Evidence of meeting #8 for Access to Information, Privacy and Ethics in the 44th Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was consent.
A recording is available from Parliament.
5 p.m.
Vice-President, Chief Data and Trust Officer, Telus Communications Inc.
The privacy programs merge, so all of the communications have been similar.
5 p.m.
NDP
Matthew Green NDP Hamilton Centre, ON
The Privacy Commissioner stated that the consent cannot be meaningfully obtained from information buried in privacy policies or terms of use. In the witness's opinion, how clear is it for the average person to find an opt-out for data collection?
5 p.m.
Vice-President, Chief Data and Trust Officer, Telus Communications Inc.
Again, it's hard for me to know what is in anyone's mind. When we are talking about an opt-out, and particularly when we're talking about de-identified information, our primary goal is to protect our customers' privacy, regardless of what selection or option they have chosen. That's why we have focused on strong de-identification for our platform and all of the controls we have in place to ensure that privacy is protected.
All of these consent questions relate to customer privacy, and where we've protected privacy in a different way, that's what we've done. We've looked for other alternatives to protect privacy.
5 p.m.
Conservative
The Chair Conservative Pat Kelly
That concludes Mr. Green's round.
Mr. Patzer, you have five minutes.
5 p.m.
Conservative
Jeremy Patzer Conservative Cypress Hills—Grasslands, SK
Thank you very much.
You made an interesting comment in regard to the fact that consent is.... I'm trying to remember the exact words you used. It was that in regard to getting de-identified data, consent was either not required or was kind of an inconvenience, more or less, to getting that data.
Could you comment a little more on that? Why is getting consent such a problem when using de-identified data?
5 p.m.
Vice-President, Chief Data and Trust Officer, Telus Communications Inc.
I didn't say it was an inconvenience, but it may not be helpful, if we're talking about.... The concept of de-identification is to remove the ability to trace it back to an individual so that it's no longer personal information. When we are talking about personal information, consent is very relevant. We need consent for the purposes for which we are going to use it. Once we've turned it into de-identified information, part of the process of de-identification is to protect that privacy, so we don't need to go back and get consent.
We did hear from Dr. Khaled El Emam about alternatives for regulating de-identified information, which can be very interesting. In the absence of that regulation, Telus has acquired privacy by design certification to give that assurance to our customers. We do have use-case reviews. We look at the datasets. We've built in a tremendous number of controls to ensure that our customers are comfortable with what we are doing.
5:05 p.m.
Conservative
Jeremy Patzer Conservative Cypress Hills—Grasslands, SK
I get hung up on the fact, though, that the data was personal to start with. You said over and over again that it's okay because you de-identify it and consent doesn't matter at that point, but you still had to get that personal data in the first place.
We've heard about the social good of programs like this, but what about the ethical good of society and of your subscribers, when you're clearly taking personal data without clear consent, even though it's being de-identified?
You said yourself that you need consent for personal data, but you didn't pursue it. Why?
5:05 p.m.
Vice-President, Chief Data and Trust Officer, Telus Communications Inc.
I want to be perfectly clear: We got consent to collect the personal information to provide our network mobility services. There is no personal information that we have done anything with, without our customers' consent. All of what we have done has been in compliance with the law.
It's once we de-identify the information, so there are no longer privacy impacts on our customer and we've protected their privacy by de-identifying the information, that allows us to be able to use it for these socially beneficial purposes without impacting the privacy of our customers. Absolutely, we put the privacy of our customers first. We would not be doing this if it were actually impacting our customers' privacy.
5:05 p.m.
Conservative
Jeremy Patzer Conservative Cypress Hills—Grasslands, SK
Did you guys ever consider sending a text message to all your subscribers, informing them of the program and what its intended purpose was?
I know you've alluded to posting on your website, or different things like that, where the average person isn't going to go looking for it. Did you guys ever consider using a text message to inform everybody that their data could potentially be used by the government to inform policy decisions that would directly impact them?
5:05 p.m.
Vice-President, Chief Data and Trust Officer, Telus Communications Inc.
I'm not sure if we turned our minds to that particular solution. We took steps that we thought were appropriate. We were pretty loud about it with media releases in the context of the pandemic and we put a lot on our website.
As I indicated earlier, we had taken all of our five core data commitments to the Privacy Commissioner to ensure that we were properly being transparent about what the program is and giving the right assurances to our customers.
5:05 p.m.
Conservative
Jeremy Patzer Conservative Cypress Hills—Grasslands, SK
As a clarifying statement here, or maybe a reassuring statement here on behalf of Canadians, from the company side, under this program, at what point will the data that the federal government is using be returned to you, or is there an assurance from the government that it will be destroyed and not held longer than is necessary?
5:05 p.m.
Vice-President, Chief Data and Trust Officer, Telus Communications Inc.
I just want to go back to what it is that the government has. We're talking about heat maps and charts, insights drawn from the data. This is not our customers' identifiable data. Normally if we're sharing actual data, there would be that type of requirement to destroy the data, but that requirement doesn't necessarily have the same import here. Nevertheless, we do have restrictions on the retention of the data.
5:05 p.m.
Conservative
Jeremy Patzer Conservative Cypress Hills—Grasslands, SK
Will you guys be destroying the data, then, that you have collected, or do you guys have a mechanism for your subscribers to reach out to you asking for the deletion or the release of that data that has been collected to the individual directly?
5:05 p.m.
Conservative
The Chair Conservative Pat Kelly
You're out of time. I will allow the witness to give maybe a one- or two-word answer, if possible, and then we'll go to Mr. Fergus.
5:05 p.m.
Vice-President, Chief Data and Trust Officer, Telus Communications Inc.
The de-identified data on our websites could never be provided back to an individual, because it is not identifiable data. We have the identifiable data that we collect originally.
5:05 p.m.
Conservative
5:05 p.m.
Liberal
Greg Fergus Liberal Hull—Aylmer, QC
Thank you very much, Mr. Chair.
I would like to thank the witness for her presentation.
I have a number of questions for you. I don't want to be impolite, but I know that, owing to interpretation, it will take some time for you to answer my questions.
In your presentation, you said that the information was de‑identified. Do you think that your program called data for good is in line with the most stringent criteria of the data de‑identification process, according to industry and a number of academics?
5:10 p.m.
Vice-President, Chief Data and Trust Officer, Telus Communications Inc.
I absolutely think it meets a very high standard. I don't know if the standard is shifting all the time. There are new technologies that are being developed all the time, so this is something that we are constantly reassessing. If there is more that could be done to further minimize the re-identification risk, that's a process that we are always looking at in terms of further controls we could layer in.
However, we would absolutely not have achieved the privacy by design certification if we were not right up there with the highest standards. We also received an international award for privacy innovation at the end of 2020.
5:10 p.m.
Liberal
Greg Fergus Liberal Hull—Aylmer, QC
Yes, you mentioned that.
When Ann Cavoukian appeared before the committee, on the one hand, she lauded your data for good program. However, on the other hand, she was very critical in saying that the government should have ensured that the Privacy Commissioner examined the data you provided to the government.
Are you aware of the standards set by the Privacy Commissioner?
5:10 p.m.
Vice-President, Chief Data and Trust Officer, Telus Communications Inc.
I'd like to clarify the question. Do you mean the standards used by the Privacy Commissioner to assess de-identification methodologies?
5:10 p.m.
Vice-President, Chief Data and Trust Officer, Telus Communications Inc.
No, I'm not. Those have not been published.
5:10 p.m.
Liberal
Greg Fergus Liberal Hull—Aylmer, QC
So you, as someone who works in this industry and is responsible for this data, are not aware of the standards set by the Privacy Commissioner.
5:10 p.m.
Vice-President, Chief Data and Trust Officer, Telus Communications Inc.
It's not that I'm not aware of standards that were established; there haven't been published standards about how to de-identify. The data must be de-identified to the point where it's not reasonably likely to be identified back to an individual in order for it to fall outside of the privacy legislation, and on that the commissioner is very clear, but in terms of exactly what his office would be looking for if they were to assess our de-identification methodology, there's nothing published on that.