Protecting the public from the pirates of privacy – Canadian Government Executive

NEWS

SEARCH

HR
Security
May 7, 2012

Protecting the public from the pirates of privacy

The changing face of public and personal privacy in the face of social media, data clouds and global security challenges are becoming increasing concerns for privacy commissioners across Canada. The federal Privacy Commissioner, Jennifer Stoddart, explained her concerns to editor-in-chief Toby Fyfe.

 

How can we as individuals balance the demands of social media for openness and the requirements of privacy? Are these contradictory?

They are per se contradictory. We’re moving to a more open society, which is not a bad thing necessarily. You did an article on my colleague and fellow agent of Parliament on open government (June 2010 CGE) and in fact we just came back from a provincial meeting in which we all endorsed the concept of open government with due regard for confidentiality and the protection of personal information. I think it is possible to harmonize the two, to balance the two in one’s individual life.

The challenge is that it takes more knowledge, a lot of consumer and a certain amount of technological savvy. What we’re seeing now is a very aggressive push from the entrepreneurs who are developing these social networks which have become very profitable, particularly with a new demographic that wants to jump into them. Take the example of Facebook. I’m happy to say that Facebook has moved so that you will be able, to a large extent, to choose the amount of personal information that you share on that social networking site which you may not have been able to do easily because the directions just weren’t as clear a couple of months ago.

What I’m trying to say is if people are sufficiently informed and if the choices are there, they can take advantage, I think, of all these new social networking sites and ways to connect which they want to do. I don’t think that people’s privacy’s is going to disappear. They make choices, they don’t have to be on social networking sites. My concern is just how clear are the implications, particularly to young people, kids, and even an older demographic that’s not technologically savvy.

Is the concern about privacy and social media coming from citizens or from privacy commissioners like yourself?

We monitor very carefully all the media reports from around the world and there are very key and influential citizens groups, advocacy groups, and so on, that will take on these giants. There was a group formed spontaneously over the Facebook Beacon, that was where I buy something in a store, a pair of socks for my husband, and he gets it on his Facebook page before I’ve had a chance to give him the socks. That was settled in court recently for about $10,000,000, most of which went to a privacy rights centre in California.

I think privacy commissioners throughout the world are very conscious of the need to reshape the definitions of privacy which are historically, contextually, socially defined anyway to make sure they’re in sync with new technology, new generations, social movements. So no, I’m very confident that a lot of people are concerned about the same things.

Let’s talk a little bit about governments. They’re collecting personal data to achieve policy objectives such as security: how can they balance their roles as collectors of information and still be exemplars, if you will, of privacy protection?

I think government has a challenge. It is a tough balancing act. It’s making issues of collection of personal information by government come to the forefront of the consciousness of many managers, many deputy ministers, assistant deputy ministers in the public service in a way it wasn’t maybe 15 years ago when there wasn’t this sensitivity about it and people weren’t so worried about over-collection of personal information and who was watching. We didn’t have the technological capacity to data mine to the extent we do now.

You refer to “function creep.” Can you explain what you mean by that concept as it applies to governments?

“Function creep” means that something developed for one purpose is broadened into another purpose. Once you have that new technology or that new procedure, you find that it can be used for other things. What we’re worried about in the world of privacy is, for example, the function creep in surveillance of populations.

For example, in the U.K. it started out with a few cameras on the streets and then it spread so that at one point they had 6,000,000 cameras. It became, I think, almost absurd and my British colleague was very vocal in denouncing this. Video surveillance turned from a fairly limited application to video surveillance everywhere and yet the crime rate still went up.

Are you concerned about data being collected by governments for one purpose and then being used for another?

Well, it’s a basic principle of data protection. In fact, it’s enshrined in both the information and privacy acts that you have to collect information for one purpose and use it for that purpose. Again, personal information, like privacy itself, has a different meaning, a different significance in different contexts. When you give your name to the government for one purpose it’s very different than giving it for some other purpose that might be quite frightening.

I think what is a greater concern now is the ubiquitousness of the collection of personal information through Web 2.0, through sensors that are increasingly everywhere, through wi-fi connections. There’s very little you can do now online where some kind of personal information about you is not collected.

There’s also another debate that we will have to go through and I think this will increasingly come to the fore as the government moves to one-stop shopping, guichet unique, to make its online interface with Canadians simple and clear. Traditionally throughout the world, governments have approached the question of keeping personal information only used for that purpose by building separate towers of data, different databases; this is the principle of separation. Well, now you have such enormous databases in which citizens’ personal information may be repeated that some of us are wondering if in the future it would not be better to go to a fish pond idea where you have a certain amount of information on citizens and those that are licensed to fish in the fish pond can only take out those particular fish they are entitled to.

Now, that’s not how the Privacy Act is written but there are some very good questions being asked around multiple databases in which all your information is copied and recopied, and the challenge of keeping it accurate from database to database, the challenge of how to monitor the movement of personal information from one database to another.

As a manager, what would you tell public servants about the steps they should take to ensure privacy and balance it with innovation?

I say go ahead and innovate. I think we have to be relevant, to spend public money wisely but always think of the impact on people’s personal information. Before you’ve gone too far in developing your new program, your procedure, your product for the public, run through it from the point of view of personal information, asking how would this impact people’s privacy.

Another thing that I think managers or general managers could do is make sure somebody in your office goes to privacy training. Sometimes it’s combined with access to information.

About this author

0 comments

There are no comments for this post yet.

Be the first to comment. Click here.

Security
 
In the wake of the WannaCry outbreak, corporate executives, IT professionals,...
 
Facebook Pages can be an essential tool for businesses and charities,...
 
Cybersecurity professionals have sounded the alarm for years, and they are...
 
CBC deserves full credit for exposing the presence of IMSI catchers...
 
Security professionals have an obligation to communicate risks and recommendations to...
 
Over the decades, technology has been grafted into governments around the...
 
In this episode, J. Richard Jones talks about being candid about...
 
Criminals have reportedly threatened to take over 250 million Apple accounts...
 
In this episode, hear more about how Canada is a prime...
 
While the incoming administration of President-elect Donald Trump is being buffeted...
 
In the world that we are living in today, free and...
 
The RCMP adopted a new media strategy earlier this month by...
 
What would tomorrow’s cybersecurity look like? That’s an intriguing question to...
 
Terrorism operates with deadly regularity. In June 2016, a gunman who...
 
Just as the federal government has begun consultations on cyber security,...
 
Efforts by the government to counter the radicalization of young Canadians...
 
Canadian healthcare organizations and businesses in the financial industry are the...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
The challenge is clear: a fast-paced industry pressures organizations to simultaneously...
 
As populations grow and age, the demand for services increases. As...
 
By Michael Murphy Not all assets can and should be equally...
 
Please to view this Content. (Not a member? Join Today! )...
 
Now more than ever, organizations in both the public and private...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
As the battle between the FBI and Apple continues to escalate,...
 
Please to view this Content. (Not a member? Join Today! )...
 
Meet Bob Heart.  He is an outstanding employee who works hard...
 
A new study released yesterday, Securing the C-Suite, Cybersecurity Perspectives from...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Yesterday, Ontario Supreme Court Justice John Sproat ruled that the Peel...
 
I wrote about accountability more than a year ago. Recently, a...
 
Intelligence agencies have had widespread and long-running programs to gather, analyze...
 
What concerns me is whether or not we’ve got the balance...
 
One of the consequences of the Information Age in which we...
 
In March of 2011, the east coast of Japan was rocked...
 
BYOD is hot! But is it for you? If yes, which...
 
Protecting critical infrastructure from cyber threats is the shared responsibility of...
 
In numerous interviews with senior military commanders over the past several...
 
In early February, James R. Clapper, the U.S. director of national...
 
The widespread adoption of mobile devices as enterprise-level tools is occurring...
 
CGE Vol.13 No.2 February 2007 Public security, once a task relegated...
 
CGE Vol. 14 No.4 April 2008 In recent years, policy makers...
 
L’univers de la sécurité des TI évolue rapidement. À mesure que...
 
The world of IT security is rapidly evolving. As quickly as...
 
Cyber attacks don’t have to look highly sophisticated. Hackers are purposely...
 
The announcement regarding the establishment of Shared Services Canada (SSC) was...
 
There was probably a day in spring of AD 72 that...
 
The changing face of public and personal privacy in the face...
 
What role should governments and public servants play in safeguarding personal...
In the wake of the WannaCry outbreak, corporate executives, IT professionals,...

Member Login

Forgot Password?

Join Us

Password Reset
Please enter your e-mail address. You will receive a new password via e-mail.