Good afternoon, and thank you for the opportunity to appear before the committee today.
My name's Nathan Prier. I'm the president of the Canadian Association of Professional Employees, where I represent over 25,000 public sector workers in the economics and social sciences services and translation groups, as well as employees of the Library of Parliament, the Office of the Parliamentary Budget Officer, and civilian members of the RCMP.
We're shocked and dismayed to learn that spyware has been used in multiple federal departments, on federal devices used by public sector workers, without following the government's own policies. The use of this spyware was uncovered, as we just heard, through an access to information request submitted by Dr. Light, and public sector workers learned of the potential breach of their rights from the press instead of through mandated privacy assessments or any sort of proactive disclosure by the employer.
This kind of secretive behaviour damages the trust between public sector workers and their employer. Dr. Light described the use of this spyware as “overkill” and “ridiculous, but also dangerous”, and we just heard some examples of why he feels that way. In our estimation, the use of such software is pretty heavy-handed and is a breach of our members' trust.
The government's directive on privacy impact assessment is in place to ensure that any data collection is done through the least intrusive methods possible, and the government's own Privacy Commissioner has indicated that assessments are warranted whenever privacy-infringing tools are used, even when there is judicial authorization in place that some measure be used. The 13 departments in question here didn't perform privacy impact assessments before using this spyware, despite their own policies requiring such an assessment to be done, and for us that's completely unacceptable.
Federal public sector workers should enjoy the same rights to privacy and due process as all other Canadians. Their employer should treat them in a way that builds trust, so that they can deliver quality service to Canadians. In order to rebuild this trust and ensure that government workers maintain their rights to privacy and due process, we call on the federal government to make a plan to update and consistently follow its digital policy framework.
CAPE, my union, is here to present three specific requests.
First, we're calling on the government to stop the use of spyware on federal devices outside of its own established rules, and to use the least invasive measures necessary. All public sector workers deserve due process during investigations.
Second, we want to know when the government plans to conduct privacy impact assessments at all affected departments and to publicly release the results of these assessments to help public workers rebuild trust in their employer after these breaches. Spyware use represents an erosion of privacy rights that no public worker should accept on its face.
Finally, we call on the government to conduct a thorough review of all its digital policies to ensure that the existing policy framework is adequately robust to protect employees' digital rights, including their right to reasonable privacy, their right to be informed about any digital surveillance tools being used in the workplace and their right to disconnect from work at the end of the day.
CAPE members deliver sound policy advice for the government, and they can only do their best work when the employer demonstrates willingness to be open, transparent and respectful of the public sector.