NEWSLETTER – November 2010
David Stolow, President
Allen Mendelsohn, Dorith Toledano and Larry Markowitz, Editor(s)
I hope that you enjoyed, as much as I did, our evening with Canada’s Privacy Commissioner, Jennifer Stoddart, on November 10th. I wanted to thank you for your attendance and participation and for making the evening a tremendous success.
On the occasion of our annual Human Rights Lecture, which will take place on December 7th, we are honoured to welcome Jayne Stoyles, Executive Director of the Canadian Centre for International Justice (CCIJ), on the topic of “Bringing International War Criminals to Justice: The Status of International and Domestic Law”. You can download the dinner invitation here. I am happy to report that CLE accreditation for the event (for paid up members) has been obtained.
In 2010, Ms. Stoyles was awarded the prestigious Walter S. Tarnopolsky Human Rights Award in recognition of her outstanding contributions to domestic and international human rights. The CCIJ, a charitable organization, seeks to bring to justice alleged human rights abusers living in Canada and assists victims of war crimes, crimes against humanity and other atrocities to seek compensation. It has also educated media, lawyers, community groups and front-line workers on these issues. In her capacity as Executive Director of the CCIJ, Ms. Stoyles has, among other things, created a national network of volunteer experts, trained settlement agencies across Canada, coordinated legal research projects and international justice conferences, developed cases that may proceed in Canada or internationally, and created the content of a Bill to reform Canadian state immunity law.
In recognition of her exceptional contribution to the field of human rights, I am proud to announce that we will be presenting Ms. Stoyles on December 7th with one of our highest honours, the Lord Reading Law Society Human Rights Award. Established in 1994, the Lord Reading Law Society Human Rights Award, which represents the core of the Society’s mission, is presented to an individual who has demonstrated a sustained contribution to, or has been influential in the advancement of human rights and fundamental freedoms. Past recipients of this award include Professor John P. Humphrey (posthumously), author of the initial draft of the UN Declaration of Human Rights, the Honourable Irwin Cotler and LGen Roméo Dallaire (Ret’d).
We look forward to seeing you on December 7th on this special occasion and for what will be an extremely interesting lecture.
A sincere thank you to our sponsor for the event, Heenan Blaikie.
Yours very truly,
President Lord Reading Law Society
Thank You from the Society’s Human Rights Award Winner
Jayne Stoyles, speaker at the December 7th Human Rights Lecture and recipient of the Society’s Human Rights Award to be awarded at the lecture, asked First Vice-President Robin Schiller to extend her thanks to the Society:
Thank you so much for your call and email to convey this wonderful news! I really am very honoured, and it will certainly be extremely helpful to CCIJ’s efforts to have this attention. I will be accepting the award on behalf of the many people who work so hard on international justice issues, including the many survivors living in Canada who contribute so much despite the trauma they have experienced.
If you could convey to other members of the Society my deepest thanks, I would really appreciate it. I am looking forward to having the chance to meet you all soon, and will certainly also convey this in person.
Canadian Centre for International Justice/
Centre canadien pour la justice internationale
Canada’s Privacy Commissioner Visits Lord Reading
On November 10th, the Lord Reading Law Society was pleased to welcome as its guest speaker Jennifer Stoddart, Canada’s Privacy Commissioner. The topic of her presentation was “Enforcing Privacy in the Online World”.
Following a well-informed introduction by the Society’s Communications chairperson Allen Mendelsohn, Ms. Stoddart began her talk by informing the full house at the St. James Club that she had just recently returned from a visit to Israel, during which she attended an international data protection conference. In Israel, she learned that Judaism recognizes privacy as a fundamental right. Even the smallest breach of privacy can potentially cause an injury so large that it cannot be measured. Moreover, the fear of being observed makes individuals lead constricted lives. For these reasons, the right to privacy must be protected.
Ms. Stoddart’s speech focused primarily on the online world. Because the online world is based in cyberspace and not necessarily in a physical location, there are inherent problems determining which authority should have jurisdiction and in enforcing the right to privacy. Furthermore, the rate of change in the online world is staggering, so laws passed not all that long ago may already be outdated.
The Privacy Commissioner’s mandate consists of overseeing compliance with both the Privacy Act, which covers the personal information-handling practices of federal government departments and agencies, and the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s private sector privacy law. Her mission is to protect and promote the privacy rights of individuals.
Ms. Stoddart’s office is set up using a similar model to that of the Commissioner of Official Languages. She has a $22 million budget and manages some 170 employees, including lawyers and information technology experts.
The Privacy Commissioner receives many complaints. However, as Ms. Stoddart mentioned during a lengthy question and answer session following her prepared remarks, some complaints originate from querulous litigants, so she would prefer to be able to pick and choose the complaints that she addresses (elsewhere in the world, privacy commissioners have this ability). The Privacy Commissioner focuses on resolving complaints through negotiation and persuasion, using mediation and conciliation, if appropriate. However, if voluntary co-operation is not forthcoming, the Privacy Commissioner has the power to summon witnesses, administer oaths and compel the production of evidence.
In the future, it is expected that the Privacy Commissioner will also have responsibility for anti-spam enforcement and will have greater discretion to cooperate with other privacy authorities internationally. For the time being, she only is able to cooperate in investigations of privacy issues with the provinces.
Ms. Stoddart highlighted three well-known PIPEDA cases in which she has recently been involved:
In the Abaca.com case, it was established that PIPEDA applies to online activities even if servers are located outside Canada. This was in a case where Abaca had been charged with contravening privacy laws by selling personal data.
Ms. Stoddart was the first data protection authority in the world to conduct a comprehensive investigation of the privacy policies and practices of the popular social networking site Facebook. It took a while for Facebook to take the Privacy Commissioner’s complaints seriously. As an illustration, Ms. Stoddart recounted that she was once yelled at over the telephone by a high ranking executive from Facebook from the “deck of his yacht”. Despite this initial lack of respect from the wunderkinds at Facebook, she eventually succeeded in getting Facebook to take her complaints seriously and to implement measures to limit the sharing of personal information with third-party developers of games and other applications and to post clear information regarding its privacy policies on its website. In response to the Privacy Commissioner’s initiative, Facebook has developed simplified privacy settings and has implemented a tool that allows users to apply a privacy setting to each photo or comment they post. That said, Facebook is constantly changing, so Ms. Stoddart and her staff will continue to keep their eyes on Facebook.
Ms. Stoddart told us of a recent episode in which it was found that Google had contravened Canadian privacy laws when it collected personal information from unsecured wireless networks while collecting photographs for its “Google Street View” application. Although these were only fragments of data, they included email addresses, phone numbers and passwords, as well as the names of people and the medical conditions from which they were suffering. According to Ms. Stoddart, Google was mortified by this discovery and changed its processes. The Privacy Commissioner recommended that Google implement a system to address privacy issues before new Google products are launched and that it train its employees regarding the company’s privacy obligations.
Since 2007, Canada Privacy Commissioner has succeeded in working with Google to deal with a variety of privacy issues through a cooperative means. For example, on Street View, home addresses, license plate numbers and faces of individuals have now been blurred. Other countries have taken a more combative approach with Google. For instance, both Switzerland and Spain are currently suing Google to try to require it to tighten privacy safeguards on Street View.
Enforcement Powers of the Privacy Commissioner
A revamping of PIPEDA is now underway. PIPEDA, in its current form, has met with mixed success. On the positive side, compliance with the privacy laws has increased in major sectors of the economy, as has respect for, and awareness of, privacy law. However, on the negative side, among small- and medium-size businesses, PIPEDA has had less effect. Ms. Stoddart recommends that the Privacy Commissioner henceforth have the ability to impose fines and to pass guidelines for respect of privacy laws. In other words, the ombudsperson model that currently exists should be revamped. New topics to be dealt with in the new version of PIPEDA will include the online tracking of consumers, as well as issues relating to cloud computing. This new version of the law is expected to be passed in 2011.
In addition, as a result of convergence between various communications media, further cooperation is required with other regulatory authorities, since a great deal of information is now found online. This would include cooperation with the Auditor General and the Canadian Radio-television and Telecommunications Commission (CRTC). Ms. Stoddart mentioned that the Office of the Privacy Commissioner now intervenes in CRTC proceedings when it deals with the privacy of telecom users. The new version of PIPEDA will also have to deal with new methods of marketing, such as addressable TV advertising, which is direct advertising based on the viewer’s characteristics and viewing habits.
Following her speech, Ms. Stoddart took questions from the audience on topics ranging from data mining, to family law, to ID theft. During the question period, Madam Justice Carol Cohen recounted that she has, on occasion, had to stop witnesses in her courtroom from providing private information in testimony, including bank account numbers and the like. This illustrates the need to restrict digital access to certain details contained in oral and written court proceedings before they are made available to the public.
After replying to all audience questions, Ms. Stoddart ended her presentation, leaving members of the Lord Reading Law Society far more knowledgeable than before on issues of privacy law.
News from the Mishpuchah
- To Elliot Lifson on the loss of his mother, Esther Lifshitz