's attention. It is understood to be the first time a superior court will consider whether basic subscriber information disclosed by an ISP without a warrant violates the Charter...
Surveillance cameras move crime in San Francisco
Posted on April 08, 2008Whether widespread surveillance cameras actually work is often hotly debated. Some contend they counter crime while others contend that cameras only move it. Researchers at the University of California Berkeley have done a pretty intensive review of crime statistics in San Francisco related to the cameras in place in that city and have concluded, in a preliminary review, that they simply move crime out of view of the cameras...
Identity Theft Hearings at the Justice Committee
Posted on April 07, 2008Sorry for the grossly misleading headline but I was similarly misled. Michael Geist and others were scheduled to testify before the House of Commons Justice Committee about the proposed anti-Identity Theft law, Bill C-27, but political idiocy meant that the hearings never happened...
An access odyssey in the UK
Posted on April 07, 2008The Guardian has an interesting article on John Harris' odyssey of exercising his access rights under the Data Protection Act. He had quite an experience, between credit files he never knew existed and a mobile phone company that made up rules on the fly...
Incident: Tax files, private info turn up in Vancouver dumpster
Posted on April 07, 2008In case you needed further proof that you must shred all personal information that you're disposing. Loads of personal tax information has surfaced after a high-profile accountant in Vancouver chucked it into a locked dumpster outside his offices:CTV British Columbia- Tax files, private info turn up in dumpster - CTV News, Shows and Sports -- Canadian Television ...
Leg@l.IT2008 in Montreal
Posted on April 07, 2008If you haven't heard of it already, check out this year's Leg@l.IT2008 in Montreal at the Mount-Royal Center on April 21st, 2008. There are three tracks and the faculty looks pretty impressive (including your's truly). Register quickly before it is full! More details here: LEGAL...
Search engines warned over data
Posted on April 07, 2008The BBC is reporting that the Article 29 Working Group in Europe is calling on search engines to render their logs anonymous after six months. BBC NEWS Technology Search engines warned over data ... The report from the Article 29 Data Protection Working Party said search engine providers had "insufficiently explained" why they were storing and processing personal data to their users...
Real Questions for Facebook?s Chief Privacy Officer
Posted on April 06, 2008Michael Zimmer caught my link to the Times Online article with questions for Facebook's CPO. He points out that the questions are pretty easy. Instead, he proposes some real questions: michaelzimmer.org » Archives » Real Questions for Facebook?s Chief Privacy Officer...
Questions for Facebook's privacy officer
Posted on April 06, 2008The Times Online has a few questions for the Chief Privacy Officer at Facebook. See: Q&A: Chris Kelly, chief privacy officer of Facebook - Times Online.
NIH forbids MacBooks for personal information processing
Posted on April 06, 2008According to Informationweek, the US National Institutes of Health is forbidding employees and contractors from using Macintosh MacBooks for processing personal information due to a lack of encryption on the devices. See: U.S. Health Agency Forbids Sensitive Data On Apple MacBooks - Yahoo! News...
Commissioner investigates Human Rights Commission after unauthorized use of wireless network
Posted on April 06, 2008The Privacy Commissioner of Canada is reported to be investigating whether an Ottawa woman's privacy was breached by an investigator from the Canada Human Rights Commission who used the woman's unsecured wireless network to visit and post on white supremacist websites...
Sexual Assault Kit Among Patient Records Discovered in Moose Jaw
Posted on April 06, 2008Reecnt reports of abandoned or unsecured medical records in Saskatchewan have led to a rash of reports to the Privacy Commissioner of that province, including on report that 70 boxes of records are unattended in Moose Jaw. The records contain completed sexual assault kits, it is reported...
Dispute over costs holds up plan to reintroduce Internet policing legislation
Posted on April 05, 2008It appears that "lawful access" is in the news again, at least with respect to the debate over who is to pay for forcing telcos to build intercept capabilities into their systems: Dispute over costs holds up plan to reintroduce Internet policing legislation The Harper government's plans to reintroduce legislation that would make it easier for law-enforcement agencies to monitor Internet and wireless communications have been held up by a dispute with industry over who should cover the costs, according to documents obtained by Canwest News Service...
Boring lawsuit over Gogole's "Street View"
Posted on April 05, 2008(I couldn't resist.) Mr. and Ms. Boring of Pittsburgh is suing Google for intentional invasion of privacy since Google's Street View feature shows a picture of the home despite the fact that their street is marked as a private road. The Smoking Gun has the facts and their pleadings: Couple Sues Google Over "Street View" - April 4, 2008 APRIL 4--A Pittsburgh couple is suing Google for invasion of privacy, claiming that the web giant's popular "Street View" mapping feature has made a photo of their home available to online searchers...
TJX reaches tentative settlement with MasterCard
Posted on April 03, 2008Shamed retailer TJX has reached a tentative settlement with MasterCard to the tune of $24 million, according to the Associated Press: The Associated Press: TJX Could Pay Another $24M for Breach BOSTON (AP) ? Discount retailer TJX Cos. could pay as much as $24 million in a settlement Wednesday with MasterCard Inc...
Atlantic Canadian RCMP say search warrants are a time consuming hurdle
Posted on April 02, 2008The Royal Canadian Mounted Police in Atlantic Canada are complaining that the two major internet service providers in the region are requiring that police get a warrant before handing over customer information. The ISPs are of the view (correctly in my opinion) that the Personal Information Protection and Electronic Documents Act prevents them from disclosing subscriber information without a warrant...
Recording telephone calls could be a risky business
Posted on April 02, 2008Brian T.D. Bowman, a friend and fellow privacy lawyer at Pitblado LLP in Winnipeg has a column in the Winnipeg Free Press on recording telephone calls. Check it out: Winnipeg Free Press: Recording telephone calls could be a risky business.
Tracking dots raise privacy concerns in Europe
Posted on April 01, 2008David Canton's most recent column focuses on a recent European Union determination that printer tracking technology violates European privacy laws. More modern colour printers also print, in a hidden series of dots, the model, serial number and other information to permit law enforcement to track the origin of documents...
Software to protect toll payers' privacy
Posted on April 01, 2008An Australian researcher says he has developed an anonymous electronic tolling system so that users of such systems don't leave a data trail of their travels. See: Software to protect toll payers' privacy Australian IT.
BC Commissioner's submissions on PIPA Review
Posted on April 01, 2008The British Columbia Information and Privacy Commissioner has submitted a report to the Special Committee of the British Columbia Legislature to Review the Personal Information Protection Act (BC). The Commissioner has found that the Act was a balanced and effective law that did not require major changes...
Privacy commissioner raps home improvement retailer for collecting drivers licenses on product returns
Posted on April 01, 2008The Information and Privacy Commissioner of Alberta has ruled that Home Depot violated the Personal Information Protection Act (Alberta) when it collected and recorded a customer drivers license information in connection with a product return. The company's policy was that returns for purchases that were made with a debit card, even with a receipt, are treated as a "no receipt" return and the information is collected...
Ontario Court considers warrantless requests for subscriber information
Posted on April 01, 2008There's been a lot of debate over whether PIPEDA permits a commercial entity, such as an ISP, to provide certain identifying information to law enforcement without a warrant. Most of the debate centers around section 7(3)(c.1) of PIPEDA, which reads: (3) For the purpose of clause 4...
New technology allows backup tapes to phone home
Posted on March 31, 2008Lost, misplaced or stolen backup tapes are a common cause of privacy breaches. In response, Fujufilm has developed a LoJack for backup tapes using GPS technology. See: Fujifilm bugs backup tapes with LoJack device The Register. The tapes can be traced and located when being transported...
Google revamps Google Privacy Center
Posted on March 31, 2008Google has announced a revamp of the Google Privacy Center: Official Google Blog: Privacy made easier Privacy made easier 3/28/2008 07:20:00 AM Posted by Jane Horvath, Senior Privacy Counsel, and Peter Fleischer, Global Privacy Counsel Because we're strongly committed to protecting your privacy, we want to present our privacy practices in the clearest way possible...
What's new from Alberta
Posted on March 31, 2008There have been some interesting releases from the Information and Privacy Commissioner of Alberta's office: OIPC Order P2007-014Posted: Mar/19/2008Adjudicator rules personal information released in contravention of Personal Information Protection ActAn Adjudicator with the Office of the Information and Privacy Commissioner has ruled that the Alberta Teachers? Association contravened the Personal Information Protection Act (PIPA), when it published an article containing the personal information of former members...
Ontario's Commissioner recommends PHIPA to Americans
Posted on March 31, 2008Last week's New York Times had an editorial on Safeguarding Private Medical Data: ... These are good steps, but a larger solution is needed. There should be a federal law imposing strict privacy safeguards on all government and private entities handling medical data...
US Patriot Act deters Canadians from Google service
Posted on March 29, 2008I was interviewed last week by Out-Law.com, a service of UK firm Pinsent Masons, for an article on the recent stories out of Canadian universities about hesitation to use Google's services due to USA Patriot Act concerns. See: US Patriot Act deters Canadians from Google service OUT-LAW...
iOptOut
Posted on March 27, 2008Michael Geist has been a critic of the legislation enabling the new Canadian "Do Not Call List", which specifically permits calls from polling companies, newspapers, political parties and others. So to enable users to opt out even more, Michael has developed a website that sends specific do not call requests to individual companies and organizations...
Privacy fears delay UK airport fingerprint biometrics
Posted on March 27, 2008According to Information Age, privacy concerns have at least delayed the implementation of fingerprint biometrics at Heathrow's new Terminal 5 (For some background, see: Canadian Privacy Law Blog: A small step for biometrics; a giant leap for the UK surveillance state)...
Info on participants in kids' summer program found in open trash in Toronto
Posted on March 27, 2008The Toronto Sun is reporting that information about children who participated in a city-funded summer program was found in an open trash bin in a Toronto apartment building. The Sun also notes that a resident of the building was recently charged for child pornography offenses, but the two do not appear to be related...
Patient files found in vacant Saskatchewan office space
Posted on March 25, 2008Not good ... Patient files found in vacant Yorkton office space: "REGINA -- Hundreds of patient files have been discovered in a vacant Yorkton office space, prompting an investigation by the Saskatchewan Information and Privacy Commissioner. An anonymous complaint tipped the commissioner's office to the presence of five large boxes containing what appears to be physician records for as many as 800 or 900 patients in the Yorkton region, Commissioner Gary Dickson said Monday...
Smile, Big Brother's watching
Posted on March 25, 2008I was interviewed some time ago for a Globe & Mail article on workplace surveillance, which appeared yesterday. The piece discusses keystroke loggers, access cards and video surveillance. See: globeandmail.com: Smile, Big Brother's watching.
Using Facebook's power for YOU.
Posted on March 24, 2008Rob Hyndman has a great post about Facebook and why he's finding it increasingly boring. The site has loads of users' personal information. It knows who your friends are and who their friends are. It knows what you post and it knows who you are closest with...
Toilet cameras are for research purposes only
Posted on March 24, 2008After the recent spate of toilet cam stories (Canadian Privacy Law Blog: Montreal mall fake toilet-cam raising concerns, Canadian Privacy Law Blog: Montreal Second Cup owner forced to take down bathroom surveillance camera), I was at first shocked, puzzled and then amused by the sticker that was posted on Boing Boing...
State Dept fires two for snooping into Obama's passport records
Posted on March 21, 2008For the record, I do not delight in the misfortunes of others but I am glad to see that the US Department of State has fired two people for inappropriately snooping into the passport records of Barak Obama. Access to sensitive records must be adequately policed in order for people to be able to trust the systems that keep the info safe...
UK police urge that young children be added to already enormous DNA list
Posted on March 18, 2008Just in case you were starting to wonder about the benefits of a written constitution and bill of rights, the UK steps up to the plate: Authorities in England are proposing to collect the DNA of five year olds in case they grow up to be terrorists, thugs, or ne'er do wells...
Anti-money laundering system exposed Spitzer
Posted on March 15, 2008The downfall of Eliot Spitzer, former governor of New York, was precipitated by a financial information system that has been seen by Canadians as too intrusive to implement in Canada. The system requires financial services companies to report suspicious looking transactions...
UCLA employees being shown the door for peeking at Britney's records
Posted on March 15, 2008One of the many privacy issues of electronic health records is that "authorized" users of ehr systems are known to look up the records of celebrities and others. The Los Angeles Times reports that 25 employees of UCLA Medical Center are being investigated for peeking at Britney Spears' medical records when she was admitted there...
Illustration of ten largest data breaches since 2000
Posted on March 15, 2008Flowing Data, which "explores how statisticians, designers, computer scientists, and others are using data to understand more about ourselves and our surroundings", has an illustration of the ten largest recent data breaches. See: 10 Largest Data Breaches Since 2000 - Millions Affected FlowingData...
US Federal Court limits employment drug testing
Posted on March 14, 2008This is an interesting development: The Ninth U.S. Circuit Court of Appeals in San Francisco ruled against a municipality that argued it was entitled to maintain a drug-free workplace by requiring all job candidates to be screened for drugs and alcohol...
The New School of Information Security
Posted on March 09, 2008Adam Shostack, one of the most prolific contributors at Emergent Chaos, is the co-author of an interesting-sounding book being launched tomorrow. Here's the scoop from Amazon: Amazon.com: The New School of Information Security: Adam Shostack,Andrew Stewart: Books Why is information security so dysfunctional? Are you wasting the money you spend on security? This book shows how to spend it more effectively...
Crossing the border? Consider the possibility of laptop searches
Posted on March 09, 2008As March Break is almost in full swing, it's timely to read Compterworld's recent 5 things you need to know about laptop searches at U.S. borders. State sovereignty usually means that a country has total control over who and what gets in and traditional searches are being extended to laptop searches...
Google/Doubleclick merger expected to clear EU hurdles this week
Posted on March 09, 2008According to Reuters, the proposed merger of Google and Doubleclick is expected to clear all regulatory hurdles in the European Union despite protests of privacy advocates. See: EU set to clear Google/DoubleClick merger Technology Reuters.
A small step for biometrics; a giant leap for the UK surveillance state
Posted on March 08, 2008Passengers flying through Heathrow Airport, Terminal 5, will be photographed and fingerprinted twice before being permitted to board domestic flights. The British Airport Authority, which runs the new terminal through which all British Airways passengers will travel say this measure is "necessary to prevent criminals, terrorists and illegal immigrants trying to bypass border controls...
Assistant Commissioner takes the show on the road
Posted on March 07, 2008Over the last couple of days, representatives of the Office of the Privacy Commissioner of Canada have had a real blitz through Halifax. Elizabeth Denham, the current Assistant Commissioner responsible for PIPEDA and her predecessor, Heather Black, have been in town as part of an outreach effort to determine what it takes to raise awareness of and compliance with privacy laws in the eastern hinterlands...
Privacy Commissioners Release New Video Surveillance Guidelines
Posted on March 06, 2008The Privacy Commissioners of Canada, British Columbia and Alberta today have released Guidelines for Overt Video Surveillance in the Private Sector to help businesses consider privacy matters when deciding whether to and how to implement overt video surveillance...
Federal Commissioner drops greeting card inquiry; political parties beyond reach of privacy legislation
Posted on March 05, 2008Interesting, but not surprising, development: CANOE -- CNEWS - Canada: Privacy czar drops Rosh Hashanah inquiry: "OTTAWA - The federal privacy commissioner has quietly dropped her investigation into complaints that Prime Minister Stephen Harper mailed unsolicited Rosh Hashanah greetings, saying she has no jurisdiction over the matter because political parties fall outside Canada's two privacy laws...
Ontario Commissioner releases detailed report on TTC surveillance cameras
Posted on March 03, 2008The Information and Privacy Commissioner of Ontario has released an extensive report on the use of video surveillance by the Toronto Transit Commission. The report can be found here: Privacy and Video Surveillance in Mass Transit Systems: A Special Investigation Report - Privacy Investigation Report MC07-68...
Court of Appeal considers insured's right of access to IME notes
Posted on March 02, 2008Last month, the Federal Court of Appeal issued its decision in Wyndowe v. Rousseau, 2008 FCA 39 (CanLII). This case involved an individual's request for access to information generated by a physician hired by his insurer for the purposes of an independent medical examination...
UK school removes CCTV cameras from children's toilets after furious protest from parents
Posted on February 27, 2008What's the deal with surveillance cameras in bathrooms? I suppose that the WC is the last bastion of privacy, so it was bound to be invaded by surveillance cameras sooner or later. Here's a story from the UK where school officials conceded to furious students to remove CCTV cams from school bathrooms: School removes CCTV cameras from children's toilets after furious protest from parents the Daily Mail
Edmonton's pawnshop database violates privacy laws, Alberta commissioner rules
Posted on February 21, 2008The Alberta Commissioner's office has been busy and productive as of late. The Commissioner has ruled that a database of pawn shop patrons is unlawful and has ordered that the database that's been in operation since 2006 be destroyed. Check out the decision/order here: Order P2007-001, F2007-001 and F2007-002...
Celebs pimping out their kids
Posted on February 21, 2008There seems to be a growing practice of celebrities selling photos of their infant children. It is said (by the celebs or their publicists) that this is to control the release of these photos, which the press will get their hands on in any event. That doesn't ring true to me and it seems that it probably feeds the demand for such photos...
Alberta Commissioner forbids license scanning
Posted on February 20, 2008In a long awaited decision, the Information and Privacy Commissioner of Alberta has ordered a nightclub to cease scanning drivers licenses. The practice is an unreasonable collection of personal information and is not justified under the Personal Information Protection Act...
Protection from the protection
Posted on February 20, 2008Not interested in being captured on CCTV? Wear an IR light emitting headband. Apparently this device from Germany offers "protection from the protection". This is courtesy of Boing Boing, where one commentator says this is only useful to thwart IR cameras as most CCTV cameras have an IR filter attached...
US FTC successfully sues Accusearch/Abika
Posted on February 19, 2008Recently, the us Federal Trade Commission successfully brought an action against Accusearch (aka Abika) for selling customer phone records without consent. Readers will recall that Abika was the subject of a complaint brought by CIPPIC in Canada that is still ongoing...
Your medical chart, just a mouse click away
Posted on February 18, 2008Today's Globe & Mail has an interesting article on electronic health records. Though the Information and Privacy Commissioner of Ontario is featured, the article is light on privacy content. Nevertheless, for those who follow the area, it is a good update on where things are and where they are going...
No need for RCMP to keep files secret, privacy Commissioner says
Posted on February 14, 2008The Privacy Commissioner of Canada has completed a review of the exempt databanks maintained by the RCMP and has concluded that many of the records should not be there in the first place. She calls it "disturbing": News Release: Large number of files mistakenly held in RCMP exempt data banks "disturbing," says Privacy Commissioner (February 13, 2008) - Privacy Commissioner of Canada Large number of files mistakenly held in RCMP exempt data banks "disturbing," says Privacy Commissioner Commissioner tables first special report to Parliament; raises serious concerns about data banks containing documents Canadians can?t access February 13, 2008 ? An audit has found that many of the national security and criminal operational intelligence files sheltered from public access in the RCMP?s exempt data banks did not belong there, says the Privacy Commissioner of Canada in a special report to Parliament...
Quitting Facebook?
Posted on February 14, 2008Earlier this week, the NYT had an interesting article on trying to quit Facebook and how difficult it is to have your personal informatin deleted (How Sticky Is Membership on Facebook? Just Try Breaking Free - New York Times). Apparently Facebook was listening: Quitting Facebook Gets Easier - New York Times...
US Customs confiscating laptops
Posted on February 07, 2008Boing Boing reports that Consumerist reports that the Washington Post reports that US Customs are continuing their practice of requiring some travellers to log into their laptop computers and provide data to the government. In some cases, they`re confiscating the computers on a promise of returning them in a few days...
Privacy Commissioners come out against national (RF)ID cards
Posted on February 06, 2008The Federal, Provincial and Territorial Privacy Commissioners came out yesterday against proposed RFID embedded super drivers licenses designed to facilitate border crossings: Nova Scotia News - TheChronicleHerald.ca Keep drivers' information in Canada ? officials Privacy commissioners slam plan to produce national identity cards By DIRK MEISSNER The Canadian Press Wed...
Privacy Commissioners to comment on RFID drivers licenses
Posted on February 05, 2008The Privacy Commissioners of the provinces, territories and Canada are planning to speak out about RFID drivers licenses as part of their semi-annual get-together, being held in Victoria this week. This has been precipitated by BC's recent announcement to introduce a new RFID embedded license to facilitate border crossings...
Physician's birthday invitations spark complaint to Alberta Commissioner
Posted on February 05, 2008The Information and Privacy Commissioner of Alberta has chastised a physician in that province after his patient database was used to send invitations to his birthday party. An individual who had "opted out" from such use received an invitation and complained to the Commisioner...
Developments in anti-piracy v. privacy
Posted on February 05, 2008When Hollywood asked Verizon and AT&T to monitor and block customer trasmission of suspected pirated content, Verizon said no. AT&T is apparently looking into it. See: Verizon Rejects Hollywood?s Call to Aid Piracy Fight - Bits - Technology - New York Times Blog...
Online debate: Security v. Privacy
Posted on February 05, 2008I just got a notice about what should be an interesting online debate, hosted by the Economist.com. From an e-mail from The Economist: I?m reaching out on behalf of The Economist Debate Series a program of open conversations on important global topics led by high-profile debaters...
Montreal Second Cup owner forced to take down bathroom surveillance camera
Posted on February 04, 2008I got a number of calls today from media outlets today about a controversy that has erupted in Montreal. It appears a Second Cup franchisee recently installed a fake surveillance camera in bathroom stalls in an effort to dissuade drug users from using the bathrooms to shoot up...
Schneier on Security vs. Privacy
Posted on February 03, 2008Here's a really great read from Bruce Schneier: Schneier on Security: Security vs. Privacy If there's a debate that sums up post-9/11 politics, it's security versus privacy. Which is more important? How much privacy are you willing to give up for security? Can we even afford privacy in this age of insecurity? Security versus privacy: It's the battle of the century, or at least its first decade...
NL data breach caused by P2P program
Posted on February 02, 2008The Justice Minister of Newfoundland and Labrador says a recent data security breach was caused by the P2P program LimeWire, which had been installed on a laptop used by a consultant. See: LimeWire led to data breach: N.L. justice minister.
Atlantic Canadian police want local ISPs to loosen up to nab suspected online predators
Posted on January 31, 2008Earlier this week, the RCMP organized a conference of police, internet service providers and other "stakeholders" on internet safety. I wrangled an invite, but had to go out of town at the last minute. One of the topics under discussion was whether ISPs should disclose subscriber information without a warrant...
Related Law Articles
Landlord Entry Right and Tenant Privacy
When can a landlord enter a rented dwelling
Related Law Questions
How do i go bout geting a free laywer to sue the durham police department for drug raids and nothing is found?they have been in my house 4 or 5 times seems like every 4 months or so and breaking down my door tearing up m
They need a warrant to get into your house...if they never showed you one...you ...
Personal information/online harassment?
Quit talking with people on message boards that support these activities. The se...
Protection from damages from Internet advertising fraud for owners of an Incorporated company?
The "corporate veil" that ordinarily protects business owners and managers from ...
How can data privacy be protected?
Continual risk assessment and preparation of risk mitigation strategies help org...
Is it libel to write blog posts and/or online reviews about a local business that defames one's reputation?
Libel is the form of defamation expressed in fixed-- usually written form. Sland...
#1 Online Legal Resource
On 08-28 at 21:13PM
Ten months later, Fed must reveal names of emergency lending recipients #FOIA
On 08-25 at 19:02PM
Squeaky Fromme, would-be Ford assassin and Manson devotee, released from prison
On 08-14 at 15:19PM
Likely unintended consequence of cash-for-clunkers stimulus is dampening of 2010 spending
On 08-14 at 14:34PM
Palm seeks to halt Palm Pre Android theme on copyright and trademark ground
On 08-12 at 17:30PM
Congressional investigation demonstrates Karl Rove lied about his active role in US attorney's firing
On 08-12 at 16:20PM
Family of New York City swine flu victim to sue city for failure to secure school #nyc #swineflu
On 08-12 at 12:59PM
Real Network's DVD copying software deemed to break DMCA's anti-circumvention provisions
On 08-12 at 12:57PM
Prepaid funeral operators indicted for $100 Million fraud
On 08-12 at 12:53PM
NY Jets join Cincinnati, Dallas, Green Bay, Houston & Seattle #NFL teams offering branded state lottery games
On 08-12 at 12:43PM
Are you the author of this blog? Adding USLaw.com to your Blogroll increases relevance. You qualify to display a USLaw Network badge.
Suggest changes to this blog's description or nominate another for inclusion. Register for updates.
How do i go bout geting a free laywer to sue the durham police department for drug raids and nothing is found?they have been in my house 4 or 5 times seems like every 4 months or so and breaking down my door tearing up m
They need a warrant to get into your house...if they never showed you one...you ...
Personal information/online harassment?
Quit talking with people on message boards that support these activities. The se...
Protection from damages from Internet advertising fraud for owners of an Incorporated company?
The "corporate veil" that ordinarily protects business owners and managers from ...
How can data privacy be protected?
Continual risk assessment and preparation of risk mitigation strategies help org...
Is it libel to write blog posts and/or online reviews about a local business that defames one's reputation?
Libel is the form of defamation expressed in fixed-- usually written form. Sland...
 |
|
Contact Us | About Us | Celebrity Law Blog |
Our Partners | Disclaimer
| Law Blog Directory
| Law Jobs
| Law Tweets
| GoDaddy Hosting
All original material © 1999-2009 by USLaw.com. |