Information & Ethics Committee on Feb. 14th, 2011

Thank you, Mr. Chair.

Ms. Stoddart sends her sincerest apologies. She would have really liked to be here today.

I would like to begin by applauding the committee for addressing the highly relevant, topical issue of privacy in the context of open government.

As we plead for greater and greater openness in government, the issue necessarily arises of protecting personal information in that context. I think that this is a balance on which we must absolutely focus in a democracy. I am happy to be here today. Hopefully, I can contribute to your discussions.

In September 2010, Canada's federal and territorial access to information and privacy commissioners signed a resolution to endorse and promote open government as a means to enhance transparency and accountability. The resolution specifically stated that open government must afford due consideration to privacy, confidentiality, and security.

Our commissioner's letter to this committee on July 15 addressed this intersection between open government and privacy. It stated that any public interest that favoured disclosure ought to be weighed against the individual interest of the right to privacy. While our office supports increased efforts to bolster online access to governments, greater transparency, accountability, and public engagement, we also urge the government to remain mindful of the responsibility to protect the vast amount of personal information in its possession.

Let me turn to certain privacy concerns that must guide us in our discussion.

Integrating open government and the protection of privacy rests upon several considerations that are particularly put to the test through new information technology. The first relates to the nature of the information. Can seemingly anonymous information become, through technology, personal information? Second, how does the digital age impact on the traditional balance between transparency and privacy? Let me address each consideration separately with concrete examples.

First, what constitutes personal information? There is a difference between open data and open information, or structured and unstructured data, and this nuance is a key aspect of the discussion. Structured data are mostly facts, numbers, statistical sets, geographical maps, weather data, and so forth. These data sets do not contain identifiable personal information. The Privacy Act applies when data are found to contain personal information about an identifiable individual, and the issue is that the line between identifiable and non-identifiable information is becoming increasingly blurred with the emergence of new information technologies. What initially appears to be anonymous information can in some cases be combined with information from other sources and then manipulated using powerful database technologies to produce data that can be linked to specific individuals.

Here are two concrete examples of that. In the first case, an individual complained to our office that an organization had combined Statistics Canada's data on demography with White Pages phone book information to create new personal information and therefore should have required consent to use. Our investigation determined that the particular complaint was not well founded, because the new data produced were about neighbourhoods, not identifiable individuals. Still, it forced us to reflect on the consequences of merging databases.

The second illustration of how seemingly anonymous data can become personal information is in the case of Gordon v. Canada (Minister of Health). We were granted leave to appear in the case, which was heard in Federal Court in 2008. In that case, a journalist's access to information request for data contained in Health Canada's adverse drug reaction information system was granted, except for 12 database fields. These were withheld on the basis that the disclosure could link to identifiable personal information. The court was faced with determining whether the province from which an adverse drug reaction report was received should be exempt from access.

Mr. Justice Gibson found substantial evidence that disclosure of the province field could indeed lead to a serious possibility that an individual could be identified, and that alone was leading to valuable information. Obviously, such identification was not warranted in the public interest.

A second consideration I want to put to you is the impact of the Internet on transparency and privacy. Our office's position on Internet posting of the decisions of administrative tribunals is an example. Federal administrative tribunals are under the jurisdiction of our office and are subject to the Privacy Act. It is our view that the impact of the Internet involves costs to privacy that go well beyond the benefit of public interest.

To reconcile the goals of transparency of government and privacy of individuals in relation to administrative tribunals, our office, in collaboration with our provincial counterparts, has developed a guidance document on electronic disclosure of personal information in the decisions of administrative tribunals. This reference document is available on our website.

The guidance document makes a few recommendations that may guide administrative tribunals in ensuring both transparency and protection of privacy. For example, we recommend that a tribunal first assess what legal obligation it has to make its decision available to the public at large. Second, we recommend that it assess whether the public disclosure of the information is necessary and if it is appropriate, again based on public interest. We suggest that public interest be assessed by taking into account a series of considerations, such as protecting the public from fraud, protecting the public from physical harm or professional misconduct, or promoting deterrence. If there is a public interest to disclose personal information, it still must be weighed in relation to sensitivity, to accuracy, and to the possibility of harm that may come to the individual.

I also want to turn to privacy by design. Privacy by design is a pre-emptive approach that requires the integration of privacy considerations into new programs and databases from the outset, not as an afterthought. This concept is essential to open government.

A key part of open government is to build trust between government and the citizens it serves. An important way to do that is to treat people's personal information with respect, to safeguard it, and to ensure it is not inappropriately disclosed. That is why data protection authorities here and around the world are increasingly convinced that governments need to build privacy considerations directly into the design of any program or service through which personal data are being collected. Privacy must be the default position, rather than something acted on as an afterthought.

At an operational level it is important to identify in detail the logistics, architecture, and risks in open government projects. Given the pace with which governments are moving, it is vital that consideration be paid to ongoing privacy training, especially in IT project areas, to proper rules and processes for disclosing information, and to the mechanics and resourcing of the existing access to information and privacy system.

Let me move now to assessing open government initiatives. Every release of government information requires a careful assessment to ensure its continued compliance with the Privacy Act. Each data set must require varied assessment, giving the type of data in question, the intended objectives of releasing the data, the nature of the organization, and the issues at play. We are pleased to assist departments and agencies to strengthen their privacy practices through our review of privacy impact assessments.

In conclusion, I want to make it clear that our office supports open government as a key principle of democracy. Transparency should not, however, come at the cost of individuals' statutory rights to privacy. The delicate balance we have established until now between transparency and privacy must not be compromised by new technology that makes information both more accessible and more sought after than ever.

We urge the government to continue to incorporate privacy protection in the development of new IT systems and databases and to continue to value privacy as an immutable characteristic of human dignity.

I thank you. I remain available for questions, as does my colleague, Colin McKay. Merci beaucoup.

Thank you.

There is actually a Treasury Board directive that makes it mandatory for departments to develop privacy impact assessments for any project or initiative that has implications for the holding of personal data. Those Privacy Act assessments are submitted to our office, and we review them and make recommendations to ensure the protection of privacy.

Should there be, or when there will be, specific open government programs and initiatives, we expect to review a privacy impact assessment and make our recommendations as to how the protection of privacy and the goals of transparency can both be met.

Actually, this was at our federal-provincial-territorial meeting last September in Whitehorse. The discussion was very much focused on open government, very much focused on the fact that it was spreading, so to speak, and that it has become the new way to relate to citizens. Along with our colleagues, we wanted to make sure that the principles we felt should guide this new direction were stated; the exercise was very much one of principles to ensure that we were all coming to the same conclusion as to how governments in Canada should move forward.

We are not, specifically, but we work very closely with the Treasury Board Secretariat and therefore with the CIO's office. We expect any development in that area to be supported by a privacy impact assessment. We review privacy impact assessments thoroughly and make recommendations. I must say that on the whole, our recommendations are followed.

At this point I'm saying our office is working with the Treasury Board Secretariat, and it has been working with individual departments every time they develop a program or an initiative that can have implications for the handling of personal information.

Unfortunately, I'm not privy to that information at all, or to that work. What I can say is that if there were a specific program set up, then we would definitely be involved to ensure that privacy is duly considered and integrated.

We are all very conscious of the risks to privacy; therefore, everyone is proceeding very cautiously.

Our role as of the Office of the Privacy Commissioner is to ensure that the privacy considerations are duly addressed.

We work closely with the Treasury Board Secretariat and we follow developments in open government. We have still not received a privacy impact assessment. We expect that the full project will be submitted to us as a privacy impact assessment and that the Treasury Board will keep us updated on any new developments.

No, not yet.

Not yet. They have not submitted a specific project to us.

Of course, like everyone else. We are staying informed. We have noted that various initiatives have been taken throughout the government. However, we have not yet been officially provided with a project on open government.