Monday, June 28, 2010
Monday, June 21, 2010
Below is my slide deck that I presented at the Privacy Commissioner's public consultation on cloud computing in Calgary on June 21, 2010.
Let me know in the comments or by e-mail if you have any problems with the slides.
Saturday, June 19, 2010
I've been honoured to be invited as one of the keynote speakers at the Privacy Commissioner's consumer consultations taking place in Calgary on Monday. I'm speaking on the topic of Cloud Computing. The full agenda is here.
The proceedings will be webcast: http://welcome2theshow.com.previewyoursite.com/priv2010/index_calgary.html, starting at 9:00 Mountain time. I think you'll be able to watch it later from the same address if you miss it the first time. Or you can watch it over and over again.
The roster of speakers is very impressive, including:
- Mr. Joseph H. Alhadeff, Vice President for Global Public Policy and Chief Privacy Officer, Oracle Corporation
- Mr. Shane Schick, Editor-in-Chief, ITWorldCanada (moderator)
- Mr. Declan McCullagh, Senior Correspondent, CBS News web site
- Mr. Brad Templeton, Director, Electronic Frontier Foundation
- Mr. Doug Jones, Cloud Computing Unit Executive, IBM Canada
- Mr. Daniel Koffler, Chief Technology Officer, Syntenic
- Dr. Andrew Patrick, IT Research Analyst, Office of the Privacy Commissioner of Canada (moderator)
- Mr. Scott Morrison, CTO, Layer 7 Technologies
- Dr. Tomas Sander, Research Scientist, HP Labs
- Mr. Brian O'Higgins, Consultant and Entrepreneur (Founder of Third Brigade), Assistant to the CTO, Trend Micro
- Dr. Thomas Keenan, Professor, University of Calgary
- Mr. Carman Baggaley, Senior Policy and Research Analyst, Office of the Privacy Commissioner of Canada (moderator)
- Ms. Kathryn Ratté, Senior Attorney, Division of Privacy and Identity Protection, Federal Trade Commission
- Mr. Mike Hintze, Associate General Counsel, Microsoft
- Mr. Adam Kardash, Partner, Heenan Blaikie
- Ms. Janet Lo, Legal Counsel, Public Interest Advocacy Centre
Coming soon, to a Toronto near you: the Office of the Privacy Commissioner.
A few weeks ago, at the annual Canadian get-together of the International Association of Privacy Professionals (incidentially, also in the middle of the universse), the Privacy Commissioner announced the opening of an office in Toronto to deal with investigations and outreach. This was prompted by the fact that half the respondents in complaints are based in the greater Toronto area.
I should also highlight that the office is being managed by Robin Gould-Soil, former CPO of TD Bank Group. This is good news.
Here's the official word: Announcement: Privacy Commissioner of Canada establishes Toronto office - June 18, 2010
What’s intrusive? is the title of my post yesterday at slaw.ca, about computer searches.
I was reading an interesting article in the Lawyer's Weekly today on the recent Supreme Court of Canada decision in R. v. Morelli,  SCC 8. In his article, "Reforming Search & Seizure" (sadly, not available online), Professor Benjamin Goold makes the following comment that I tripped over while reading:Although Justice Fish almost certainly went too far when he claimed that it is "difficult to imagine a search more intrusive, extensive or invasive of one's privacy than the search and seizure of a personal computer," the fact remains that such a search represents a serious infringement of an individual's right to be secure against unreasonable search and seizure under s. 8 of the Charter.
I have to say I'm with Justice Fish on this one. He didn't go too far in making that statement, and I'm glad to hear it.
A personal (emphasis on the "personal") computer is more than just a container of wires, chips and magnetic media. A huge amount of highly personal data resides on home computers. Think about what's on your personal computer. Probably years worth of e-mails, scanned documents, tax returns, photos, home videos. If a person already has a lawyer, the computer almost certainly contains privileged correspondence. Your browsing history shows what ailments you were looking into on WebMD . In this day and age, the personal computer has become the shoeboxes of photos on the shelf in a closet. It is the equivalent of the bundle of letters in a desk drawer. An order for the police to seize your computer is akin to an order that all of your family records should be taken.
In far too many cases, a pesonal computer is an instrument of criminality and horrible exploitation. I'm not suggesting they are sacred, only that Justice Fish is right. This case concerns the right of everyone in Canada, including the appellant, to be secure against unreasonable search and seizure. And it relates, more particularly, to the search and seizure of personal computers.
 It is difficult to imagine a search more intrusive, extensive, or invasive of one’s privacy than the search and seizure of a personal computer.
 First, police officers enter your home, take possession of your computer, and carry it off for examination in a place unknown and inaccessible to you. There, without supervision or constraint, they scour the entire contents of your hard drive: your emails sent and received; accompanying attachments; your personal notes and correspondence; your meetings and appointments; your medical and financial records; and all other saved documents that you have downloaded, copied, scanned, or created. The police scrutinize as well the electronic roadmap of your cybernetic peregrinations, where you have been and what you appear to have seen on the Internet — generally by design, but sometimes by accident.
These searches can be incredibly intrusive and those with a role to play in the justice system need to be reminded of that.
Wednesday, June 16, 2010
A friend passed along this interesting article to me, about a researcher who is looking into technology or methods to allow personal data to "fade" over time.
What is describes is similar what I understand most search engine companies currently do with their logs. After a fixed interval of time, the numeric IP address associated with the search is truncated so that "184.108.40.206" would become "111.2.3". More closely following the model put forward by Dr. van Heerde, a specific geographic signifier would be substituted, such as a neighbourhood. As time passes, that would be changed to city information or something more general. It is an interesting idea to keep information that is useful or relevant but that severs the connection to the individual.
BBC News - Fading data could improve privacy
Our digital footprint should be allowed to fade over time thinks researcher Privacy could be enhanced if data was allowed to fade, suggests research.
Dutch researcher Dr Harold van Heerde is looking into ways to gradually "degrade" the information that sites gather about visitors.
Slowly swapping details for more general information can help guard against accidental disclosure, he said.
"There are so many weak points in security that you can never be sure that your data is safe," said Dr van Heerde.
The research project carried out by Dr van Heerde from the Centre for Telematics and Information Technology (CTIT) at the University of Twente looked into ways to change the way databases manage information about users and customers.
The ability of those databases to gather information tempts companies and organisations to hoard information just in case it proves valuable, Dr van Heerde told BBC News.
The dangers of having data about us stored more or less permanently in many different places around the web have been proved many times when that information is leaked by accident or design, said Dr van Heerde.
"People make mistakes, people can be bribed," he said. "You cannot protect this data, you cannot be sure it's not been disclosed, privacy policies are simply too weak."
Instead of simply refusing to use services that gather data, Dr van Heerde believes it would be better for people to surrender data knowing that there was a policy that determined how it degraded over time.
At initial use to secure a transaction or get useful information from a search all relevant details might be stored. Subsequently details would slowly be swapped for more general information.
In the case of a location-specific search information about a user's exact GPS co-ordinates could be swapped for a street name, then a neighbourhood and then just a city.
"You can slowly replace details with a more general value," he said.
As well as limiting the impact of any disclosure, such a policy might also force companies to be more explicit about what data they gather and what they will use it for.
"In most cases there's no good reason for them storing data for so long," he said.
Thursday, June 10, 2010
Ontario Commissioner, Anne Cavoukian, has released a new paper on privacy and cloud computing. Here's a summary:
Modelling Cloud Computing Architecture Without Compromising Privacy: A Privacy by Design Approach
As the Internet has evolved, we have seen the emergence of “Cloud computing.” Organizations have begun to leverage the connectivity created by the Internet to optimize the utility of computing. Ever-cheaper and more powerful processing and storage capabilities are allowing data centres to act as viable, large scale central computing hubs. Simultaneously, increasing network bandwidth and reliable yet flexible network connections make it possible for clients – both individual and enterprise – to utilize high quality services which reside solely on these remote central hubs. These services will often include data storage (and real time access) or processing (by remote software and computing resources). This possibility, however, forces clients to re-think the data protection schemes developed for the point-A-to-point-B data flow.
Wednesday, June 09, 2010
Since my redline of the PIPEDA amendments seemed to be of interest to readers of the blog, I thought readers may also be interested to see what has changed between the anti-Spam bill that fell off the order paper last parliamentary session (the Electronic Commerce Protection Act or ECPA) and the new Bill C-28, also known as the Fighting Internet and Wireless Spam Act or FISA.
Here is a redline comparing the old ECPA to the new FISA, via Google docs.
Tuesday, June 08, 2010
The Privacy Commissioner of Canada has tabled her annual report for 2009 addressing PIPEDA. Here's the executive summary:
The dominant theme of our work in 2009 was the protection of privacy in an increasingly online, borderless world.
A case in point was the investigation that resulted in more public attention than any other in our Office’s history: Facebook.
The investigation was a huge undertaking for us because it was wide-ranging and the issues were incredibly complex and, in some aspects, highly technical. We were also dealing with a multinational organization based in the United States.
We expect that, as people continue to spend more time online, we will see a growing number of complaints about online organizations. And, with the digital world erasing the borders between countries, more complaints will be about organizations outside Canada.
Data without Borders
We live in a world in which global data flows have become multipoint and multidirectional.
These streams of personal information circling the globe are only going to increase as more individuals take advantage of information and communication technologies.
There are currently some 1.5 billion Internet users. A billion more people are expected to join the online world in the next 10 years, with many of the new users coming from countries such as China, India and Brazil.
The need for a global privacy standard is clear, given global data flows and ubiquitous communication and information technologies. In our interconnected world, we need to take a co-operative approach to protecting personal information.
In 2009, our Office worked with several organizations and initiatives to develop a global privacy solution, including the Organisation for Economic Cooperation and Development, Asia-Pacific Economic Cooperation, International Conference of Data Protection Commissioners and the International Organization for Standardization.
Responding to Canadians
One of the most important ways we serve Canadians is through our inquiries service and investigations branch.
In 2009, we handled 5,095 new inquiries about issues that fall under PIPEDA. These calls and letters dealt with everything from how to ask an organization for access to personal information to whether a particular company has the right to collect a digital fingerprint.
We find that more people are turning to our website when they are seeking information about privacy issues. In 2009, we developed many materials and tools for our website, including complaint and data breach reporting forms and numerous fact sheets and guidance documents for business.
Our Office received 231 new PIPEDA-related complaints for investigation in 2009 – a drop from the 422 we received the previous year.
Part of this decrease is explained by the fact that we are encouraging people to try to resolve issues directly with organizations before they make an official complaint. We’re finding that many problems can be dealt with quickly – and in a way that is satisfactory to would-be complainants.
Our investigations dealt with a wide range of issues, including the online collection and use of personal information; covert surveillance by private investigation firms; workplace surveillance, such as the use of video cameras and location-tracking devices, and the collection of driver’s licence information by retailers.
We closed 587 complaints in 2009, a significant increase compared with 412 the previous year. Our concerted effort to eliminate a backlog of complaints was successful, and this will allow us to complete future investigations far more quickly.
We were pleased that many private-sector organizations voluntarily reported data breaches to our Office. We received 58 breach reports in 2009. That was fewer than the previous year, when a large number of mortgage brokers reported breaches to us.
Protecting Privacy in a Changing Environment
We continued to stress the need to ensure that laws keep up with changing threats to privacy.
We welcomed the adoption of legislation to combat identity theft through amendments to the Criminal Code.
Important legislation aimed at fighting electronic spam, the Electronic Commerce Protection Act, was also introduced and we hope it will be passed into law in the near future. Canada is currently the only G-8 country without anti-spam legislation.
That bill also included legislative amendments that would increase our Office’s ability to share information about spam and other privacy issues with provincial and foreign counterparts who enforce laws similar to PIPEDA. It would also provide the Commissioner with greater discretion to accept complaints or discontinue investigations.
New technologies sometimes put privacy laws to the test – and this was the case in 2009 as well. Social networking sites and online street-level imaging applications, for example, highlighted new ways of collecting and using personal information.
We found that PIPEDA – a technology-neutral and principles-based law – appears to be flexible enough to guide commercial uses of new technology.
While we addressed privacy concerns in social networking as part of our investigative work, we dealt proactively with our concerns about street-level imaging during a series of discussions with Google Street View and Canpages. These discussions resulted in improved privacy protection on both websites.
We also did extensive work on the issue of deep packet inspection – both as part of an in-depth investigation and submissions to the Canadian Radio-television and Telecommunications Commission (CRTC). As well, we created a website showcasing a series of essays on deep packet inspection by leading academics and professionals working in telecommunications, law, privacy, civil liberties and computer science. The project grew out of our desire to better understand a technology that can be a tool for network traffic management, behavioural advertising, and law enforcement. We hope it will promote discussion about the privacy implications of deep packet inspection.