Mr. Speaker, I am very happy to be in this place and to rise on behalf of the people of Okanagan—Coquihalla. I am also pleased to express my support for Bill S-4, the digital privacy act.
Bill S-4 provides a number of important updates to the Personal Information Protection and Electronic Documents Act. In my view, these updates are long overdue and will better protect Canadians, in particular consumers, seniors, and children, who could be more vulnerable to sharing personal information online.
I believe that most parents would agree that today's kids' use of the Internet and related digital technologies is unprecedented in our history. Today, children have access to everything online, from information for school projects to gaming, music, movies, and much more.
A wide variety of devices are used to engage in activities such as socializing or gaming with friends, and of course, sharing photos and videos on social media sites that can be viewed by people all over the world. A young teenager may have a picture or a self-made video viewed by tens of thousands of people. While that may be an exhilarating experience, I would also say that it could potentially be a dangerous one.
As we know, a survey conducted in 2013 found that 30% of grade 4 to grade 6 students had Facebook accounts. By grade 11, that increases to 95% of all students, and that is just Facebook. What about Twitter or Instagram or Snapchat?
Businesses are not naive to these trends. Online services can generate massive amounts of revenue. The action of collecting and analyzing personal information for marketing purposes is huge and increasingly valuable. This includes personal information taken from websites, apps, and search engines aimed at kids.
Do kids have any idea that their information is being gathered? Do parents? Is there a clear understanding of what happens to that information that is required to register and download or play a free online game?
Our government recognizes that the digital world offers benefits to children. We are also aware that the online community is often a reality in our day-to-day lives.
The skills kids develop by participating and navigating in online activities can create a significant advantage as they grow up and transition into the job market. Indeed, many high-school-aged kids today have as much, or more, online literacy than a technician would have had a decade ago. However, with growing participation in the online world come increased threats to privacy.
PIPEDA currently contains provisions that protect the personal information of children. As an example, businesses cannot obtain consent in a deceptive or misleading manner. The act also prevents companies from denying access to services on the basis of a refusal to share personal information.
The digital privacy act proposes an amendment to increase protection by creating new safeguards related to the collection, use, and disclosure of personal information. The bill would require that an organization ensure that users, as a group, were able to understand what happens to the information that is collected about them.
I would like to provide this place with a few examples of how the proposed amendment would work.
One example could be an educational website designed to help elementary school kids develop math skills. Under the proposed amendment, requests by that particular website to collect, use, or disclose personal information would need to be understandable by the average elementary school student. This would ensure that these requests used words and language that was appropriate for the website's target audience. Under the digital privacy act, it would not be reasonable to simply expect average elementary kids to understand what clicking the “I agree” box actually meant. If there was no clear understanding as to why the information was being collected, the company would not have valid consent.
As another example, in the case of a mobile app that allowed teenagers to create music recordings, that app would need to obtain the consent of these teens in a manner that would be different if the app were targeting adult users.
I am also aware that during the committee hearings on Bill S-4 , a number of witnesses shared their views on the proposed consent measures.
The Privacy Commissioner of Canada, when expressing his support for this amendment, stated the following:
it is a useful clarification of what consent is, and it has the potential of improving the situation for the issue of consent sought from children.... So, when the individual is a child, if your product is addressed to children, you should think about what is reasonable to expect of a child in understanding the consent being sought. Overall, I think, again, the definition of consent in Bill S-4 will assist generally and will assist particularly groups that are more vulnerable, like children.
The committee also heard from other expert witnesses who offered their support for the consent amendment. For example, the Retail Council of Canada stated its wholehearted support for this proposed amendment on valid consent, emphasizing in particular that, “a vulnerable population such as children should be protected”.
In addition, the Marketing Research and Intelligence Association, which represents the Canadian survey research industry, also wrote to the committee to share its views on Bill S-4. In its submission, it stated that the amendment “provides added clarity for organizations when they seek the valid consent of an individual when collecting, sharing and disclosing their personal information” and “that specifying the elements of valid consent will go a long way to protecting the most vulnerable Canadians, such as seniors and children”.
These are positive endorsements, and I believe they speak to the idea that children need and require extra protection when it comes to their online activities and the protection of their privacy.
In early May of this year, an international network of privacy commissioners, called the Global Privacy Enforcement Network, or GPEN, conducted a worldwide spot check on children's privacy protection. This privacy sweep, as it was called, looked at whether apps and websites worldwide inappropriately gathered information on children.
For some background, GPEN began conducting worldwide privacy sweeps in 2013. The first sweep focused on website privacy notices, and then in 2014, it focused on mobile apps. These sweeps have involved the active participation of Canada's own Privacy Commissioner. They have highlighted areas where privacy practices are lacking. Each time the sweeps have successfully resulted in concrete positive changes to a large number of apps and websites.
This year GPEN also looked at the types of information being collected from children and whether protective controls exist to limit that collection. This year's sweep also looked at whether these sites and applications take steps to make privacy policies understandable to kids, using things like simple language, large print, audio and animation, and whether parental involvement is encouraged.
The Privacy Commissioner of Canada had this to say about the children's privacy sweep:
Children are more connected than ever before and these platforms must bear that in mind when seeking potentially sensitive data such as name, location or email address. This is about protecting children. I can’t think of anything more important than that.
I agree with the Privacy Commissioner.
This year's sweep was a privacy spot check that included 29 data protection authorities from 20 countries, including the Privacy Commissioner of Canada. I believe that many members of this House will look forward to the results of this groundbreaking privacy sweep when it is released in the fall. I expect the results will be of assistance to the Privacy Commissioner and the private sector in determining where changes need to be made to comply with the new enhanced consent requirements under the digital privacy act.
Earlier this year, our Privacy Commissioner also published a top 10 list for protecting children's privacy for organizations with services aimed at children and young people. These tips offered by the Privacy Commissioner emphasize that when it comes to children, the privacy protection bar needs to be set extremely high. I submit that this is why the Privacy Commissioner of Canada has publicly recognized that the amendment would enhance the concept of consent.
We have heard from the Privacy Commissioner and from privacy commissioners that this is an emerging field. I believe that the amendments made to PIPEDA will help protect our children and other vulnerable populations, like seniors. I would humbly ask all members in this place to give these provisions their due review and support.
