Meet Canada’s first privacy plaintiff

Matthew Englander couldn’t wait two minutes to test the limits of Canada’s Personal Information Protection and Electronic Documents Act.

At 12:01 a.m., on Jan. 1, 2001 — the day the act’s first stage was implemented — Privacy Commissioner of Canada general counsel Heather Black says Englander

was among the first to file a complaint under the new legislation. A Vancouver lawyer, Englander took issue with Telus Corp., claiming the telecommunications company discloses the names, addresses and phone numbers of its customers in its White Pages and directories without their consent. Englander also objected to the fee Telus charges to customers who want to keep that information unlisted.

But Canada’s Privacy Commissioner, George Radwanski, didn’t see much merit in Englander’s case. He found that Telus’ actions passed the Act’s Reasonable Person Test, which states the “”collection, use and disclosure of personal information must be limited to purposes that a reasonable person would consider appropriate in the circumstances.””

Undeterred, Englander has exercised his right under section 14 of PIPEDA and applied for a federal court hearing on the matter. The case, which will be heard this fall, could set a precedent with respect to how much privacy Canadians can legitimately expect. It also comes at a time, experts say, when the very idea of privacy is being squeezed on one side by information-hungry marketers and data miners and on the other by the post-Sept. 11 government zeal for security. Black says it is one of only three such cases to go to court so far.

When contacted by Computing Canada, Englander said he wishes to wait until after the trial to discuss his claims to privacy. A Telus spokesperson, meanwhile, said the company feels the Privacy Commissioner’s finding endorses its conduct, though the spokesperson was reluctant to further discuss an issue that is going before the courts.

Stephanie Perrin, the former director of privacy policy for Industry Canada’s Electronic Commerce Task Force who led the legislative initiative that resulted in PIPEDA, says cases like this one make it necessary to look seriously at how we value our privacy. PIPEDA, which in its initial stage applied only to Federally-regulated private sector and out-of-province exchanges of personal information, expanded to include health information on Jan. 2002 and in Jan. 2004 will grow further to encompass commercial use of personal information within individual provinces (except where provinces have enacted similar legislation).

“”I think we have to as a society decide right now what types of privacy we should expect,”” says Perrin, currently the chief privacy offer at Zero Knowledge Systems Inc. in Montreal “”Right now, it’s high time to be talking about how we look after a democracy.””

But how pressing is the Englander case to democracy? Are listed phone numbers the canary in the privacy coal mine or a necessary concession in an integrated society? Or as Black asks, is having to pay $2 a month for privacy a critical issue?

“”We thought more sort of important issues would go to the courts,”” she says. “”But everybody’s take on this is different.”” Both Black and Perrin acknowledge they were not surprised by Englander’s complaint.

But others are speaking up on Englander’s behalf. When asked, Information and Privacy Commissioner of Ontario Ann Cavoukian says she doesn’t think Englander’s case is far-fetched. “”The essence of privacy is to be able to control your information,”” she says.

Ontario will this fall offer up its own privacy legislation, which Cavoukian says will include order-making power, something the federal PIPEDA does not.

“”It’s quite strong. It goes much farther than any other legislation that I’ve seen in this province,”” she says of the Ontario’s upcoming legislation. “”What the privacy law will say to business is when you’re dealing with customers . . . the information can only be used for that purpose unless (the business) has obtained consent.””

Cavoukian, who spoke at a Comdex Canada 2002 Panel on privacy and security, urged Canadians and specifically Ontarians to make their thoughts and feelings on privacy known. Englander, whether you feel his case is vital or frivolous, has already done so, but judging by the number of hands raised when members of the Comdex audience was asked if they had contacted their government representatives concerning privacy issues, few are following his lead. Radwanski has so far published findings on about 60 complaints.

Perrin said Canadians can do more than simply acquiesce to the data miners amid the myriad magazine covers proclaiming the death of privacy.

“”It’s like saying ‘It’s too late for the environment.’ I think people have a right to expect privacy, that’s why we brought the legislation in,”” she says. “”Everything’s in flux right now. It’s a good time for society to decide how we want to live.””

Comment:

[email protected]

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs