Saturday, May 31, 2008

Canadian Internet Policy and Public Interest Clinic files complaint with the Privacy Commissioner about Facebook

The Canadian Internet Policy and Public Interest Clinic (CIPPIC) - Canadian Internet Policy and Public Interest Clinic (CIPPIC) has filed a 35 page complaint with the Privacy Commissioner of Canada, alleging that Facebook violates the Personal Information Protection and Electronic Documents Act in at least eleven ways.

I just gave a presentation in Toronto on privacy and social networking sites. Social networking is very interesting and problematic from a privacy point of view. Unlike other online services, social networking sites are all about the collection, use and ultimate disclosure of personal information. Also, unlike other online services, it is the users (who sign up) who want their information to be disclosed. They want to know what their friends are up to and they want to reciprocate by providing this information to their friends and others. It can be fun and very useful for things like organizing parties, keeeping in touch and (as I've found out by reconnecting with most of my friends from grade 8) reconnecting with people with whom you've lost touch. The key, from a privacy point of view, is making sure that the users are aware of what happens with their information and are given maximum control over how that information is used.

Being on the leading edge of this social networking revolution, Facebook has had its share of privacy blunders. Legions of its users freaked out when the company rolled out the "mini feed" without adequate notice, but now most users find this to be one of the greatest features. Similarly, the Beacon advertising service caused a huge uproar when introduced. Again, this was done without giving people adequate notice and in both cases they were introduced on an opt-out basis without the default being privacy protective.

The main issue, in my view, for social networking sites is to be clear to users about how their information is used and disclosed and to give users maximum control over that use and disclosure. As a Facebook user myself, I think that they've done a good job of providing users with tools to control use and disclosure, but have fallen down on the job of educating their users and by taking an opt-out position on most of the privacy settings.

I will be very interested to see how the Privacy Commissioner deals with the complaint. The Commissioner has already published information about social networking and privacy, so has certainly had an opportunity to consider many of these issues. Stay tuned to hear how it turns out.

Here's the detailed summary of the complaint:

Summary of PIPEDA Complaint

To summarize, we submit that Facebook is in violation of the following PIPEDA provisions in the following regards:

Principle 4.2 – Identifying Purposes:

Principle 4.2.2

Principle 4.2.2 requires that an “organization identify the purpose for which personal information is collected at or before the time of collection” and that an “organization collect only the information necessary for the purposes that have been identified.”

  • Facebook allows third party application developers to access User information that is beyond what is necessary to operate their applications.

Principle 4.2.3

Principle 4.2.3 sets out that “the identified purposes should be specified at or before the time of collection to the individual from whom the personal information is collected.”

  • Facebook does not precisely identify why Users’ information is collected from other sources.

Principle 4.2.4

Principle 4.2.4 sets out that “when personal information that has been collected is to be used for a purpose not previously identified, the new purpose shall be identified prior to use. Unless the new purpose is required by law, the consent of the individual is required before information can be used for that purpose.”

  • Facebook reserves the right to modify or add to its Terms of Use without notice.
  • Facebook retains deceased Users’ profile for memorial reasons, a new purpose.

Principle 4.2.5

Principle 4.2.5 recommends that information collectors “should be able to explain to individuals the purpose for which the information is being collected.”

  • Facebook does not explain to Users why third party application developers need access to all their User information.

Principle 4.3 – Consent:

Principle 4.3.1

Principle 4.3.1 sets out that “consent is required for the collection of personal information and the subsequent use or disclosure of this information.”

  • Facebook does not obtain the consent of non-Users to collect their information from Users, to share their information with other Users, and to retain their information.

Principle 4.3.2

Principle 4.3.2 sets out that “organizations shall make a reasonable effort to ensure that the individual is advised of the purposes for which the information will be used” and that meaningful consent requires that “the purposes must be stated in such a way that the individual can reasonably understand how the information will be used or disclosed”.

  • Facebook does not make a reasonable effort to ensure that Users are advised of:
    • The purposes for which their dates of birth will be used;
    • The purpose of using User information for Social Ads;
    • All the types of information that are shared with third party application developers, including Friends’ information; and
    • The purpose behind retaining information of Users who have deactivated their accounts.

Principle 4.3.3

Principle 4.3.3 sets out that “an organization shall not, as a condition of the supply of a product or service, require an individual to consent to the collection, use, or disclosure of information beyond that required to fulfill the explicitly specified and legitimate purposes.”

  • Facebook requires Users, as a condition of use of its service, to:
    • Provide their dates of birth despite that its purpose for doing so is not explicitly specified; and
    • Participate in one variation of Social Ads despite that this activity is beyond that required to fulfill Facebook’s explicitly specified and legitimate purpose of social networking.
  • Facebook requires Users, as a condition to use of third party platforms, to:
    • Share personal information with third party application developers that is beyond what is required to fulfill the purposes of the applications.
    • Facebook retains non-Users’ email addresses for purposes beyond sending them an email to invite them to Facebook.

Principle 4.3.6

Principle 4.3.6 sets out that “an organization should generally seek express consent when the information is likely to be considered sensitive.”

  • Facebook does not obtain express consent to share sensitive information in the following ways:
    • Users’ information with other Users in joined Networks;
    • Users’ photo albums and associated comments with everyone;
    • Users’ name and picture searchable to everyone;
    • Users’ information with third party application developers and with third party advertisers;
    • Non-User’s information, including photographs, with Users; and
    • To retain Users’ information after they deactivate their accounts.

Principle 4.3.8

Principle 4.3.8 sets out that “An individual may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice.”

  • Facebook does not permit active Users to withdraw consent from the Social Ads that are displayed in the left hand “Ad Space” of their Profiles.
  • Facebook does not inform Users who withdraw consent to share their personal information with third party application developers that all their applications will be lost.
And CIPPIC's media release:
CIPPIC files privacy complaint against Facebook

The Canadian Internet Policy and Public Interest Clinic (CIPPIC), based at the University of Ottawa, Faculty of Law, has asked the Privacy Commissioner of Canada to investigate alleged violations of Canadian privacy law by the popular social networking site, Facebook. CIPPIC’s 35-page complaint alleges 22 separate violations by Facebook, including its failure to inform Facebook members of how their personal information is disclosed to third parties for advertising and other profit-making activities and its failure to obtain permission from Facebook members to such uses and disclosures of their personal information.

A team of law students, some of whom are dedicated Facebook users, analysed the company’s policies and practices as part of a clinic course this past winter and identified specific practices that appear to violate the Canadian Personal Information Protection and Electronic Documents Act (“PIPEDA”).

“Social networking online is growing phenomenon,” said Clinic Director Philippa Lawson. “It is proving to be a tremendous tool for community-building and social change, but at the same time, a minefield of privacy invasion. We chose to focus on Facebook because it is the most popular social networking site in Canada and because it appeals to young teens who may not appreciate the risks involved in exposing their personal details online.”

Facebook has more than seven million Canadian members, with more joining every day. This makes Canada the third largest user base, after the U.S.A. and the U.K.

“Facebook purports to provide users with a high level of control over their data,” said Harley Finkelstein, one of the law students who lodged the complaint. “But our investigation found that this is not entirely true – for example, even if you select the strongest privacy settings, your information may be shared more widely if your Facebook Friends have lower privacy settings.

As well, if you add a third party application offered on Facebook, you have no choice but to let the application developer access all your information even if they don’t need it”.

Jordan Plener, another law student who worked on the complaint, noted that “although Facebook has taken steps to allow for more control over sharing one’s information on the site, its default settings are for sharing in most cases. Changing those settings requires a high level of aptitude and experience with the site. We believe that many Facebook Users, especially young people, don’t appreciate the extent to which their often sensitive personal information is being shared beyond their social circle.”

“We're concerned that Facebook is deceiving its users,” said Lisa Feinberg, another law student behind the Complaint. “Facebook promotes itself as a social utility, but it's also involved in commercial activities like targeted advertising. Facebook users need to know that when they're signing up to Facebook, they're signing up to share their information with advertisers.” Under PIPEDA, the Privacy Commissioner has up to a year to investigate and render her findings on the complaint.

Friday, May 30, 2008

IRS employee charged after snooping through stars' returns and records

The Smoking Gun is reporting that an IRS employee is being charged with a misdemeanor offence after having been found to have looked at hundreds of celebrities records "out of curiosity".

IRS Worker Snooped On Stars - May 30, 2008

MAY 30--An Internal Revenue Service employee snooped on the tax records of about 200 celebrities and athletes, confessing to investigators that he accessed the confidential material out of "curiosity." John Snyder, a 56-year-old tax examiner from Cincinnati, was named this month in a misdemeanor criminal complaint charging him with accessing the computerized accounts of "at least 202 taxpayers," almost all of which were Hollywood figures, sports stars, and "well-known Cincinnati-area individuals." According to the U.S. District Court complaint, a copy of which you'll find below, Snyder used the agency's Integrated Data Retrieval System to examine the accounts of stars like Alec Baldwin, Kevin Bacon, Portia De Rossi, Chevy Chase, Vanna White, Sally Field, Penny Marshall, John Cleese, and the directors Joel and Ethan Coen. According to the complaint, when confronted by federal investigators, "Snyder confessed to making the...unauthorized accesses, stating that he did so out of curiosity." (3 pages)

Thursday, May 29, 2008

Hands off my laptop

The Canadian Press and CanWest are reporting that the Canadian government is seriously considering implementing an Anti-counterfeiting law that would, among other things, permit ex parte searches for allegedly infringing materials. This raises the spectre of customs and border enforcement authorities searching laptops, ipods and other electronic devices.

Copyright deal could toughen rules governing info on iPods, computers

....The deal would create a international regulator that could turn border guards and other public security personnel into copyright police. The security officials would be charged with checking laptops, iPods and even cellular phones for content that "infringes" on copyright laws, such as ripped CDs and movies.

The guards would also be responsible for determining what is infringing content and what is not.

The agreement proposes any content that may have been copied from a DVD or digital video recorder would be open for scrutiny by officials -- even if the content was copied legally.

"If Hollywood could order intellectual property laws for Christmas what would they look like? This is pretty close," said David Fewer, staff counsel at the University of Ottawa's Canadian Internet Policy and Public Interest Clinic. "The process on ACTA so far has been cloak and dagger. This certainly raises concerns." ...

In light of the private copying exception that is in the current Copyright Act, I can't imagine that a border guard has any ability to determine whether an MP3 is "infringing".

Monday, May 26, 2008

Upcoming dot-ca whois privacy irks law enforcement

Upcoming changes to the Dot-CA domain name directory, which are designed to protect the privacy of registrants, are causing concerns among police and IP lawyers who have used the directory as a very easy way to track down the owners of dot-ca domain names:

Nova Scotia News -

Move to protect Canadians’ Internet privacy irks police


The Canadian PressSun. May 25 - 4:31 AM

VANCOUVER — Sweeping changes to Canada’s home on the World Wide Web will put the country on the vanguard of Internet privacy.

But while law enforcement isn’t happy about potentially losing an important investigative tool, the half-million Canadians whose personal information is currently publicly available on the Internet shouldn’t rest easy that they are safe from wired snoops....

Saturday, May 24, 2008

NYPD's new eyes in the sky

The New York Police Department is proud of its new surveillance helicopter, which is said to be the most advanced of any police department in the country. It's unmarked and the pilots pride themselves on being able to observe people who "don't even know we're here." See: Police take crime fighting to new heights - Crime & courts-

Friday, May 23, 2008

Commissioner launches book to assist with privacy law compliance

The Federal Privacy Commissioner of Canada has today launched a new book, available online, to assist businesses in complying with PIPEDA. Here's the news release:

News Release: New book launched to help businesses comply with privacy law (May 23, 2008) - Privacy Commissioner of Canada

New book launched to help businesses comply with privacy law

TORONTO, May 23, 2008 – The Office of the Privacy Commissioner of Canada (OPC) today launched a new book to help businesses comply with the Personal Information Protection and Electronic Documents Act (PIPEDA), the federal private sector privacy law. Leading by Example: Key Developments in the First Seven Years of PIPEDA was unveiled at a three-day summit organized by the International Association of Privacy Professionals.

Leading by Example shares insights gained since PIPEDA came into force in 2000 by highlighting some of the leading case findings on a number of important issues, including emerging technologies, data breaches and security measures.

“Hundreds of our findings and numerous judicial decisions together form an essential body of recommendations and case law,” says Assistant Commissioner Elizabeth Denham. “This new tool will help businesses comply with PIPEDA and improve their privacy practices.”

Leading by Example, as well as case summaries of some of the Commissioner’s findings, are available online at Privacy Commissioner of Canada is mandated by Parliament to act as an ombudsman, advocate and guardian of privacy and the protection of personal information rights of Canadians.

Thursday, May 22, 2008

Ontario Commissioner releases 2007 annual report

The Information and Privacy Commissioner of Ontario tabled her Annual Report 2007 this past week. Apparently it was a good year:

IPC - Office of the Information and Privacy Commissioner/Ontario Major advances made in Access and Privacy, says Commissioner Ann Cavoukian

Major advances made in Access and Privacy, says Commissioner Ann Cavoukian

Court rulings, key decisions by her office and other developments all helped to make 2007 a year of significant progress in advancing both freedom of information and protection of privacy, Ontario Information and Privacy Commissioner Ann Cavoukian said today, as she released her 2007 Annual Report.

“I have never felt as positive about the future of privacy in Ontario as I do right now,” said the Commissioner. “And there have been some very important advances related to access to government-held information.”


Among the positive developments she cites related to privacy protection:

  • A key court ruling and subsequent ground-breaking order the Commissioner issued that addressed the same core issue – that the collection of extensive personal information from individuals whose only wish was to sell one or more second-hand items to a used-goods store should not end up in police files.
  • In July, the Ontario Court of Appeal struck down a City of Oshawa bylaw that had required used-goods retailers to collect extensive personal information from people who wanted to sell second-hand items to used-goods stores. This personal information was then to be transmitted to, and stored centrally in, a police database – without any restrictions on its use or any judicial oversight.
  • Two months later, following an investigation into a privacy complaint received by her office, the Commissioner invoked – for the first time in the 20-year history of her office – the power to order an institution to cease the collection of personal information and to destroy collections of information collected previously. She ordered the City of Ottawa and the Ottawa Police to stop collecting extensive personal information from individuals selling used goods to second-hand stores and to destroy personal information already collected (with limited exceptions).
  • A ruling by Justice Edward Belobaba of the Ontario Superior Court of Justice that sections of the Adoption Information Disclosure Act breached the Canadian Charter of Rights and Freedoms. “As the Court noted,” said the Commissioner, “the Charter, ‘… is intended primarily to protect individuals and minorities against the excesses of the majority,’ and, accordingly, in this case, the Charter protected the minority who wished to preserve their privacy. I want to emphasize the significance of one of the statements in that Court decision:

    ‘People expect, and are entitled to expect, that the government will not share their confidential or personal information without their consent. The protection of privacy is undeniably a fundamental value in Canadian society.’”

    “It is of critical importance,” said the Commissioner, “that we never forget the Court’s words, ‘… privacy is undeniably a fundamental value in Canadian society,’ because privacy forms the very underpinning of liberty – the very foundation upon which our freedoms are built.”

  • Positive steps were also taken in the development of “transformative technologies” – a new term for privacy-enhancing technologies applied to technologies of surveillance. For example, the Ontario Lottery and Gaming Corporation is evaluating facial biometrics for its “self-exclusion” program, under which some gamblers seek the OLG’s assistance in barring them from gambling in casinos operated by the OLG. Under a contract with the OLG, a University of Toronto team has been researching novel Biometric Encryption (BE) solutions. The system attempts to identify the subjects in the self-exclusion program while protecting the privacy of stored personal information. This information can be accessed only if a correct biometric, i.e. the facial image of a self-excluded person, is presented. In other words, the personal information is in effect “encrypted” with the person’s biometric – extremely privacy protective.


Among the positive developments in 2007 related to freedom of information were several pivotal court rulings. These included:

  • A very significant ruling by Ontario’s Divisional Court which upheld two decisions made by the Commissioner’s office on the application of the solicitor-client exemption to legal fees. “This ruling was a strong endorsement of our approach to the disclosure of legal fee information and underscores our consistent message that governments should actively disclose information about the expenditure of public funds,” said the Commissioner.
  • Another key ruling, which applied the Canadian Charter of Rights and Freedoms, expanded the circumstances under which the public interest may override certain exemptions to accessing information under the Freedom of Information and Protection of Privacy Act (FIPPA). The Ontario Court of Appeal, in effect, amended FIPPA in a way that the IPC had been advocating since 1994, but did not have the authority to change. Section 23 of FIPPA states that where a “compelling public interest” in disclosure “clearly outweighs” the purpose of certain exemptions from the right of access, those exemptions do not apply. As a result of this decision, the IPC (subject to an appeal the Supreme Court of Canada will hear this fall) now has the ability to decide independently whether records subject to the law enforcement and solicitor-client privilege exemptions should be disclosed in the public interest.


Among the recommendations the Commissioner makes in her Annual Report:

  • She is urging Ontario to make a privacy-protective electronic health record a priority.
  • She is calling on the Premier and John Wilkinson, the Minister of Research and Innovation, to advance the development of transformative technologies (privacy-enhancing technologies applied to technologies of surveillance), not only in the area of research, but particularly in the commercialization of such research to facilitate its entry into the marketplace.
  • She is urging all police services in Ontario to abide by the law and give a broad and generous interpretation to recent amendments to the provincial and municipal freedom of information and protection of privacy Acts that now allow police to disclose – in compassionate circumstances – the personal information of someone who has died to his or her family members.
  • Rather than require individual provinces to build their own extensive databases of citizenship information from scratch, she is urging the federal government to make citizenship information available to provinces that want to provide an enhanced drivers’ licence (EDL) that citizens could use as an alternative to a passport, for the purpose of crossing the U.S. border.


Among the statistical information released by the Commissioner:

  • The number of freedom of information requests filed with provincial or municipal government organizations across Ontario in 2007 – 38,584 – set an all-time high, surpassing the previous record of 36,739, set in 2006. Much of this increase is due to a jump in the number of requests filed with municipalities and police services.
  • The number of privacy complaint files opened under the two public sector privacy Acts – 213 – was the highest in 11 years. (There were 170 privacy complaints in 2006.)
  • And, the number of complaint files opened under the Personal Health Information Protection Act – 338 – set a record. (The old record was 269 in 2006.) Of the 338 complaint files, 227 were privacy complaints and 111 were access or correction complaints.

Commissioner Cavoukian’s 2007 annual report is available on the IPC’s website,

The Information and Privacy Commissioner is appointed by and reports to the Ontario Legislative Assembly, and is independent of the government of the day. The Commissioner's mandate includes overseeing the access and privacy provisions of the Freedom of Information and Protection of Privacy Act, the Municipal Freedom of Information and Protection of Privacy Act, and the Personal Health Information Protection Act, and helping to educate the public about access and privacy issues.

Schneier calls for a data privacy law

In Wired, security and privacy guru Bruce Schneier is calling for a comprehensive privacy law in the United States: Our Data, Ourselves.

Sunday, May 18, 2008

Alberta Commissioner confirms right to have personal health information masked

The Alberta Information and Privacy Commissioner's office, in Investigation Report H2008-IR-001, has confirmed that individuals have the right to have their personal health information masked and its distribution restricted on Alberta Netcare:

Investigation confirms Albertans' right to ask custodians to limit disclosure of health information through Alberta Netcare

May 15, 2008Investigation confirms Albertans' right to ask custodians to limit disclosure of health information through Alberta NetcareInformation and Privacy Commissioner, Frank Work, has confirmed that individuals can ask that disclosure of their health information through Alberta Netcare, Alberta’s electronic health record, be limited. On conclusion of a recent investigation, it was recommended that Alberta Health and Wellness take steps to fully implement the technology that will allow custodians to limit the disclosure of health information through Alberta Netcare and communicate the availability of this option to Netcare users and Albertans.

The case involves a woman who asked her pharmacist to limit the disclosure of her health information through Alberta Netcare, but was told the pharmacist could not refuse to disclose information to AHW. The woman then contacted AHW to request that her information be “masked” in Alberta Netcare, but was directed to make her request to other custodians.

The Health Information Act (HIA) section 58(2) requires custodians to consider the expressed wishes of individuals when deciding how much health information to disclose. AHW has decided to manage expressed wishes in Alberta Netcare by masking information. Masked information is hidden until an authorized user who is providing care to a patient decides to unmask the information.

The investigation found that AHW built masking capabilities into Alberta Netcare as early as 2006, but did not did not formalize the processes required to allow Netcare users to apply masking until April 2008. The investigation also found that AHW had not adequately communicated the availability of masking as a means to manage an individual’s expressed wishes to health care providers nor had they developed the administrative tools required to fully support implementation of masking.

Mr. Work says “While I commend Health and Wellness for building important privacy features like masking into the system, it is not very useful to develop a masking system and not support its implementation or advise end users that it is available to them. In principle, AHW’s approach to masking information in Alberta Netcare is sound but implementation has been weak. The Department acknowledges this gap and has committed to developing an enhanced masking implementation plan for my review and comment before the end of the month. We will continue to work with AHW on this issue.”

Other recommendations that have been accepted by AHW include the recommendation to respond to the complainant’s request that her information be masked and expand Alberta Netcare communications materials to inform and educate patients about how a masking request can be made. The Department has taken immediate steps to implement these recommendations.

The investigation report and its recommendations can be found at

Saturday, May 17, 2008

Cleanse or secure your electronics before crossing the border

Over the past weeks, I've done a lot of travelling. First to Geneva and then to the US. On both occasions, I had to be very mindful of what information I have on my laptop and my USB drives, since I am subject to the Personal Information International Disclosure Protection Act.

This new law prohibits the export of personal information by Nova Scotia public bodies and their service providers. As a lawyer to a number of public bodies and an instructor at Dalhousie Law School, my laptop an blackberry are subject to those laws. Since I didn't want to go to the bother of asking the chief executive of each public body I work for wheter I had one-off permission to take their data with me (and since I wouldn't need their data on the road), I had to delete all traces of such personal information from my portable electronics. While this is a concern for public bodies in Nova Scotia and their service providers, it's also a concern for anyone who is crossing the border into the United States as increasingly customs officers are scrutinizing laptops at the border.

Bruce Schneier, who always has interesting things to say, has an article in the Guardian on how to secure your laptops if you're taking them into the US. It's a good read and probably something to bookmark to read next time you're crossing the frontier: Read me first: Taking your laptop into the US? Be sure to hide all your data first Technology The Guardian.

Building China's high-technology surveillance society, with help from the US

Naomi Klein has an interesting piece in the most recent Rolling Stone on the emerging high-technology surveillance state being built in China, with help from some of largest US defence contractors:

China's All-Seeing Eye : Rolling Stone

... Now, as China prepares to showcase its economic advances during the upcoming Olympics in Beijing, Shenzhen is once again serving as a laboratory, a testing ground for the next phase of this vast social experiment. Over the past two years, some 200,000 surveillance cameras have been installed throughout the city. Many are in public spaces, disguised as lampposts. The closed-circuit TV cameras will soon be connected to a single, nationwide network, an all-seeing system that will be capable of tracking and identifying anyone who comes within its range — a project driven in part by U.S. technology and investment. Over the next three years, Chinese security executives predict they will install as many as 2 million CCTVs in Shenzhen, which would make it the most watched city in the world. (Security-crazy London boasts only half a million surveillance cameras.)

The security cameras are just one part of a much broader high-tech surveillance and censorship program known in China as "Golden Shield." The end goal is to use the latest people-tracking technology — thoughtfully supplied by American giants like IBM, Honeywell and General Electric — to create an airtight consumer cocoon: a place where Visa cards, Adidas sneakers, China Mobile cellphones, McDonald's Happy Meals, Tsingtao beer and UPS delivery (to name just a few of the official sponsors of the Beijing Olympics) can be enjoyed under the unblinking eye of the state, without the threat of democracy breaking out. With political unrest on the rise across China, the government hopes to use the surveillance shield to identify and counteract dissent before it explodes into a mass movement like the one that grabbed the world's attention at Tiananmen Square.

Remember how we've always been told that free markets and free people go hand in hand? That was a lie. It turns out that the most efficient delivery system for capitalism is actually a communist-style police state, fortressed with American "homeland security" technologies, pumped up with "war on terror" rhetoric. And the global corporations currently earning superprofits from this social experiment are unlikely to be content if the lucrative new market remains confined to cities such as Shenzhen. Like everything else assembled in China with American parts, Police State 2.0 is ready for export to a neighborhood near you....

Hong Kong Privacy official jailed for fiddling expenses

Anthony Lam Wing-hong has been sentenced to nine months in jail for "flddling" travel expenses:

The Standard - Hong Kong's First FREE English Newspaper

Privacy official jailed for fiddling expenses

Former deputy privacy commissioner Anthony Lam Wing-hong was yesterday jailed for nine months for fiddling his travel expenses to Australia involving more than HK$100,000.

For some background, see: Canadian Privacy Law Blog: Hong Kong ex-privacy boss found guilty in dishonest expense claims

Thursday, May 15, 2008

Google starts blurring faces on Street View

According to the CBC, Google has started implementing an algorithm to automatically blur peoples' faces in Google Street View. This follows complaints that the online service violates privacy by showing people without their consent. See: Google starts blurring faces on Street View.

For some background, see: Canadian Privacy Law Blog: Google Street View raises privacy concerns, Canadian Privacy Law Blog: Google modifying street view to meet Canadian privacy expectations.

Wednesday, May 14, 2008

London supermarket secretly photographs alcohol/cigarette buyers, wants national database

If you guessed this scheme was developed in the UK, you guessed correctly:

London supermarket secretly photographs alcohol/cigarette buyers, wants national database - Boing Boing

Budgens, a London supermarket chain, secretly records biometric facial photos of people who buy cigarettes and alcohol and compares it to a database of known underage buyers, and they're hoping to link their database with other grocery chains around the country. This means that just bringing a bottle up to the till means that your likeness and details will be added to a nationwide database, recording your movements and purchasing habits.

Friday, May 09, 2008

Band "shoots" video by sending Data Protection Act requests to CCTVs that caught them performing

This is too funny.

Apparently Manchester band "The Get Out Clause" recorded a music video by performing in the vicinity of CCTV cameras and then requesting the footage under the UK Data Protection Act.

Band "shoots" video by sending Data Protection Act requests to CCTVs that caught them performing - Boing Boing

Ontario and B.C. Privacy Commissioners issue joint message: personal health information can be disclosed in emergencies and other urgent circumstances

This just crossed the wires and is likely of interest to those who followed the earlier discussions about using privacy legislation as an excuse for inaction.

CNW Group OFFICE OF THE INFORMATION AND PRIVACY COMMISSIONER/ONTARIO Ontario and B.C. Privacy Commissioners issue joint message: personal health information can be disclosed in emergencies and other urgent circumstances

Ontario and B.C. Privacy Commissioners issue joint message: personal health information can be disclosed in emergencies and other urgent circumstances

TORONTO, May 9 /CNW/ - In light of recent events, such as the tragic suicide of Nadia Kajouji, a student at Carlton University, and the Virginia Tech massacre of 2007, the Information and Privacy Commissioner of Ontario, Dr. Ann Cavoukian, and the Information and Privacy Commissioner of British Columbia, David Loukidelis, are reaching out to educational institutions, students, parents, mental health counsellors and healthcare workers in both provinces: personal health information may, in fact, be disclosed in emergencies and other urgent circumstances. The two Commissioners want to ensure that people realize that privacy laws are not to blame because they do permit disclosure.

The Commissioners want to send the clear message that privacy laws do not prevent counsellors or healthcare providers from contacting a person's family if there are real concerns that they may seriously hurt themselves. "When there is a significant risk of serious bodily harm, such as suicide, privacy laws in Ontario clearly permit the disclosure of personal information without consent, regardless of age. In such situations, schools may contact parents or others if there are reasonable grounds to believe that it is necessary to do so," says Commissioner Cavoukian. Commissioner Loukidelis adds that, "If there are compelling circumstances affecting health or safety, or if an individual is ill, B.C.'s privacy laws allow disclosure to next of kin and others, including school officials and health care providers. Individual cases can be fuzzy, but if someone uses common sense and in good faith discloses information, my office is not going to come down on them. Privacy is important, but preserving life is more important."

In Ontario, the Personal Health Information Protection Act (PHIPA) allows health care providers, such as mental health counsellors, to disclose personal health information when necessary to eliminate or reduce a significant risk of serious bodily harm. This would include disclosure to a physician or parent if there are reasonable grounds to believe it is necessary to do so. In fact, PHIPA specifically allows for this kind of disclosure in emergency or urgent situations. Commissioner Cavoukian clarified this in a Fact Sheet she issued in 2005 entitled, Disclosure of Information Permitted in Emergency or other Urgent Circumstances, available at

In British Columbia, Commissioner Loukidelis underscored, the public sector Freedom of Information and Protection of Privacy Act allows universities, schools, hospitals and other public institutions to disclose personal information where someone's health or safety is at risk. He also noted that the private sector Personal Information Protection Act contains similar authority to disclose personal information for health and safety reasons.

Both Commissioners are today announcing their joint project to issue a new publication aimed at clarifying the role that privacy laws play when workers are trying to decide whether they can disclose personal health information. Commissioner Cavoukian said of the joint project, "Our goal is to ensure that educational institutions understand the legislative framework in advance of problems occurring. We are looking forward to working further with the educational community - stay tuned."

Commissioners Cavoukian and Loukidelis are urging those responsible for the health and safety of others to educate themselves about how the privacy laws covering them apply to their work and familiarize themselves with the provisions allowing them to disclose personal health information in emergency situations. Commissioner Loukidelis says, "I know that frontline decisions have to be made quickly and sometimes the facts may not be as clear as you'd like. But there's no doubt that privacy laws support disclosures to protect health and safety." Commissioner Cavoukian agrees that privacy laws are not at fault. "To infer that privacy laws were responsible for someone's death is to completely misunderstand the role that privacy laws are designed to play. The tragedy here lies if you take a default position of non-disclosure and inaction," says Commissioner Cavoukian. She also adds that, "However, Commissioner Loukidelis and I both recognize that the decision to notify someone's family without their consent can be extremely difficult, requiring very sound judgment. We are also clear that notification cannot be done on a routine basis and that students need to feel reassured that their privacy will be protected when they seek counselling or other health care services."

Apologies for the light blogging

Sorry for the lack of posts during the past week. I was in Geneva for business and didn't have any time to keep my ear to the ground for privacy happenings. But I'm back and I hope to catch up ...

Saturday, May 03, 2008

Turkey to implement privacy laws in bid to join EU

The parliament in Turkey has introduced privacy legislation, as part of the country's move to join the European Union. See New law to safeguard privacy.

Friday, May 02, 2008

Avoiding camera noise for anonymous photos

You learn something new every day. Apparently each digital camera, in addition to EXIF info, has its own ditigal signature in the form of digital noise in your photos. A bunch of your photos can be correlated and can then be used to connect them to a particular camera.

If you have a desire to keep your photos unattributable, you may want to check this out:

Avoiding Camera Noise Signatures - Instructables - DIY, How To, photography, science

If you take enough images with your digital camera, they can all be compared together and a unique signature can be determined. This means that even when you think that you are posting a photo anonymously to the internet, you are actually providing clues for the government to better tell who you are. The larger the sample size of images they have, the easier it is them to track down images coming from the same camera. Once they know all the images are coming from the same camera, all they then have to do is find that camera and take a picture to confirm it beyond a reasonable doubt. It is important to remove this noise signature so that you cannot be tracked down. I cannot guarantee any of these methods will work beyond the shadow of a doubt because the woman doing research for the government on how to find the signature is very good. I can only promise that this will make their work more difficult.

Thursday, May 01, 2008

First stats on National Security Letters

According to EPIC, the first public reporting on National Security Letters has been released, showing over twelve thousand NSLs were issued in 2006.

FISA Orders Up, Government Reporting on National Security Letters Begins. According to the 2007 FISA report (broken link), the Foreign Intelligence Surveillance Court approved 2,370 application to conduct electronic surveillance and physical searches in the United States in 2007, up from 2,176 applications approved in 2006. For the first time, the report includes information regarding the total number of requests made by the Department of Justice with National Security Letter authority for information concerning U.S. persons. in 2006, the government made approximately 12,583 NSL requests for information concerning 4,790 U.S. persons. The 2007 NSL statistics are expected later this year. (May 1)