Privacy or Service: Must We Be Forced to Choose?
by Bruce Phillips
PRIVACY OR SERVICE: MUST WE BE FORCED TO CHOOSE?
Bruce Phillips,
Privacy Commissioner of Canada
to the New Brunswick Legislative Library Noon Hour Talk
Fredericton, New Brunswick
February 22, 1996
Check against delivery
First, thank you for this opportunity to return to Fredericton to
deliver this Noon Hour Talk to legislators and interested citizens. I was
fortunate enough to be invited to talk to a government symposium on the
information highway a little over two years ago. I'm not sure whether this
return engagement means no-one understood me the first time--or it was
soporific enough not to upset anyone's digestion.
My best guess is that you are probably wondering how a journalist--an
inveterate invader of privacy and compulsive blabber--came to be Canada's
Privacy Commissioner. Sort of "fox in charge of the chicken coop", isn't it?
Almost sadistic--put him in charge of all this neat stuff and he can't write
a word of it--ever.
However, there is a natural symbiosis between privacy and journalism.
Journalists--good ones, anyway, or ethical or responsible ones, and certainly
the ones that are represented by my generation when, I believe, we paid more
attention to some of the ethical questions of journalism--early on realized
that you had to try to balance the public and the private interests when
dealing with personal information.
The observant among you -- and I am certain that this comprises the
entire audience -- may have noticed that my name is ungraced, or unburdened,
by any academic suffixes. In my time, back in the '40s, the entry
qualifications for journalism were fairly straightforward. You were expected
to be able to spell competently, write simple declarative sentences in the
English language, and have an inquiring mind, but you did not need a
university degree. Some people are unkind enough to suggest that the
situation now in journalism is exactly reversed. I personally wouldn't say
that, but in those days--and I certainly wouldn't recommend it for anybody
now-- the assumption was that if you got in early, you'd pick up a pretty
good education along the way.
The very first day that I ever spent at a newspaper--46 years ago, now
that I think about it--I was about to roll a sheet of paper into my
typewriter carriage, and the editor came over and said, "What are you about
to do, Phillips?"
"Well, Mr. McKay, I'm going to write an obituary." That's what cub
reporters in those days did as their first assignments.
McKay replied, "every time you put a piece of paper into that typewriter
carriage, and you're about to put somebody's name on it, you bear the
responsibility for anything that happens to the reputation of that person
thereafter. Remember that."
It is a lesson that I try to live by--not always successfully, I admit. In the
news business, there are pressures of a competitive nature and your own desire to tell stories that sometimes gets in the way. However, I think I did have a good, basic understanding by the time I became the Privacy Commissioner of Canada.
So now here I am, in my third career, and I must say I thank whatever
gods preside over these chances and decisions, because I have found in the
role of privacy commissioner both an issue which is of seminal importance to
our society, and a challenge in bringing it forward that offers ample room
for the exercise of anyone's energies and talents. The latter particularly
in view of what is laughingly referred to as my budget. Was there ever a
government official who didn't moan about his or her budget? But it must be
a first when a federal officer of Parliament abused the hospitality of the
Legislative Librarian. It was a great lunch, Erik.
First of all, let me briefly describe what I do, because there are some
fairly widespread misconceptions. What I most emphatically do not do, is to
rummage through anybody's secrets and files, at least not unless the person
to whom the information relates asks me to do so.
The Privacy Commissioner is an ombudsperson, appointed to act on behalf
of anyone present in Canada who has a complaint or an inquiry about the
federal government's management of his or her personal information. And, of
course, that's a lot of information--tax files, pension records, veterans'
medical reports, immigration case files; on average, the federal government
has personal information about every person in the country in about 25
different files.
I operate under a federal statute -- the Privacy Act -- which sets out
the terms under which the government can collect, use, store and dispose of
personal information. These rules generally reflect what is known in my
trade as the Code of Fair Information Practices -- an internationally
accepted set of standards evident in most privacy laws around the world.
Briefly, that code states that the government shall collect only the
information it needs to operate programs, that information shall not be used
for purposes other than those for which it was collected, that it shall not
be disclosed without consent of the individuals concerned, that those
individuals shall have access to that information and a right to contest its
accuracy, and that the information shall be retained and disposed of
according to a system that safeguards these privacy interests.
Naturally, there are exceptions and exemptions in the law. For example,
if the RCMP were investigating a drug [bank] heist, it would make little
sense to grant the suspected drug dealer [bank robber] access to his files.
Our security agencies have broad rights to refuse access, for similar reasons.
Finally, the Act provides for a privacy commissioner to investigate
complaints, and to examine federal information management practices generally to
ensure compliance with the Act.
I am an independent Officer of Parliament, that's to say, I report to no
minister or department, but directly to Parliament, to certify my
independence of the government and bureaucracy.
Under this Act, my small office--37 staff--conducts an average of 1,500
investigations a year, handles thousands of inquiries from citizens wanting
to know more about their privacy rights, and attempts to monitor federal
legislation and new information technology to foresee where the next privacy
threats will emerge. So we're a busy place.
Let me give you a practical example. Suppose one of you writes to a
federal government department--let's say, Human Resources--asking for some
details from your Unemployment Insurance file, and the department refuses.
You may then complain to my office. We have a right, on your behalf, to look
at that file and decide whether the department is right or wrong in denying
you access. If we think the department is wrong, we say so and recommend
that it be given to you. If our recommendation is denied, we have a right to
go to court on your behalf.
But you are not restricted to simply gaining access to your records on
your behalf. The Act also gives you the right to ask to have errors
corrected. If the information is subjective -- for example, opinions or
comments about you with which you disagree -- you have the right to have your
version of the situation put on the file for anyone examining the records to
see.
Perhaps most important of the information rights you enjoy is that of
challenging the federal government's collection, use and disclosure of your personal information. It was this right that 35 Canadians used to question the government's conduct of the last census. Complainants questioned why they were being asked to disclose who spent the night of the census with them. They wondered why their religion or their physical and mental conditions were relevant to what many described a national head count. Some women objected to reporting the number of live births on a form they shared with other family members--parent or spouses--who may not have known. Several other complaints focussed on the actual collection of the data and how it threatened personal privacy.
Apart from being a fascinating examination of the history and mechanics of
the federal government's largest and most personal collection of data, it was also
an interesting philosophical exercise. Where does a modern information society,
which delivers a broad range of social programs, draw the line between efficiency
and effectiveness--and becoming the all-knowing, all-seeing Big Brother. I'm sorry
to have to tell you that there was no flash of lightning and no answers delivered on
stone tablets. In the final analysis, the politicians--in this case, the federal Cabinet-
-has to decide. And they then take the heat for their decision.
Nevertheless, after considerable discussion and continuing gentle pressure,
there will be no questions about religion, or number of live births, or who spent
census night where on this year's census. And the personal identification of the
respondents will be destroyed once the statistical validation is done. In my view,
destruction of the personal link to the very personal data gathered on the long form
is one effective answer to growing privacy concerns about the census.
The resolution of the census complaints is an effective illustration of my role
as an ombudsman. I don't have the power to order a government agency to take a
particular action. What I have is some knowledge of the government and its
operations, the power to investigate and gather evidence, and experience in dealing
with individuals and resolving problems and, finally, some credibility with
government departments. The beauty of the ombudsman function--often
sneeringly dismissed as that of a "toothless tiger" --is its flexibility. Ombudsmen
occasionally get to ask those questions that are sent to try lawyers' patience: "It
may be legal, but is it fair?"
In practice, there is a high degree of acceptance of my recommendations. In
the 13 years that my office has existed, thousands of Canadians have been directly
helped, and not incidentally, thousands of bureaucrats have been sensitized to their
obligations to respect the privacy rights of their fellow citizens. Ultimately, this
sensitization may help all Canadians as they struggle to preserve this fundamental
human right.
But there is another dimension to this office, certainly as important as the
ombudsman's role, which has been imposed by the breathtaking advances in
technology. Technology is transforming the management of personal information.
We are in the midst of a revolution which will inflict profound changes on our
society -- perhaps not as dramatic as the discovery of fire or the invention of the
wheel -- but certainly as profound as the printing press and the automobile.
I speak of course of the evolution of the computer and its many companions
in communications, such as fibre optics and satellite transmission. These
technologies are changing the way the world functions. They are certainly
changing the way we relate to one another. And they clearly pose enormous
threats to our traditional concepts of our right as private individuals to claim control
over what the world knows about us.
It is now possible -- in fact, it is now a reality -- that vast amounts of
information about us are being collected, massaged, manipulated, bought and sold -
- often without our knowledge or consent, and frequently with our unwitting
compliance. Fill out a contest application, complete a warranty card, make a
purchase with a credit card, join a frequent flyer program, and you are adding to
the stockpile of interconnected sources of information about you. Although the
consequences of this massive agglomeration of personal information are not easy
to measure, there is clearly a great possibility of harm to our personal autonomy.
And let's remember that this autonomy -- or freedom, to use a more direct term --
is essential to the preservation of our concept of civilized and democratic society.
In these circumstances, I see my most pressing duty to do what I can to
inform Parliament and the public about the impact of these technologies on
personal privacy. And I make suggestions about the defences we need to erect if
we are to enjoy the undoubted benefits of all these marvellous new inventions
without casting away values and rights which have been built up over centuries of
human experience -- frequently at great cost -- and which are fundamental to our
concept of a decent social contract.
This is not a duty imposed formally by the Privacy Act. Many of the issues
that technology poses were only dimly perceived -- if perceived at all -- at the time
the Privacy Act was written. In fact, where technology is concerned, the crystal
ball has proved very cloudy indeed. For instance, an American businessman back
in the mid-forties proclaimed that he could see a world market for about five
computers. That businessman was Thomas Watson, at that time chairman of IBM,
now one of the world's major suppliers of computers.
But now you can't pick up a paper on any day without reading something
about these issues. Just a quick sampling of the last few days' newspapers
demonstrates: widening concern about pornography on the Internet; about
Alberta's introduction of a computerized system of medical records of every
Alberta citizen; about the apparently unauthorized disclosure of videotapes
smuggled out of prisons; about the collection of personal medical records in a
database in the United States operated by the insurance industry.
And, in case you missed it, a firestorm about Ontario's supposed plan to
introduce a multi-function smart card--including driver's license, welfare and health
card. The Minister responsible for this initiative praised the card as being able to
keep a timely record of citizens' use of the system -- and I quote from the press
report -- "like Visa or Master Card, where they can tell you where you were an
hour ago and how much you spent, that would be a great step forward for the
health system in Ontario" .
Is there something in this, and like proposals that stirs the hair on the back
of your neck? It didn't take long for someone to observe that the proposal was a
giant leap backward for individual liberty in a democracy.
Let me give you another example, not in the government sector. Many of
you will have heard of Internet "news groups" or "discussion groups". Many of
you may participate. There are several thousands of these groups, covering almost
every conceivable topic -- from politics to bestiality. Anyone interested in the
particular topic can send, or "post" articles to these news groups for all and sundry
others to read.
Clearly, there is no privacy intrusion here. The sender of the article wants
the article to be read and is usually willing to identify him- or herself as the author.
However, clever Internet technophiles have now gone one step further. You
or I or anyone else with an Internet connection can now ask to see all the
information posted by a given person on Internet discussion groups. Instead of
seeing individual posted articles, however, you can now see the pattern of that
person's postings -- something that the person likely did not intend to be disclosed
to the world.
A staff member tried out this new service by examining the messages he
had posted to Internet news groups in which he had a personal interest. All he did
was type in his name. Within a few seconds he received a list of all mentions of
his name in Internet newsgroups. He then used the same process to learn more
about one of the people who had responded to one of his posting. Through a
search that took only a further few seconds, he found that this person -- from
British Columbia -- had posted 69 messages to 13 different discussion groups
within the past two months. Some of those groups were debating gun control in
Canada. Others were discussing our current drug laws. Still others related to
Quebec politics, Canadian culture, and British Columbia politics. We were able to
read every one of those messages. We were able to assemble a collective "profile"
of this person from his postings -- something he likely never intended.
Now, as I said earlier, this person wanted the messages he sent to various
discussion groups to be made public. Otherwise he would not have sent them.
But would that person want the pattern of his interests -- his profile of social
concerns and political beliefs-- to be accessible to anyone, anywhere in the world,
through an Internet connection? As recently as two weeks ago, another of my
staff had to break the news to a journalist that her Internet communications were
available to anyone. This is one of the many unresolved privacy quandaries that
the Internet hath wrought.
There are, in fact, few limits to the number of ways in which technology is
being used to gather information about us. And governments, in the pursuit of
economy and efficiency will be there with the rest. For example, a new smart card
program at Revenue Canada will streamline customs clearance. The program allows
travellers to be verified and to make declarations at a machine instead of in front of
a customs officer.
Applicants pre-register by providing proof of citizenship, and allowing
Revenue Canada to take their fingerprints, a photograph and a hand geometry
image. Once a security check clears applicants for acceptance into the program,
they receive a card encoded with their digitally encoded fingerprints. The card
identifies them as low-risk travellers who can then enter Canada through a special
line without being interviewed by a Customs inspector. They will be cleared by a
kiosk card-reader instead. They simply insert their card into the reader and put
their hand on a scanner which compares the image with the card. They can then
make any declarations and charge any duties automatically to their credit card.
There is growing pressure to introduce ever more detailed systems of
personal identification. The private sector will be increasingly involved in delivering
government services or benefits electronically. Ontario is considering offering the
private sector an opportunity to participate in that super smart-card plan, if it will
save money.
So what? Is this necessarily a bad thing? If governments improve efficiency
and cost us less, don't we all benefit? The answer is--it depends. Sharing these
delivery systems with--or contracting them to--the private sector brings with it the
prospect that private sector providers will become major repositories of vast
databases on Canadians. This means that Canadians will be required to use some
sort of access and identification device, almost inevitably an identity card, to
receive the benefits of electronically-delivered benefits or services. And it means
that, as the law now stands, Canadians have no legal rights to protect that
information in the hands of the private sector.
This is a prospect that is worrisome for many. Witness the continuing
controversy of the SIN. When was the last time you were asked for your income
tax and social benefit number for something as trivial as to rent a video, or sign
your child up for minor hockey, or to get a library card. The corporate world has an
inexhaustible appetite for more and more personal information, and goes to infinite
and ingenious ways to collect it, offering all kinds of inducements to the unwary if
they will just fill in forms giving their entire life story. And your SIN gives them just
the common identifier for assembling masses of information about you.
Never mind the whiz-bang high-tech stuff. Did you know that when you do
something as mundane as use a bank machine, or ride in an elevator or eat in some
restaurants you're being watched by a surveillance camera?
Did you know that talking on a cellular telephone is effectively the same
thing as broadcasting your words to anyone who cares to listen?
And, for that matter, did you know that every time you buy something by
mail order, enter a contest, call a toll-free 800 line, return a product warranty card
or subscribe to a magazine, you are giving someone somewhere information about
yourself.
Did you know that your Internet viewing habits -- what sites you visit, what
information you choose to retrieve -- are all available to those with even only a
modest amount of technical expertise?
That's where all that junk mail and marketing calls come from. The
magazine you subscribed to puts your name and address on an updated list and
sells it to a mailing list broker. Your order from that mail order house triggers your
name on a "hot" list of people who have made recent purchases by mail. Suddenly
your mailbox is overflowing with catalogues. The company operating the toll-free
800 line you called for information on a product now has your telephone number.
In an age of CD-Roms that link your number to your name and address, direct
marketing is a piece of cake. And maybe one day your Internet viewing habits --
the fact that you looked up the Playboy or Penthouse sites or, out of human
curiosity, visited a computer site that spewed out far-right propaganda -- will
become fodder in dirty political campaigns or blackmail attempts.
In the biomedical sphere, more businesses are resorting to highly
questionable drug testing of their employees, to video surveillance of the
workplace, and are eyeing the potential of genetic science as another possible tool
for refining personnel employment and administration policies. Truly, we have
become, almost overnight, a surveillance society.
These technologies are not necessarily bad in themselves. On the contrary,
many of them improve efficiency, provide convenience and advance medical
treatment. They are here to stay, and many more are likely. The real issue is
whether in the process of embracing all this technology we are going to put in
place proper safeguards--safeguards that will ensure the collectors and users of all
this information operate in a way that respects the rights of the people whose
information forms the basis of all those databanks.
Unhappily I have to say that legal defences against abuse are trailing
far behind the technology. Many provinces have legislated broad privacy
protection for individuals' government records; by that I mean both the
right of access and correction, as well as legal controls on government
collection, use and disclosure of personal data. The list of jurisdictions
without comprehensive protection is shrinking: the Yukon, Prince Edward
Island, Newfoundland...and New Brunswick. But with the single exception of
Quebec, the entire corporate world operates free of any comprehensive
privacy protection laws.
In my view, it is becoming increasingly difficult not to rectify this situation.
In an age of Internet, smart health cards and shared delivery of government
programs and services, Canadians are entitled to have their privacy protected by
some basic legal standard which everyone in the nation is expected to observe,
whether it be public sector or private sector.
But we need more. We need an office of technological assessment, similar
to one that functioned, until recently in the United States but now cut down by
the scythe of bottom-liners. The OTA's duties were to consider how new
technologies affect such fundamental values such as privacy, as well as give
cogent and timely advice to bureaucrats and legislators concerning necessary
remedies.
Above all, we need a much better informed and alert consumer public. I
must, in that regard, give pretty high marks to the Canadian media.
Journalists have understood the social and political implications of the
issue and are doing a good job of following this story. However, I would
like to see the issue given a far higher sense of priority and urgency in
other places, particularly at the bureaucratic and political level.
Remember, we are not just talking about privacy here. In fact, privacy
is an altogether inadequate word to describe this issue. We are talking
about something much more fundamental: we are talking about the degree to
which we are going to continue to offer each other a basic minimum of respect
as individual autonomous human beings, entitled to recognition as unique and
individual creatures on this earth, or whether we are prepared to offer
ourselves up on the altar of technological domination in total digital
subjection.
If we let technology become our god, we will certainly become
technology's sheep.
|