You Might be Interested In

Remarks delivered to the Annual Conference of the Canadian Association for Security and Intelligence Studies, October 30, 2009 by Chantal Bernier, Assistant Privacy Commissioner of Canada

… As you may know, I came to the Office of the Privacy Commissioner of Canada from the Department of Public Safety, where I had the privilege of serving as Assistant Deputy Minister in the Community Safety and Partnerships Branch.

As such, I have had substantial engagement in a range of security and intelligence files.

My entire presentation is premised on this tenet: Privacy and security are not at odds.

On the contrary: I would put to you that measures to protect privacy must be integral to any initiatives to fight terrorism or other crimes.

Why? Because we live in a free and democratic society where individuals enjoy the right to live, to move around, to communicate and to go about their daily lives, free from unwarranted interference by the state.

And for practical reasons too:

Any effort towards greater security that is strictly tailored to the actual risk – and that therefore minimizes the infringement of privacy or other rights – will be more targeted and more effective.

For example, an investigation that is carried out in accordance with the law, and in a way that respects privacy and other rights, will yield cleaner evidence and a more compelling case for the prosecution.

In other words, all the work that is poured into greater security is more likely to pay off if it is carried out in a strategic, targeted manner. And an essential consideration in that regard is due respect for the right to privacy.

…

Airport scanners

Another file in which we are deeply involved relates to plans by CATSA, the Canadian Air Transport Security Authority, to install millimetre-wave whole-body imaging scanners at several Canadian airports.

These machines can penetrate clothing to expose concealed objects such as weapons or drugs. Their principal advantage over metal detectors is that they can identify non-metallic objects, such as ceramic weapons or liquid or plastic explosives.

Our Office has examined two Privacy Impact Assessments, or PIAs, prepared by CATSA – first for a pilot test conducted at Kelowna Airport, and more recently for the full program.

As we told CATSA earlier this week in our response to its PIA, we consider this technology to be inherently sensitive as it reveals an outline of the traveller’s body. Many people may perceive it as privacy invasive.

As such, we have worked with CATSA to ensure appropriate privacy safeguards.

One of the key results is that the technology will be used only for secondary purposes, after an individual has already passed through the metal detector. What’s more, the scans will be voluntary, with passengers given the option of going through them, or having a physical pat-down.

And – this is key from a privacy perspective – the images will not be recorded, printed or transmitted. Indeed, they will be deleted as the passenger leaves the scanner.

Four tests

In weighing this and any other government initiative with a potential impact on privacy, our approach is to apply four tests: Necessity, proportionality, effectiveness, and the existence of less-intrusive alternatives.

We ask ourselves: Is the proposed measure really necessary? Have the proponents offered proof of a genuine problem, with no other viable solutions?

Our next criterion is proportionality. Many measures will infringe on privacy; that is just the price we pay for living in a community. Any benefit to the group will generally restrict some liberties of the individual, but the invasion of privacy must be proportionate to the benefit derived.

We also want some assurance of effectiveness. We want to ensure that a measure that infringes on privacy, in the name of the collective good, really meets that specific objective.

As for the fourth test: If a measure is proposed that will affect the privacy of individuals, we want to know that it is justifiable on the grounds that there are no less intrusive alternatives already available.

…

(from our news release)

The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) has more personal information in its database than it needs, uses or has the legislative authority to receive.

This was one of the key findings of the Privacy Commissioner of Canada’s in-depth audit of the independent agency mandated to analyze financial transactions and identify suspected money laundering and terrorist financing in Canada …

Legislative changes passed in 2006 expanded the types of transactions that must be reported to FINTRAC, as well as the number of professionals and organizations that are required to collect information about clients and to report it to FINTRAC. Examples of entities required to report to FINTRAC include financial institutions, life insurance companies, accountants and casinos.

The audit found that FINTRAC needs to do more to ensure that the amount of personal information it acquires is kept to an absolute minimum. A random sample of files examined in the audit turned up several reports that did not clearly demonstrate reasonable grounds to suspect money laundering or terrorist financing.  For example:

• A reporting entity filed several reports stating it was “taking a conservative approach in reporting this … because there are no grounds for suspecting that this transaction is related to the commission of a money laundering offence, but there is a lack of evidence to prove that the transaction is legitimate.”
• An individual deposited a government cheque for an amount less than $300 and then withdrew the entire amount. The financial institution filed a suspicious-transaction report, but did not indicate why the transaction was deemed suspicious.
• A financial institution filed a report about an individual who had deposited a cheque from a law firm.  The institution was satisfied that the individual had provided legitimate reasons for the source of funds, but decided to notify FINTRAC anyway because of the individual’s ethnic origin and the fact that this person had visited a particular country.

“It is clear that such reports, containing not a shred of evidence of money laundering and terrorist financing, should not be making their way into the FINTRAC database,” says Commissioner Stoddart.

“It is a bedrock privacy principle that you collect only the personal information you need for a specific purpose,” she says. “The federal government needs to have a justifiable need to collect someone’s personal information. Clearly, FINTRAC needs to do more work with organizations to ensure it does not acquire personal information that it has no legislative authority to receive – and that it does not need or use.”

The audit recommended enhanced front-end screening of reports; stronger ongoing monitoring and review to ensure that information holdings are relevant and not excessive, and the permanent deletion of information that FINTRAC did not have the statutory authority to receive.

Under amendments passed in 2006, the Proceeds of Crime (Money Laundering) and Terrorist Financing Act requires the Privacy Commissioner to review FINTRAC every two years and report the results to Parliament.

Ever wonder what information a government agency might hold about your traveling habits? Thanks to an anonymous U.S citizen, we can sneak a peek at a travel record held by the United States Department of Homeland Security. The scanned copies are posted on philosecurity, and include data like:

• IP address used to make web travel reservations
• Hotel information and itinerary
• Full Name, birth date and passport number
• Full airline itinerary, including flight numbers and seat numbers
• Cruise ship itinerary
• Credit card number and expiration
• Phone numbers, including. business, home & cell
• Every frequent flier and hotel number, even ones not used for the specific reservation

Several countries, including Canada, collect similar information as part of an Advanced Passenger Information or Passenger Name Record program.

While we would all prefer it if the government did not collect information about our travel habits, these programs are meant to provide security agencies with enough advance information to screen travelers and identify potential risks to transport security. If your travel plans include the European Union, Switzerland or the United States, information in Canada’s database will also be shared with their security agencies.

More information about the Canada Border Services Agency’s programs is available, including directions on how each individual can access the travel data the Agency holds on you.

A 51 page privacy impact assessment on how the Department of Homeland Security inspects electronic devices at the border.

What if any government had the opportunity to rewrite history, to paste over unflattering narratives and emphasize its purported strengths? I know, unfortunately that isn’t a rhetorical question.

What if 1984, George Orwell’s classic novel about the tyranny of oppression and never-ending surveillance, had been seized and rewritten to promote the work of Oceania, the government in power?

That’s the premise behind Alexander Charchar’s delicate reworking of the book’s cover art.

“ … That which is hard to ignore, is the fact that it’s ugly. Horribly ugly. It’s centered text to the left, with no thought of kerning or, even though an attempt has been made, to have the lines of text balanced. Perfect for a world where such detail in the arts is ignored and, in a sense, repulsed by those with political muscle …”

Charchar felt that previous cover art was intended to reflect the design sensibilities of the decade (the book has been through so many reprintings, there are dozens of past covers ) rather than the anti-totalitarian message Orwell intended to drive into the reader’s heart and mind.

How would a government like that of Oceania approach its communications with its citizens? As a rough and functional necessity – much like the brutalist approach to architecture?

That certainly strikes a chord if you lived through the second half of the twentieth century, when totalitarian governments in Europe and Asia largely emphasized homogeneity and efficiency over creativity.

It’s also a contrast with the reality we face today, where governments continually experiment with nuanced and targeted messages designed to build support for increased security and ever more invasive surveillance measures.

Sitting in the audience at the Computers, Freedom and Privacy 2009 conference (wiki, Twitter stream, blog, ustream live broadcast) today, I’ve heard several speakers try to discuss how privacy relates to concepts like national security, surveillance, information security and Web 2.0 applications. At the core of each discussion is an ongoing (some would say never-ending) debate: does privacy come at the expense of this other “X” element?

In effect, will we have to trade some of the impact, the effectiveness, or the positive gains of (in one case) Web 2.0 innovations in order to maintain contemporary privacy protections?

Some Web 2.0 advocates question whether privacy advocates (like us) are reflecting the needs or desires of actual users when we argue for privacy protections and strict data protection regimes.

Peter Swire, an Ohio State University professor and former privacy official in the Clinton administration, made the blunt observation today that:

” … the Web 2.0 movement is opposed to the privacy movement … they don’t ‘get’ privacy as central or moral a purpose as people who have been coming to [this conference] … “

You see, the Web 2.0 movement favours the greater and wider distribution of information. Access to more information is empowering. The assumption is that a more transparent and communicative society (especially government) will lead to more representative government and increased democratic participation (if only in issues of particular relevance to individual voters).

Privacy advocates, on the other hand, have long maintained that minimizing access to data is the best way to safeguard data and personal privacy. It’s not necessarily locking every piece of data in a secure box, but certainly making sure each individual has a close eye on the keys to the box containing their own information.

On a different panel, Bruce Schneier, the noted security commentator, noted that “in the New World, there will be more information, but it will not be fair.” He drew a distinction about who is required to disclose data or personal information: the government or the individual citizen.

” … open government laws enforce liberty … forcing transparency in principle enforces control …”

Sunshine legislation may open government to be more accountable for its actions. Increased information collection about individuals, whether through surveillance, through interception, interrogation or simply through increased identification requirements, could lead to more restrictions on how that individual leads their life.

Is there any reason to fear that a largely transparent society, built upon the energy and optimism of innovators like Web 2.0 developers, could produce an environment where individuals are more exposed, perhaps to monitoring, surveillance and control?

As I mentioned, these are ongoing debates. Bruce Schneier injected a dose of reality during his comments:

” … data is the pollution problem of the information age … [today, we ] look back to the Industrial Age and wonder how they dealt with all that pollution …”

In 2000, this 15-year-old hacker brought down some of the most heavily visited websites on the net: Amazon, eBay, CNN, Yahoo!. At the time, reports claimed the hack caused a billion dollars’ worth of damage to these companies.

Since that time, cybercrime has become big business, with some reports suggesting it’s on par with or bigger than the illicit drug trade. Identity theft features prominently in this underground frontier, with credit card information and entire identities up for sale by the thousands.

Tonight, CBC is airing Web Warriors, a one-hour documentary with an exclusive look at the world of hackers, and the cyber-sleuths who pursue them. If you miss it on TV, the entire documentary is available on CBC’s site as well.

And on the subject of teenage hackers, we’d like to point you towards Little Brother, the novel for young adults by BoingBoing blog coeditor Cory Doctorow. Little Brother takes place in the not-so-distant future where a group of teens use technology to protest the ever-increasing government surveillance around them. It’s a story that looks at hacking, jamming and surveillance, and offers insight into the privacy vs. security debate…all through the eyes of a 17-year-old.

On October 11, In 22 cities across Europe, citizens demonstrated to express their concerns over what they see as the increasing growth in government-created surveillance societies. October 11 was Freedom Not Fear Day, organized by the German Working Group on Data Retention.

In Berlin alone, over 15,000 protesters gathered in a rally that ended at the Brandenburg Gate. (The organizers have argued that 15,000 is a lowball number from the authorities, and the actual number could be closer to 50,000.) Peaceful and creative action took place throughout Europe, including art performances in Vienna, public lectures in Rome, and the construction of a collage made from uploaded photos of UK surveillance equipment and tactics in London.

From the website of the German Working Group on Data Protection:

“Surveillance mania is spreading. Governments and businesses register, monitor and control our behaviour ever more thoroughly. No matter what we do, who we phone and talk to, where we go, whom we are friends with, what our interests are, which groups we participate in – “big brother” government and “little brothers” in business know it more and more thoroughly. The resulting lack of privacy and confidentiality is putting at risk the freedom of confession, the freedom of speech as well as the work of doctors, helplines, lawyers and journalists.

The manifold agenda of security sector reform encompasses the convergence of police, intelligence agencies and the military, threatening to melt down the division and balance of powers. Using methods of mass surveillance, the borderless cooperation of the military, intelligence services and police authorities is leading towards the construction of “Fortresses” in Europe and on other continents, directed against refugees and different-looking people but also affecting, for example, political activists, the poor and under-priviledged, and sports fans.

People who constantly feel watched and under surveillance cannot freely and courageously stand up for their rights and for a just society. Mass surveillance is thereby threatening the fabric of a democratic and open society. Mass surveillance is also endangering the work and commitment of civil society organizations.

Surveillance, distrust and fear are gradually transforming our society into one of uncritical consumers who have “nothing to hide” and – in a vain attempt to achieve total security – are prepared to give up their freedoms. We do not want to live in such a society!

We believe the respect for our privacy to be an important part of our human dignity. A free and open society cannot exist without unconditionally private spaces and communications.”

In the United States, Freedom Not Fear Day was supported by a number of NGOs, including the Electronic Frontier Foundation (EFF) and the Electronic Privacy Information Center (EPIC). Together, they issued a release calling for an end to watch lists and data profiling programs that fail to comply with the federal Privacy Act, the establishment of comprehensive data protection legislation, and the repeal of the Patriot Act.

But Freedom Not Fear Day was a decidedly more subdued affair in the U.S. Besides this endorsement and statement issued by EPIC, EFF and IP Justice, no other activities appear to have been scheduled to commemorate Freedom Not Fear Day in Washington D.C. Canadian activities were similarly subdued: the official website notes that a light projection was planned for Toronto’s City Hall but information on who organized it and how it turned out couldn’t be found.

Granted, the roots of Freedom Not Fear Day are in Berlin and the global day of action seems to have spread to other European capitals but it’s interesting to note that North Americans seem reluctant to stand up to the notion of “security theatre“.

The rising cost of air travel might be the least of your worries when flying in the future.

The Washington Times has reported that the U.S. Department of Homeland Security has expressed interest in a “security bracelet” developed by Canadian-based Lamperd Less Lethal, a company specializing in firearms training and specialized civil defence equipment. Lamperd proposes, in this corporate video, that air passengers would be fitted with a bracelet containing boarding pass information, the passenger’s personal information and the ability to track a passenger’s whereabouts. As well, the device would be equipped with Electro-Muscular Disruption technology or EMD, meaning air crew could remotely deliver a shock to the bracelet-wearer, immobilizing the wearer for several minutes. The bracelet, given to the passenger at check-in, would be worn for the duration of the flight and could not be taken off until the passenger reaches his or her destination.

Lamperd claims in its video that, “Given the choice…many, if not most passengers would happily opt for the extra security of the EMD security bracelet.”

Given recent studies that show increased skepticism among the general public over how their personal information is often handled, and coupled with growing doubts over whether many of these post-9/11 security measures actually make us safer, we have our doubts: would passengers be prepared to put their desire for security before their own concerns over how such a bracelet could be (mis)used? Could a security bracelet really be effective in deterring terrorism, or does it just make people feel safer without actually improving anything?

Update from the Department of Homeland Security
(07/18)

“This allegation stemmed from a misleading video posted on the Lamberd Website which depicts an ID bracelet that would contain identifying information as well as the ability to stun the wearer. The company claims to connect use of such a device to DHS and TSA, but no discussions between these agencies has ever taken place. …

This concept was never funded or supported by the DHS or TSA and hasn’t even been discussed for two years.”

The Privacy Act, the federal privacy law requiring federal government bodies to respect individual privacy rights, hasn’t been substantially updated since 1982 – the same year the Commodore 64 was released and we stopped calling July 1 Dominion Day. What’s interesting about these changes is they could be implemented immediately and relatively easily – and the benefit to Canadians would be a privacy law that is modern, responsive and efficient.

As readers of this blog will know we are quite fond of the Top Ten list. So today, we present you with our list of the Top Ten fixes for the Privacy Act:

10. Parliament could create a legislative requirement for government departments to show the need for collecting personal information.

9. The role of the Federal Court could be broadened to review all grounds under the Privacy Act, not just denial of access.

8. Parliament could enshrine into law the obligation of Deputy Heads to carry out Privacy Impact Assessments prior to implementing new programs and policies.

7. The Act could be amended to provide the Privacy Commissioner with a clear public education mandate. PIPEDA contains such a mandate for private sector privacy matters. Why shouldn’t the Privacy Act for public sector matters?

6. The Act could provide the Privacy Commissioner with greater flexibility to report publicly on the government’s privacy management practices. As it now stands, we are limited to reporting by way of annual and special reports only.

5. The Act could grant the Commissioner greater discretion at the front-end to refuse complaints or discontinue complaints if the investigation would serve no useful purpose or is not in the public interest. This would allow the OPC to focus our investigative resources on those privacy issues that are of broader systemic interest.

4. Parliament could amend the Act and align it with PIPEDA by eliminating the restriction that the Privacy Act applies to recorded information only. At the moment, personal information contained in DNA and other biological samples is not explicitly covered. (But fingerprints are, in case you thought otherwise.)

3. Parliamentarians could strengthen the annual reporting requirements of government departments and agencies under section 72 of the Act, by requiring these institutions to report to Parliament on a broader spectrum of privacy-related activities.

2. The Act could be amended to provide for regular five-year reviews of the legislation, as is the case with PIPEDA.

1. Finally, the Act currently does not impose a duty on Canadian government institutions to identify the precise use for which personal information is being disclosed abroad. An amendment to the Act could require the Canadian government to not only identify the precise use for the transfer of personal information to foreign states, but ensure that adequate measures are taken to maintain the confidentiality of shared information.

Read this for more information.