Appearance before the Standing Committee on Access to Information, Privacy and Ethics (ETHI) on Privacy of Digital Government Services
January 31, 2019
Ottawa, Ontario
Opening Statement by Daniel Therrien
Privacy Commissioner of Canada
(Check against delivery)
Introduction
Good afternoon Chair and Members of the Committee.
With me today from my office is Gregory Smolynec, Deputy Commissioner of Policy and Promotion, and Lara Ives, Executive Director of Policy, Research and Parliamentary Affairs.
I am here today to give you my views in the context of your study of the privacy implications and potential legal barriers relating to the implementation of digital government services in Canada, in order to assist you in making recommendations on how the government could improve its services while also protecting Canadians’ privacy and security.
A good starting point for this study, given it defines the government’s approach, is the government Data Strategy Roadmap, published in November 2018, which was shared with us late last year. In it, the Government indicates that “data have the power to enable the government to make better decisions, design better programs and deliver more effective services. But for this to occur we need to refresh our approach.”
The Roadmap continues: “Today, individual departments and agencies generate and hold a vast, diverse and ever-expanding array of data. These data are often collected in ways—based on informal principles and practices—that make it difficult to share with other departments or Canadians. Their use is inconsistent across the government and their value sub-optimized in the decision-making process and in day-to-day operations.”
We of course support the use of technology to improve government decision making and service delivery but, as mentioned in your mandate, this must be done “while protecting Canadians’ privacy” and, in that regard, it is important to remember that privacy is a fundamental human right that is also a prior condition to the exercise of other fundamental rights, such as freedom, equality and democracy.
The government’s Roadmap underlines the difficulty of sharing data across departments and attributes this either to informal principles and practices or, in other circumstances, to legal barriers. I understand there is in fact an exercise within government to identify these legal barriers with a view to potentially eliminate those found inconsistent with the new approach the government feels is required to extract value from data.
What is a legal barrier to some may be seen as a privacy safeguard by another. The terminology which the government or other interveners use in this debate is not neutral. Many of the presumed barriers are found in sections 4 to 8 of the current Privacy Act. Should these rules be re-examined with an eye to improved government services in a digital age? Yes. Should some of these rules be amended? Probably.
But as you go about your study, I would ask you to remember that while adjustments may be desirable, any new legislation designed to facilitate digital government services must respect privacy as a fundamental human right. In other words, modalities may change but the foundation must be solid, and that foundation must respect the right to privacy, and be underpinned by a strengthened privacy law. As you know, we made recommendations to that effect in 2016.
Estonian Model
I reviewed with interest the testimony before you by officials from Estonia at the launch of your study. While the Estonian model is often discussed for its technological architecture, I was struck by the fact that officials emphasized the greater importance, in their view, of attitudinal factors, including the need to overcome silos in state administration, leading to re-use of personal information for purposes other than those for which it was collected. This could be seen as validation of the view that our Privacy Act needs to be re-examined and “legal barriers” eliminated. I would note, however, that in Estonia the elimination of silos did not lead to a borderless horizontal management of personal data across government. Rather, in the Estonian model, re-use (or sharing, in our parlance) appears to be based on legislation that sets conditions generally consistent with internationally recognized Fair Information Practice Principles and with the GDPR, although I would encourage you to follow up with them as to what legal conditions are in place for re-use.
As to the technological aspects to the Estonian model, our understanding is that there is an absence of a centralized database. Rather, access is granted through the ability to link individual servers through encrypted pathways (with access or re-use permitted for specific lawful purposes). This purpose-specific access by government agencies likely reduces the risk of profiling. We understand that further privacy and security safeguards are attained through encryption and the use of blockchain. This is in line with one of our recommendations for revision of the Privacy Act, which was presented before you in 2016; namely, to create a legal obligation for government institutions to safeguard personal information.
I note that the Estonian model is based in part on a strong role for their data protection authority, which includes an explicit proactive role, as well as powers to issue binding orders, apply for commencement of criminal proceedings and impose fines where data is processed in an unlawful manner, or for violations of the requirements for managing or securing data. Similarly, the OPC should have a strong oversight and proactive role, in line with our Privacy Act reform recommendations.
I’d like to conclude with some questions for you to consider as you take a deeper dive into the Estonian model, or discuss its application in the Canadian context:
- We’ve heard officials say that the success of the system is based on strong trust, which requires strong safeguards. But no system is totally safe. What mitigation measures are in place in the Estonian model when (not if) there is a breach?
- Canada’s data strategy Roadmap posits that one of the value propositions of a model such as Estonia is the intelligence to be gathered from data analytics. But it is unclear to us how, given the segregated setup of the datasets and the legislative regime in which it operates, this could be accomplished. You may wish to explore this issue.
- Finally, we would suggest that obtaining clarity from Estonian officials on the legal conditions for re-use of data would help to inform the development of any such system in Canada, as well as the legal and policy framework which supports it.
Thank you. I look forward to your questions.
- Date modified: