Thank you very much. It's indeed a privilege to be here. We thank you for inviting us to appear before you as you conclude, I believe, your study on street-level imaging technology. We're here to assist you in any way we can.
I'm Patricia Kosseim, general counsel. As the chair already indicated, with me are Dan Caron and Dr. Andrew Patrick, from our IT advisory services. On behalf of the Privacy Commissioner, I would like to relay her regrets at not being able to be here in person, as she is currently out of the country.
I'm going to give a brief overview of some recent developments that have occurred in this area since you last heard from former assistant commissioner Elizabeth Denham, who appeared before this committee in October 2009.
Prior to Google Street View being launched in Canada last year on October 7, 2009, the Office of the Privacy Commissioner of Canada, along with our provincial counterparts from British Columbia, Alberta and Quebec, issued a Fact Sheet on street-level imaging entitled "Captured on Camera: street-level imaging technology, the Internet and you". The purpose of that sheet was to offer Canadians more information on the privacy implications of street-level imaging technologies.
We outlined our views to businesses rolling out such technologies. We asked them to take the following steps.
They had to be proactive and creative to ensure that Canadians know when they may be photographed.
These businesses should also employ proven and effective blurring technologies for faces and vehicle licence places.
Third, they must offer fast and responsible mechanisms to allow any images to be blocked or taken down upon request.
Lastly, they must have a good reason to keep original, unblurred images and they must also protect them with appropriate security measures.
Since our last appearance before this committee in October 2009, the Office of the Privacy Commissioner of Canada has continued to stress the importance of ensuring that privacy remains an utmost consideration in the development of new products and services. However, events of the last year show that organizations need to build greater personal information protections into their new products while they are being developed. The incident involving Google's collection of Wi-Fi payload data from its street-level imaging vehicles is an important lesson in that regard.
In May 2010, Google discovered that in an effort to collect information about Wi-Fi access points to enhance its location-based services, its Street View cars had inadvertently been collecting payload data from unsecured wireless networks. Essentially, payload data is information about the communications that run through these networks. Google promptly grounded its Street View cars, stopped the collection of Wi-Fi network data, and segregated and stored by country all of the data already collected.
Pursuant to the Personal Information and Protection of Electronic Documents Act--PIPEDA--as you know well, the commissioner may initiate a complaint in respect of an organization's personal information management practices if she believes there are reasonable grounds to investigate the matter. On June 1, 2010, our office sent a letter to Google stating that the commissioner in this case and as per her statutory discretion found reasonable grounds to investigate and had initiated three complaints against the company.
The complaints initiated by the commissioner were: first, that Google's collection, use, or disclosure of payload data was done without the prior knowledge and consent of the individuals affected; second, that Google's collection of payload data was done without prior identification of the purposes for which they were collecting this data; and third, that Google's collection of payload data was not limited to that which was necessary for the purposes identified.
In the course of our investigation, representatives from our office, including Dr. Patrick, went to the Google Mountain View facility on July 19, 2010, to review samples of the payload data collected by Google. Following the investigation, which included several exchanges between our office and Google, the commissioner issued her preliminary letter of findings on October 19, 2010.
As the commissioner stated in her recent appearance before you on October 19, her investigation found that Google had inappropriately collected personal information of Canadians from unsecured wireless networks. In some cases, that personal information was highly sensitive, including complete emails, user names and passwords, and even medical conditions of specified individuals. Unfortunately, this collection of data was due to an error that could have been easily avoided if Google's own procedures had been followed.
Essentially what happened here was that the engineer who developed the code to sample categories of publicly broadcast Wi-Fi data also included code allowing for the collection of payload data, thinking that this type of information might be useful to Google in the future. The engineer had identified what he believed to be "superficial" privacy concerns, but contrary to company procedure failed to bring these concerns forward to product counsel, whose responsibility at Google would have been to address and resolve these concerns prior to product development.
The investigation revealed that a number of privacy protection principles under PIPEDA had been violated, and accordingly, in her preliminary letter of findings, the commissioner recommended that Google re-examine and improve the privacy training it provides to all its employees, with the goal of increasing staff awareness and understanding of Google's obligations under privacy laws. She also recommended that Google ensure it has an overarching governance model in place that includes effective controls to ensure that all the necessary procedures to protect privacy have been duly followed prior to the launch of any product, as well as clearly designated and identified individuals actively involved in the process and ultimately accountable for compliance with Google's obligations under privacy laws. Finally, she recommended that Google delete the Canadian payload data it collected, to the extent that it is allowed to do so under Canadian and U.S. law. If the Canadian payload data cannot immediately be deleted for legal or other reasons, the data must be properly safeguarded, and access to it should be restricted.
At this time, the commissioner considers the matter to be still unresolved. The matter will be considered resolved only upon receiving, either by or before February 1, 2011, confirmation from the company that it has implemented the above recommendations, at which point the commissioner will then issue her final report and conclusions accordingly.
We look forward to Google's implementation of our recommendations and hope that they will from now on ensure both in procedure and in practice that effective measures for protecting personal information are built into their new technologies at the very early stages of product conception and development. Our office will continue to ensure that the protection of privacy remains a key consideration for organizations prior to launching the products or services, so that Canadians may benefit from creative and innovative products secure in the knowledge that their personal information is being protected and that their rights as consumers are fundamentally respected.
Thank you.