Privacy or Service: Must We Be Forced to Choose?

by Bruce Phillips

PRIVACY OR SERVICE: MUST WE BE FORCED TO CHOOSE?

Bruce Phillips, Privacy Commissioner of Canada to the New Brunswick Legislative Library Noon Hour Talk

Fredericton, New Brunswick

February 22, 1996

Check against delivery

First, thank you for this opportunity to return to Fredericton to deliver this Noon Hour Talk to legislators and interested citizens. I was fortunate enough to be invited to talk to a government symposium on the information highway a little over two years ago. I'm not sure whether this return engagement means no-one understood me the first time--or it was soporific enough not to upset anyone's digestion.

My best guess is that you are probably wondering how a journalist--an inveterate invader of privacy and compulsive blabber--came to be Canada's Privacy Commissioner. Sort of "fox in charge of the chicken coop", isn't it? Almost sadistic--put him in charge of all this neat stuff and he can't write a word of it--ever.

However, there is a natural symbiosis between privacy and journalism. Journalists--good ones, anyway, or ethical or responsible ones, and certainly the ones that are represented by my generation when, I believe, we paid more attention to some of the ethical questions of journalism--early on realized that you had to try to balance the public and the private interests when dealing with personal information.

The observant among you -- and I am certain that this comprises the entire audience -- may have noticed that my name is ungraced, or unburdened, by any academic suffixes. In my time, back in the '40s, the entry qualifications for journalism were fairly straightforward. You were expected to be able to spell competently, write simple declarative sentences in the English language, and have an inquiring mind, but you did not need a university degree. Some people are unkind enough to suggest that the situation now in journalism is exactly reversed. I personally wouldn't say that, but in those days--and I certainly wouldn't recommend it for anybody now-- the assumption was that if you got in early, you'd pick up a pretty good education along the way.

The very first day that I ever spent at a newspaper--46 years ago, now that I think about it--I was about to roll a sheet of paper into my typewriter carriage, and the editor came over and said, "What are you about to do, Phillips?"

"Well, Mr. McKay, I'm going to write an obituary." That's what cub reporters in those days did as their first assignments.

McKay replied, "every time you put a piece of paper into that typewriter carriage, and you're about to put somebody's name on it, you bear the responsibility for anything that happens to the reputation of that person thereafter. Remember that." It is a lesson that I try to live by--not always successfully, I admit. In the news business, there are pressures of a competitive nature and your own desire to tell stories that sometimes gets in the way. However, I think I did have a good, basic understanding by the time I became the Privacy Commissioner of Canada.

So now here I am, in my third career, and I must say I thank whatever gods preside over these chances and decisions, because I have found in the role of privacy commissioner both an issue which is of seminal importance to our society, and a challenge in bringing it forward that offers ample room for the exercise of anyone's energies and talents. The latter particularly in view of what is laughingly referred to as my budget. Was there ever a government official who didn't moan about his or her budget? But it must be a first when a federal officer of Parliament abused the hospitality of the Legislative Librarian. It was a great lunch, Erik.

First of all, let me briefly describe what I do, because there are some fairly widespread misconceptions. What I most emphatically do not do, is to rummage through anybody's secrets and files, at least not unless the person to whom the information relates asks me to do so.

The Privacy Commissioner is an ombudsperson, appointed to act on behalf of anyone present in Canada who has a complaint or an inquiry about the federal government's management of his or her personal information. And, of course, that's a lot of information--tax files, pension records, veterans' medical reports, immigration case files; on average, the federal government has personal information about every person in the country in about 25 different files.

I operate under a federal statute -- the Privacy Act -- which sets out the terms under which the government can collect, use, store and dispose of personal information. These rules generally reflect what is known in my trade as the Code of Fair Information Practices -- an internationally accepted set of standards evident in most privacy laws around the world.

Briefly, that code states that the government shall collect only the information it needs to operate programs, that information shall not be used for purposes other than those for which it was collected, that it shall not be disclosed without consent of the individuals concerned, that those individuals shall have access to that information and a right to contest its accuracy, and that the information shall be retained and disposed of according to a system that safeguards these privacy interests.

Naturally, there are exceptions and exemptions in the law. For example, if the RCMP were investigating a drug [bank] heist, it would make little sense to grant the suspected drug dealer [bank robber] access to his files. Our security agencies have broad rights to refuse access, for similar reasons.

Finally, the Act provides for a privacy commissioner to investigate complaints, and to examine federal information management practices generally to ensure compliance with the Act.

