The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.
For full contact information and a brief bio, please see David's profile.
Please note that I am only able to provide legal advice to clients. I am not able to provide free legal advice. Any unsolicited information sent to David Fraser cannot be considered to be solicitor-client privileged.
The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.
This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.
Monday, March 28, 2005
The Daily Pennsylvanian has an article/opinion pience about Abika.com, an internet-based data aggregator and background check service. (See previous mentions: PIPEDA and Canadian Privacy Law: CIPPIC complaint raises a number of novel and interesting issues, PIPEDA and Canadian Privacy Law: Jurisdictional limits on Canadian privacy law, and PIPEDA and Canadian Privacy Law: CIPPIC v Abika.com: Part deux.)
I am sure the author is not alone in his opinions:
dailypennsylvanian.com - Your data, for all the world to see:"Tucked away in the rodeo-ridden town of Cheyenne, Wyo., is a small, seven-person company that is quietly blurring the conventional boundaries between public and private life. Founded by India-born Jay Patel, Abika.com is a self-proclaimed "worldwide leader in people information, verifications and profiling" in the emerging field of person-to-person search technology. The firm utilizes proprietary person-based data query/extraction systems (akin to old-fashioned intelligence gathering) in addition to online algorithmic searches to deliver "All Best Information Known Accurately."
The company has its roots in the most precarious of human endeavors -- dating (coincidentally, Abika was also the name of the man responsible for compiling the ancient knowledge found in the Kamasutra). In a recent interview with The Times of India, Patel described meeting an intriguing woman at a local Sam's Club and thereafter rushing home to his computer to dredge up every piece of her personal history he could find on the Internet. On the next date he surprised her with intimate details of her life and, fortunately for Patel, wasn't immediately branded as a stalker. Three weeks later, they were married.
...
Abika's overwhelming success -- the company processed more than three million personal information requests just last year -- combined with its relative ease of use has slowly attracted the attention of both domestic and foreign privacy watchdogs. The Electronic Privacy Information Center in Washington, for example, has warned of the perils of unregulated data mining, lax enforcement of the Fair Credit Reporting Act (a federal law enacted to prevent improper disclosure of personal financial history) and the overarching potential for identity theft.
...
The Canadian Internet Policy and Public Interest Clinic at the University of Ottawa has expressed similar concerns, particularly over the inaccuracies of Abika's psychological profiling methods and their potential for unfair discrimination and commercial abuse, and has filed complaints against Abika with the privacy commissioner of Canada and the U.S. Federal Trade Commission. To date, however, neither EPIC nor CIPPIC has made any progress toward curtailing this nascent industry.
Critics of these privacy groups note that most of the information in question is technically "public," albeit fragmented, and hence companies like Abika cannot be faulted for the mere acts of aggregation and inference. In an increasingly connected world, the rise of Abika and its brethren seem almost inevitable -- natural by-products of globalization and the growing culture of communication. Early warnings by parents and grade-school teachers ("don't say or do anything you might later regret") come to mind, with substantially more bite.
A potential error in this line of reasoning, however, lies in equating "public" with "equally publicly accessible." As EPIC has often noted, much of the information gleaned by data-mining companies comes from the expensive purchase of consumer records from other companies, an endeavor far from the reach of the average citizen. Accordingly, an immediate institutional and monetary bias in access is realized, forging an intrinsic difference in the meaning of "publicly accessible" for the individual and "publicly accessible" for the corporation, the latter being more comprehensive and inclusive.
As a result, individuals are inherently disadvantaged not only in knowing what information is known about them but also, importantly, who knows such information and whether it is indeed correct. This becomes acutely germane when faulty conclusions are drawn upon incorrect information (say, when a firm rejects a job applicant based upon erroneous data concerning past criminal/social history) or when extrapolated statistical conclusions are used to predict future behaviors (say, when law enforcement personnel, who are becoming quite fond of Abika's services, are identifying suspects)...."
Labels: identity theft, information breaches, privacy
The Canadian Privacy Law Blog is licensed under a
Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License.