From the Privacy Commissioner of Canada:
New technologies and business models are putting ever-greater pressures on privacy and demand a more modern approach to protecting personal information, says the Privacy Commissioner of Canada.
“We’re trying to use 20th Century tools to deal with 21st Century privacy problems and it’s clear those tools are increasingly insufficient,” Daniel Therrien says.
Meanwhile, 90% of Canadians are very concerned about their inability to protect their privacy.
“The government should give greater priority to the modernization of laws and policies and it should invest more resources in building robust privacy protection frameworks. This is essential to maintaining public confidence in government and the digital economy,” says Commissioner Therrien.
The oversight authority for the Communications Security Establishment (CSE) – the Office of the CSE Commissioner – revealed in its 2014-15 annual report that metadata had been shared with international security partners without being properly minimized. The Minister of National Defence subsequently announced that, until further notice, the CSE would no longer share certain metadata with partners.
Given the potential impact on Canadians’ privacy, the OPC conducted a review of the circumstances that allowed that situation to arise.
As noted in a summary of the review included in the annual report, the OPC questioned the CSE’s contention that the risk to privacy was minimal. Metadata can reveal very sensitive information about individuals’ activities, associates, interests and lives. As well, the CSE acknowledged that the volume of metadata that had been shared was large.
To minimize the risk, the OPC recommended that the National Defence Act be amended to clarify the CSE’s powers and to add specific legal safeguards to protect Canadians’ privacy in relation to the collection of metadata.
Read the News Release