Evidence of meeting #28 for Access to Information, Privacy and Ethics in the 39th Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was pipeda.
A recording is available from Parliament.
9:55 a.m.
Conservative
The Vice-Chair Conservative David Tilson
That concludes the first round of seven minutes.
We'll now proceed with five-minute rounds.
Not as a member of this committee but as an individual, I must say that I agree with Ms. Bercovici on what she said about solicitor-client privilege. I've seen the withering away of solicitor-client privilege with the former Information Commissioner and I see it with the Privacy Commissioner.
This question is either to Ms. MacKenzie, Mr. Bundus, or to you, Ms. Bercovici, on the issue about the statements of witnesses.
It is almost as if you are suggesting that insurance companies should be privileged. It could be a criminal investigation or a highway traffic investigation. For example, for the police, for a crown attorney, or even for civil matters, you are suggesting those statements should not be allowed to be brought to be subpoenaed. Is that what you are suggesting?
I'm looking at Ms. MacKenzie or Mr. Bundus.
9:55 a.m.
Privacy Officer, Dominion of Canada General Insurance Company
We're not saying that, no. We're not saying they shouldn't be subject to subpoena, that they should be privileged. We're just saying we shouldn't be prevented from defending our clients and carrying out our legal obligations under the policy by not being allowed to talk to a witness.
10 a.m.
Conservative
The Vice-Chair Conservative David Tilson
Just so I'm clear, if there was an information application, those documents would not have to be produced, but if they were subpoenaed they, would have to be produced.
Is that what you're saying?
10 a.m.
Privacy Officer, Dominion of Canada General Insurance Company
I don't understand—
10 a.m.
Vice-President, Federal Affairs and Ontario, Insurance Bureau of Canada
I think they're two different issues, with all due respect, Mr. Chairman. What we're saying is that the law is not clear with respect to witnesses' statements currently. We're saying that we ought to have the right to go to someone who's been a witness to an accident and to get their testimony and not be encumbered by another party who says you have to get their consent in order to talk to this person who was directly a witness to this accident.
In other words, we're saying if you're a witness to an accident, your testimony is your personal information. It's your right to give it to the insurance company if you feel so inclined. We ought not to have to go to someone else to get their consent first. That's the issue there, and it needs to be clarified in the law.
10 a.m.
Conservative
Bruce Stanton Conservative Simcoe North, ON
Thank you, Mr. Chairman, and thank you to our panel this morning.
It's a very interesting take on a few very key issues for an important industry, in the case of the insurance industry. And thank you to Mr. Long for your insights this morning as well.
I'd like to direct my first question to Mr. Yakabuski.
This is specifically on the area of work product. You spent some time on that, and you said that in the current PIPEDA legislation, it is an inhibitor of innovation, research, and so on. Using the notes that were supplied to me by the Dominion of Canada--thank you very much--I was able to find the Privacy Commissioner's comments on that topic of work product.
She appreciates the fact that this is a complex area, but raises some concerns that if we go for a complete blanket exemption of work product information with respect to PIPEDA, it raises the spectre of, for example, video surveillance in the workplace, that type of information. What prevents that from falling into the realm of personal information? That's one issue. I wonder if you could perhaps address the Privacy Commissioner's concerns in that regard.
Secondly, you mention that there is an ability to draw a line, in fact, between when the information regarding an employee--in this case--is personal information and when it's work product. Can you just give us an example of how that might work?
10 a.m.
Vice-President, Federal Affairs and Ontario, Insurance Bureau of Canada
I'll let Randy talk a bit further, but let me just say that we're simply saying that this has worked extremely well in the British Columbia legislation. We're asking for nothing else but the dispositions that are now in the B.C. legislation. I think they will work federally as well.
I think it's very clear that we are not talking about employee information. If there's information about an employee, that's personal information. What we are talking about is all kinds of statistics that businesses generate about the products and services they provide. If you want to have a competitive economy, you have to make sure that is out there in the public domain, accessible, so we can have companies that learn from successes, build on those, and improve their products and services. Otherwise, you're going to potentially be creating a bunch of oligopolies in this country.
From an economic policy point of view, it is fundamental that information about a company's products and services generated in the course of doing business be accessible and not be considered personal information.
I draw a totally stark distinction between that and the employee information that the commissioner might be referring to.
10 a.m.
President, Murray Long & Associates
May I jump in on this one?
I've thought about those comments by Jennifer Stoddart at some length, and I think you can draw a fairly bright line between a definition of work product information as work output and work processes, but it would not include video monitoring or video surveillance.
I don't think her concerns in this particular case are realistic ones. I don't want to put words in her mouth, but I honestly have tried to assess that. I think it is useful, certainly, to add a definition of work product in the act, just to provide clarity for the business marketplace. I think if you work with the B.C. definition, it is such that it is not going to incorporate or include things like video surveillance. I think you can make that kind of distinction fairly clearly.
10:05 a.m.
Conservative
10:05 a.m.
Conservative
Bruce Stanton Conservative Simcoe North, ON
There is just one item for Mr. Long.
Mr. Long, you raised the whole issue of the Public Safety Act amendments and the potential threat these have to charter rights. You spoke of them in terms of being potentially offending. Could you cite some examples or some circumstances that you see, in plain terms, where that threat exists? Would you go over, just for the record, where the potential problem is there?
10:05 a.m.
President, Murray Long & Associates
Sure. The act currently authorizes businesses to use information they come across in the normal course of their business activities. So if a business organization saw something it thought was suspicious in nature, it could certainly use that and later on disclose that to the RCMP or to CSIS or whatever.
What the law has done now with the Public Safety Act amendment is it has expanded that to allow a business organization to collect information, and the word “collect” in my reference point means something you don't already have. So you can go forth and gather new information for the purpose of later disclosing it to the RCMP. I think the fact that the law has now permitted organizations and private businesses, on their own, without direction, without guidance, to start collecting new information about employees or their clients or any third party certainly creates a situation where they could easy violate charter rights in the sense of perhaps engaging in things that would be considered an unreasonable search. For example, a company could decide, on the basis of its own suspicions, to do a locker search of employees because they're concerned about some national security issue. I think the law should not permit private businesses to start collecting new information for this purpose on a suspicion basis. There's a pretty low bound in terms of the anti-terrorism type of investigation. It's not even probable cause. It's a suspicion of, and I think there is certainly a concern.
Secondly, if the RCMP came to a business and said, we'd like you to collect information for us, they're really making that business an agent of the state, and they may do so in circumstances where they would not themselves be able to get a warrant, but they're going to ask the business to collect information for them. I can't say for certain that this has ever occurred, but it's certainly a troublesome area of the law, and I certainly think you need to look at it and you need to recommend back to Parliament that these amendments need to be reconsidered, at the very least.
10:05 a.m.
Bloc
Robert Vincent Bloc Shefford, QC
Thank you, Mr. Chairman.
Mr. Yakabuski, thank you for coming today. I read your brief closely. I believe Mr. Bundus is the one who wrote it. I'm sure your employer is very pleased with what it contains. Let's begin with your first point, dealing with the work product.
Page 4 of your brief states:
“Work product” is not personal information because it does not relate to an identifiable individual; instead, it is proprietary business information that belongs to the organization. For example, an insurance company's strategy on handling a specific claim is not personal information as it is not information about an identifiable individual; [...]
You meet with the witness in order to take this statement, and then you meet with the client or the individual who has been wronged and you tell that individual that a witness has made certain statements. However, that does not count as information about an identifiable individual because it is simply a witness' statement. Therefore you can say anything to the insured, including that you have overwhelming evidence against them but you are not in a position to disclose your source of information.
You are the one who decides, because this is information that will influence how the insurer deals with the claim. Whether the case goes before the courts or not, you are under no obligation to disclose your sources. However, if the case does go before the courts, then you are obliged to disclose your sources. That's my first point.
Second, in the same document, on the next page, you go even further. You talk about the insured's medical files. Let's say, for example, that the claimant has an accident and you decide to go looking in their medical files in order to find out whether or not there had ever been anything physically wrong with that individual in the past. This is what your document states:
“An individual prescription, though potentially revealing about a patient, is not in any meaningful sense about the prescribing physician as an individual. Rather, it is about the professional process that led to its issuance and should be regarded as a work product—that is, the tangible result of the physician work activity.”
If I have understood correctly, this means that you can meet with the physician and request a list of all the prescriptions that the client has ever been given, and that this list will not be considered as personal information because the physician provided it during the course of the physician's work activity.
Let's go little further. You refer frequently to British Columbia and Alberta; there are not many references to Quebec in your brief. This is what it says:
The effect of these provisions in the B.C. PIPA is that “work product” information is not accessible by an individual. We agree with this sensible and reasonable approach.
Except medical information, if I understand correctly! I would like to hear further explanations on your brief's proposal. It states:
A definition of “work product”, which includes the work documents of an employee or business person that were generated in the course of the employee's or business person's work, [...]
10:10 a.m.
Vice-President, Federal Affairs and Ontario, Insurance Bureau of Canada
Mr. Vincent, let us not confuse things.
First of all, a witness statement is something entirely separate. We are asking that the law be clarified so that an insurance company or another party has the right to speak to you directly if you have been witness to an accident. Only at that point would what you have to say be considered your own private information. We want the law to be clarified. This is entirely separate.
Secondly, when we talk about work product information, we obviously consider that personal information is sacred. Obviously, you or I are entitled to our personal information. It is up to the commissioner to decide on this.
All we want is for the bill to recognize that some information is not personal and relates to work-product information, whether it is the work product of an insurance company, the local corner store, or a large automobile manufacturer.
Let us not confuse things. We simply want to make sure that by applying the protection of the Privacy Act, we are not killing the Canadian economy.
10:10 a.m.
Bloc
Robert Vincent Bloc Shefford, QC
My question relates to the fact that in your documents, you include—
10:10 a.m.
Conservative
The Vice-Chair Conservative David Tilson
You'll have to wait for another round, since you're time is up.
Mr. Van Kesteren.
February 6th, 2007 / 10:10 a.m.
Conservative
Dave Van Kesteren Conservative Chatham-Kent—Essex, ON
Thank you, Mr. Chair. Thank you all for coming here as well.
This has been a very interesting and informative session. It seems as though each one becomes much more interesting and much more informed.
I'm rather being kind. I don't want to be unkind, but I guess what I'm trying to say is that we see the complexity of this act and this bill. When I was first elected, I had the good fortune of sitting with Ms. Stoddart at a meal. She introduced herself, and I thought, “Privacy? That's interesting; I've never heard of it before.” If there are 33 million people in Canada, probably 32.999 million or whatever have never heard of it either.
As a matter of fact, I remember talking to one of the parliamentarians who came here to one of the meetings; he'd been here a little longer than I, and he was surprised and had never heard of it either. I don't know whether it was of the Privacy Commissioner, but of one of the commissioners.
The point I'm trying to make, and I made this statement to some of you and publicly made it at the last meeting too, is that I really believe the insurance industry and the banking industry could write the book on privacy. I think you do a good job and I believe it's in your best interests to do a good job.
What's beginning to happen, though, as I view this whole process, is that the average guy on the street.... Before I was a parliamentarian, I was a businessman, and I commend you for your work, but if I got a brief like that talking about privacy, I would have the living daylights scared out of me.
I think the complexity is getting to the point now where, aside from the banks, the insurance companies, and possibly major manufacturers such as Zellers and Wal-Mart and such, the bill is getting way over our heads. We're getting into waters that I don't know if we want to tread. It is for that reason that I liked the recommendation that we leave things the way they are.
Is there a way we can get around this? Is there a way that possibly the industries I've mentioned, and whoever else it would pertain to, could move in those areas and leave the rest of us alone, or do we all need to be dragged along with this current of complexity?
I leave that open to anybody.
10:15 a.m.
President, Murray Long & Associates
Hopefully, sir, the changes will simplify the act and make it easier for small business to use. Some of the recommendations I've seen made over the past number of meetings here have indicated to me that if they were put in place, they would make it easier for the small business sector. I think that's an important point.
Secondly, there's the really critical issue of small business education. That, in my view, hasn't happened effectively yet. There's an urgency for the Privacy Commissioner—and the private sector as well, through different associations, organizations, and so on—to spend more effort trying to educate small business about the fundamentals of the law.
In most cases, if you're not collecting a lot of sensitive information, the law can be fairly simple to understand and apply. It looks complex on paper, but for small business it comes down to very simple rules. The problem is that there hasn't been enough education yet to explain those very simple rules to the small-business person. If that happens, you'll solve a lot of those problems.
But we need to make modifications to the statute itself to make it easier for business and for the public as well.
10:15 a.m.
Conservative
Dave Van Kesteren Conservative Chatham-Kent—Essex, ON
I want to follow that. You say “hopefully”, and that's a great word, but I'm a little suspicious about it. I want somebody else to grab this too. I want to go back to the point about whether it is possible that this act can be directed on a broad level, so that the average person who's—
10:15 a.m.
Privacy Officer, Dominion of Canada General Insurance Company
There are a couple of things, and I'd like Vivian to expand on this a little bit.
One thing I will say is that in terms of customers—I'm not addressing small business, but speaking in terms of our customers—I'm also the ombudsman for Dominion. Every complaint or concern comes to me, and we don't expect our policyholders to articulate their complaints in legislative style. If they have a concern, no matter how inarticulate, or are not even sure what the complaint is, our job is to help them out.
But concerning legislative complexity, I would like Vivian to expand a bit to help answer that question.
10:15 a.m.
Counsel, Dominion of Canada General Insurance Company
I will be brief in my comments, but if I may.... I know that's an oxymoron—a brief lawyer—but I'll do it.
