The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.

Search this blog

Recent Posts

On Twitter

About this page and the author

The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.

For full contact information and a brief bio, please see David's profile.

Please note that I am only able to provide legal advice to clients. I am not able to provide free legal advice. Any unsolicited information sent to David Fraser cannot be considered to be solicitor-client privileged.

David Fraser's Facebook profile

Privacy Calendar

Archives

Links

Subscribe with Bloglines

RSS Atom Feed

RSS FEED for this site

Subscribe to this Blog as a Yahoo! Group/Mailing List
Powered by groups.yahoo.com

Subscribe with Bloglines
Add to Technorati Favorites!

Blogs I Follow

Small Print

The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.

This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.

Thursday, March 04, 2004

Article: Privacy officials fear U.S. law's reach: FBI could gain access to personal information about Canadians, government warned 

The Victoria Times Colonist and the Vancouver Sun are reporting about fears that the US PATRIOT Act might require companies to hand over Canadian data to the FBI:

Privacy officials fear U.S. law's reach: FBI could gain access to personal information about Canadians, government warned

Judith Lavoie
Victoria Times Colonist

Thursday, March 04, 2004

Provincial information and privacy offices across the country are scrambling to find ways of stopping the FBI gaining access to sensitive personal information about Canadians under a controversial new American law.

"This has the potential for being the biggest privacy issue we have ever dealt with," said Mary Carlson, director of policy and compliance for the B.C. Information and Privacy Commissioner's Office.

"It is the first we had heard of the long arm of the FBI coming across the border."

At issue is the U.S. Patriot Act, brought in after the 9-11 terrorist attacks, which allows the FBI to order organizations to turn over information. A "gag provision" then prohibits the organizations from telling anyone that the data has been released.

Legal opinions given to the B.C. Government and Service Employees' Union -- which has filed a lawsuit in an effort to stop privatization of the Medical Services Plan -- say Canadian subsidiaries of U.S. companies would be subject to the Act. Any corporation that has access to documents wanted by the FBI, even if the company does not have a legal right to those documents, could be ordered to turn them over.

That would mean the FBI could demand health and social service information about all British Columbians.

Governments are increasingly outsourcing work, often to companies with U.S. connections, but no one had figured in the far-reaching powers of the Patriot Act, said Carlson.

"If this is true, our data would be exposed in ways we have never imagined before," she said.

Carlson contacted the federal information and privacy commissioner and provincial offices and found the Patriot Act was not on their radar screens.

All the offices are now looking at the potentially serious implications, Carlson said. "We are working feverishly here trying to work out what we can do."

The two companies shortlisted to take over MSP and PharmaCare administration services are both American-based. IBM is American with a wholly-owned Canadian subsidiary and Maximus is based in Virginia.

Other recent government outsourcing includes a large chunk of BC Hydro's business services, which went to a Canadian subsidiary of Accenture, a company with its head office in Bermuda and main business office in the U.S., and government debt collection which went to a Canadian subsidiary of multi-national Electronic Data Systems.

Health Services Minister Colin Hansen said previously that the American government could not pass a law that applies to data owned by B.C. and which never leaves B.C. But, under the Patriot Act, that is in doubt.

Management Services Minister Joyce Murray, whose portfolio includes information and privacy, met with Commissioner David Loukidelis Wednesday to discuss the problem.

"We are now working in collaboration with the Attorney-General's office and Health Services to seek extra professional advice," she said.

A lawyer specializing in American law and privacy of information will look at implications of the Patriot Act and the government will work actively with other provinces and the federal government on the issue, Murray said.

"Whatever the advice is, the bottom line is that we're totally committed to ensuring that the privacy of information is protected for British Columbians," she said.

Any contracts with private companies must enshrine the absolute protection of privacy and those contracts will be monitored, she said.

Murray said she can understand why no one had picked up the importance of the U.S. law, as there have been no challenges or court cases around it.

But BCGEU president George Heyman said Hansen and Premier Gordon Campbell had obviously not done their homework in the rush to privatize and contract out.

"We could figure it out and they have a whole phalanx of lawyers and staff. I would think they could figure out the risk. It's more likely that they don't care," he said.

Labels: , , , , ,

Links to this post:

Create a Link

This page is powered by Blogger. Isn't yours? Creative Commons License
The Canadian Privacy Law Blog is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License. lawyer blogs