Federal Court says firearm serial numbers not personal information

16 Nov

On October 9th, Justice McHaffie of the Federal Court held that firearm serial numbers, on their own, are not personal information. His ratio is nicely stated in paragraphs 1 and 2, as follows:

Information that relates to an object rather than a person, such as the firearm serial numbers at issue in this case, is not by itself generally considered personal information”since it is not information about an identifiable individual. However, such information may still be personal information exempt from disclosure under the Access to Information Act, RSC 1985, c A-1 [ATIA] if there is a serious possibility that the information could be used to identify an individual, either on its own or when combined with other available information.

The assessment of whether information could be used to identify an individual is necessarily fact-driven and context-specific. The other available information relevant to the inquiry will depend on the nature of the information being considered for release. It will include information that is generally publicly available. Depending on the circumstances, it may also include information available to only a segment of the public. However, it will not typically include information that is only in the hands of government, given the purposes of both the ATIA and the personal information exemption.

This is not a bright line test, though Justice McHaffie did say that the threshold should be more privacy protective than if the “otherwise available information” requirement was limited to publicly available information or even information available to “an informed and knowledgeable member of the public.”

Canada (Information Commissioner) v Canada (Public Safety and Emergency Preparedness), 2019 FC 1279 (CanLII).

The privacy and security implications of AI, big data and predictive analytics

13 Nov

Today’s presentation for your enjoyment and use!

US Secret Service issues noteworthy report on targeted school violence

11 Nov

The United States Secret Service has issued a follow-up to its landmark 2002 report that reinforces the need for sound institutional threat assessment procedures. The full new report is here. It is a noteworthy read for school administrators responsible for risk management and security.

Threat assessment is a process by which institutions aim to collect and process behavioral information that raises a potential concern to so, when appropriate, they can engage in “robust” intervention aimed at helping a student at risk and preventing violent acts. It has been a best practice at K-12 and post-secondary institutions in Canada for over a decade and should not be controversial, though it does invite tension with privacy and anti-discrimination laws. And though it’s very easy to understand that privacy interests and accommodation rights give way when an individual poses a risk of harm that is “serious and imminent,” good threat assessment rests on intervention at much lower risk levels. As the Secret Service’s new report states, “The threshold for intervention should be low, so that schools can identify students in distress before their behavior escalates to the level of eliciting concerns about safety.”

The Secret Service’s new report is based on an analysis of 41 incidents of targeted school violence that occurred at K-12 schools in the United States from 2008 to 2017.

The following statistic – about failures in reporting – is the first thing that caught my attention.

Canadian institutions encourage classmates to report concerning behaviors to a single point of contact and often mandate employees to make such reports. The new report tells us nothing about whether that is working in Canada, but it’s a good question to consider given the above.

The report also identifies that the attackers in four out of the 41 incidents were referred to threat assessment, which invited a response summarized in the following table:

In Cases 1 and 3 the attacker appears to have been mis-assessed. (See the full report on Case 3 here.) Cases 2 and 4 may relate to a prescription the Secret Service gives based on a statistic that showed that 17 of the 41 attacks occurred after a break in school attendance: “These findings suggest that schools should make concerted efforts to facilitate positive student engagement following discipline, including suspensions and expulsions, and especially within the first week that the student returns to school.”

Fed CA orders removal of witness names in administrative tribunal decision

5 Oct

On September 30th, the Federal Court of Appeal held that the Public Service Labour Relations and Employment Board ought not to have referred to witnesses by name in a disciplinary decision about a suspension for “inappropriate acts involving a number of young female subordinate employees.”

This was a second time the matter of the witnesses’ anonymity came before the Court.  In 2017, it had held that the Board’s decision to publish witness names was unreasonable and directed the Board to re-weigh the interests at stake.

The Board again declined to refer to witnesses by initials, seemingly put off by the employer’s pre-hearing “promise” to the witnesses that their identities would be protected from publication. What the employer said to the witnesses, the Court held, was not right inquiry. For that and other reasons, it quashed the Board’s second decision as unreasonable and (extraordinarily) substituted its own judgement.

Here are two points of significance:

  • the Court suggested that the (strict) Dagenais/Mentuck test applied by courts is the test to be applied by administrative tribunals like the Board; and
  • the Court recognized the public interest in encouraging the reporting of inappropriate sexual behavior by protecting the anonymity of witness, comparing the interest to the interest in encouraging the reporting of sexual assaults.

Canada (Attorney General) v. Philps, 2019 FCA 240 (CanLII).

Privacy, Identity, and Control: Emerging Issues in Data Protection

27 Jul

This post marks the official death of my reading pile, which involved a read of the current edition of the Canadian Journal of Comparative and Contemporary Law – one entitled Privacy, Identity, and Control: Emerging Issues in Data Protection.

I’m admittedly still digesting the ideas, so am just pointing to a good resource for reckoning with the Euro-centric forces that are bound to affect our law. Top reads were “Regaining Digital Privacy? The New ‘Right to be Forgotten’ and Online Expression” and Fiona Brimblecombe & Gavin Phillipson and Information “Brokers, Fairness, and Privacy in Publicly Accessible Information” by Andrea Slane. Check it out.

BCSC denies access to total legal costs spent on ongoing litigation

20 Jul

On July 12th, the British Columbia Supreme Court held that a requester had not rebutted the presumption of privilege that applied to the total amount spent by government in an ongoing legal dispute. Here is the court’s argument for the withholding of such information:

[61]        The Adjudicator’s reasoning, adopted by CCF on this review, is in brief that it is clear from the facts available in the public record that the amount of legal expenditure is high. Knowing how high could only confirm this, and no more. This echoes CCF’s submission to the Adjudicator, cited at para. 35 of the Decision, that “knowing whether the total cost to date are ‘$8 million or $12 million or $20 million’ may prove embarrassing for the Province, but will not reveal privileged communications”.

[62]        In my view this line of reasoning is not sufficient to discharge the onus of proof to rebut the presumption of privilege, particularly in circumstances of ongoing litigation. I agree that the Cambie Litigation is an important constitutional case, that it is hard fought on both sides and that the amount of legal cost is undoubtedly substantial. However, in my view, an assiduous inquirer, aware of the background available to the public (which would include how many court days had been occupied both at trial and in chambers applications, the nature of those applications, the issues disclosed in the pleadings, and the stage of the litigation for the period covered by the request), would, by learning the legal cost of the litigation, be able to draw inferences about matters of instruction to counsel, strategies being employed or contemplated, the likely involvement of experts, and the Province’s state of preparation. To use the CCF submission quoted by the Adjudicator, the difference between an $8 million expenditure and a $20 million expenditure would be telling to the assiduous inquirer and would in my view permit that inquirer to deduce matters of privileged communication.

British Columbia (Attorney General) v British Columbia (Information and Privacy Commissioner), 2019 BCSC 1132 (CanLII)

Advocates’ Society Tricks of the Trade – A Privacy Update

25 Jan

Here are the slides from my Advocates’ Society presentation today. I addressed the following two questions:

  1. Today, is a right-thinking judge (in a non-criminal case) likely to exclude evidence obtained in breach of privacy?
  2. The intrusion upon seclusion tort. What have we learned about elements and defences since Jones v Tsige?

The second question was to honour the birthday of the intrusion upon seclusion tort, which turned six last week. Happy birthday privacy tort!