The Reality of Privacy and Security in the 21st Century

This page has been archived on the Web

Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

Remarks at the Annual Conference of the Canadian Association for Security and Intelligence Studies (CASIS)

October 30, 2009
Ottawa, Ontario

Address by Chantal Bernier
Assistant Privacy Commissioner of Canada

(Check against delivery)

View the live video stream


Introduction

Thank you, Dr. Charters, for that kind introduction. Thank you very much, ladies and gentlemen, and good morning.

It is a great pleasure to have been invited to speak at your conference, and I am very much looking forward to hearing from some of the other speakers.

As you may know, I came to the Office of the Privacy Commissioner of Canada from the Department of Public Safety, where I had the privilege of serving as Assistant Deputy Minister in the Community Safety and Partnerships Branch.

As such, I have had substantial engagement in a range of security and intelligence files.

Context

My entire presentation is premised on this tenet: Privacy and security are not at odds.

On the contrary: I would put to you that measures to protect privacy must be integral to any initiatives to fight terrorism or other crimes.

Why? Because we live in a free and democratic society where individuals enjoy the right to live, to move around, to communicate and to go about their daily lives, free from unwarranted interference by the state.

And for practical reasons too:

Any effort towards greater security that is strictly tailored to the actual risk – and that therefore minimizes the infringement of privacy or other rights – will be more targeted and more effective.

For example, an investigation that is carried out in accordance with the law, and in a way that respects privacy and other rights, will yield cleaner evidence and a more compelling case for the prosecution.

In other words, all the work that is poured into greater security is more likely to pay off if it is carried out in a strategic, targeted manner. And an essential consideration in that regard is due respect for the right to privacy.

In the time allotted to me this morning, I propose to give you a quick overview of some of the key security-related issues that our Office is focusing on these days. And then I propose to zero in on a very topical and controversial issue: Legislation to expand the police’s online surveillance and interception powers.

OPC Privacy Act files

As you may know, privacy rights in Canada are expressed through two laws: The Personal Information Protection and Electronic Documents Act, or PIPEDA, which governs the collection, use and disclosure of personal information by the private sector, and the Privacy Act, which governs the actions of the Government of Canada in the same area.

My own responsibility is for the latter, and I can assure you there are few dull moments in the job!

Next month, for instance, we will be tabling in Parliament our Privacy Act annual report, along with a couple of important privacy audits.

One of those audits, which we are required by statute to undertake, examined the impact of FINTRAC, the Financial Transactions and Reports Analysis Centre of Canada, on the privacy of Canadians. FINTRAC, as you know, is an agency set up to assist in the detection and deterrence of money laundering and terrorist financing.
A separate audit examined the Passenger Protect Program and its signature “no-fly list,” properly known as the Specified Persons List. As you are well aware, being included on the list can have serious consequences for individuals, in terms of their mobility and other basic freedoms.

Coming up in a couple of months are the Vancouver Olympic and Paralympic Games – a security challenge of unprecedented proportions for Canada. I understand you will have an expert discussing some of these issues at a panel this afternoon.

From our perspective, I can tell you that I have been in regular contact with the Integrated Security Unit in charge of keeping this mega-event safe, to ensure that privacy considerations are integrated in all security measures – before, during and after the Games.

Not long ago, we created a special area on our website, dedicated to keeping readers informed of the work we are doing in this area.

We are also scrutinizing plans by Citizenship and Immigration Canada to roll out initiatives using biometric information. One, for instance, would involve sharing with certain other countries the fingerprint data of refugee claimants and people who are subject to removal from Canada but whose identity cannot be otherwise confirmed.

We have expressed to CIC our concerns that, because biometric data is inherently sensitive, the potential consequences of misuse are especially serious for victims. Clearly, it is important that the technology be developed in concert with legal safeguards and meaningful privacy protections.

We have also weighed in on the privacy implications of other security-related initiatives, such as the proposed new e-Passports containing personal information on embedded chips. Our review of that initiative led us to question whether the personal information on the chip is adequately protected against unauthorized interception by skimming or eavesdropping, especially if biometric data is added sometime in future.

