Evidence of meeting #30 for Access to Information, Privacy and Ethics in the 39th Parliament, 2nd Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was employees.
A recording is available from Parliament.
4:45 p.m.
Privacy Commissioner, Office of the Privacy Commissioner of Canada
Certainly the Spanish commissioner can. They've levied million-dollar fines on multinationals that were transgressing Spanish law. That's in the private sector.
4:45 p.m.
Conservative
Russ Hiebert Conservative South Surrey—White Rock—Cloverdale, BC
Have you put some thought to the impact this change would have on the role of the Federal Court? Currently it plays the enforcing role in privacy legislation. Certainly you've talked about expanding the powers of the Federal Court in this area.
What would happen if the Federal Court got the expanded powers that you're suggesting and if the Office of the Privacy Commissioner got an expanded mandate to refer things to the court? Would that not solve a lot of the problems, as opposed to having your office take on the enforcement powers as well?
I mean, we want some separation of power here. We know that's a model that works well. I'm a little bit concerned about having the monitoring, enforcement, and prosecution under the same roof.
4:45 p.m.
Privacy Commissioner, Office of the Privacy Commissioner of Canada
Yes, and rightly so; it's often a difficult coexistence. The legislation has to be very carefully drafted.
I'm not asking for direct enforcement powers. I'm asking that Canadians have the right, with my help when it's appropriate, to go to Federal Court on issues of correction or on issues of damage. That is a full range of rights as they have in the private sector act.
Again, if I may take a bit more time, I'd like to remind the committee that in fact we have very little litigation under the private sector act. Because we say, “We'd like to settle with you, but if we can't come to a settlement we will take it to the court, and the court will decide whether we're right or wrong”, in practice, most of the organizations settle. And I would predict that this is probably what will happen under an amended Privacy Act.
4:45 p.m.
Conservative
Russ Hiebert Conservative South Surrey—White Rock—Cloverdale, BC
On the prosecution side, have you put some thought into having the role of the new public prosecutor expanded, with the Office of the Privacy Commissioner having a mandate to recommend violations and then making those recommendations to the public prosecutor as opposed to the Federal Court? Have you put some thought into that?
4:45 p.m.
Privacy Commissioner, Office of the Privacy Commissioner of Canada
No, we haven't.
4:45 p.m.
Conservative
Russ Hiebert Conservative South Surrey—White Rock—Cloverdale, BC
Okay.
Changing the subject a little bit, British Columbia has introduced a pilot project on enhanced drivers licences. This is related to the passport requirement at the border. They're using new technology to reduce costs and maintain Canadian access to the United States.
With the use of this technology, there needs to be a balance in protecting the privacy of the information on these smart cards. I was wondering if you could provide us with any information, solutions, or suggestions on how to balance these applications of technology with the need to maintain the privacy of the people who use those cards. Could you tell us whether striking such a balance would require legislative amendments?
4:45 p.m.
Privacy Commissioner, Office of the Privacy Commissioner of Canada
I will begin, then the assistant commissioner will continue. He has worked directly on this project, and we've been consulted by CBSA.
4:50 p.m.
Privacy Commissioner, Office of the Privacy Commissioner of Canada
I don't think there need to be any substantive amendments to the Privacy Act. It's a question of appropriately interpreting the principles of the act and balancing the convenience that many Canadians seek with the protection of privacy principles.
We're looking at the design of the program and the security standards of the RFID technology. This technology can be fairly vulnerable to outside use. We're looking at the authenticity of the identification documents to make sure that people are given proper documentation, in the correct name and so on. We're watching the pilot project with great interest. Depending on the results of the pilot project, the full-time project will go ahead.
We also have to look at U.S. access to Canadian information. In the interests of national sovereignty, we want to limit this access to what is necessary for an efficient transborder solution, which is also privacy protective.
4:50 p.m.
Conservative
Russ Hiebert Conservative South Surrey—White Rock—Cloverdale, BC
That leads me to another question.
In one of your reports you talk about how Canada is lagging behind the international community in this area. You give the example of the European Union as being one that has a protocol in place for sharing information with non-EU countries. Can you give us any other examples of nations that have policies in place to protect citizens from the sharing of this information? Are there some things that we should be looking at?
4:50 p.m.
Privacy Commissioner, Office of the Privacy Commissioner of Canada
The EU, I may say, has quite a few nations in it—30 or so. I think the EU is probably the only one with that standard. There is some spot legislation in the United States, for example, having to do with not sharing information with Cuba, but that's in a national security context. Other countries have also legislated in a national security context.
4:50 p.m.
Conservative
Russ Hiebert Conservative South Surrey—White Rock—Cloverdale, BC
Perhaps you could provide us with the names of those countries so that we could look at the models.
4:50 p.m.
Privacy Commissioner, Office of the Privacy Commissioner of Canada
Certainly.
4:50 p.m.
Conservative
Russ Hiebert Conservative South Surrey—White Rock—Cloverdale, BC
In your fifth recommendation for some possible immediate changes, you suggest that the Office of the Privacy Commissioner
...release information on its own initiative concerning the personal information management practices of a government institution where this serves the public interest.
Help us to understand what you mean by “public interest”. What criteria would you use to determine whether some sort of public announcement would be needed?
4:50 p.m.
Privacy Commissioner, Office of the Privacy Commissioner of Canada
Criteria would include, first, the educational value of the information, the fact that it allows Canadians to make better informed decisions, and second, the timeliness issue. I find it very difficult to report publicly to Parliament some 18 months after something happens. For example, if I find a huge privacy problem in a department or an institution that runs a service that affects most Canadians, I would think it might be appropriate, in some circumstances, to inform Canadians about this right away, rather than to wait 18 months. It might also provide a greater incentive for the department to be privacy proactive.
4:50 p.m.
Liberal
4:50 p.m.
Liberal
Charles Hubbard Liberal Miramichi, NB
Thanks, Mr. Chair.
I think number four is very significant. Really, we're dealing with the two pieces of legislation you deal with. Then we have the provinces involved. We have the charter.
Yesterday in the House a question was asked about a recent Supreme Court decision on privacy, with a school and an individual who was apparently at a bus depot. This week we had the privacy debate in our own newspaper, with the student at Carleton University, I believe it was. Then you have the situation with airlines, which is probably outside your mandate. For example, there was the person who was tasered in Vancouver. When his mother went to the airport.... As a mother, as a brother, or sister, if you went to the Air Canada or whatever desk and they couldn't tell you whether or not that passenger was on the plane....
When we look at situations like that, how, as a committee, can we try to look to some solutions that might avoid problems?
It seems rather difficult that a very senior person at the university is being contradicted by somebody else about the interpretation of privacy. Is it because we don't know which piece of legislation, provincially or federally, is being applied? Where can we attempt to give the public good information on the privacy rights of individuals but also address the concerns that maybe a mother from British Columbia has about a Polish son who can't speak English coming into the airport in Vancouver?
How can we overcome those kinds of situations?
4:55 p.m.
Privacy Commissioner, Office of the Privacy Commissioner of Canada
Well, Mr. Chairman, that's perhaps a very ambitious set of objectives for one committee.
In the case of the student, I think that does fall under provincial legislation. So I think that has to be dealt with provincially, if indeed there is a problem.
The Supreme Court decision to which you referred I think illustrates the debates about privacy and the fact that there is not just one view of it. It's highly personal, by definition. It's highly contextual. It depends on culture, institutions, and circumstances, and it always has to be interpreted and re-interpreted. So it's very hard, I think, to say that this is the one way to go in definitive circumstances.
As for the issue in the Vancouver airport, which is in federal jurisdiction, I think it's ironic from a privacy point of view that one easy way to fix that problem would be to have us all tracked through the airport with a little RFID. Then they would know exactly where we were and who was in the airport. Having no information on who is in the airport gives the people in the airport a tremendous amount of autonomy.
It's rather surprising in these days of heightened national security that apparently you can get off the plane and nobody notices, or at that time they didn't notice, that you had in fact exited. Again, it's the challenge of the difficulties in dealing with privacy. You could track everybody off the plane and something would start to beep if they weren't out of the airport in an hour and a half or something, but that would be very privacy invasive.
4:55 p.m.
Liberal
Charles Hubbard Liberal Miramichi, NB
So in terms of the passenger mandate, if you call the airport and ask whether your brother is on the plane, the Air Canada desk will say they're sorry but they can't tell you. Is that a fulfillment of the objectives of this legislation that we're talking about?
4:55 p.m.
Privacy Commissioner, Office of the Privacy Commissioner of Canada
Perhaps not so much this legislation as parts of the Aeronautics Act and national security legislation.
There's the whole issue of authentication. I phone and ask if my brother is on the plane. Well, my brother may be the person I'm trying to blow up.
It's a many-faceted solution to the issues you're bringing up.
4:55 p.m.
Liberal
The Chair Liberal Paul Szabo
Colleagues, we have five more members who want to ask questions and only four five-minute slots, so if you could make your questions really tight, everybody can get their chance.
Mr. Van Kesteren, Mr. Nadeau, Mr. Harvey, Mr. Martin, and Mr. Wallace.
April 29th, 2008 / 4:55 p.m.
Conservative
Dave Van Kesteren Conservative Chatham-Kent—Essex, ON
Thank you, Mr. Chair.
Thank you, Madam Stoddart, and everyone else, for attending.
The last time you were here I didn't have much time to ask you about this, but I noticed in your financial statement, and I also noticed the same in the access to information.... You touched on it briefly, that much of your efforts are around inquiries from correctional facilities. Is that correct?
4:55 p.m.
Conservative
Dave Van Kesteren Conservative Chatham-Kent—Essex, ON
Can you tell us what's going on, just briefly? It's a huge thing, and nobody wants to talk about it. What's happening?
4:55 p.m.
Privacy Commissioner, Office of the Privacy Commissioner of Canada
This is perhaps a context in which people are concerned about what's in their file more, perhaps, than those of us who are not incarcerated. It's a difficult context both for the people who work there and, of course, for those who are incarcerated. That's why this litigation is going forward now in the Ontario Supreme Court.
Sometime it's one incident that gives rise to complaints by different people. This happened a couple of years ago; it is the phenomenon at the origin of the current backlog, or which has certainly contributed to it.
How many inmates complained?