Balancing Access and Privacy: A Moving Target
This page has been archived on the Web
Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.
Remarks at the 2009 Canadian Access and Privacy Association Conference
November 24, 2009
Address by Chantal Bernier
Assistant Privacy Commissioner of Canada
Check against delivery
Thank you, Larry, and good morning ladies and gentlemen.
It is a pleasure to be here with you today, and I thank you for the invitation to speak with you about a matter of paramount concern to all of us: the preservation of privacy in the public sphere, and the tension that inevitably exists between individual privacy and government transparency.
Without question, yours is a challenging job, and just as vital. I am certain that not a day goes by when you are not obliged to make a judgment call with potentially grave ramifications: Do you release this document? Do you withhold that one? Do you redact – this word? This sentence? This page?
For all its challenges, though, your work is important to the individual Canadians whose requests you process under the Access to Information Act and the Privacy Act.
And it is important to Canada as a whole, because what you do on an operational level breathes life and meaning into some fundamental democratic values.
A key value states that, in a democracy, government information must, for the most part, be openly accessible to the public, while personal information must remain closed and private.
This sounds clear cut, at least until those two principles collide. And that, inevitably, stokes tension.
It also presents immense challenges for you, at a daily, operational, level
And so I intend today to share some thoughts on how we reconcile the twin objectives of open government and privacy for individuals.
A current challenge, for example, lies in the interplay between exemptions permitted under the Access to Information and Privacy Acts. Another key challenge lies in protecting privacy while weighing the application of the open justice principle to administrative tribunals.
As we look to the future, other challenges emerge. For instance, new technological and management trends within the federal government are altering how the government disseminates information to the public, or holds it secret, while at the same time safeguarding personal information.
Finally, I propose to outline the direction that our Office of the Privacy Commissioner is pursuing in order to better fulfill our mandate for the protection of privacy.
ATIA and the Privacy Act
In a speech last May, Mme. Beverley McLachlin, chief justice of the Supreme Court of Canada, made the point that the two values of government openness and personal privacy are not necessarily in conflict; they are two sides to the same coin.
Indeed, the Supreme Court has referred to the Access to Information Act and the Privacy Act as "a seamless code with complementary provisions that can and should be interpreted harmoniously."
Because both are integral to a well-functioning democracy, the top court has decreed that, with only the narrowest exceptions, the default assumption should be one of state openness and transparency, combined with a broad expectation of individual privacy.
Squaring that circle, as you probably know better than anyone else, is by no means simple.
Section 19 of the Access to Information Act allows government institutions to refuse to disclose records that contain personal information, unless specific provisions are met.
Meanwhile the Privacy Act, at Sections 19 to 28, offers a series of justifications for restricting access to personal information – including the protection of state information. Conversely, Section 8.2 provides a long list of circumstances under which personal information may be disclosed.
Canadian courts have spelled out broad principles that serve as guidance. Treasury Board, meanwhile, has issued guidelines to add practical meaning to the letter of the law.
OPC position on Privacy Act exemptions
Our Office of the Privacy Commissioner does not issue guidelines on these matters. Our job is to remain at arm's length, so that we can investigate complaints as appropriate.
Even so, it is possible to draw from our past investigative findings certain indications on what we consider important.
First and foremost, we take the position that personal information is sacrosanct.
As such, we take a rather strict approach to certain sections of the Privacy Act, such as 26, which states that personal information should generally only be disclosed to the person whom it concerns.
I know this can be a nuisance for people who want to find out – say – about benefits for their spouses, but it is a key principle under the Privacy Act.
Most often, though, it is possible to get around this prohibition with the consent of the individual who is the subject of the information.
My next point relates to Section 8.2, which spells out the circumstances under which an institution may disclose personal information.
Thoughtful rationale needed
Our view is that departments considering disclosing personal information under Section 8.2 do so only after carefully thought. In the event of a complaint, we would want to see evidence that a compelling case had been made to justify the release.
This kind of thoughtful rationale is particularly crucial for some of the subsections that can be seen as rather broad.
Section 8.2 (m), for example, permits the disclosure of personal information if it is clearly in the public interest, or would benefit the person to whom it relates. Determining what that means in practice is not always straightforward.
Similarly 8.2 (a) states that information may be disclosed – not only for the use for which it was collected, but for a use consistent with that purpose. Again, we would look for credible arguments as to what kind of use is consistent with the one that the individual originally consented to.
On the flip side, I also want to address Section 22.1. It permits the head of an institution to withhold personal information, particularly if it is related to a police investigation.