In the case of the RFID-containing Enhanced Driver’s Licences being developed as alternatives to passports for travel to the U.S., we were pleased to have secured an important modification to the original plan: The Canada Border Services Agency agreed that the personal information of Canadians related to these EDLs would be held in Canadian, rather than U.S., databases.

Airport scanners

Another file in which we are deeply involved relates to plans by CATSA, the Canadian Air Transport Security Authority, to install millimetre-wave whole-body imaging scanners at several Canadian airports.

These machines can penetrate clothing to expose concealed objects such as weapons or drugs. Their principal advantage over metal detectors is that they can identify non-metallic objects, such as ceramic weapons or liquid or plastic explosives.

Our Office has examined two Privacy Impact Assessments, or PIAs, prepared by CATSA – first for a pilot test conducted at Kelowna Airport, and more recently for the full program.

As we told CATSA earlier this week in our response to its PIA, we consider this technology to be inherently sensitive as it reveals an outline of the traveller’s body. Many people may perceive it as privacy invasive.

As such, we have worked with CATSA to ensure appropriate privacy safeguards.

One of the key results is that the technology will be used only for secondary purposes, after an individual has already passed through the metal detector. What’s more, the scans will be voluntary, with passengers given the option of going through them, or having a physical pat-down.

And – this is key from a privacy perspective – the images will not be recorded, printed or transmitted. Indeed, they will be deleted as the passenger leaves the scanner.

Four tests

In weighing this and any other government initiative with a potential impact on privacy, our approach is to apply four tests: Necessity, proportionality, effectiveness, and the existence of less-intrusive alternatives.

We ask ourselves: Is the proposed measure really necessary? Have the proponents offered proof of a genuine problem, with no other viable solutions?

Our next criterion is proportionality. Many measures will infringe on privacy; that is just the price we pay for living in a community. Any benefit to the group will generally restrict some liberties of the individual, but the invasion of privacy must be proportionate to the benefit derived.

We also want some assurance of effectiveness. We want to ensure that a measure that infringes on privacy, in the name of the collective good, really meets that specific objective.

As for the fourth test: If a measure is proposed that will affect the privacy of individuals, we want to know that it is justifiable on the grounds that there are no less intrusive alternatives already available.

Overview of surveillance bills

These tests are especially germane to another file that has captured the attention of our Office.

Last June, the federal government tabled Bill C-46, the Investigative Powers for the 21st Century Act, and Bill C-47, the Technical Assistance for Law Enforcement in the 21st Century Act.

These two bills would give law enforcement authorities significant new powers to conduct surveillance in the digital and online environment.

Notably, Bill C-47 creates the obligation for telecom companies to comply with the authorities’ demands for subscriber data, without the need for judicial authorization.

Our Office studied the proposed legislation carefully over the summer, and engaged in extensive consultations. We took into account the real challenges of law enforcement and national security agencies in the Internet age, as well as the fundamental right to privacy that underpins our democratic society.

In the end, we concluded that elements of the proposed legislation raise significant questions which remain to be addressed by proponents of the bills.

In particular, we urged Parliament to review Bills C-46 and C-47 in light of a number of important questions:

In terms of the necessity of the legislation, for example, we asked: Has the government provided a compelling case that police and national security agencies need these new powers?

Consider this: If Canada truly needs these measures to tackle online crime, how is it that our police forces have developed a worldwide reputation for successfully prosecuting cybercriminals?

Indeed, I would remind you that the recent Cuttell, Ward, Wilson, Kwok and Vasic child pornography cases were brought to trial and led to solid convictions on the basis of online surveillance using existing police powers. Not to mention the Khawaja case and the Toronto 18. 

And that simply raises questions as to the need to expand those powers.

I want to raise another issue with respect to necessity, and that relates to the fact that the bill dispenses with many of the circumstances under which judicial warrants are now required.

And here I would ask: In specific terms and in relation to the Internet, how is the current regime of judicial authorization not meeting the needs of law enforcement and national security agencies?

Beyond some anecdotal evidence, I suggest to you that no systemic case has so far been made for circumventing our current system of judicial authorization.