I am an independent Officer of Parliament, that's to say, I report to no minister or department, but directly to Parliament, to certify my independence of the government and bureaucracy.

Under this Act, my small office--37 staff--conducts an average of 1,500 investigations a year, handles thousands of inquiries from citizens wanting to know more about their privacy rights, and attempts to monitor federal legislation and new information technology to foresee where the next privacy threats will emerge. So we're a busy place.

Let me give you a practical example. Suppose one of you writes to a federal government department--let's say, Human Resources--asking for some details from your Unemployment Insurance file, and the department refuses. You may then complain to my office. We have a right, on your behalf, to look at that file and decide whether the department is right or wrong in denying you access. If we think the department is wrong, we say so and recommend that it be given to you. If our recommendation is denied, we have a right to go to court on your behalf.

But you are not restricted to simply gaining access to your records on your behalf. The Act also gives you the right to ask to have errors corrected. If the information is subjective -- for example, opinions or comments about you with which you disagree -- you have the right to have your version of the situation put on the file for anyone examining the records to see.

Perhaps most important of the information rights you enjoy is that of challenging the federal government's collection, use and disclosure of your personal information. It was this right that 35 Canadians used to question the government's conduct of the last census. Complainants questioned why they were being asked to disclose who spent the night of the census with them. They wondered why their religion or their physical and mental conditions were relevant to what many described a national head count. Some women objected to reporting the number of live births on a form they shared with other family members--parent or spouses--who may not have known. Several other complaints focussed on the actual collection of the data and how it threatened personal privacy.

Apart from being a fascinating examination of the history and mechanics of the federal government's largest and most personal collection of data, it was also an interesting philosophical exercise. Where does a modern information society, which delivers a broad range of social programs, draw the line between efficiency and effectiveness--and becoming the all-knowing, all-seeing Big Brother. I'm sorry to have to tell you that there was no flash of lightning and no answers delivered on stone tablets. In the final analysis, the politicians--in this case, the federal Cabinet- -has to decide. And they then take the heat for their decision.

Nevertheless, after considerable discussion and continuing gentle pressure, there will be no questions about religion, or number of live births, or who spent census night where on this year's census. And the personal identification of the respondents will be destroyed once the statistical validation is done. In my view, destruction of the personal link to the very personal data gathered on the long form is one effective answer to growing privacy concerns about the census.

The resolution of the census complaints is an effective illustration of my role as an ombudsman. I don't have the power to order a government agency to take a particular action. What I have is some knowledge of the government and its operations, the power to investigate and gather evidence, and experience in dealing with individuals and resolving problems and, finally, some credibility with government departments. The beauty of the ombudsman function--often sneeringly dismissed as that of a "toothless tiger" --is its flexibility. Ombudsmen occasionally get to ask those questions that are sent to try lawyers' patience: "It may be legal, but is it fair?"

In practice, there is a high degree of acceptance of my recommendations. In the 13 years that my office has existed, thousands of Canadians have been directly helped, and not incidentally, thousands of bureaucrats have been sensitized to their obligations to respect the privacy rights of their fellow citizens. Ultimately, this sensitization may help all Canadians as they struggle to preserve this fundamental human right.

But there is another dimension to this office, certainly as important as the ombudsman's role, which has been imposed by the breathtaking advances in technology. Technology is transforming the management of personal information. We are in the midst of a revolution which will inflict profound changes on our society -- perhaps not as dramatic as the discovery of fire or the invention of the wheel -- but certainly as profound as the printing press and the automobile.

I speak of course of the evolution of the computer and its many companions in communications, such as fibre optics and satellite transmission. These technologies are changing the way the world functions. They are certainly changing the way we relate to one another. And they clearly pose enormous threats to our traditional concepts of our right as private individuals to claim control over what the world knows about us.

It is now possible -- in fact, it is now a reality -- that vast amounts of information about us are being collected, massaged, manipulated, bought and sold - - often without our knowledge or consent, and frequently with our unwitting compliance. Fill out a contest application, complete a warranty card, make a purchase with a credit card, join a frequent flyer program, and you are adding to the stockpile of interconnected sources of information about you. Although the consequences of this massive agglomeration of personal information are not easy to measure, there is clearly a great possibility of harm to our personal autonomy. And let's remember that this autonomy -- or freedom, to use a more direct term -- is essential to the preservation of our concept of civilized and democratic society.

In these circumstances, I see my most pressing duty to do what I can to inform Parliament and the public about the impact of these technologies on personal privacy. And I make suggestions about the defences we need to erect if we are to enjoy the undoubted benefits of all these marvellous new inventions without casting away values and rights which have been built up over centuries of human experience -- frequently at great cost -- and which are fundamental to our concept of a decent social contract.

This is not a duty imposed formally by the Privacy Act. Many of the issues that technology poses were only dimly perceived -- if perceived at all -- at the time the Privacy Act was written. In fact, where technology is concerned, the crystal ball has proved very cloudy indeed. For instance, an American businessman back in the mid-forties proclaimed that he could see a world market for about five computers. That businessman was Thomas Watson, at that time chairman of IBM, now one of the world's major suppliers of computers.

But now you can't pick up a paper on any day without reading something about these issues. Just a quick sampling of the last few days' newspapers demonstrates: widening concern about pornography on the Internet; about Alberta's introduction of a computerized system of medical records of every Alberta citizen; about the apparently unauthorized disclosure of videotapes smuggled out of prisons; about the collection of personal medical records in a database in the United States operated by the insurance industry.

And, in case you missed it, a firestorm about Ontario's supposed plan to introduce a multi-function smart card--including driver's license, welfare and health card. The Minister responsible for this initiative praised the card as being able to keep a timely record of citizens' use of the system -- and I quote from the press report -- "like Visa or Master Card, where they can tell you where you were an hour ago and how much you spent, that would be a great step forward for the health system in Ontario" .

Is there something in this, and like proposals that stirs the hair on the back of your neck? It didn't take long for someone to observe that the proposal was a giant leap backward for individual liberty in a democracy.

Let me give you another example, not in the government sector. Many of you will have heard of Internet "news groups" or "discussion groups". Many of you may participate. There are several thousands of these groups, covering almost every conceivable topic -- from politics to bestiality. Anyone interested in the particular topic can send, or "post" articles to these news groups for all and sundry others to read.

Clearly, there is no privacy intrusion here. The sender of the article wants the article to be read and is usually willing to identify him- or herself as the author.

However, clever Internet technophiles have now gone one step further. You or I or anyone else with an Internet connection can now ask to see all the information posted by a given person on Internet discussion groups. Instead of seeing individual posted articles, however, you can now see the pattern of that person's postings -- something that the person likely did not intend to be disclosed to the world.

A staff member tried out this new service by examining the messages he had posted to Internet news groups in which he had a personal interest. All he did was type in his name. Within a few seconds he received a list of all mentions of his name in Internet newsgroups. He then used the same process to learn more about one of the people who had responded to one of his posting. Through a search that took only a further few seconds, he found that this person -- from British Columbia -- had posted 69 messages to 13 different discussion groups within the past two months. Some of those groups were debating gun control in Canada. Others were discussing our current drug laws. Still others related to Quebec politics, Canadian culture, and British Columbia politics. We were able to read every one of those messages. We were able to assemble a collective "profile" of this person from his postings -- something he likely never intended.

Now, as I said earlier, this person wanted the messages he sent to various discussion groups to be made public. Otherwise he would not have sent them. But would that person want the pattern of his interests -- his profile of social concerns and political beliefs-- to be accessible to anyone, anywhere in the world, through an Internet connection? As recently as two weeks ago, another of my staff had to break the news to a journalist that her Internet communications were available to anyone. This is one of the many unresolved privacy quandaries that the Internet hath wrought.

There are, in fact, few limits to the number of ways in which technology is being used to gather information about us. And governments, in the pursuit of economy and efficiency will be there with the rest. For example, a new smart card program at Revenue Canada will streamline customs clearance. The program allows travellers to be verified and to make declarations at a machine instead of in front of a customs officer.

Applicants pre-register by providing proof of citizenship, and allowing Revenue Canada to take their fingerprints, a photograph and a hand geometry image. Once a security check clears applicants for acceptance into the program, they receive a card encoded with their digitally encoded fingerprints. The card identifies them as low-risk travellers who can then enter Canada through a special line without being interviewed by a Customs inspector. They will be cleared by a kiosk card-reader instead. They simply insert their card into the reader and put their hand on a scanner which compares the image with the card. They can then make any declarations and charge any duties automatically to their credit card.

There is growing pressure to introduce ever more detailed systems of personal identification. The private sector will be increasingly involved in delivering government services or benefits electronically. Ontario is considering offering the private sector an opportunity to participate in that super smart-card plan, if it will save money.

So what? Is this necessarily a bad thing? If governments improve efficiency and cost us less, don't we all benefit? The answer is--it depends. Sharing these delivery systems with--or contracting them to--the private sector brings with it the prospect that private sector providers will become major repositories of vast databases on Canadians. This means that Canadians will be required to use some sort of access and identification device, almost inevitably an identity card, to receive the benefits of electronically-delivered benefits or services. And it means that, as the law now stands, Canadians have no legal rights to protect that information in the hands of the private sector.

This is a prospect that is worrisome for many. Witness the continuing controversy of the SIN. When was the last time you were asked for your income tax and social benefit number for something as trivial as to rent a video, or sign your child up for minor hockey, or to get a library card. The corporate world has an inexhaustible appetite for more and more personal information, and goes to infinite and ingenious ways to collect it, offering all kinds of inducements to the unwary if they will just fill in forms giving their entire life story. And your SIN gives them just the common identifier for assembling masses of information about you.

Never mind the whiz-bang high-tech stuff. Did you know that when you do something as mundane as use a bank machine, or ride in an elevator or eat in some restaurants you're being watched by a surveillance camera?

Did you know that talking on a cellular telephone is effectively the same thing as broadcasting your words to anyone who cares to listen?

And, for that matter, did you know that every time you buy something by mail order, enter a contest, call a toll-free 800 line, return a product warranty card or subscribe to a magazine, you are giving someone somewhere information about yourself.

Did you know that your Internet viewing habits -- what sites you visit, what information you choose to retrieve -- are all available to those with even only a modest amount of technical expertise?

That's where all that junk mail and marketing calls come from. The magazine you subscribed to puts your name and address on an updated list and sells it to a mailing list broker. Your order from that mail order house triggers your name on a "hot" list of people who have made recent purchases by mail. Suddenly your mailbox is overflowing with catalogues. The company operating the toll-free 800 line you called for information on a product now has your telephone number. In an age of CD-Roms that link your number to your name and address, direct marketing is a piece of cake. And maybe one day your Internet viewing habits -- the fact that you looked up the Playboy or Penthouse sites or, out of human curiosity, visited a computer site that spewed out far-right propaganda -- will become fodder in dirty political campaigns or blackmail attempts.

In the biomedical sphere, more businesses are resorting to highly questionable drug testing of their employees, to video surveillance of the workplace, and are eyeing the potential of genetic science as another possible tool for refining personnel employment and administration policies. Truly, we have become, almost overnight, a surveillance society.

These technologies are not necessarily bad in themselves. On the contrary, many of them improve efficiency, provide convenience and advance medical treatment. They are here to stay, and many more are likely. The real issue is whether in the process of embracing all this technology we are going to put in place proper safeguards--safeguards that will ensure the collectors and users of all this information operate in a way that respects the rights of the people whose information forms the basis of all those databanks.

Unhappily I have to say that legal defences against abuse are trailing far behind the technology. Many provinces have legislated broad privacy protection for individuals' government records; by that I mean both the right of access and correction, as well as legal controls on government collection, use and disclosure of personal data. The list of jurisdictions without comprehensive protection is shrinking: the Yukon, Prince Edward Island, Newfoundland...and New Brunswick. But with the single exception of Quebec, the entire corporate world operates free of any comprehensive privacy protection laws.

In my view, it is becoming increasingly difficult not to rectify this situation. In an age of Internet, smart health cards and shared delivery of government programs and services, Canadians are entitled to have their privacy protected by some basic legal standard which everyone in the nation is expected to observe, whether it be public sector or private sector.

But we need more. We need an office of technological assessment, similar to one that functioned, until recently in the United States but now cut down by the scythe of bottom-liners. The OTA's duties were to consider how new technologies affect such fundamental values such as privacy, as well as give cogent and timely advice to bureaucrats and legislators concerning necessary remedies.

Above all, we need a much better informed and alert consumer public. I must, in that regard, give pretty high marks to the Canadian media. Journalists have understood the social and political implications of the issue and are doing a good job of following this story. However, I would like to see the issue given a far higher sense of priority and urgency in other places, particularly at the bureaucratic and political level.

Remember, we are not just talking about privacy here. In fact, privacy is an altogether inadequate word to describe this issue. We are talking about something much more fundamental: we are talking about the degree to which we are going to continue to offer each other a basic minimum of respect as individual autonomous human beings, entitled to recognition as unique and individual creatures on this earth, or whether we are prepared to offer ourselves up on the altar of technological domination in total digital subjection.

If we let technology become our god, we will certainly become technology's sheep.