The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.

Search this blog

Recent Posts

On Twitter

About this page and the author

The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.

For full contact information and a brief bio, please see David's profile.

Please note that I am only able to provide legal advice to clients. I am not able to provide free legal advice. Any unsolicited information sent to David Fraser cannot be considered to be solicitor-client privileged.

David Fraser's Facebook profile

Privacy Calendar

Archives

Links

Subscribe with Bloglines

RSS Atom Feed

RSS FEED for this site

Subscribe to this Blog as a Yahoo! Group/Mailing List
Powered by groups.yahoo.com

Subscribe with Bloglines
Add to Technorati Favorites!

Blogs I Follow

Small Print

The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.

This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.

Thursday, November 26, 2009

Use, overuse and abuse of privacy laws 

A very good commentary from the Victoria Times Colonist. Fave quote: "It was a good example of how privacy law has vastly enhanced officials' first inclination to say "no" to every request."

Privacy law helps the government hide

Les Leyne

Times Colonist

Thursday, November 26, 2009

When reporters were briefed a couple of weeks ago on how the Olympic torch relay would go down, they were told no identities of the runners would be supplied, because of "privacy law."

Apparently the people who eagerly volunteered to wear bright white suits while carrying burning torches in front of TV cameras and thousands of people wanted their privacy, along with all the fame and glory.

They wanted no such thing, of course. They were only too happy to joyously volunteer their names on their own. The edict was simply the decision of torch functionaries eager to exercise some of their authority. It was a good example of how privacy law has vastly enhanced officials' first inclination to say "no" to every request.

So it's very enlightening to see how the "privacy law" is bearing up in the scandalous situation uncovered by the Times Colonist last week.

It's useless. It's being cited and ignored at the same time. In the face of a crystal-clear gross violation of taxpayers' privacy -- by a bureaucrat, no less -- the vaunted privacy law is a joke. It's only been handy so far when it comes to trying to cover up this botch.

A ministry caseworker in Victoria with what's likely malevolent intent carted home documents with personal information of some 1,400 clients of the government.

Police are still investigating, but at this point it looks like the man had a lot of the material you'd need to go into the lucrative fake ID business in a fairly big way.

It fell to Citizens' Services Minister Ben Stewart to explain this mess. And his explanation has turned into a mess itself.

He gave every indication last week to Times Colonist reporters Lindsay Kines and Rob Shaw that the government was responding with alacrity to this emergency. His version of the government's reaction looked pretty good -- for him.

He's the action figure who alerted some officials, contacted all the citizens involved, helped get the employee fired and started an investigation.

What he left out of the story was the fact that the government knew about this for months, and did nothing. Stewart skated right past the central point -- government officials have been aware for seven months that the privacy of 1,400 people had been violated. And they only started acting on the emergency last month.

Confronted with this yesterday, Stewart offered some explanations that are nothing short of baffling.

"The reality is, I as minister responsible, when I found out about it, I immediately asked my staff . . . to make an investigation into the matters as to the timelines and why in fact it had taken as long as it did."

So the investigation isn't just about the employee. It's about why nobody bothered to tell the minister responsible about the breach for several months. That's quite a refinement on the original version.

Stewart also said: "One of the things about the dates in this thing is that nobody is exactly clear in terms of what actually transpired from when the RCMP first made their discovery of these records."

Well, why on earth not?

It looks like some scam artist was interrupted while trying to run a con of some sort. RCMP nabbed him and told the government about it. And the government did nothing for months on end, other than continue employing and paying the suspect right up until last month.

Meanwhile, the personal ID information of 1,400 clients went God knows where. It doesn't look like illicit use was made of it. But it sure wasn't for lack of opportunity.

Why was the guy kept on the payroll? Why did it take so long? What was the government doing?

There must be some answers. But you likely won't get them for a while. Because we've got a privacy law.

Just So You Know: The ministry sent a letter to the individuals involved.

It's a gracious, heartfelt apology with an assurance that the government is working hard to correct the problem.

Only some of the letters went to the wrong people. So people who got letters addressed to other people were advised to send them back, or destroy them.

11/26/2009 11:40:00 AM  :: (1 comments)  ::  Backlinks
Comments:
Look on Wikipedia about the Canadian Privacy Laws ... they seem toothless.

The remedy is to go to the Privacy Commissioner, who has no power only to make non binding arbitration report to both parties.
 
Post a Comment

Links to this post:

Create a Link

This page is powered by Blogger. Isn't yours? Creative Commons License
The Canadian Privacy Law Blog is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License. lawyer blogs