You Might be Interested In

Once again, students from the Encounters with Canada program have selected the winners of our annual student video contest! Here are the winners for our 2009 competition:

The three top video artists in the live action category were:

1^st place: Jeffery Burge, Vanessa Caicedo, Alexandra Georgaras, Gareth Imrie and Fiona Sauder of Canterbury High School in Ottawa, Ontario, with a video titled “Think Before You Click”. They win a $100 gift card and an iPod Touch.

2^nd place: David Borish and Mory Kaba of Glebe Collegiate Institute in Ottawa, Ontario, with a video titled “Friend or Foe”. They win a $250 gift card.

3^rd place: Jennifer Paul from Brampton, Ontario, with a video titled “Too Good to be True”. She wins a $150 gift card.

The three top video artists in the animation category were:

1^st place: Tyler Ford and Matthew Kerr of Osgoode Township High School in Metcalfe, Ontario, with a video titled “Privacy: Think Before You Click”. They win a $100 gift card and an iPod Touch.

2^nd place: Rebecca Kartzmart and Emily Patterson of Osgoode Township High School in Metcalfe, Ontario, with a video titled “Carol the Carrot”. They win a $250 gift card.

3^rd place: Scott Piper of Osgoode Township High School in Metcalfe, Ontario, with a video titled “Privacy Matters”. He wins a $150 gift card.

The three top video artists in the French video category were:

1^st place: Benjamin Dion-Weiss of l’École secondaire publique De La Salle in Ottawa, Ontario, with a video titled “Le réseautage social d’après le Comte Hackula”. He wins a $100 gift card and an iPod Touch.

2^nd place: Stéphanie Lemieux and Emily Vendette of l’École secondaire catholique Embrun in Embrun, Ontario, with a video titled “Le Journal de Lisa”. They win a $250 gift card.

3^rd place: Cosmo Darwin of l’École secondaire publique De La Salle in Ottawa, Ontario, with a video titled “Trouvée & Perdu”. He wins a $150 gift card.

The three top video artists in the Junior category were:

1^st place: Mackenzie Giffen, Chris Johnstone, Chris Nattrass, Curtis Sookhoo and Gabriel Zingle of F.R. Haythorne Junior High in Sherwood Park, Alberta, with a video titled “The Spanish Lottery”. They win a $100 gift card and an iPod Touch.

2^nd place: Trevor Aiello, Connor Bergersen, Chad Bullock and Lochlan Thomson of F.R. Haythorne Junior High in Sherwood Park, Alberta, with a video titled “A lesson In Privacy”. They win a $250 gift card.

3^rd place: Matthew Craner, Scott Deshane, Madison Gilchrist, Joe Matishak and Graeme Wyatt of F.R. Haythorne Junior High in Sherwood Park, Alberta, with a video titled “The Phone Number Test”. They win a $150 gift card.

We also recognized seven teachers for their enthusiastic participation in the contest. They were:

• Crystal Getschel, of F.R. Haythorne Junior High in Sherwood Park, Alberta, with 26 entries.
• Majed Mattar, of Osgoode Township High School in Metcalfe, Ontario, with 21 entries.
• Professor Kaduri, of Tanenbaum Community Hebrew Academy of Toronto, Ontario, with 15 entries.
• Grant Holmes, of École secondaire publique De La Salle, Ottawa, Ontario, with 11 entries.
• Carol Shaw, of Woodstock Collegiate Institute, Woodstock, Ontario, with 8 entries.
• Kevin Shae, of Sir Robert Borden High School, Ottawa, Ontario with 6 entries.
• Stephen Willcock, of Canterbury High School, Ottawa, Ontario, with 5 entries.

Each teacher will receive a $250 gift certificate at Indigo Books and Music to use for personal use or for the school they represent.

The videos will be posted as soon as possible to our youth site. They will also be available on our YouTube channel.

We were thrilled with the number and quality of submissions we received for our second competition. We’ll be launching the 2010 contest in May!

On Data Privacy 2010 we’d like to take a moment to remind everyone that is the responsibility of both individuals and companies to make sure that personal information is safe.

If you own a company, or work for a big one: in the past, you may have had to ensure that your customers’ name and address information (and in some cases credit card and billing information) were safe. Now, many of you are providing technology and tools for your customers to put increasing amounts of personal information online. Does your company have the systems in place to safeguard this information? Do you give your customers the tools and options to control how their information is used?

If you are a user of new and cool technology: in the past a telephone was a telephone, a video game was a video game, a stuffed toy was simply that – a stuffed toy. Today, more and more toys and handheld tools come with the ability to go online. Do you understand how to enjoy your toys and gadgets without putting your personal information at risk?

If you are a parent or guardian, teacher, coach or caregiver: do the young people in your life understand how to use all these new toys and gadgets while keeping their personal information safe? Our office has recently made youth privacy a key priority. Today, we have posted some new resources to the Parents & Teachers section of our youth web site. The resources include information on 12 privacy issues (such as the importance of privacy settings and knowing who your friends are on social networking sites), along with ideas for generating discussion about each issue with young people. You can use these resources to start discussion about personal privacy and the importance of thinking about what you post on the Internet.

Regardless of which group you are in – if you need any information about how to keep personal information secure, visit our web sites – priv.gc.ca and youthprivacy.ca.

As you may have noticed, we held a news conference this morning to announce further progress in our investigation into the privacy practices at Facebook. Our news release is now available, as is Facebook’s.

The changes proposed by Facebook will make it easier for users to make clear and informed decisions about how to share their personal information within the popular social networking site – and with whom.

Importantly, Facebook has announced that it will be making changes to its API. These changes will, effectively, force developers to acknowledge what pieces of information they would like to access in your profile, and why. The changes will also give each user the opportunity to deny an application access to that piece of information.

Here’s an excerpt from our news release:

Third-party Application Developers

Issue: The sharing of personal information with third-party developers creating Facebook applications such as games and quizzes raises serious privacy risks. With more than one million developers around the globe, the Commissioner is concerned about a lack of adequate safeguards to effectively restrict those developers from accessing users’ personal information, along with information about their online “friends.”

Response: Facebook has agreed to retrofit its application platform in a way that will prevent any application from accessing information until it obtains express consent for each category of personal information it wishes to access. Under this new permissions model, users adding an application will be advised that the application wants access to specific categories of information.  The user will be able to control which categories of information an application is permitted to access. There will also be a link to a statement by the developer to explain how it will use the data.

This change will require significant technological changes. Developers using the platform will also need to adapt their applications and Facebook expects the entire process to take one year to implement.

As many have rightly pointed out, it seems contradictory to participate in a social network and to then attempt to restrict access to some or all of your personal information.

To us at the Office, users should have the chance to find out what information is being collected by the social networking site or a third party application, and for what reason. Third party applications have long been a concern to members of the privacy advocacy community, since they have had relatively free access to the information stored in your Facebook profile.

If you have any doubt about the extent of the access granted to apps, just take this handy quiz developed by the Northern California chapter of the ACLU – but make sure to delete the app once you’re finished! (Facebook has instructions for that )

Thankfully, Facebook has made it clear that they consider the privacy of their users to be a priority – and maybe even a competitive advantage in comparison to other social networks.

The changes announced today will take months to implement, but the Office will continue to monitor progress on this important issue.

University of Ottawa law professor Michael Geist has launched iOptOut, a website allowing Canadians to opt out of unsolicited phone calls and emails. iOptOut is meant to complement the federal government’s Do-Not-Call list, expected sometime in the fall of this year:

“By registering with iOptOut, you inform the organizations that you select listed in our database that you do not want them to call you. Under the federal Personal Information Protection and Electronic Documents Act (PIPEDA), these organizations would be required to respect your request. At the present time, iOptOut relies on PIPEDA, which overrides Bill C-37’s exemptions.

If an organization contacts you after you make a do-not-call request to it through iOptOut, PIPEDA allows you to enforce your request by filing a complaint with the Privacy Commissioner.”

Day to day, our actions are being captured, and increasingly, it’s being done by surveillance cameras. This technology – like RFID tags – is being used by more organizations everyday to improve security and deter thieves. And while that’s a perfectly legitimate reason to employ cameras, organizations should also be ensuring their surveillance activities minimize the impact on people’s privacy.

With that in mind, we released new video surveillance guidelines earlier this month, setting out how organizations should evaluate the use of video surveillance and how to respect privacy rights and comply with the law.

And if our guidelines can be considered the Top Ten list on what to do when considering video surveillance, think of this video as the Top Ten list on what not to do.

While there are certainly some novel uses for RFID technology out there (like studying the secret life of bees), RFID systems are increasingly being used for the more practical purposes of improving productivity and enhancing security.

The increasing appetite among companies to use this technology to track their employees is a worrisome trend for the Office of the Privacy Commissioner. While we certainly recognize the business benefits of RFID systems, we believe they can also be used as surveillance tools, which raises important privacy concerns for employees.

Our office has just released a discussion paper outlining the steps organizations could consider, and questions that could be asked, before proceeding with RFID applications in the workplace. The paper includes some broad questions on the use of RFID technology, to which we invite stakeholders to submit their responses. We hope this paper will spark discussion on a growing trend with some serious implications.

We know you didn’t watch the Oscars last weekend. Neither did we. And according to the latest figures from the Nielsen Company, neither did many viewers. Nielsen has been tracking the habits of TV viewers for decades now, and their research figures prominently in the business decisions made by television and advertising industry heads.

Nielsen is now looking to expand its influence, hoping to eavesdrop on other activities – like web surfing, cell phone usage, and purchasing habits. They concede it’s a tough sell though – while many Nielsen families view their influence as tastemakers as a “point of pride”, they bristle at the idea of having many of their day-to-day activities tracked.

Still, Nielsen plans to go ahead with a number of pilot projects aimed at providing their clients with ever-more detailed information about their customers – from how often people look at TV screens in malls and stores to how much perspiration people produce when watching TV at home.

Today, we issued a news release celebrating Data Privacy Day, an initiative of the International Association of Privacy Professionals. In that release we made the assertion that  “We have seen a proliferation of identity theft and spam as well as a tripling of reported data breaches around the world last year” – based on an analysis of data breaches first reported in USA Today, and similar reporting by the Associated Press.

“Dissent,” who blogs at pogowasright, contacted me to question that analysis. Dissent’s dissection of the claim that breaches have tripled can be found here and here. His/her email suggested that maybe we were thinking of the records revealed as a result of breaches?

I think we can all agree it is hard to track whether a data breach has occured, unless it is then reported in the media.  Dissent’s analysis seems to make sense.

At the Office of the Privacy Commissioner, however, we are certain that there were a number of remarkable data breaches in 2007 – in Canada and abroad.

Whether we are talking about breaches themselves or the records they revealed, there were millions of personal records exposed because of poor record handling, inadequate security, lax staff procedures and disregard for privacy agreements.

And that has to change.

But we still appreciate Dissent for paying close attention. We need more like him/her.

As we close out 2007, we’d like to sound a note of caution for privacy rights in Canada. We are lucky to have a variety of protections for personal information and data at the territorial, provincial and federal levels. Nevertheless, the Commissioner took a moment last week to highlight some of the steps that need to be taken by individuals, corporations and the government in the face of continuing challenges:

“Heightened national security concerns, the growing business appetite for personal information and technological advances are all potent – and growing – threats to privacy rights,” said Commissioner Stoddart. “The coming year will be another challenging one for privacy in Canada.”

What challenges, you may ask? Privacy International, a London-based non-governmental organization, issued their annual report on privacy protection world-wide. Canada was one of three countries recognized as a world-leader, but we were criticized on several fronts:

• Federal commission is widely recognised as lacking in powers such as order-marking powers, and ability to regulate trans-border data flows
• Variety of provincial privacy commissioners have made privacy-enhancing decisions and taken cases through the courts over the past year (particularly Ontario)
• Court orders required for interception and there is no reasonable alternative method of investigation
• Video surveillance is spreading despite guidelines from privacy commissioners
• Highly controversial no-fly list, lacking legal mandate
• Continues to threaten new policy on online surveillance
• Increased calls for biometric documents to cater for U.S. pressure, while plans are still unclear for biometric passports

In Britain, the National Consumer Council and Childnet have released the results of an extensive series of surveys and interviews with children, youth and their parents. Their work sheds some light into these groups’ activities online, including participation on youth-oriented websites, how they react to advertising aimed at children and youth, and their attitudes towards privacy.

Here are some of the findings from fair game? Assessing commercial activity on children’s favourite websites and online environments.

• Nearly all (92 per cent) of the sites popular with children have a clearly-labelled privacy policy. But a quarter of third-party advertisers do not have a privacy policy on the websites that their adverts link to.
• None of the children and only a few of the parents in our research had read a privacy policy. Both children and their parents found the small-print off-putting and lacking in relevance.
• Few websites have privacy policies that children can understand, even if they try to read them; we found only eight policies on the websites popular with children likely to be understood by a 9-13-year-old.
• Five advertisers encouraged children to give away their friends’ details or send the information to a friend in return for free offers.

‘Is that the box down the bottom? Ticks. It’s whether they keep your information to their company or share it. When you sign up for anything it’s right down at the bottom and if you don’t tick it you automatically get everything’. ‘(It’s there) ‘cos they have to. By law. It’s just blurb isn’t it? It’s all there. You haven’t got time to read it’.

Mothers of 7-11-year-olds