BC Government auctions computer tapes with health records

The British Columbia government has auctioned off computer tapes containing thousands of highly sensitive records, including information about people’s medical conditions, their social insurance numbers and their dates of birth. Included was information about such things as HIV status, mental health and drug usage.

Sold for $300 along with various other pieces of equipment, the 41 high-capacity data tapes were auctioned in mid-2005 at a site that routinely sells government surplus items to the public.

“This appalling lapse in security reveals that the privacy legislation the government has passed has not really resulted in a privacy-respecting culture throughout the government,” said FIPA executive director Darrell Evans. “It should sensitize citizens to privacy issues and prompt them to question exactly what and how much of our personal information government collects, and who has access to it.”

Sources and media coverage

U.S. corporation selected to manage BC Medical records actively promotes sharing of personal information with FBI

The US-based Maximus corporation, a subsidiary of which is poised to take over the administration of BC Medical Services Plan and PharmaCare, has publicly stated on its website that it’s an “…outreach company for homeland security [Act] information sharing.” This revelation has amplified the privacy concerns of groups opposed to the imminent contract.

[IMPORTANT UPDATE: Since this news item was posted on August 19, 2004, the “Homeland Security” page of the MAXIMUS website has been altered to delete the sentence, “Ongoing efforts are underway in several states to utilize MAXIMUS as the outreach company for homeland security information sharing” from the end of the second paragraph.]

According to the Right To Privacy Campaign (RPC), the Homeland Security and USA PATRIOT Acts are the foundations of the threat to British Columbians’ personal information once that information is in the hands of Maximus.

“We’re stunned that Maximus is an intimate partner in the Homeland Security apparatus,” said BC Civil Liberties Association Policy Director and RPC member Micheal Vonn. “If the Province was not aware of the link between Maximus and the US Homeland Security apparatus, then it did not do its homework. If it did know, then it has utterly failed to comprehend the magnitude of British Columbians’ concerns about their privacy.”

“The risk that the medical information of BC citizens could be disclosed to US intelligence authorities has just accelerated,” said Darrell Evans, FIPA Executive Director. “Maximus has revealed that it has a vested interest in disclosing any personal information it holds to the FBI and other US government agencies. In fact, it is actively promoting its role as a facilitator of this kind of information sharing.”

The Right to Privacy Campaign believes contracting out of the administrative functions of BC’s Medical Services Plan and Pharmacare to Maximus will place British Columbians’ confidential health information at risk of seizure by the FBI and, consequently, the American government.

The Homeland Security Act permits confidential information held by an American company or its affiliates obtained by the FBI through the USA PATRIOT Act to be entered into classified databanks. This information is then available to law enforcement and other agents of the American government. When the information is collected, individuals concerned are given no notice and are not permitted access.

The Right to Privacy Campaign is a group of organizations committed to stop the contracting out of information or information management to any company subject to foreign laws that violate the privacy rights of Canadians. More information on the campaign is available at http://www.righttoprivacycampaign.com.

Right to Privacy Campaign’ launched to protect individuals’ privacy by stopping Maximus deal

A diverse and growing group of rights, health, union and other organizations has launched a province-wide campaign to demand that the BC government drop its proposed deal with the Maximus corporation because of the privacy implications of the USA PATRIOT Act.

The Right to Privacy Campaign believes that contracting out the administrative functions of BC’s Medical Services Plan (MSP) and PharmaCare to the American corporation Maximus Inc. will place British Columbians’ confidential health and related information within easy reach of the FBI and, through the FBI, the entire array of American government agencies.

Privacy Commissioner calls for submissions

BC’s Privacy Commissioner has launched a public inquiry to review the impact of the U.S. Patriot Act on government plans to contract out the MSP. He has invited submissions from American and Canadian experts and the general public and expects to issue his report by August 13, 2004. The Campaign is urging British Columbians to send submissions expressing their views about the Maximus deal.

News Release

Request for Submissions – Assessing USA Patriot Act Implications for Privacy Compliance under British Columbia’s Freedom of Information and Protection of Privacy Act

Campaign Goal

The primary goal of the Right to Privacy Campaign is to ensure that there is “no contracting out by the Government of BC of information or information management, such as MSP or PharmaCare, to any company subject to foreign laws that violate the privacy rights of Canadians, like the USA PATRIOT Act”.

“We are on the edge of a new and frightening era in which surveillance of citizens by governments and their private-sector partners could become the dominant reality of our society – in other words, an era in which Orwell’s ‘Big Brother’ vision could actually be realized,” said Darrell Evans, Executive Director of the B.C. Freedom of Information and Privacy Association.

“Whether or not we go over that edge and create what has been called a “surveillance society” will depend on how willing citizens are to draw a line and say “no further” to government attempts to probe into and record the facts of our private lives.”


The Right to Privacy Campaign website features information on the Privacy Commissioner’s inquiry, current legal actions, backgrounders, and suggested action steps for organizations and citizens. Included is a section with easy-to-follow suggestions for preparing a submission to the Privacy Commissioner.

Public Health and Safety Threatened by Creation of Unaccountable Quasi-governmental Bodies

The B.C. Freedom of Information and Privacy Association (FIPA) is calling on the federal government to extend the Access to Information Act and the Privacy Act to a long list of quasi-governmental bodies it has created over the past decade. These bodies create public policy, spend billions of dollars of public money, and in some cases make decisions that have a major impact on public health and safety; yet they remain unaccountable to both taxpayers and Parliament.

The problem is shown in its worst form with Bill C-27, the recently passed Nuclear Fuel Waste Act, which establishes a new agency called the Waste Management Organization (WMO). Bill C-27 will allow nuclear waste to be imported into Canada while letting nuclear energy corporations sit on the WMO’s board of directors. The WMO will not be directly accountable to Parliament or subject to the Access to Information Act, Canada’s open government legislation.

The Liberal majority ignored the advice of the Seaborn panel (set up to advise on the WMO’s creation) to include it under the Access to Information Act, and also voted down amendments by the Bloc Quebecois and Canadian Alliance parties to include it under the Act.

The Chretien government has created at least 14 unaccountable quasi-government bodies since first elected (See attached backgrounder for partial list) . FIPA is concerned that the wall of secrecy around two of these bodies – the Waste Management Organization and Canadian Blood Services – poses a potential threat to public safety.

In addition to less access to information, these bodies also provide less protection for the privacy of Canadians’ personal information than agencies which are subject to either the Privacy Act or the new Personal Information Protection Act, which governs the privacy practices of the federally-regulated private sector.

“Democracy is diminished when large sectors of government authority are placed beyond the openness, accountability and privacy protection provided by these acts,” said FIPA executive director Darrell Evans.

ATTACHED: Backgrounder
CONTACT: Darrell Evans, 604-739-9788
Backgrounder: Quasi-Governmental Bodies Created by the Federal Government

The problem of quasi-governmental bodies, which are created by the federal government but are unaccountable to both Parliament and Canadian taxpayers, was spotlighted by federal Auditor General Sheila Fraser in her annual
report to Parliament on April 16, 2002.

Fraser noted that “In many cases, these foundations do not meet essential requirements that government departments would have to meet if they were delivering the same programs: namely, credible reporting of results, effective ministerial oversight, and adequate external audit.”

Some of the quasi-governmental bodies established in recent years, most as non-profit societies, are:

  • the Waste Management Organization, which will develop Canada’s long-term plan for handling and storing nuclear waste;
  • Canadian Blood Services, which oversees the safety and management of Canada’s blood supply;
  • the Canadian Foundation for Innovation (recipient and disburser of $1.9 billion in federal money);
  • Canada Health Infoway Inc. ($500 million);
  • the Canadian Millennium Scholar-ship Foundation ($2.5 billion);
  • Canada Pension Investment Board; and
  • Genome Canada.

For a more comprehensive list, see Prof. Alasdair Roberts’ website.

Workable solutions have been implemented elsewhere. In fall 2000, Britain adopted a Freedom of Information bill that which covers most major contractors, quasi-governmental organizations, and can even include private organizations that perform public functions. Some of these provisions are also included in the FOI laws of Ireland, Scotland, Jamaica, Australia and
New Zealand. There is absolutely no excuse for Canada to fall behind these nations.

Federal Information Commissioner John Reid has complained vigorously and often about the creation of quasi-governmental bodies as well, without success. In his annual report for 2000-2001, he warned “In future years, there may be changes in the way governments manage corrections, drug approvals, grants and contributions, policing, emergency response measures;
the list goes on. Accountability through transparency should not be lost merely because the modality of service provision has changed.”

Another indication of concern within the federal government: In February 2002, Treasury Board issued the government’s Policy on Alternative Service Delivery 1. It asks each quasi-governmental body to complete a “case analysis” which includes the question, “Is there appropriate provision for access to information, preservation of government memory and the privacy of
Canadian citizens?”

Clearly, for FIPA, the answer is, “Only if the body is covered by the ATI and Privacy Acts”