You Might be Interested In

On our website this week, we’re launching a new online tool to help businesses better safeguard customer and employee information.

It features a detailed online questionnaire and analysis tool that helps organizations gauge how well they are protecting personal information, in keeping with the applicable private-sector privacy law.

Developed jointly by the federal, Alberta and British Columbia privacy commissioners’ offices, the tool can be used by any private-sector organization, particularly small and medium-sized businesses.

Try it out yourself here.

Amendments to PIPEDA as part of legislation to curb spam came into effect April 1, 2011.

Last month, our Office was invited to participate in a youth privacy conference hosted by the American Library Association (ALA). The ALA’s Office for Intellectual Freedom has been focused on the issue of libraries and privacy awareness for the last three years, thanks to a grant from the Open Society Institute.  They plan to focus their efforts in 2011 on developing strategies for how best to deliver the privacy message to young people and see libraries as ideal places for youth to learn about privacy. They brought together privacy advocates, policy experts, librarians, educators, and our Office to pick our brains on how to best achieve this.

Their keynote speaker was Cory Doctorow of BoingBoing, who gave a very engaging talk via Skype where he advocated for network education – an approach we’ve discussed in this blog before.

He argues for the development of critical thinking skills, and defines the goal of youth privacy initiatives as  “A future where ‘why do you need to know this?’ is the default position when someone asks our kids to disclose information.”

He gave a similar talk at TEDx Observer recently on privacy and kids – worth watching:

On April 20^th, 2011, our Office is holding the third Insights on Privacy armchair discussion. We heard in February about what motivates us to reveal or conceal details of our personal lives, and how we protect the private lives of others around us.

To complement this talk, we’ve invited tech innovators Adam Greenfield (@agpublic) and Aza Raskin (@azaaza) to explore opportunities for privacy in the design of intimate devices, like smart phones, that we share our lives with every day, to the sensor-rich landscape that’s upon us. We’ll discuss opportunities for companies to empower individuals with greater choice and control over how their data are used and for greater collaboration within and across industry sectors.

In his 2006 book Everyware, Adam Greenfield argued that we were headed for a world in which keeping the boundaries between different roles in our lives was going to prove untenable. That notion is coming to pass with the current debate over the public/private divide and the blurring of our various roles and reputations online. Adam was Nokia‘s head of design direction for user interface and services from 2008 to 2010 and Lead Information Architect at Razorfish Tokyo. His current projects through Urbanscale focus on improving how users experience technology, such as stored-value cards for public transit and many other “smart-city” initiatives.

Aza Raskin’s passion for improving the way we experience technology recently had him heading up user experience for Mozilla, developer of the popular Firefox browser, where he rethought and simplified conventional approaches to privacy policies. Raskin left Mozilla in late 2010 to launch the start-up Massive Health, with the goal of helping people improve control of their health through innovatively designed technology and the ways we interact with it.

The video of this event will be made available after the event, as we did for the December 10, 2010 event with Jesse Hirsh and Chris Soghoian and for the February 28, 2011 event with Christena Nippert-Eng and Alessandro Acquisti.

Space is limited and is available on a first-come, first-served basis. Please RSVP before April 15, 2011. Simultaneous interpretation for both official languages will be available.

When: 2:00-4:00 p.m. Wednesday, April 20, 2011
Where: Minto Suites Hotel, 185 Lyon Street North, 2^nd Floor, Salon Vanier/Stanley

RSVP: knowledge.savoir@priv.gc.ca

There truly is an app for everything.

Recently, the digital world has been aflutter with news of the first-ever app approved by the Catholic Church – Confession, an app that helps Catholics prepare for the sacrament of confession by guiding the user through “a personalized examination of conscience”:

“To help those that are feeling guilty ready themselves for the sacrament of confession, the app provides a checklist of the Ten Commandments — along with mini-questions based on each — to help in compiling an inventory of malfeasance. The app even lets one add in non-traditional transgressions not already listed.”

One of the selling points of the app appears to be the password-protection feature, enabling you to lock out anyone who may try to find out about your sinnin’ ways. But what seems to be missing is what Little iApps, the developer of Confession, will do with the data they collect. According to reports, the app asks users to also provide information on their age, sex and marital status – paired with detailed information on the user’s transgressions, that’s a potentially detailed profile that would be quite attractive to marketers and others.

Details on the collection and use of the user-provided data wasn’t available on Little iApps’ site…so if the developer is collecting and using information without the user knowing, does that mean they’ve broken one of the commandments themselves – “Thou shalt not steal”?

On February 28, 2011, our Office is holding its second Insights on Privacy armchair discussion. We’ve invited behavioural economist Alessandro Acquisti and sociologist Christena Nippert-Eng to talk about what motivates us to reveal or conceal details of our personal lives, and how we protect the private lives of others around us.

In the context of their fields of privacy expertise, we will discuss how we represent ourselves both online and off and the implications of changing perceptions of public and private spaces. The discussion will extend to the challenges of maintaining a professional and personal presence online.

The Insights on Privacy Speakers’ Series is a series of armchair discussions hosted by the Office of the Privacy Commissioner to shed light on new and provocative voices doing interesting work in the field of privacy.

Alessandro Acquisti is an Associate Professor of Information Technology and Public Policy at the Heinz College, Carnegie Mellon University. He is the co-director of the CMU Center for Behavioral Decision Research (CBDR), a member of Carnegie Mellon Cylab, and a fellow of the Ponemon Institute. His work investigates the economic and social impact of information technology, and in particular the economics and behavioural economics of privacy and information security, as well as privacy in online social networks.  He is co-editor the book Digital Privacy: Theory, Technologies, and Practices (2007), an analysis of state-of-the-art technologies, best practices, and research results, as well as legal, regulatory, and ethical issues.

Christena Nippert-Eng is Associate Professor of Sociology in the College of Science and Letters at the Illinois Institute of Technology. Her most recent book, Islands of Privacy: Selective Concealment and Disclosure in Everyday Life (2010) is an exploration of the ways we think about privacy on a daily basis – how we try to achieve it for ourselves and enable it for others. In addition to her work as the National Chair of the Communication and Information Technologies Section of the American Sociological Association (2010-2011), Dr. Nippert-Eng conducts industrial research on people’s behaviour and relationships with objects and spaces, including information and communication technologies. She is currently at work on a second book on privacy and socialization.

To participate:

We are inviting full participation in this discussion. For those of you who attend the session in person, we will be inviting questions from the audience as well as inviting you to tweet the content using the #privtalks hashtag.

If you are unable to attend the session in person, and would like the speakers to address a particular aspect of this topic, please send your question to knowledge.savoir@priv.gc.ca by February 24th and we will try to incorporate it in the issues we cover.

We will also be offering the audience members the opportunity to complete a voluntary survey to provide us with their views on some of the key questions in the discussion.

The video of this event will be made available after the event, as we did for the December 10, 2010 event with Jesse Hirsh and Chris Soghoian.

Space is limited and is available on a first-come, first-served basis. Please RSVP before February 25, 2011. Simultaneous interpretation for both official languages will be available.

When: 2:00-4:00 p.m. Monday, February 28, 2011
Where: Minto Suites Hotel, 185 Lyon Street North, 2^nd Floor, Salon Vanier/Stanley

RSVP: knowledge.savoir@priv.gc.ca

Today is Data Privacy Day, an opportunity for us to highlight the impact that technology is having on the privacy rights of Canadians and to reflect on the importance of valuing and protecting personal information. To drive home this point, we’ve chosen the slogan “The Net never forgets. Remember to protect your personal data” for our activities celebrating the day.

This year, our Office has developed a passel of resources designed to support Data Privacy Day initiatives all over Canada. We’ve developed posters and web graphics, fact sheets offering workplace tips on protecting information on mobile devices, and we’re running an online draw for a 2GB encrypted USB flash drive. We’ve shared many of these products with our provincial and territorial counterparts to complement their own activities to mark the occasion.

Here at the OPC, we’re holding an all-staff event underlining the importance of safeguarding data from the point you collect it, use and keep it, and ultimately dispose of it. We’ll be exploring a variety of methods for safely disposing electronic data, including an interactive demonstration on how to safely and effectively render a hard drive unreadable using tools you have at home. In an educational but light-hearted way, we hope to drive home the importance of protecting personal data!

