Friday, March 10, 2017

Privacy and the use of census information for population health research

Professor Teresa Scassa has a very interesting comment on her blog about a recent case from the Federal Court of Canada, O’Grady v. Canada (Attorney General), 2017 FC 167. Her comment is here: Recent Federal Court Decision Examines Privacy and the Census.

The case itself is a judicial review of a decision of the Chief of Statistics to enter into an agreement with McGill University’s Faculty of Medicine to conduct a study examining perinatal outcomes in Canada. This sort of research collaboration and data matching happens all the time, but seldom is it objected-to and the discussions do not often end up in front of the courts.

The context, from the decision:

[3] In 2011, Statistics Canada and McGill entered into a Letter of Agreement to conduct a study that would assess infant mortality and newborn health by examining perinatal outcomes in Canada according to risk factors related to socioeconomic position, ethno-cultural background, and environmental exposure [Study]. In connection with the Study, record linkages were used to link information from the national birth record database and the 1996 and 2006 censuses. In order to minimize the privacy intrusion, the record linkages were performed in accordance with s 6 of the Statistics Act, RSC 1985, c S-19 [Statistics Act] by Statistics Canada employees, or deemed employees, and the composite records were stripped of direct personal identifiers before they were made accessible to McGill. The composite records were also restricted to Statistics Canada’s premises. Additionally, the usage of the record linkages was publicly posted on the Statistics Canada website.

The applicant complained to the Privacy Commissioner of Canada, who concluded that the applicant's personal information had not been improperly used.

[7] The Privacy Commissioner agreed that the Applicant’s census information met the definition of personal information, as defined by s 3 of the Statistics Act. Additionally, the Privacy Commissioner found that usage of census information in the Study was beyond the scope of the purposes for which it was collected, which is prohibited under s 7 of the Statistics Act. However, there was no evidence to suggest that the Applicant’s information had actually been used in the Study as her information had been excluded. Furthermore, even if the Applicant’s information had been used, Statistics Canada had the authority to do so under the Statistics Act. Consequently, the Privacy Commissioner found that the Applicant’s complaint was not well-founded.

The Court, in reviewing the decision by the Chief of Statistics, found that it was lawful as the use of the census data in this manner is consistent with the purpose for which it was originally collected.

[68] There is no doubt that census information is personal information, so the issue in this case is whether it was used “for a use consistent” with the “purpose for which it was obtained or complied….”

[69] The Supreme Court of Canada set out the “consistent use” test in Bernard, above:

[31] A use need not be identical to the purpose for which information was obtained in order to fall under s. 8(2) (a) of the Privacy Act; it must only be consistent with that purpose. As the Federal Court of Appeal held, there need only be a sufficiently direct connection between the purpose and the proposed use, such that an employee would reasonably expect that the information could be used in the manner proposed.

(emphasis in original)

[70] It is clear that Statistics Canada could not have contemplated the Study at the time of either the 1996 census or the 2006 census. Hence, the information collected by those censuses was not obtained specifically for the Study. However, the purpose of the Study is to compile and analyse statistics related to the health and welfare of Canadians, so that it complies with the purpose of the censuses and with Statistics Canada’s mandate.

The application was dismissed, but the Court noted it was premature overall:

[86] The real problem with this application is that it is premature. The Study has not yet been released or used. The Applicant speculates that personal information will be used and disclosed, but has produced no convincing evidence to support that position. Whatever I have said in this application, which is based solely upon the record before me, should not prevent anyone whose personal information is inappropriately used or disclosed from bringing the matter before the Court in the future.

Friday, February 10, 2017

Nova Scotia Appeals Court: No privacy and defamation double-dip damages

The Nova Scotia Court of Appeal, in Marson v Nova Scotia, 2017 NSCA 17 has affirmed the decision of the NS Supreme Court, which found that you don't get to double-dip on damages if essentially the same is grounded in invasion of privacy and defamation. The unanimous Court reasoned:

[27] The trial judge was alive to the potential to award damages for “Breach of Privacy/Intrusion upon seclusion”. She discussed the issue of whether there was any need to rely upon an Ontario case, Jones v. Tsige, 2012 ONCA 32 (CanLII), which recognized the tort of intrusion upon seclusion. In Jones the Court made an award based on the tort of invasion of privacy, or intrusion upon seclusion. That case referenced the fact that one who intentionally intrudes upon the seclusion of another in his private affairs is subject to liability for invasion of privacy if the invasion would be highly offensive to a reasonable person. A reasonable person, in the context of that tort, would find it highly offensive to have records such as health records, or in the context of the present case, confidential policing/corrections information disseminated.

[28] The Jones case made it clear that the damages for such a tort were in the category of “symbolic” or “moral” damages where a plaintiff suffered no provable pecuniary loss. Here, the trial judge correctly pointed out that while in Trout Point Lodge Ltd. v. Handshoe, 2012 NSSC 245 (CanLII) it was made clear that the court could award damages for a tort of intrusion upon seclusion, it was not necessary in the present case. She said:

175 … I do not need to undertake that analysis. The actions complained of under this heading are, essentially, the same actions underpinning the defamation claim, for which I have already awarded complete damages. The factors noted in par. 87 of Jones have already been considered in that award. It would be inappropriate to make further awards. …

[29] I agree with the trial judge’s approach on this issue. The approach argued by the appellant would have resulted in double recovery for the same delict. The trial judge’s comments make it clear that the intrusion of seclusion was subsumed within the other heads of damages.

A claim can be both rooted in privacy and defamation, but your compensation is for the harm itself and not multiplied by the different torts you can claim.

Tuesday, February 07, 2017

Did the Canadian Federal Court take the first step to a "right to be forgotten" with a global take-down order?

This past week, the Federal Court of Canada released a very interesting decision in A.T. v., 2017 FC 114, which seems to be the first step towards a Canadian "right to be forgotten". (You may recall that I generally don't think such a right exists in Canada (You'd better forget the right to be forgotten in Canada). The decision includes an order that purports to tell a non-Canadian what information can be published on the internet globally.

The decision is generally unsatisfying in a number of ways. But first here's the background: The Applicant, identified only as A.T., registered a complaint with the Privacy Commissioner of Canada that a Romanian website was hosting and making available an Alberta Labour Board decision that he did not want to be associated with. An internet search of his name would turn up this decision, hosted by Globe24h. He wanted it taken down. The Office of the Privacy Commissioner of Canada (OPC) had previously investigated a number of complaints against the outfit and issued a finding. Essentially, the OPC had found that the site scraped decisions from Canadian legal, courts and tribunal websites and made them searchable on the internet. Most of these tribunals and courts made these records available online, but restricted them from being indexed and fully searchable. The business model of the site seems to be that they will promptly take down decisions -- presumably those not favourable to individuals -- if the individual paid a processing fee. The OPC had found this was a violation of Canada's Personal Information Protection and Electronic Documents Act.

In the case before the Federal Court, only the complainant and the OPC appeared. As a result, the record is one-sided and there was not a complete, adversarial analysis of all the issues to be considered. Our legal system is premised upon having opposing sides present their best arguments and best evidence before a Court. This decision only includes one side and no interveners who may have helped the court get a more balanced view. It does appear that the Court generally accepted the arguments put forward by the OPC, including hearsay related to the dialogue that OPC had with Globe24h (but which it declined to have with the Court).

The Court relied on, among other authorities, the Equustek v. Google decision from the British Columbia Court of Appeal, which was appealed to the Supreme Court of Canada and for which a decision is pending, to support its ability to issue a mandatory order against an entity with no presence in Canada. This decision may be reversed.

Secondly, because there was nobody to present the other side, there was no discussion about the impact of freedom of expression or the right to information on the case. The Court concluded that because the original case was available online, but not indexed, removing it from Globe24h would not have any real impact. And because the site's purpose was concluded to be mostly mercenary, it could not take advantage of the exclusion given to exclusively journalistic reports. In fact, the Court determined that the website's approach was not "appropriate" for the purposes of s. 5(3) of PIPEDA, which reads:

Appropriate purposes

(3) An organization may collect, use or disclose personal information only for purposes that a reasonable person would consider are appropriate in the circumstances.

Here's the judge's reasoning on that point:

[75] I agree with the OPCC that a reasonable person would not consider the respondent to have a bona fide business interest. In making this argument, the Commissioner relies on the Canadian Judicial Council’s (CJC) Model Policy for Access to Court Records in Canada (Model Policy) and the OPCC’s own guidance document to federal administrative tribunals. The CJC Model Policy discourages decisions that are published online to be indexed by search engines as this would prevent information from being available when the purpose of the search is not to find court records. The policy recognizes that a balance must be struck between the open courts principle and increasing online access to court records where the privacy and security of participants in judicial proceedings will be at issue.

[76] The CJC has struck a balance by advising courts to prevent judgments from being discovered unintentionally through search engines. To this end, the CJC has recommended that judgments published online should not be indexed by search engines. The OPCC notes that CanLII and other court and tribunal websites generally follow the CJC’s Model Policy and prevent their decisions from being indexed by search engines through web robot exclusion protocols and other means. Indeed, the Federal Court has taken such measures to prevent our decisions from being indexed. That does not bar anyone from visiting the Federal Court website and conducting a name search. But it does prevent the cases from being listed in a casual web search. The respondent’s actions result in needless exposure of sensitive personal information of participants in the justice system via search engines.

The Court agreed with the OPC's submissions that the "journalism" exception doesn't apply in the case either. In doing so, the Court followed the reasoning of the Alberta Court of Appeal in United Food and Commercial Workers, Local 401 v Alberta (Attorney General), 2012 ABCA 130, which was affirmed on other grounds by the Supreme Court of Canada in 2013 SCC 62.

[67] The respondent has claimed in communications with the OPCC that his purposes in operating should be considered exclusively journalistic. Should the Court accept that claim, Part 1 of PIPEDA does not apply to his activities because the personal information collected, used or disclosed falls under the exception provided by paragraph 4(2)(c) of PIPEDA.

[68] The “journalistic” purpose exception is not defined in PIPEDA and it has not received substantive treatment in the jurisprudence. The OPCC submits that the Canadian Association of Journalists has suggested that an activity should qualify as journalism only where its purpose is to (1) inform the community on issues the community values, (2) it involves an element of original production, and (3) it involves a “self-conscious discipline calculated to provide an accurate and fair description of facts, opinion and debate at play within a situation ”. Those criteria appear to be a reasonable framework for defining the exception. None of them would apply to what the respondent has done.

[69] The Alberta Court of Appeal interpreted similar statutory language in Alberta’s Personal Information Protection Act, SA 2003, c P-6.5: United Food and Commercial Workers, Local 401 v Alberta (Attorney General), 2012 ABCA 130 (CanLII), [2012] AJ No 427, aff’d 2013 SCC 62 (CanLII), [2013] 3 SCR 733 [United Food]. Specifically, in considering the adjective “journalistic”, the Court of Appeal noted that “it is unreasonable to think that the Legislature intended it to be so wide as to encompass everything within the phrase “freedom of opinion and expression””: United Food, above, at para 56. Further, the Court noted that “[n]ot every piece of information posted on the Internet qualifies [as journalism]”: United Food, above, at para 59.

[70] In my view, the respondent’s claimed purpose “to make law accessible for free on the Internet” on cannot be considered “journalistic”. In this instance, there is no need to republish the decisions to make them accessible as they are already available on Canadian websites for free. The respondent adds no value to the publication by way of commentary, additional information or analysis. He exploits the content by demanding payment for its removal.

[71] The evidence indicates that the respondent’s primary purpose is to incentivize individuals to pay to have their personal information removed from the website. A secondary purpose, until very recently, was to generate advertising revenue by driving traffic to his website through the increased exposure of personal information in search engines. There is no evidence that the respondent’s intention is to inform the public on matters of public interest.

[72] Even if the respondent’s activities could be considered journalistic in part, the exemption under paragraph 4(2)(c) only applies where the information is collected, used or disclosed exclusively for journalistic purposes. It is clear from the record that’s purposes extend beyond journalism.

While this case is very interesting and the first in Canada to approach a "right to be forgotten", I would caution against assuming that it is a strong precedent for Canadian law. Unfortunately, it appears all the argument and evidence was one-sided. The case raises some very interesting, very important and nuanced issues. We really would have benefited from a full presentation of all arguable positions, particularly those related to freedom of expression and the appropriateness of global takedown orders.

Here's the final order from the Court:


1. It is declared that the Respondent, Sebastian Radulescu, contravened the Personal Information Protection and Electronics Documents Act, SC 2000, c 5 by collecting, using and disclosing on his website, (“”), personal information contained in Canadian court and tribunal decisions for inappropriate purposes and without the consent of the individuals concerned;

2. The Respondent, Sebastian Radulescu, shall remove all Canadian court and tribunal decisions containing personal information from and take the necessary steps to remove these decisions from search engines caches;

3. The Respondent, Sebastian Radulescu, shall refrain from further copying and republishing Canadian court and tribunal decisions containing personal information in a manner that contravenes the Personal Information and Electronic Documents Act, SC 2000, c 5;

a) The Respondent, Sebastian Radulescu, shall pay the Applicant damages in the amount of $5000;

b) The Applicant is awarded costs in the amount of $300; and

c) The style of cause is amended to substitute the initials “A.T.” for the name of the applicant.

Thursday, February 02, 2017

My testimony on the Security of Canada Information Sharing Act

Earlier this week, I was invited to testify before the House of Commons Standing Committee on Access to Information, Privacy and Ethics as part of their study of the Security of Canada Information Sharing Act (here's the notice of meeting: House of Commons Committees - ETHI (42-1) - Notice of Meeting - Number 042 (Official Version)).

The Act is one of the more problematic portions of the Anti-terrorism Act of 2015, which was passed by the previous government. The new government has said they'd fix it, but it it unclear what they would fix.

I was pleased to testify alongside Laura Tribe of OpenMedia and David Elder, who spoke on behalf of the Canadian Bar Association Privacy and Access Law Section.

The audio of the full session is here, and below is my opening statement:

Thank you to the committee and to the chair for the opportunity to speak with you today about this very important subject.

If I may introduce myself: I am a privacy lawyer practicing with McInnes Cooper in Halifax. I’ve been practicing law in this area for more than fifteen years and I have had the benefit of advising clients on a full range of privacy, access to information and technology issues for that time. I work with clients who regularly have contact with the police and with national security authorities looking for information, both through regular lawful channels and -- shall we say -- informal channels.

I am here in my personal capacity, so I am not speaking for any of my clients, any associations that I am a member of nor on behalf of my firm.

This committee has a very important opportunity and I think we are at a turning point in global history. We have the chance, right now, to take a deep breath, take a step back and ask some very important questions. Who are we as Canadians and what do we want to be? What kind of country do we want to live in and are we taking positive steps to make it happen?

Looking south of the border, I am very mindful of a phrase I first heard said by William Binnie after he left the National Security Agency. He was afraid that what he was being asked to create within that organization was “turnkey totalitarianism”. If you build an intrusive tool for the most benevolent institution, you can have faith in the people you build it for but you can’t be sure that it will not fall into the wrong hands. Setting aside the cynicism I have developed over the last dozen years, even if you absolutely believe what the leaders of our national security and policing agencies say to you, you can’t be sure that their replacements will have the same good faith and concern about the rights of citizens. You can’t be sure about the good faith and commitment to Canadian values of the next prime minister. The new US administration has at its disposal the most significant surveillance apparatus ever assembled, and it’s being built with Canadian collaboration. This committee needs to look at the “here and now”, but also has to be looking over the horizon for what may come next. The Anti-Terrorism Act of 2001 and the Anti-Terrorism Act of 2015 are the foundation that massive abuse of Canadians’ rights may be built on.

We also need to look at whether any of this is really necessary or proportional. Look at what we have here and what is going on. On one hand, we’ve seen that CSIS, with the assistance of the Department of Justice lawyers, has lied to courts in order to feed CSIS’ databases.

And we’ve also seen that CSIS has refused to delete the information they unlawfully retain.

And we’ve most recently seen that CSIS has been working to try to justify their data mining practices and has been looking for more data to put into that data base.

And, on the other hand, we have the Security of Canada Information Sharing Act, which is a privacy disaster. The privacy of Canadians was previously protected by information silos. You knew that information about your Canada Pension Plan or EI claims would not be used for another purpose unless the (relatively weak) hurdles built into the Privacy Act were complied with or unless a judge determined it was appropriate in those circumstances. Now we have a system where CSIS can ask any government department for virtually any data (as long as they think it is relevant), can get it and it’s no longer covered by the same protection of the originating institution.

They may think “people who visit bad guys are probably bad guys, so let’s get all the visitor logs from Corrections Canada”. Then “let’s match that up against Canada Border Services records of people leaving and returning to Canada.” And why not “all the records of people receiving EI?” And then everyone’s tax returns to see who has donated to muslim charities? This law would allow CSIS or the RCMP to collect, in one massive database, all the information that every other government department has about you.

SCISA does not contain any limit on what organizations like CSIS or the RCMP can do once they build these databases.

There is NO limit on how much information can be transferred between any government department and any of those institutions listed in the schedule to the Act. And all of this happens in the shadows. As parliamentarians, all you get to know are the evasive non-answers given to you. There is no oversight and no accountability. This is essentially a blank cheque giving national security agencies access some of the most sensitive information about Canadians. This is a real problem and the Act should be repealed.

I would also highlight that the presence of s. 9 should raise a red flag: “9 No civil proceedings lie against any person for their disclosure in good faith of information under this Act.” If a statute has to provide immunity for otherwise unlawful conduct, we should be very careful about authorizing that conduct and should be very careful about granting that immunity.

I look forward to your questions.