Tag: education

New privacy framework for Charter-bound employers

I was up at the crack of dawn today to burn down to Cape May, New Jersey for the DeSatnick Foundation Paddle Around the Cape Race this Sunday. (It’s still not to late to donate.) I listened to the Supreme Court of Canada’s York Region District School Board decision between Allentown PA and the NJ border. It’s significant, but thankfully only in a technical sense – not changing the balance between employee privacy and management rights. I’ll explain.

Of course, this is the case about a series of “searches” conducted by a school principal in an attempt to manage a workplace called “toxic” by labour arbitrator Gail Misra, who held the principal’s searches were justified. I put “searches” in quotes because the term is a technical one in the section 8 Charter jurisprudence, which Arbitrator Misra referred to but didn’t apply very well. Any criminal lawyer or judge reading her decision would quickly pick out Arbitrator Mirsa’s jurisprudential flaws. These flaws are what ultimately led the majority of the Supreme Court of Canada to quash her decision.

Along the way the Court unanimously (and finally?) held that the Charter applies to school boards (Ontario ones, at least). It said, “Public education is inherently a governmental function. It has a unique constitutional quality, as exemplified by s. 93 of the Constitution Act, 1867 and by s. 23 of the Charter. Ontario public school boards are manifestations of government and, thus, they are subject to the Charter under Eldridge’s first branch.”

Given Charter application, the majority held that Arbitrator Misra erred by balancing interests under the privacy test long employed by arbitrators and endorsed by the Supreme Court of Canada in Irving Pulp and Paper – a derivative of the famous KVP test. She was bound to apply the section 8 Charter framework, the majority said, and do so correctly.

So Charter-bound employers, like law enforcement, must not conduct unreasonable searches. The test is two part. There must be a “search,” which will only be so if there is a “reasonable expectation of privacy.” And then the search must be “reasonable.” This is a highly contextual test that encompasses a balancing of interests, and a labour arbitrators’ balancing will be subject to review on the correctness standard.

Non Charter-bound employers – like Irving – will continue to live under the balancing of interest test and KVP. As to whether that will result in different outcomes, the majority suggests it may not: “The existing arbitral jurisprudence on the “balancing of interests”, including the consideration of management rights under the terms of the collective agreement, may properly inform the balanced analysis.”

I’ve said here before that privacy law should be unified such that the concepts that bear upon section 8 analysis are used by labour arbitrators. This judgement grants my very wish. It should lend predictability to otherwise unpredictable balancing by labour arbitrators, as should correctness review. And although non Charter-bound employers will have a notionally different framework, I expect that arbitrators will strive for unification.

And there is nothing in the judgement that alters the management-employee balance or elevates workplace privacy rights. To the contrary, it erases a Court of Appeal for Ontario judgement that one could argue was too insensitive to the principal’s interest in dealing with a serious workplace problem.

This very short and informal post is made (that is plainly influenced by my one day vacation) is made strictly in my personal capacity.

York Region District School Board v. Elementary Teachers’ Federation of Ontario, 2024 SCC 22 (CanLII).

Online proctoring report a must read for Ontario institutions

Online proctoring software was critical to higher education institutions during the heart of the pandemic. Though less signficant today, the report of findings issued by the Information and Privacy Commissioner/Ontario last week about McMaster University’s use of online proctoring is an important read for Ontario public sector institutions – with relevant guidance on IT contracting, the use of generative AI tools and even the public sector necessity test itself.

The necessity test

To be lawful, the collection of personal information by Ontario public sector institutions must be “necessary to the proper administration of a lawfully authorized activity.” The Court of Appeal for Ontario adopted the IPC’s interpretation of the test in Cash Converters in 2007. It is strict, requiring justification to collect each data element, and the necessity standard requires an institution to establish that a collection is more than “merely helpful.”

The strictness of the test leaves one to wonder whether institutions’ business judgment carries any weight. This is a particular concern for universities, whose judgement in academic matters has been given special deference by courts and administrative decision-makers and is protected by a FIPPA exclusion that carves out teaching and research records from the scope of the Act. It does not appear that McMaster argued that the teaching and research records exclusion limited the IPC’s jurisdiction to scrutinize its use of online proctoring, but McMaster did argue that it, “retains complete autonomy, authority, and discretion to employ proctored online exams, prioritizing administrative efficiency and commercial viability, irrespective of necessity.”

The IPC rejected this argument, but applied a form of deference nonetheless. Specifically, the IPC did not question whether the University’s use of online proctoring was necessary. It held that the University’s decision to employ online proctoring was lawfully authorized, and only considered whether the University’s online proctoring tool collected personal information that was necessary for the University to employ online proctoring.

This deferential approach to the Ontario necessity test is not self-evident, though it is the same point that the University of Western Ontario prevailed on in2022 in successfully defeating a challenge to its vaccination policy. In Hawke v Western University, the Court declined to scrutinize the necessity of the University’s vaccination policy itself; the only questions invited by FIPPA were (a) whether the the University’s chosen policy was a lawful exercise of its authority, and (b) whether the collection of vaccination status information to enforce the chosen and lawful policy was necessary.

To summarize, the authority now makes clear that Ontario institutions get to set their own “policy” within the scope of their legal mandates, even if the policy invites the collection of personal information. The necessity of the collection is then measured against the purposes of the chosen lawful policy.

IT contracting

It is common for IT service providers to reserve a right to use the information they process in providing services to institutions. Institutions should appreciate whether the right reserved is a right to use aggregate or de-identified information, or a right to use personal information.

The relevant term of use in McMaster’s case was as follows:

Random samples of video and/or audio recordings may be collected via Respondus Monitor and used by Respondus to improve the Respondus Monitor capabilities for institutions and students. The recordings may be shared with researchers under contract with Respondus to assist in such research. The researchers are consultants or contractors to Respondus and are under written obligation to maintain the video and/or audio recordings in confidence and under terms at least as strict as these Terms. The written agreements with the researchers also expressly limit their access and use of the data to work being done for Respondus and the researchers do not have the right to use the data for any other purposes. No personally identifiable information for students is provided with the video and/or audio recordings to researchers, such as the student’s name, course name, institution, grades, or student identification photos submitted as part of the Respondus Monitor exam session.

Despite the (dubious) last sentence of this text, the IPC held that this contemplated a use of test taker personal information was for a secondary purpose that was not a “consistent purpose.” It was therefore not authorized by FIPPA.

In recommending that the University secure a written undertaking from the service provider that it would cease to use student personal information for system improvement purposes without consent, the IPC carefully noted that the service provider had published information that indicated it refrains from this use in certain jurisdictions.

In addition to this finding and a number of related findings about the use of test taker personal information for the vendor’s secondary purposes, the IPC held:

  • the vendor contract was deficient because it did not require the vendor to notify the University in the event that it is required to disclose a test taker’s personal data to authorities; and
  • that the University should contractually require the vendor to delete audio and video recordings from its servers on, at minimum, an annual basis and that the vendor provide confirmation of this deletion.

The McMaster case adds to the body of IPC guidance on data protection terms. The IPC appears to be accepting of vendor de-identification rights, but not of vendor rights to use personal information.

Generative AI

While the IPC recognized that Ontario does not have law or binding policy specifically governing the use of artificial intelligence in the public sector, it nonetheless recommended that the University build in “guardrails” to protect its students from the risks of AI-enabled proctoring software. Specifically, the IPC recommended that the University:

  • conduct an algorithmic impact assessment and scritinize the source or provenance of the data used to train the vendors algorithms;
  • engage and consult with affected parties (including those from vulnerable or historically marginalized groups) and those with relevant expertise;
  • provide an opt out as a matter of accommodating students with disabilities and “students having serious apprehensions about the AI- enabled software and the significant impacts it can have on them and their personal information”;
  • reinforce human oversight of outcomes by formalizing and communicating about an informal process for challenging outcomes (separate and apart from formal academic appeal processes);
  • conduct greater scrutiny over how the vendor’s software was developed to ensure that any source data used to train its algorithms was obtained in compliance with Canadian laws and in keeping with Ontarians’ reasonable expectations; and
  • specifically prohibit the vendor from using students’ personal information for algorithmic training purposes without their consent.

The IPC’s approach suggests that it expects institutions to employ a higher level of due diligence in approaching AI-enabled tools given their inherent risks.

Privacy Complaint Report PI21-00001.

Case Report – Publication of teaching evaluation data lawful

Arbitrator Brent held that the University of Windsor did not violate its faculty collective agreement or the Ontario Freedom of Information and Protection of Privacy Act by publishing teaching evaluation scores on a secure network for access by students and other members of the university community.

She made three findings. First, she held that the change in practice did not breach a frozen practices provision in the collective agreement because the publication condition (freedom from publication, as was argued) was not fundamental to the employment relationship. Second, she held that the express collective agreement restriction on disclosure of faculty personal information did not apply because the information disclosed was not “personal information” under the collective agreement. In reaching this finding, she relied on permissive collective agreement language that referred to the use of teacher evaluation data to construe the term “personal information.” Finally, she held that FIPPA did not apply based on its employment-related records exclusion and the fact that the data was used in the University’s promotion, tenure and renewal process. In rejecting the Association’s argument that student use of the data brought the records under the auspices of the Act, she said:

To argue that it ceases to become a “labour relations” or “employment-related” matter once it is made available to the students would in my view have the effect of excluding SET from FIPPA when it is used for employment related purposes but then including it when it is used to provide information to students. Such a result would be contrary to the Court of Appeal’s decision that once it is determined that FIPPA does not apply to certain material, then that material is exempt from FIPPA for ever.

University of Windsor and University of Windsor Faculty Association (Re) (19 February 2007, Brent).