The proposed changes also raise questions of proportionality, another of our four tests for balancing privacy invasions with national security imperatives.

And so we put to Parliament the following questions:

Are the new investigative powers – including warrantless access to subscriber data – proportionate to the stated problem?

What law enforcement or national security duty, for instance, justifies giving authorities access without a warrant to personal information? 

What, moreover, is the rationale for making these powers broadly available for all types of crime, rather than to restrict their use to the most serious threats and the most urgent circumstances?

I would remind you that our tradition in Canada has been that law enforcement or national security access to personal information must be subject to judicial authorization before the fact – or, only in exceptional, exigent circumstances, after the fact.

If Parliament concludes that the proposed measures are a necessary and proportionate response to the identified threat, the next test that must apply relates to their effectiveness.

If the existing powers are inadequate, how can the government demonstrate that the new powers would be any better?

How would they work for the investigation of serious crimes and intelligence gathering? What impact would they have when crimes are less serious, or when no crime has been committed at all?

And here we suggest Canada look farther afield:

Some proponents of the bill argue that our allies are more secure and better protected because they have passed similar laws. Despite that, however, the U.K. and the U.S. were tragically unable to stop terrorist attacks on their soil.

Meanwhile our own security authorities, using their existing suite of investigative tools,  have prevented terrorists from taking a single life here for decades.

So we ask: Why the sudden shift to more invasive powers?

And finally, we get to the test of alternatives. And here we ask: Has the government considered any other ways to achieve the same goals, in a way that has less of an impact on privacy?

Specifically, we would want to know: Did the government consider better funding and other resources for police? More dedicated officers and tools devoted to online crime?  More public education about the risks, dangers and social cost of cybercrime? 

Law enforcement and national security authorities put forward that the warrant system is cumbersome, outdated and generally inadequate to meet the needs of the digital age.

That may be true, but then, should that not be the object of the reforms?

Since the Criminal Code already contains provisions to conduct search, seizure or interception without a warrant in emergency situations, did the government consider a similar provision for production and assistance orders on the Internet?

Warrants

Indeed, I would like to leave you with this final thought:

If one of the key concerns for authorities today lies in the mechanics of obtaining a warrant, the solution, it seems, is to fix that system – not to limit the principle of judicial oversight.

In order to execute certain invasive powers, Canadian authorities have traditionally had to satisfy a judge that they had reasonable grounds to believe that a crime had been committed.

In the new legislation, however, this standard has been downgraded, so that authorities would only need reasonable grounds to suspect a crime has been – or may be – committed.

And even this lower threshold of mere suspicion would be dispensed with entirely when police request access to subscriber data.

Under Bill C-47, a crime doesn’t even need to have been committed, yet authorities would have access to personal information without a warrant.

These are serious powers, which is why Parliament must weigh their impact seriously.

Conclusion

To sum up: The issues you are debating at this conference – “Terrorism, Cyberspies and a New ‘Cold’ War” – encompass threats that are real and challenges that are grave.

In that context, many of you may be asking yourselves: “Why should I care about privacy?”

Indeed, you may believe that every measure to enhance the privacy of the individual risks eroding the safety and security of the whole.

However, as I hope to have demonstrated in the examples I have just given you, this is not a zero-sum game. Privacy and security are not mutually exclusive. A gain for one does not necessitate a loss for the other.

On the contrary: Privacy and security are integral to each other, and mutually reinforcing to protect the democratic society we have chosen.

There are compelling reasons for each and every one of us to restrict the state’s power to invade our privacy, to search our homes, to eavesdrop on our conversations, to strip search us at airports or to interfere with our liberties.

Among other things, such limitations on police powers impose a discipline on investigations that protects the innocent, while increasing the likelihood of a successful prosecution of the accused.

But there’s a larger point at stake here as well:

The kind of society we are working so hard to secure is precisely the one that upholds certain democratic and human rights for its people, including the freedom to go about one’s life with a minimum of state interference.

In other words, protecting our society necessarily entails protecting those rights that define it.

Thank you.

Report a problem or mistake on this page
Please select all that apply (required): Error 1: This field is required.

Note

Date modified: