Evidence of meeting #30 for Access to Information, Privacy and Ethics in the 44th Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was rcmp.
A video is available from Parliament.
Privacy Commissioner of Canada, Office of the Privacy Commissioner of Canada
It's legally binding in the sense that it's going to be interpreted by courts in terms of how the statute and the sections of the act will apply. However, you would want sufficient protection in the sections themselves. If there is a lack of clarity or some elements need to be given some nuances, the preamble will assist in highlighting what the intention was.
NDP
Matthew Green NDP Hamilton Centre, ON
Has there been any contemplation by your office on what legally binding language might look like in the Privacy Act? I ask because quite like my good friend Mr. Villemure, I'm interested in seeing the fruits of this labour over the next two days result in recommendations that will hopefully strengthen the new Privacy Act.
Before you answer that, I want to reference the time we spent on mobility data tracking. That was a culture referencing the Treasury Board. It has this language within it, but we had a department that went beyond the scope of the Treasury Board's directives and had this committee spending a considerable amount of time contemplating that use.
Help me close the gap between suggestions, culture and preamble, and strong legal requirements for privacy.
Privacy Commissioner of Canada, Office of the Privacy Commissioner of Canada
In the context of this study—and there was the study on mobility data—there was a study that this committee did in 2016 on overall Privacy Act reform. There were a number of recommendations. The one that is very relevant here and that I'm reiterating is the one about having, in the act, a section requiring that organizations prepare privacy impact assessments when they are designing—
NDP
Matthew Green NDP Hamilton Centre, ON
I want to jump in on that. We spoke briefly before the meeting, and you know that I have been trying to champion the duty of candour. I would put to you, given your past roles, that you know better than most how serious and how important Parliament is, as the grand inquisitor of the nation, in ensuring there is civilian, democratic oversight of our institutions. However, it seems like—in fact, I believe there's been judicial comment on this—CSIS and the RCMP have a bit of a cavalier approach to Parliament.
Do you think privacy assessments should also be made readily available to this committee? We could help offset some of the unnecessary time we might spend in investigating these things if there were a bit more of a proactive duty of candour within this particular committee.
Privacy Commissioner of Canada, Office of the Privacy Commissioner of Canada
This idea is similar to why my office should be receiving notifications of these privacy impact assessments. There was a recommendation made, I believe by this committee, on not only requiring PIAs but also requiring reports, or more fulsome reports, on privacy management initiatives and privacy steps.
This information can be made available publicly, or if there is some issue about public information, it can be made available to the proper entities, such as my office and this committee. If information has to be confidential, there are tools for that, but it is important that the proper bodies, including this committee and the House, have this information. Again, it generates this notion of trust in that questions may not need to be asked if you have this information provided on a proactive basis. That allows the organization to fulfill its important public interest without having to answer these questions after the fact.
Conservative
Conservative
Ryan Williams Conservative Bay of Quinte, ON
Thank you very much, Mr. Chair.
I'll follow my colleagues' questions and I'll also amplify them. Thank you very much for attending and being here today.
Can you hear me? Do I have five minutes?
Conservative
Ryan Williams Conservative Bay of Quinte, ON
Thank you.
I want to walk back a little bit on how your office became involved today and why we're here.
Did you hear about this technology only through the media, or were there other ways you heard about how this was occurring?
Privacy Commissioner of Canada, Office of the Privacy Commissioner of Canada
We heard about this from the media.
Conservative
Ryan Williams Conservative Bay of Quinte, ON
Do you have any more information in your office at this point, or is it just that you're going to get information at the end of August?
Privacy Commissioner of Canada, Office of the Privacy Commissioner of Canada
The information that I have is the information that I have from the media reports. It's also from the RCMP's answer to the question on the Order Paper, so there is more information there.
I know that there will be a more fulsome briefing to my officials at the end of August, but I don't have more information than that today.
Conservative
Ryan Williams Conservative Bay of Quinte, ON
Did you formally request more information at this time or at any time prior to her hearing about this in the media?
Privacy Commissioner of Canada, Office of the Privacy Commissioner of Canada
As soon as we heard about it in the media on June 27, we reached out to the RCMP. I believe on June 30 we made the request for the meeting, and the meeting will take place at the end of August.
Conservative
Ryan Williams Conservative Bay of Quinte, ON
Did you just ask for a meeting and no other information at the time?
Privacy Commissioner of Canada, Office of the Privacy Commissioner of Canada
What I understand is that we asked to be provided with information about this initiative, these tools, and a briefing on those tools. I don't know if there's more information.
I expect that we're going to receive enough information so that we can provide meaningful input on this. I expect that we will receive the PIA as well.
Privacy Commissioner of Canada, Office of the Privacy Commissioner of Canada
We've been informed that the PIA was done in 2021, and this is something that we're going to want to see. I don't know if we're going to see this at the end of August, but this is something that we will want to see.
Conservative
Ryan Williams Conservative Bay of Quinte, ON
Going on some of the last testimony, you mentioned that the PIA's are non-intrusive, that they're very private themselves.
Have you done a PIA on the RCMP and other technologies in the past?
Privacy Commissioner of Canada, Office of the Privacy Commissioner of Canada
What I know is that the office was involved in reviewing the facial recognition technology and the Clearview AI. We also had an investigation on the use of cell site simulator data.
I don't know if my colleague has more information on PIAs that would have been proactively shared and discussed with us.
Dr. Gregory Smolynec Deputy Commissioner, Policy and Promotion Sector, Office of the Privacy Commissioner of Canada
There have been other PIAs submitted by the RCMP historically in the past.
Conservative
Ryan Williams Conservative Bay of Quinte, ON
Have they always given fully what your office needed when you've asked for them?
Deputy Commissioner, Policy and Promotion Sector, Office of the Privacy Commissioner of Canada
Typically, it's not unusual in a PIA submission that we would request additional information upon receipt of the PIA; we'd ask additional questions. It's a little bit of an interim process where we may ask for supplementary information or documentation as part of our review of a PIA. That happens quite frequently.
