Cambridge Analytica, Facebook, AIQ and the Data-Driven Election: Statement to House of Commons Committee on Access to Information, Privacy and Ethics (April 26, 2018)

In Parties and Privacy by Colin Bennett1 Comment

The current controversy concerning Cambridge Analytica, Aggregate IQ and Facebook has raised to public and media attention a number of interrelated issues, that need to be carefully distinguished: The monopoly power of companies like Facebook in the “platform economy” and their dependence on personal data for their business models The non-consensual harvesting of information on one’s wider social network through …

HOW TO AVOID PRIVACY COMPLAINTS ESCALATING TO THE PRIVACY COMMISSIONER: BE TRANSPARENT, RECEPTIVE, DILIGENT, POLITE AND TRUTHFUL

In Canadian Privacy by Colin BennettLeave a Comment

GUEST POST  BY ROBIN M. BAYLEY, LINDEN CONSULTING INC.  (VICTORIA BC).  (A VERSION OF THIS ARTICLE APPEARED IN PRIVACY LAWS AND BUSINESS INTERNATIONAL REPORT, APRIL 2017).    Companies subject to privacy legislation can do much to prevent a privacy complaint from a customer from becoming a complaint to  a privacy commissioner.  They can be summarized as: be transparent, receptive, diligent, polite …

So maybe ‘Big Data’ doesn’t work in elections? Maybe it’s time to stop using it?

In Parties and Privacy by Colin BennettLeave a Comment

It is tempting to conclude that what happened in the presidential election last Tuesday was not only a repudiation of the ‘Washington establishment’ and the mainstream media, but also of the use of “Big Data” in elections.   Perhaps people are sick of being considered ‘data points’ in an endless struggle to manipulate their political attitudes and behavior. Among other things, …

IS CANADA STILL ‘ADEQUATE’ UNDER THE NEW EUROPEAN GENERAL DATA PROTECTION REGULATION?

In Data Protection by Colin Bennett2 Comments

In December 2001, Canada achieved adequacy status under the 1995 Data Protection Directive for transfers from the EU to Canada of personal information subject to the jurisdiction of the Personal Information Protection and Electronic Documents Act (PIPEDA). Since that time, Canadian businesses could rely on this determination, and thus avoid other methods to guarantee legal transfers such as model contracts …

So Who is Actually “Shielded” by the Privacy Shield?

In Data Protection by Colin BennettLeave a Comment

I have just co-authored a study with Priscilla Regan and Robin Bayley on the effectiveness of privacy redress mechanisms in Canada and the United States. In our view, too much comparative privacy research is based on the abstract comparison of the ‘black letter of the law.’ So we decided to examine some real cases involving real individuals who have suffered real …

BILL C-51 AND NO FLY-LISTS: STILL TOO DANGEROUS TO FLY YET TOO INNOCENT TO ARREST

In Surveillance by Colin Bennett1 Comment

Part Two of the Government’s Anti-Terrorism legislation (C-51) comprises the Secure Air Travel Act (SATA), which formalizes the rules for the operation of Canada’s no-fly list (or the Specified Persons List).  It has not yet received much analysis in comparison with the more controversial  provisions on the new powers for CSIS, and the expansion of the information-sharing provisions, both superbly covered in …

View Post

HOSPITALS WITHOUT PATIENTS, AND DATA PROTECTION WITHOUT DATA SUBJECTS: MY ADDRESS TO CPDP2015

In Data Protection by Colin BennettLeave a Comment

One of my favorite episodes of the BBC Series, Yes Minister, is called “The Compassionate Society.”   The story revolves around a hospital in north London that has 500 administrative staff, but no medical personnel and no patients.   When Sir Humphrey Appleby, the Permanent Secretary, is confronted by Minister Jim Hacker about this perplexing state of affairs, he defends the situation …

THE ROLE OF A PRIVACY COMMISSIONER AND THE QUALIFICATIONS OF DANIEL THERRIEN: WHAT PARLIAMENT SHOULD BE ASKING

In Privacy Commissioners/DPAs by Colin BennettLeave a Comment

The Prime Minister’s announcement last week that he has recommended Assistant Deputy Attorney General, Daniel Therrien, to be the next Federal Privacy Commissioner should give us cause to reflect on what the Federal Privacy Commissioner actually does and what skill sets are necessary.  I have written about this on a number of occasions.   The job is complex, multi-faceted and …

View Post

IF INDUSTRY AMENDMENTS TO THE DRAFT REGULATION ARE ADOPTED, WOULD THE EUROPEAN UNION STILL HAVE AN “ADEQUATE LEVEL OF DATA PROTECTION”?

In Data Protection by Colin BennettLeave a Comment

I followed the twists and turns of the passage of the original 1995 EU Data Protection Directive earlier in my career, and wrote about the politics of the process at some length.   By 1995, I was so tired of the process that I almost did not care what was in the Directive – so long that it was an …

THE GEO-POLITICS OF PERSONAL DATA AND THE NEW EU DATA PROTECTION REGULATION

In Data Protection by Colin BennettLeave a Comment

We understand that the EU Parliament’s review of the Regulation is on schedule to be completed by mid-2013. I have written  an article for the Harvard International Review –– a more historical treatment that tries to set the current debates in some context.   The same issue has an article from Vivien Redding.   The basic message is that we have heard before from …