The Schrems II decision: Implications and challenges for Canada

In Canadian Privacy, Data Protection by Colin BennettLeave a Comment

The world is processing the massive implications of today’s decision from the European Court of Justice in response to the complaints by Max Schrems of None of Your Business, and longterm campaigner for privacy rights. The story has a lot of twists and turns, but this is the upshot. First, the US/EU Privacy Shield has been declared an invalid mechanism …

Presentation to the Special Legislative Committee on Review of the B.C. Personal Information Protection Act (PIPA) June 9, 2020

In Data Protection by Colin BennettLeave a Comment

Thank you for this opportunity to appear before you today.   I listened to the testimony last week, and I do not want to repeat what you heard from Michael McEvoy.  PIPA is dated.  There have been two statutory reviews and nothing has been done to update the law.  Despite what you will hear from others about this being a practical statute that balances …

Unpacking the “Micro” in Political Micro-Targeting

In Parties and Privacy by Colin BennettLeave a Comment

I have often been troubled by the lack of a clear definition of political micro-targeting. There is a lot of discussion of the macro effects of micro-targeting, and of the larger impact of data-driven elections. It arguably serves to fragment political discourse, to accentuate “wedge issues”, to promote “filter bubbles” and leads to a transactional politics where localized claims and …

MORE TRADITIONAL METHODS OF SURVEILLANCE MIGHT BE MORE VALUABLE FOR CONTACT-TRACING THAN SMARTPHONE APPS – AND PERHAPS MORE INTRUSIVE

In Surveillance by Colin BennettLeave a Comment

There has been a vigorous global debate about the use of smartphone contact-tracing apps as valuable tools to monitor and curtail the spread of COVID-19.  We should not forget, however, that there are many other ways to track location through the analysis of the routine records that organizations capture about our behavior and transactions.     Proponents see smart-phone apps as valuable tools …

STRONGER PRIVACY ENFORCEMENT POWERS FOR CANADA’S PRIVACY COMMISSIONER AND A POSSIBLE RULE FOR CANADA’S COMPETITION BUREAU?

In Privacy Commissioners/DPAs by Colin BennettLeave a Comment

The Office of the Privacy Commissioner of Canada (OPC) is essentially an Ombudsman.   The Commissioner investigates complaints, and makes recommendations.  He has no order-making powers to enforce his orders; he has to make an application to Federal Court.   And he has very limited powers to levy fines.   There is now a prevailing view that the simple ombudsman powers of the Privacy Commissioner are …

Cambridge Analytica, Facebook, AIQ and the Data-Driven Election: Statement to House of Commons Committee on Access to Information, Privacy and Ethics (April 26, 2018)

In Parties and Privacy by Colin Bennett1 Comment

The current controversy concerning Cambridge Analytica, Aggregate IQ and Facebook has raised to public and media attention a number of interrelated issues, that need to be carefully distinguished: The monopoly power of companies like Facebook in the “platform economy” and their dependence on personal data for their business models The non-consensual harvesting of information on one’s wider social network through …

HOW TO AVOID PRIVACY COMPLAINTS ESCALATING TO THE PRIVACY COMMISSIONER: BE TRANSPARENT, RECEPTIVE, DILIGENT, POLITE AND TRUTHFUL

In Canadian Privacy by Colin BennettLeave a Comment

GUEST POST  BY ROBIN M. BAYLEY, LINDEN CONSULTING INC.  (VICTORIA BC).  (A VERSION OF THIS ARTICLE APPEARED IN PRIVACY LAWS AND BUSINESS INTERNATIONAL REPORT, APRIL 2017).    Companies subject to privacy legislation can do much to prevent a privacy complaint from a customer from becoming a complaint to  a privacy commissioner.  They can be summarized as: be transparent, receptive, diligent, polite …

So maybe ‘Big Data’ doesn’t work in elections? Maybe it’s time to stop using it?

In Parties and Privacy by Colin BennettLeave a Comment

It is tempting to conclude that what happened in the presidential election last Tuesday was not only a repudiation of the ‘Washington establishment’ and the mainstream media, but also of the use of “Big Data” in elections.   Perhaps people are sick of being considered ‘data points’ in an endless struggle to manipulate their political attitudes and behavior. Among other things, …

IS CANADA STILL ‘ADEQUATE’ UNDER THE NEW EUROPEAN GENERAL DATA PROTECTION REGULATION?

In Data Protection by Colin BennettLeave a Comment

In December 2001, Canada achieved adequacy status under the 1995 Data Protection Directive for transfers from the EU to Canada of personal information subject to the jurisdiction of the Personal Information Protection and Electronic Documents Act (PIPEDA). Since that time, Canadian businesses could rely on this determination, and thus avoid other methods to guarantee legal transfers such as model contracts …

So Who is Actually “Shielded” by the Privacy Shield?

In Data Protection by Colin BennettLeave a Comment

I have just co-authored a study with Priscilla Regan and Robin Bayley on the effectiveness of privacy redress mechanisms in Canada and the United States. In our view, too much comparative privacy research is based on the abstract comparison of the ‘black letter of the law.’ So we decided to examine some real cases involving real individuals who have suffered real …