Privacy - News

  • – 2022-10-13 –

    Professor Jane Bailey offered submissions on behalf of CIPPIC at the hearing of R v Downes, an important voyeurism case. This issue before the Court involved the interpretation of the "place" provisions of the Criminal Code's prohibitions against voyeurism. These provisions protect Canadians against surreptitious observation and recording when we have a reasonable expectation of privacy and are in “a place in which a person can reasonably be expected to be nude...”.

     

  • – 2022-05-02 –

    CIPPIC, working with the eQuality Project, has filed a motion in the Supreme Court of Canada to intervene in the appeal of R. v. Downes, 2022 BCCA 8, a British Columbia Court of Appeal decision, where a coach was charged under the voyeurism provisions of the Criminal Code for surreptitiously taking photographs of pre-teens in their underwear in a sports facility's change room. The majority of the Court Appeal overturned the conviction, ruling that the photographs were not taken in "places in which a person could reasonably be expected to be nude".

    CIPPIC will be arguing that the voyeurism provisions ought to be interpreted by framing them within the broader context of the privacy and equality rights of voyeurism targets, including women, children, and members of other equality-seeking communities.

  • – 2021-01-27 –

    Today, CIPPIC presented its intervention in a hearing before the Federal Court as part of a reference launched by the Office of the Privacy Commissioner of Canada. At issue is the degree to which PIPEDA - Canada's federal privacy law - applies to activities of commercial search engines.

    As noted in our written submissions:

    1. PIPEDA applies to commercial search engines.

    2. In order to determine whether personal information is collected, used or disclosed in the course of commercial activities under s. 4(1)(a) of PIPEDA, the Court must evaluate the relationship between that information and the organization’s business model. The commercial value of most Internet companies and social media platforms is derived by providing a free service to attract user’s time, attention and personal information, which is then monetized through advertising, tracking and profiling. A restrictive definition of “commercial activity” which includes nothing but discrete, revenue-generating interactions ignores precisely the kinds of business models that drive the digital economy and that PIPEDA was intended to regulate.

    3. Whether the collection, use or disclosure of personal information is undertaken for exclusively “journalistic” purposes must be determined with reference to Parliament’s intent and the constitutional rationale for the exclusion set out in s. 4(2)(c) of PIPEDA. This analysis must account for the particular role played by a free, adversarial and independent press in a democratic society—through newsgathering, source protection, the exercise of professional discipline and editorial judgement, and a commitment to communication on matters of public interest. The fact that an organization happens to permit the dissemination or discovery of journalistic content through its platform is not sufficient to immunize its activities from scrutiny under PIPEDA as a whole. The Act and the Charter provide other safeguards in this respect.

    4. The remedy sought by the Complainant has obvious implications for section 2(b) Charter rights and a conclusion that PIPEDA applies to commercial search engines may eventually raise other constitutional and policy questions. However, the rules of statutory interpretation do not permit the Court to preempt these debates by distorting the meaning of the Act’s application clause to exclude certain organizations from Canadian privacy regulation altogether. Appropriate and properly tailored constitutional remedies are available in the event that these concerns are well-founded in law and actually materialize.

    The reference is currently scheduled to be heard January 26-27. CIPPIC is being represented by Me Lex Gill from Trudel, Johnstone & Lespérance.

    Image Source: Learntek, "big-data-analytics", April 23, 2018, Flickr, CC-0 1.0

  • – 2020-03-13 –

    In partnership with our fellow Samuelson-Glushko Clinic at the University of Colorado, CIPPIC today submitted comments to the Office of the Privacy Commissioner regarding two of its proposals for reforming PIPEDA—Canada's federal private-sector privacy statute—to deal with the challenges posed by artificial intelligence. Our submissions on behalf of 25 privacy scholars from Canada, the United States, and Europe—led by Prof. Margot Kaminski of the University of Colorado and CIPPIC Director Vivek Krishnamurthy—respond to OPC's proposals to amend PIPEDA to “[p]rovide individuals with a right to explanation and increased transparency when they interact with, or are subject to, automated processing” (Proposal 4), and “[r]equire the application of Privacy by Design and Human Rights by Design in all phases of processing, including data collection” (Proposal 5).

    Specifically, our submissions suggest that a revised PIPEDA should include:

    1. An individual right to an explanation of an algorithmic decision with significant effects on individuals;

    2. Legal requirements for the application of Privacy and Human Rights by Design in all phases of data processing;

  • – 2019-02-14 –

    The Supreme Court of Canada today its decision in R v Jarvis, voyeurism case where a high school teacher used a pen cam to surreptitiously record multiple videos focused mainly of the chest and cleavage area of several female students and one female colleague.

    The majority of the Ontario Court of Appeal acquitted the defendant2017 ONCA 778, finding that while the photos were taken for a sexual purpose, the young women he targeted did not have a reasonable expectation of privacy in the school setting where the photos were taken, an essential element of the voyeurism offense.

  • – 2019-02-12 –

    The Supreme Court of Canada is set to release its decision on a much anticipated case addressing privacy, equality and sexual violence this Thursday, February 14, 2019.

    On the day of its release, the University of Ottawa’s Faculty of Law will host a discussion on the decision at 4:00 pm in Room 570, Fauteux Hall, 57 Louis-Pasteur Private. All are welcome to attend.

    On April 20, 2018 the Supreme Court heard R v Jarvis, SCC file number 37833 a voyeurism case where a high school teacher used a pen cam to surreptitiously record multiple videos focused mainly of the chest and cleavage area of several female students and one female colleague. Jarvis was acquitted at trial. The Court of Appeal upheld that acquittal in R v Jarvis, 2017 ONCA 778, finding that while the photos were taken for a sexual purpose, the young women he targeted did not have a reasonable expectation of privacy in the school setting where the photos were taken, an essential element of the voyeurism offence.

    The central question before the Supreme Court was when do people have a reasonable expectation of privacy? Is it only when they are shielded from public view? When they are dressed modestly? Or can privacy be understood in a more nuanced way?

  • – 2019-02-12 –

    CIPPIC has joined Mozilla, Access, Reporters Without Borders, and several other organizations in an open letter calling on Facebook to live up to its transparency promises. The letter calls out Facebook for blocking transparency tools employed by ProPublica, demanding that the platform provide API access to its promised political transparency tools.  As is now widely acknwoledged, Facebook and its various communications platforms have been leveraged by a wide range of political actors-both foreign and domestic-in their efforts to disrupt democratic processes in a number of jurisdictions around the world. Disinformation campaigns have become an instrumental force, evident in the UK's 'Vote Leave' referendum, the 2016 US Presidential elections, and the 2018 Brazilian elections which propelled far-right candidate Jair Bolsonaro to the presidency.

    Against this backdrop, Facebook has undertaken various efforts to address these challenges. This has included a third-party academic body empowered to provide select academic researchers with access to elements of its content under controlled conditions. Among these is a novel 'open advertisement' mechanism designed to let individuals see all advertisements sent by a single entity through its platform. This tool is designed in part to address so-called 'dark advertising', where political actors send highly individualized and micro-targeted messages to different people based on their data-intensive profiling. Currently, only intended recipients see any given advertisement, allowing political actors to send conflicting or even discriminatory messaging with relative impunity. The problem is that Facebook has refused to provide API access to its open advertising platform, making it functionally difficult if not impossible to conduct the type of meaningful analysis necessary to meet the challenges posed by its services to democratic processes. Not only has Facebook refused to provide API access, but it has actively blocked existing tools used by ProPublica to supplement the shortcomings of its own transparency mechanisms. Meanwhile, a recent CBC study, which leveraged Twitter's API-enabled political messaging transparency tool, analyzed over 9 million tweets to demonstrate significant foreign influence in Canadian discussions surrounding pipelines and immigration. With upcoming federal elections in 2019, Canada cannot afford to be complacent about this issue.

    UPDATE: Facebook has responded by committing to develop and roll out an open API for its political advertising archive. This positive step towards transparency has been met with cautious optimism.

    Image Source: Yomare, "Hand Puppet Snowman", May 22, 2015, Pixabay, Pixabay License

  • – 2018-11-27 –

    How do we measure bicycle traffic in a way that respects citizens' privacy? CIPPIC's team working on a Sidewalk Labs Small Grant presented its findings today. Great work, Keri Grieman, Johann Kwan and Stephanie Williams! Key findings on best practices:

    • Use technologies that limit the collection of personal information
    • Store data securely
    • Limit data collection to only that which is needed
    • Ensure that partners or contractors follow collection restrictions
    • Notify individuals that their data is being collected.
    • Install counting devices when creating a new space
    • Hide or mask sensitive locations
  • – 2018-10-18 –

    The Electronic Frontier Foundation (EFF) released a timely white paper this week examining the negative implications and chilling effects that various cybercrime provisions throughout the Americas can have on coder's rights and specifically on security researchers. Entitled "Protecting Security Researcher's Rights in the Americas", the analysis explores a range of cybercrime regimes nominally intended in principle to criminalize unauthorized access to or disruption of computer systems. However, these laws have been framed so broadly as to impose a serious chilling effect on vital activity of security researchers. Drawing on the Inter-American human rights framework (of which Canada is a partial adherent), some national jurisprudence, and principles of criminal law, the paper argues for cybercrime regimes that accommodate beneficial security work. There must be latitude for non-malicious security testing, for the dissemination of critical security tools and for the responsible publication of discovered security breaches.

    Sadly, current laws are framed so broadly that they have had a serious chilling effect on socially beneficial security work. Those who discover security breaches face severe legal threats and sometimes even criminal consequences for attempting to bring these to host organization's attention. The result is that security breaches are increasingly likely to remain unresolved until they are discovered by someone seeking to exploit, rather than to merely expose. The paper, to which CIPPIC provided substantive contributions, calls for clearer standards to remedy this situation.

  • – 2018-09-14 –

    The Supreme Court of Canada issued its ruling in Rogers Communications Inc v Voltage Pictures LLC, 2018 SCC 38, today, the latest installment in a long series of ongoing efforts by Voltage to establish a controversial mass copyright litigation model in Canada and the first decision to meaningfully interpret Canada's notice-and-notice regime. As CIPPIC argued in its intervention, which was ably prepared by our external counsel, Jeremy de Beer and Bram Abramson, the decision under appeal discouraged ISPs from conducting rigorous quality assurance checks necessary to reduce mis-identification of customers accused of copyright infringement. It also placed the cost burden of increasingly expansive copyright litigation models on customers of ISPs. All this, in turn, jeopardizes privacy rights of mis-identified customers; exposes innocent individuals to legal threats and costly lawsuits; raises Canada's Internet access fees (already amongst the highest in the world) even higher; and undermines competition by disproportionately impacting smaller ISPs who are less able to diffuse the costs of robust quality assurance.

    The ruling narrowed a prohibition, imposed by the Federal Court of Appeal, on any cost recovery for quality assurance protocols employed by ISPs when compelled to identify customers in the context of a copyright lawsuit. The court held that ISPs will be permitted to recover some (but not all) of these costs, sending the matter back to the Federal Court for determination of what specific quality assurance protocols are reasonable and non-duplicative. This, in turn, removes cost-based disincentives to adopt robust quality assurance protocols by ISPs.

    Image credit: smileycreek, "Don't Feed The Trolls", October 4, 2014, Flickr, CC-BY-NC-SA 2.0.