We have found that this exemption tends to be overused, and would again urge departments and agencies to build a credible justification for invoking it.
I know that Treasury Board has been working hard to promote a rational approach to the interpretation of these laws and their myriad exemptions and exceptions. Departments are being encouraged to create a process for analyzing and justifying their release decisions, particular within the particular contexts in which they operates.
I applaud that direction because, as you know, the consequences for an individual of an improper disclosure of personal information can be dire.
Open justice and administrative tribunals
In exploring the balance between open government and privacy, I want to turn to one long-standing area of concern for our Office.
It relates to administrative tribunals and similar quasi-judicial bodies, which consider issues such as the denial of pension and employment insurance benefits, compliance with employment and other professional standards, allegations of regulatory violations, and irregularities in federal public service hiring processes.
Many tribunals post their decisions on the Internet, in part to demonstrate institutional openness. Publishing such decisions can also serve as a teaching tool for other institutions. In fact, there may even be a deterrent value if an organization was found to be in the wrong.
But what troubles our Office is when the names and other personal details of parties to the complaint are posted online, exposing the complainant, and often his or her family, to worldwide publicity.
We agree fully with the open courts principle, but it is important to bear in mind that these institutions are not courts. Many are covered by the Privacy Act, which does not apply to regular judicial courts.
In general, the idea behind the open-courts principle is to subject government institutions to public scrutiny, and not the lives of the individuals who appear before them.
While there may be cases in which publishing the names of parties to a tribunal action can be justified on broad public interest grounds, we feel it is generally most appropriate to publish tribunal decisions in an anonymized way.
New technological access: New privacy challenges
As our recent Privacy Act annual report pointed out, two trends that threaten to upend the delicate balance between state transparency and personal privacy are the burgeoning impact of new security measures, and the proliferation of information technologies.
Against that backdrop, the principal challenge lies in the sheer volume of material you handle.
Some departments, such as Correctional Service of Canada, HRSDC, DND and the Canada Revenue Agency, compile huge amounts of sensitive personal information, and handle staggering numbers of access requests.
One of the potential casualties of such vast information flows arises from the unauthorized spill of personal information.
Our investigations of public sector privacy breaches yield some important lessons.
In a case described in our recent annual report, lax security procedures allowed a politically sensitive letter to find its way to a reporter, even though the letter had been properly designated 'Protected B'.
In another egregious example, we learned that 1,231 DFAIT employees had access to personal information housed in a consular records database. Some of this information was leaked, but DFAIT lacked the processes and procedures that would have enabled the department to track access to the information, and thus to figure out who leaked it.
In a third case, we learned that an individual using off-the-shelf software was able to hack into one department's computers, exposing the personal data records of 60,000 people enrolled in a federal loan-guarantee program.
Other deliberate disclosures
We are also concerned about other instances where an institution discloses personal information in ways we consider to be in violation of the Privacy Act.
For instance, a couple of years ago, Service Canada reclassified 729 employees to a higher level. Only one man in the entire unit was left behind at the old level, and appealed his situation to the Public Service Staffing Tribunal.
The PSST considered the man's 729 former co-workers to be parties to the appeal, and sent them all the documentation related to the case. Unfortunately for the complainant, that documentation included some records on his mental health.
He complained to us about what he felt was a breach of his privacy. We sided with him and determined his complaint to be well-founded.
Another challenge to the privacy of individuals is coming from an unlikely direction: a trend within the federal government to broaden the mechanisms it uses to communicate. And it is not necessarily apparent to advocates of a more plugged-in, dynamic, interactive public service.
Just last week, for instance, Martha Piper, one of our eminent Canadian thinkers, argued that public service is a "contact sport." Government employees, Dr. Piper said in a speech to the Public Policy Forum, have to get out from behind their desks and meet with the actual Canadians – not in Ottawa, but where they live, work and worry about the issues of the day.
And if they cannot get out physically, she said, they ought at least to engage with the public virtually, whether by blogging or participating in social media.
That happens to coincide with the orders that have begun flowing down through the ranks of the public service -- to network and connect.
You are probably all aware of the increased use of the GCPedia, GCConnex and other internal and external social networking sites. Public servants are now being told to build new combinations of virtual working groups and teams, to reach out to the public, and to share more information online.
A laudable objective, I would say. And yet, from our perspective, it is not without potential ramifications for privacy.
For instance, with so many thoughts and ideas flashing instantly through cyberspace, what are the chances that the affairs of state bleed into the realm of personal opinion and private information?
I remind you it was just days ago that Janine Krieber embarrassed her husband, Stephane Dion, with an unflattering Facebook post about Liberal Leader Michael Ignatieff.
Slightly further afield but no less embarrassing: The new head of MI6 was ridiculed last summer when his wife posted vacation photos of him in a Speedo – the spy who came in from the beach!
Other privacy issues
A public service that is more plugged in with its public raises other privacy issues as well.
For example, suppose a citizen participates in a dynamic consultation and wants to share an opinion, anecdote or piece of personal information. Are we safe to assume that everybody who interacts with their government in this way really understands the consequences of posting their personal information online?
Let's assume further that regular public servants do not know the Privacy Act like you and I do. Can we envisage instances where a Canadian contacts the public servant directly and asks for some personal information, which the government worker – in the interests of client service – obligingly provides?
What about if the request is for information about somebody else?
I know…I share your sinking feeling!
Consider too that the digital records created through wikis and other collaborative activities are, by their very nature, constantly being edited by many hands.
More documents, and more iterations of those documents, heighten the chances that, somewhere along the line, personal information will be improperly created, retained, disclosed or destroyed.
I am pleased to note that Treasury Board is working on guidelines for public servants on the use of external social networking sites.
Our Office also recently issued some guidelines on social networking in the workplace, which would be relevant to both the public and private sector. Available on our website, the guidelines provide helpful tips on policies and practices and responsibilities with respect to social network use by employees at work.
The road ahead for the OPC
In the years ahead, our Office will increasingly draw back from investigating every complaint that comes our way, opting instead to focus on more systemic problems that threaten the privacy of individuals.
This allows us to examine more than one issue at a time. We can also zero in on matters that are likely to lead to meaningful change.
One way we do this is to launch a Commissioner-initiated complaint, which enables us to group several individual complaints and focus on the underlying issues, rather than the specifics of the case.
As part of our increasingly systematic approach, we will also redirect certain complaints and issues towards our audit branch.
For instance, we are currently winding up an audit of the federal government's use of wireless technologies. In light of the government's many networks, and the widespread use of BlackBerrys or other wireless devices by public servants, our question was:
How well is the personal information of Canadians protected behind effective IT protocols, policies, training and procedures?
In the years ahead, we will also strengthen the Privacy Impact Assessment process, which gives departments and agencies a chance to build privacy protections into a program from the ground up.
On a broader level, we will also continue and expand on our efforts at research, raising public awareness, and engaging with key sectors and individuals.
And I am pleased to say those efforts are paying off. Just last week, for instance, some conversations I had with the Deputy Minister of Citizen and Immigration Canada resulted in an important policy change in relation to applications for visitor visas.
From now on, proof of a sponsoring family's financial solvency will be submitted to CIC directly, without passing through the visa applicant or other intermediaries. The policy change will apply to missions in 60 foreign countries and resolves a long-standing concern of ours.
While, as I said earlier, we plan to take a more systematic approach to investigations, the fact is that we will continue to devote a large part of our efforts to investigating complaints from individuals.
And that means we will continue to work together – hopefully in a positive and constructive manner.
I know this is not always easy, particularly as we are in the midst of integrating 22 new investigators onto our staff, 10 of them on the Privacy Act side.
We also intend to impose tighter return times for responses in our investigations. We recognize this increases the burden on you, but it is part of our effort to improve our service to Canadians.
On your side, I am gratified to note that a few departments have begun creating a policy division within their ATIP offices.
This frees some staff from the daily operational demands and allows them to look at the bigger picture, to develop training plans and to work with IT people and others to ensure that privacy safeguards are being thoroughly considered in every aspect of your work.
But whether or not your ATIP shop features a dedicated policy group, I would hope that your department recognizes what a valuable resource you are, and draws liberally on your expertise.
Without a doubt, it is crucial for institutions to build privacy considerations into policies and programs as they are being developed, and you have the knowledge and credibility to contribute to that process
And let me assure you: Our Office understands the challenges you face, each and every day, in safeguarding the personal information of Canadians. We recognize and appreciate your dedication, skill and professionalism.
In her speech last May, Chief Justice McLachlin pointed out that there is much reason for pride in the way ATIP officers, Privacy Commissioners and the courts have worked together to advance the dual ideals of individual privacy and government accountability.
But she also warned that no one should take such achievements for granted.
Indeed, she noted: "The temptation of greater secrecy is ever present; the technological and security challenges to individual privacy ever advancing."
I think that quote underscores my main point: That the balance between access to information and privacy can be challenging and is, in any event, always changing.
But I am confident that we will continue to work together to safeguard Canadians' right to keep their personal lives private, even as they exercise their democratic right to know what their government is doing.
- Date modified: