CIPPIC Testifies on Potential Implications of Trade Committments for Cross-Border Privacy Protection

| November 18, 2015

CIPPIC testified today before a special committee established by the BC Legislative Assembly in order to review the Freedom of Information and Protection of Privacy Act (FIPPA), the data protection statute regulating the British Columbia government's use of personal information. CIPPIC was specifically asked to provide expert testimony on recent trade commitments undertaken by the federal government in its adherence to the Trans-Pacific Partnership Agreement and, specifically, on potential implications of these commitments for cross-border privacy protections in FIPPA. Recent trade commitments adopted in the TPP could be used to challenge protections in BC FIPPA and specifically section 30.1, which was enacted to safeguard some BC citizen data against cross-border data export that would expose this data to expansive foreign state surveillance powers. While TPP measures could be used to challenge restrictions on foreign data storage implemented further to section 30.1, these restrictions could be justified if shown to be necessary to achieve a clearly articulated legitimate objective such as privacy protection.

CIPPIC's testimony highlighted the problems that arise where Canadian data crosses borders and is directly exposed to the limitless powers of foreign intelligence signals agencies. While Canada's own Communications Security Establishment (CSE) enjoys comparably unchecked powers that are insufficiently restrained in their impact on Canadian's privacy, Canadians enjoy some minimal protections when their own protections are caught in the web of its inherently foreign facing surveillance activities. Canadians enjoy no such protections when their data is exposed to other nations' foreign intelligence agencies, such as the US National Security Agency, which reportedly collects 100 million independent data points from US-based computer service providers in an average day. Data retained by the NSA includes highly sensitive information on individuals known not to be targets of any investigation. The ability to restrict some Canadian data from flowing abroad, while these agencies have expansive capabilities that could be used to harvest data from Canadian-based servers as well, preventing some types of Canadian data from flowing to the United States can render its acquisition by foreign agencies more difficult.

CIPPIC, "Trade Agreements: Recent and Upcoming Implications for BC FIPPA section 30.1", November 18, 2015, Oral Testimony, Legislative Assembly of British Columbia, Special Committee to Review the Freedom of Information and Protection of Privacy Act: