Government Information in Canada/Information gouvernementale au Canada, Number/Numéro 21 (December 2000)
The Hype, the Facts, and the Government's Role (1)
Introduction: The Growing Hype
In 1999, a doomsday message was proclaimed time and again: the optimistic faith we had placed in technology was bound to lead to our ruin. Inevitably, computers would be implicated in the end of the world as we knew it. A science fiction dystopia would come to life.
You might be excused if you think I'm referring to the whole Y2K fiasco--but I'm not. The topic I'm referring to is privacy or, more specifically, the gradual erosion of our privacy rights. Last year, perhaps, concerns about privacy loss were eclipsed by anxieties about Y2K. Privacy concerns share some similarities with last year's worries about Y2K in that they are based on an awareness that our dependence on technology is fraught with danger. Some significant differences between the two issues, however, are worth mentioning. Firstly, the warnings that the end (of privacy) was near came not from tabloids and apocalyptic cults, but from various erudite sources. Consider that in 1999, "The End of Privacy" was announced by the title of a book by York University political scientist Reg Whitaker, (3) from the title of another book by journalist Charles J. Sykes (4) (contributor to The New York Times and The Wall Street Journal, and research fellow at the Hoover Institution), and from the headline of the May 1st edition of The Economist, (5) to name but a few examples. Secondly, unlike the Y2K issue, privacy concerns would not be resolved once January 1, 2000 rolled around and are not likely to disappear in the near future. In fact, more and more questions about privacy will be raised as advances in computer technology make it easier and easier to collect, record, and analyze information about persons.
A climate where privacy apocalypse appears to be nigh makes the exploration of privacy issues particularly crucial. What exactly does the waning (if not the actual ending) of privacy signify? Why is it so bad? Indeed, is it so bad? Can and should anything be done to protect privacy? Broad questions such as these are relevant the world over.
In Canada, a careful examination of privacy matters is especially timely given that a new private-sector privacy law is scheduled to come into effect at the beginning of next year. To be sure, different governments' approaches to the protection of privacy will be scrutinized by advocates seeking to ensure that privacy rights remain a part of life in the twenty-first century. At present, European Union (EU) countries are at the forefront of privacy protection initiatives in consequence of the EU's Directive on Data Protection, which stipulated that member countries legislate standards for the protection of privacy in the commercial sphere by 1998. (6) The United States, in contrast, has heretofore preferred a hands-off approach to privacy deeming it best for private industry to be self-regulating in that regard. Canada's recent legislative action provides a practical basis from which to appraise governments' role in privacy protection. Privacy laws and other government output on the issue obviously affect the privacy environment of a jurisdiction--although this influence is perhaps more educational than legislative.
The End of Privacy
One can hardly begin a discussion of privacy issues without first addressing the thorny question of how to define privacy. The fact that one very well-known definition, "[t]he right to be let alone," was made famous over a century ago in a Harvard Law Review article on "The Right to Privacy" by Samuel Warren and Louis D. Brandeis (7) reveals that privacy issues have fomented debate for some time now. As the discussion continues, so do the proposals for definitions. Robert Gellman, privacy and information policy consultant in Washington, DC, implies that establishing a single definition may be impracticable: "Lawyers, judges, philosophers, and scholars have attempted to define the scope and meaning of privacy, and it would be unfair to suggest that they have failed. It would be kinder to say that they have all produced different answers." (8) Privacy scholar Alan F. Westin echoes this sentiment: "no definition of privacy is possible, because privacy issues are fundamentally matters of values, interests, and power." (9) Westin's disclaimer aside, one practical definition of privacy was proposed by Westin himself in 1967: privacy may be understood as "[t]he claim of individuals to control when, how, and to what extent information about themselves is communicated to others." (10)
Defining the End of Privacy
It is worth asking why privacy has become such a hot topic of late. Debates about privacy--brewing over the last century--are a relatively recent development in the history of humanity. That is not to say that threats to privacy rights begin in the nineteenth-century. For example, there is evidence that as far back as ancient Egypt government kept track of the population in order to ensure proper execution of taxes and the military. (11) Yet, until fairly recently, there was no easy means of accumulating and manipulating personal information. As I mentioned above, privacy concerns are tied up with advances in technology--particularly with those technologies which make it easier to gather information about persons.
In fact, the advent of potentially intrusive technology spurred Samuel Warren and Louis Brandeis to pen their influential Harvard Law Review article in 1890. At that time, photography and inexpensive printing threatened to make it easier for the press to collect and distribute photos and facts about private individuals. (12)(13) However, tracking personal information remained prohibitively complicated – even for governments – despite the spread of press coverage. David Banisar explains that prior to the 1960s "[t]racing people's activities required physically following them from place to place at close range, interviewing those they came in contact with, typing up the information, and storing it in file cabinets with little possibility for cross-referencing. Only governments willing to go to extremes were able to conduct widespread surveillance." (14) Increasing computerization in the second half of the twentieth century changed all this: collecting, storing, and subsequently making use of personal information all became much simpler and quicker. (15) By the late 1990s, techniques such as data mining made it possible to analyze seemingly inextricable aggregations of data. It became possible to predict events such as credit defaults and health conditions. The end of privacy is marked by widespread surveillance; information about individuals is communicated and manipulated by organizations with much greater power over that information than the individuals themselves.
Surveillance has become easy and common. The potential uses of the new surveillance technologies are diverse: consumer databases, health care information networks, government information banks, police surveillance systems, and workplace monitoring techniques. Reg Whitaker divides the use of information gathered by surveillance into two broad categories: inclusionary and exclusionary. (16) Inclusionary uses are associated with the consumer economy: retailers are able to identify customers and their specific preferences. (17) Exclusionary practices are related to risk identification: organizations may keep track of individuals who exhibit dangerous conditions or behaviours. (18)
The inclusionary application of technology is primarily a marketing activity. Gathering and categorizing information about consumers allows for niche marketing and personalization of service. (19) For example, as customers use discount cards, make purchases with credit cards, or engage in online shopping, companies create profiles that allow them to narrow in on shopper preferences. Inclusionary benefits are also invoked in fields where individuals may profit from personalized service. In the field of health care, for instance, a Canada Health Infoway has been proposed as a means of improving health services by supplying Canadians with information on the health care system, supplying researchers with access to studies on health determinants and new treatments, and supplying practitioners with access to patients' records across the health care complex.
The Advisory Council on Health Infostructure envisions the Canada Health Infoway as being "about how the health of individuals and communities can be improved by the power of information and the growing capacity of modern communications to deliver services." (20) The system promises to assist Canadians by including consumers of health care services in a network of medical data. Inclusionary benefits explain why one would support government information banks of all types: the government-as-service-provider may better attend to the needs of its citizens-as-consumers if information is centralized and organized. It appears that the government of Québec has plans for such centralization: according to Bruce Phillips, until recently Canada's privacy commissioner, the Québecois government proposes to develop a database containing basic identifying information for residents of that province. (21)
Exclusionary uses of surveillance technology are often practiced in law enforcement and security. These applications are based on the idea that certain members of a group or society must be controlled for the good of the population. For example, technology may be used by police to trace welfare cheats or sex offenders. (22) At some points, law enforcement surveillance intersects with workplace surveillance--as in cases of arrest for downloading child pornography in the cyber-workplace. (23) Exclusionary uses of technology in employment circumstances do not always involve criminal acts: employers have the right to read workers' e-mail, access their computer drives, and listen to their telephone transactions in order to restrict improper usage of resources. (24)
Unfortunately the border between the uses of surveillance technologies and their misuses is a fuzzy one. Privacy scholars often point out that much abuse occurs because inclusion and exclusion are not necessarily mutually exclusive concepts. Data linkage between databases maintained for different purposes is possible because data in one computerized storage space can be easily transformed into a format that can be read by another storage technology. (25) Some agencies that collect information--ranging from marketers to certain U.S. States--sell it to other organizations. (26) The merging of two or more separate data stores may result in a much larger and more insidiously valuable data store. (27) Medical analyses intended to help at-risk populations avoid complications may be used by insurance companies for obviously exclusionary purposes. Even one's web surfing may be used in this manner: if a potential employer accesses an applicant's Internet-use patterns ostensibly gathered by businesses for commercial purposes, implied indications of unsuitable political affiliation or sexual orientation may lead the employer to not offer employment to the job candidate.
Yet academic interest in delineating potential threats to private life has not been accompanied by an equally fervent public uproar regarding the issue. Some observers suggest that many people are simply not closely examining the uses of technology--whether inclusionary or exclusionary--because they perceive that there are benefits to be gained from them. Firstly, individuals may appreciate inclusion in a database that gives an organization the means of personalizing service--precisely because they appreciate that personalization. (28) Secondly, researchers suggest that most persons do not see how exclusion might apply to them because it is associated with marginal populations such as those involved in the penal or welfare systems. (29)
Without a doubt, advantages may stem from privacy-limiting technologies. Amitai Etzioni, sociologist and author of The Limits of Privacy, stands almost alone as an academic who argues that fears surrounding surveillance technologies are overblown. Etzioni, who identifies himself as a communitarian, maintains that privacy restriction is necessary for "the common good," notably public safety and public health. (30) He outlines situations (such as testing newborns for HIV or checking child-care workers for a record of pedophilia) which indicate the good derived from what might be seen as the violation of privacy rights (of pregnant women, or of those who work with children). We can identify other situations in which surveillance technologies have obviously positive uses: online monitoring may help identify terrorist activities before they occur or video cameras may help ensure the safety of community streets.
Confusion may account for the hesitant response of the public in the face of privacy erosion. Both consumer studies and anecdotal evidence suggest that many private citizens are concerned about privacy loss, (31)(32) but it is difficult to determine how that concern translates into action. One wonders whether it is necessary to pick sides: pro-technology or pro-privacy. After all, the majority of experts decry even those surveillance technologies which yield obvious benefits. Of course, such a polarization is artificial because both surveillance tools and privacy rights-- each in their own wy- enhance personal life. It seems that many individuals remain ambivalent. Although they are somewhat disturbed by a perceived threat to personal information individuals see no clear strategy that will improve the situation, save an abstinence (of sorts) from participation in everyday acts associated with shopping, working, and information-seeking. Thus, they simply do nothing.
Approaches to Protecting Privacy
Implementing procedures to protect privacy does not necessarily presuppose entirely halting the flow of personal information to and between different organizations. Rather, if one understands privacy in terms of the definition proposed above ("[t]he claim of individuals to control when, how, and to what extent information about themselves is communicated to others" (33)), then privacy protection entails restoring control of personal information to the person. There are various means of achieving this end--perhaps it is better to say that various means are required to achieve this end. These means might include technological initiatives, consumer initiatives, and industry initiatives.
Since technological developments have led to current fears about privacy loss it seems appropriate that technology might also offer a way to regain privacy. A survey of the literature on privacy protection in computer trade magazines and computer science journals reveals that the software industry anticipates a demand for technological initiatives that will help safeguard privacy (see, for example, Baskin (34) or Cranor (35)). It is perhaps useful to distinguish between data-security technologies and privacy-enhancing technologies. (36) Data-security tools, such as encryption mechanisms, attempt to keep data safe from unauthorized eyes. (37) However, even if data-security technologies work and personal information is not intercepted by unauthorized agents there is no guarantee that personal data will be protected because authorized persons or groups are not prevented from misusing the information they receive. Consequently, privacy-enhancing technologies (PETs) go further to protect privacy either by doing away with the usage of personal information or by allowing the individual in question to make his or her own decisions about disclosing that information. (38) One example of a PET is the use of electronic "cash" for monetary transactions; this would allow individuals to make purchases and pay for services anonymously. (39)
A technological approach to privacy protection suggests that consumers must take responsibility for the protection of their own privacy. At this stage of the privacy debate, it is concerned consumers who have to invest in currently available PETs. A number of privacy-enhancing software packages are becoming available to the public. Just last spring a Canadian company introduced software that allowed for anonymous web browsing and e-mailing. (40) Zero-Knowledge Systems promises users that its Freedom software is just what they need: "[Y]ou can express yourself online and visit your favorite Websites without worrying about who is tracking or profiling your online activities." (41) However, many observers wonder just who will invest in these technologies. According to Anita Lahey, consumers who take responsibility for the protection of their privacy are those whose online activities are illegal: pedophiles, racists, drug dealers and hackers, to name but a few examples. (42) It will take aggressive marketing to make Jane Doe acquire this product. Interestingly, Zero-Knowledge has commenced this marketing with an ad campaign revealed on April 24th in Newsweek. (43)(44)
It remains to be seen whether a business that knows its prime markets are "cypherpunks…, hackers and perverts" (45) will attract public attention with ads that appropriate the voice of the consumer by proclaiming "I am not a piece of your inventory" and "On the Net I am in control." It is not unlikely that the average consumer will retain her usual response to this privacy-protection message: to remain vaguely alarmed by web-based transactions yet fail to take action on the issue--in this case, by failing to buy the product--unless she feels that she definitely has something to hide. Some members of the information technology industry, such as John Sabo, manager of security strategy at IBM, believe that "consumers are...responsible to judge for themselves whether surrendering a bit of their privacy is a price they're willing to pay for access to electronic commerce services." (46) Yet the leave-it-in-the-hands-of the-consumers approach will surely not benefit the industry in the long run if the public is distrustful and unsure of electronic information transactions.
Conversely, organizations that collect consumers' personal information stand to gain if they take responsibility for ensuring that private data remains private. After all, the growing prominence of privacy issues may cause the public to shy away from organizations that do not take measures to protect personal data. People will choose to do business with those companies that are known to be concerned about their customers' privacy. Dr. Ann Cavoukian, the information and privacy commissioner for the Province of Ontario, reminds companies who make strategic use of consumer information that ignoring privacy issues will inevitably result in the accumulation of inaccurate information. (47) In one survey, over 40% of consumers who had supplied personal information to companies indicated that they had deliberately provided the organization with incorrect facts. (48)
Obviously, strategic marketing relies on access to accurate customer information. If companies hope to acquire useful consumer information they may have to ensure that personal information does not become a commodity. Conveniently, just as third parties have appeared with products that consumers can use to protect their privacy, they have also surfaced with services that organizations can use to ensure privacy protection. Services such as TRUSTe, CA WebTrust, and E-Com Secured, Inc. evaluate Internet sites to ascertain whether they satisfy specific privacy standards. (49)(50) These systems typically apply privacy criteria to web sites and assign some kind of seal intended to assure consumers that the business or organization in question is doing its utmost to foster a secure environment.
Government and the Protection of Privacy
Many privacy advocates and consumer groups find none of the aforementioned solutions adequate. Technological approaches to privacy protection work only insofar as the technology involved is secure. Increasingly sophisticated privacy protection tools will be developed by a profit-driven market – potentially creating a further division between privacy haves and privacy have-nots. Additionally, technology does not help consumers in situations where personal information is required for the receipt of a product or service. (51) The same holds true for "solutions" that put the onus on consumers to take responsibility (individually) for the defense of their privacy. Finally, self-regulation by the industry that deals in electronic products or services is a contentious prospect at best--and something that conceivably could only occur after many years and many mishaps. An approach to consider, then, is government regulation of privacy protection.
The Privacy Act
The Canadian government has been involved in the protection of privacy for about two decades--at least as far as government information is concerned. Canada's Privacy Act was implemented on July 1st, 1983, to regulate government record keeping as it would be affected by computerization. (52) At that time, of course, data-mining, direct marketers, and online retailers did not exist to compete with the government for possession of the most comprehensive information files on an individual. Obviously, the government did and still does hold a number of important records on its citizens: pension and employment insurance files, tax records, student loan applications, and military records. (53) The implementation of the Privacy Act accomplished two principal objects: government record-keeping operations were made more accountable, and Canadians were granted increased control over the information retained about them in government data banks. Notably, the act prevented the government from either disclosing personal information to other agencies, or using it for purposes other than that for which it was collected (with certain exceptions, such as cases of complying with a warrant or a subpoena).
The Privacy Act includes a provision on the office of the Privacy Commissioner which had been enacted at the federal level in 1977. (54) According to the Privacy Act, the Privacy Commissioner is responsible for supervising the federal government's adherence to the Privacy Act, looking into complaints that the Privacy Act has been violated, and generally acting as a resource and research centre for privacy issues in Canada. Judging by the nature of the Privacy Commissioner's web presence and its Annual Report for 1998-1999, the office involves much consciousness-raising: in both speaking engagements with various interest groups and outreach to the general public, Bruce Phillips constantly reminded Canadian citizens of the ways in which their personal information is threatened. (55)(56)
The Personal Information Protection and Electronic Documents Act
Very recently--on April 4, 2000--the Canadian government passed the Personal Information Protection and Electronic Documents Act, which will come into operation on January 1st, 2001. (57)(58) Part 1, "Protection Of Personal Information In The Private Sector," has elicited the most attention of the Act's five parts. The Act states that the purpose of Part 1 is "to establish, in an era in which technology increasingly facilitates the circulation and exchange of information, rules to govern the collection, use and disclosure of personal information in a manner that recognizes the right of privacy of individuals with respect to their personal information and the need of organizations to collect, use or disclose personal information for purposes that a reasonable person would consider appropriate in the circumstances." Put simply, the Act enacts privacy standards in the private sector.
The Personal Information Protection and Electronic Documents Act is based on the Canadian Standards Association (CSA) Model Code for the Protection of Personal Information, which is incorporated into the Act as Schedule 1. (59) The Code is a set of privacy protection standards for the private sector developed in consultation with business, consumer, labour, and government groups between 1992 and 1995. It has been in place as a (voluntary) national standard since 1996. (60) The new private-sector privacy legislation may be called a democratic and fair law because it is based on a collectively agreed-upon set of principles. Not surprisingly, the most significant changes enacted by the new law are those which limit the collection and exploitation of personal information. Specifically, the Personal Information Protection and Electronic Documents Act restricts collection of information to that which is required for the organization's stated purposes. The Act requires organizations to procure permission from the individual in question before personal information may be disclosed to a third party. As with the Privacy Act in the public sector, the Privacy Commissioner has the power to audit and assess organizations' compliance with the new law.
Of course, the Canadian government has not joined the privacy bandwagon merely to assuage privacy advocates. There are very practical reasons why privacy legislation has been established in the commercial sector. One must understand that the recent Act on protection of personal information is part of a much larger project, "Connecting Canadians," which aims to make Canada a front-runner in the knowledge-based economy. (61) Minister of Industry, John Manley, explains that the "Connecting Canadians" strategy is to develop a vigorous electronic commerce field in Canada; dynamic electronic commerce must ensure that the citizen-consumer is comfortable with sharing personal information in a digital environment. (62) The Personal Information Protection and Electronic Documents Act is meant to ensure just that. Additionally, the forthcoming act is a reaction to the aforementioned EU Directive on Data Protection: part of that jurisdiction's regulations interdict member countries from conducting transactions involving personal information with nations that do not safeguard that information. (63)
Conclusion: Questions About the Effectiveness of Privacy Laws and Government Action
Can legislation adequately protect an individual's privacy? The short answer is no. The long answer is that a legislative approach to the protection of privacy is fraught with enough uncertainties and obstacles that it is nearly impossible to carry out. Firstly, many organizations are likely to resist privacy initiatives even if legislation is in place. Personal information is a valuable commodity. The mountains of personal data amassed by certain businesses are so vast that obtaining consent for the preservation of it all would be an exorbitant undertaking: some single databases contain information on up to 95% of the American population. (64)(65) Secondly, it may well be unfeasible to police and punish companies who resist compliance with privacy standards. An Economist article on "The End of Privacy" suggests that "[p]olicing the rising tide of data collection and trading is probably beyond the capability of any government without a crackdown so massive that it could stop the new information economy in its tracks." (66) This statement is misleading: it implies that an abrogation of the information economy is possible. The information economy is a decentralized, international economy. Policing the rising tide of data collection is probably beyond the capability of any single government. Period.
The specific legislation that was passed on April 4 in Canada presents certain obstacles (other than the ones mentioned above) which require ironing out. Ottawa lawyer Michael Geist points out that the Personal Information Protection and Electronic Documents Act does not seem to absolutely necessitate that businesses be straightforward about what they plan to do with personal information. (67) A business using a "negative option" method could make use of a customer's personal information unless the customer categorically opted out of that prospect. (68) The law would better protect consumers if it required companies to employ an opt-in method: consumers' personal information would automatically be kept private unless the individual in question opted to allow information to be used. Although health care organizations are given two extra years to prepare for this new Act, the months ahead will likely be arduous ones, as all sides of the health-care industry make their arguments. The industry has been split since the bill was first proposed: some groups, such as the Canadian Medical Association and the Canadian Dental Association, think health data should be protected even further, while other organizations, like the Ontario Ministry of Health and the Canadian Pharmacists Association--those groups involved with the intended Canada Health Infoway--believe any attempt to safeguard health data will compromise health research.
This function of the Privacy Commissioner's Office cannot be underestimated: like the pundits who call attention to the waning of privacy rights, the Privacy Commissioner continually alerts Canadians to the import of issues surrounding personal information. However, the Privacy Commissioner is able to do more than the academic privacy analysts. The Privacy Commissioner is able to respond to the concerns of citizens and negotiate with privacy-threatening institutions. The Privacy Commissioner has the power to make Canadians feel that they can actually do something about their privacy rights. On the matter of privacy protection in particular, then, it is useful to think of government information not as static pronouncements that guide absolutely, but rather as documents that encourage the best possible use of information technology.
 May be cited as/On peut citer comme suit:
Nadine d'Entremont. "The Protection of Privacy: The
Hype, the Facts, and the Government's Role." Government
Information in Canada/Information gouvernementale au Canada No. 21
 John Craig, Bill C-6: Personal
Information Protection and Electronic Documents Act 15 October 1999,
Parliamentary Research Branch Legislative Summary LS-344E. http://www.parl.gc.ca/36/2/parlbus/chambus/house/bills/summaries/c6-e.htm
(2 February 2000).
 Samuel Warren and Louis D. Brandeis,
"The Right to Privacy" Harvard Law Review 5 (1890):
(2 April 2000).
 Robert Gellman, "Does Privacy Law
Work?" in Technology and Privacy: The New Landscape, ed.
Philip E. Agre and Marc Rotenberg (Cambridge, Massachusetts: The MIT
Press, 1998), 193-218.
 Smith Lyons (Barristers and
Solicitors, Patent and Trade-Mark Agents) Privacy and the Internet:
Recent Developments, December 1998. http://www.SmithLyons.ca/Publications/Articles/IT_98_12_3.htm
(30 March 2000).
 David Banisar, "Big Brother
Goes High-Tech" Covert Action Quarterly (Spring 1996): 6-10.
(4 April 2000).
 Health Canada, Office of Health and
the Information Highway, "Canada Health Infoway: Paths to Better
Health" (Ottawa: 1999) Final Report of the Advisory Council on
Health Infostructure. http://www.hc-sc.gc.ca/ohih-bsi/whatdo/achis/fin-rpt_e.html
(5 April 2000).
 Ellen R. Foxman and Paula Kilcoyne,
"Information Technology, Marketing Practice, and Consumer Privacy:
Ethical Issues" Journal of Public Policy and Marketing 12.1
(Spring 1993): 106-119 at 111.
 Privacy Commissioner of Canada,
"Privacy Commissioner welcomes a new era in privacy protection".
(24 April 2000).
 Canada, Parliament, House of Commons
Personal Information Protection and Electronic Documents Act Bill
C-6, 26 October 1999. http://www.parl.gc.ca/36/2/parlbus/chambus/house/bills/government/C-6/C-6_3/C-6_cover-E.html
(6 April 2000).
 Canada, Standing Committee on
Industry, Meeting #76: Evidence 1 December 1998. http:www.parl.gc.ca/InfoComDoc/36/1/INDY/Meetings/
Evidence/INDYEV76-E.HTM. (24 April 2000).