The Office of the Privacy Commissioner of Canada (OPC) is holding the first armchair discussion in its Insights on Privacy Speakers’ Series. Our first event will take place on Friday, December 10th with Chris Soghoian and Jesse Hirsh. Chris and Jesse will report from the frontiers of the privacy landscape and give their thought-provoking insights into what the future of privacy might look like. Known as stimulating speakers, Chris and Jesse will no doubt push some boundaries and engage the audience on their assumptions and understanding of privacy, identity and reputation online.

Chris Soghoian (dubfire.net, @csoghoian on Twitter) is a Ph.D. Candidate in the School of Informatics and Computing at Indiana University. His research interests include data security and privacy, cyber law, policy as well as phishing and other forms of applied deception. He has consulted for, worked at or interned with the Berkman Center for Internet & Society, the Palo Alto Research Center (PARC), and the Electronic Privacy Information Center (EPIC), Google, Apple and the U.S. Federal Trade Commission (FTC).

Jesse Hirsh (jessehirsh.com, @jessehirsh on Twitter) is an internet strategist, researcher, and broadcaster based in Toronto, Canada. He has a weekly nationally syndicated column on CBC radio explaining and analyzing the latest trends and developments in technology using language and examples that are meaningful and relevant to everyday life.

The Insights on Privacy Speakers’ Series is a series of armchair discussions hosted by the OPC to shed light on new and provocative voices doing interesting work in the field of privacy. Drawing from a variety of fields and disciplines, we hope to bring new perspective to privacy research, both within the OPC and outside of our office.

Space is limited and is available on a first come first served basis. Please RSVP before December 6th.  Simultaneous interpretation for both official languages will be available.

When:    3:00-4:30 p.m. Friday, December 10, 2010
Where: Minto Suites Hotel, 185 Lyon Street North, Ottawa, Ontario
RSVP: knowledge.savoir@priv.gc.ca

Some of our public education efforts at the OPC focus on talking to young people about online privacy. How they face the challenges of controlling their information online and protecting their privacy is an important skill to surviving – and thriving- in a digital environment. Increasingly, we see it as part of a suite of skills necessary for digital citizenship.

Through our presentations to young people, their teachers and parents, we’ve gained some wonderful insight into how kids use these tools to not only connect and share with other people, but also restrict access to their information and manage their identities online. We’re also learning a lot about what they already know, what they’d like to know, and what they don’t care to know when it comes to online privacy. These firsthand observations, paired with a growing body of work done by researchers like Valerie Steeves, danah boyd, Sara Grimes, the Pew Research Center and others, are helping us shape our public education and outreach efforts for young people.

Recently at the annual International Conference of Data Protection and Privacy Commissioners, danah boyd gave a talk entitled “The Future of Privacy: How Social Norms Can Inform Regulation”.  The entire talk is worth reading for her observations on how young Americans navigate the public/private divide in ingenious ways.  But among the things that struck me most, was this:

Participation in a networked era means that people are exposed in entirely new ways.  Interactions are increasingly public-by-default, private-through-effort.  People will make an effort to keep personal and intimate information private so as to not be embarrassed or vulnerable in front of people that they care about.  But we are not yet at a point where people have any model for thinking through what an algorithmic society looks like.  People don’t know how data about them and their interactions with others is being used to build data portraits.  They don’t know how algorithms are judging them.

How is our data collected? How are algorithms swallowing up this information and spitting out fairly accurate profiles of ourselves? These are some of the questions we need to be able to answer in order to fully navigate that public/private divide.

Often, “digital literacy” skill sets focus on the soft skills required to navigate in a digital world. But in doing so, perhaps we’re neglecting something quite fundamental to digital literacy – knowledge of the language(s) of computers themselves.

As Douglas Rushkoff recently wrote:

When human beings acquired language, we learned not just how to listen but how to speak. When we gained literacy, we learned not just how to read but how to write. And as we move into an increasingly digital reality, we must learn not just how to use programs but how to make them….

At the very least we must come to recognize the biases – the tendencies- of the technologies we are using, and encourage our young people to do the same.

Basic programming  could be the piece of the puzzle that young people need to fully understand how the digital world works, and how they can change it.

Government launches Canada’s Cyber Security Strategy.