Support Information and Privacy Rights in BC

We’re calling on the provincial government to keep their promise

Earlier this month, we teamed up with the BC Civil Liberties Association and created a petition to encourage the British Columbia government to keep their campaign promise of reforming the Freedom of Information and Protection of Privacy Act (FIPPA).

This Act is as important today as it was when it was created in the early 1990s. It creates a legal framework that regulates how public bodies treat personal information and assigns information and privacy rights to British Columbians.

But in the nearly thirty years since the Act was passed, a lot has changed while the Act has stayed largely the same. Just think, the new technology at the time was the fax machine. The internet and our connected world has changed the way information is created, stored, used, and accessed. And our laws need to change as well.

The status quo isn’t good enough

Two years ago, during the campaign period for our last provincial election, we asked each political party about their plans to update BC’s FIPPA. We asked the New Democratic Party (NDP) if they would include a duty to document within the FIPPA and if they would create penalties for those who interfere with information rights.

In response to both questions, the NDP unequivocally committed to including a duty to document within the FIPPA, and to creating penalties for those who interfere with information rights.

Today, over two years later, we’ve seen no action towards realizing these commitments. In fact, while the government celebrated legislative changes to the Information Management Act as improvements to “transparency and accountability to British Columbians,” they were being accused of breaking the very laws they are mandated to uphold.

The Information and Privacy Commissioner for BC, Michael McEvoy, released this statement about the legislative changes to the Information Management Act and the serious accusations facing government:

‘As it now stands, the Information Management Act designates the Minister herself as primarily responsible for ensuring her Ministry’s compliance with the duty to document its decisions. Citizens would find it very surprising that, on its face, the current law makes a Minister responsible for investigating their own conduct. This is unacceptable and falls short of the independent oversight required to ensure public trust and accountability.’

The tragic irony of the situation seems to be lost on government. Serious accusations of wrongdoing, the kinds that have been recently levelled against a government Minister, cannot be appropriately investigated by that very same Minister.

If British Columbians are to truly have improvements to government “transparency and accountability” then what is needed is independent oversight. The FIPPA creates a regulatory framework within the Office of the Information and Privacy Commissioner, one that operates separately from government.

To keep its promise, and to truly increase “transparency and accountability to British Columbians,” the government must assign independent oversight to the Office of the Information and Privacy Commissioner by creating a duty to document within the FIPPA.

What is a ‘Duty to Document’?

A duty to document is quite simple and something that the original writers of the FIPPA did not think would be necessary to include in the legislation. It’s the idea that government must record their decision making process, which is fundamental principle to functional freedom of information laws.

For example, if someone were to request documents related to a new tax that government was requiring of citizens, that request would not be successful if no records were to exist. The duty to document would compel government to document their decision making process so that citizens can exercise their information rights, like the right to know.

The original lawmakers who drafted the FIPPA did not anticipate that government would hold meetings in person and over the phone without writing anything down (a phenomenon known as ‘oral government’), use personal email addresses to conduct government business, and maliciously delete records in order to circumnavigate freedom of information laws (a practice known as ‘triple-delete’).

But unfortunately that is now the reality in which we are living.

We are not alone in calling for a duty to document. The all party special legislative committee that reviewed the FIPPA in 2016 made the specific recommendation to include a duty to document within the FIPPA. That committee included BC’s current Attorney General, David Eby.

In addition, Information and Privacy Commissioners in BC have called for the inclusion of a duty to document within the FIPPA. Elizabeth Denham, in her report, Access Denied wrote:

‘Government should create a legislative duty to document within FIPPA as a clear indication that it does not endorse “oral government” and that it is committed to be accountable to citizens by creating an accurate record of its key decisions and actions.’

And BC’s current Information and Privacy Commissioner, Michael McEvoy, has written this:

‘It is time for government to amend FIPPA to ensure that the vitally important duty to document has the oversight of my office, which is independent of government. The public interest requires this’

Yet despite these calls, the government has failed to act on their promise to protect the information rights of British Columbians.

We need your help

So after two years of government inaction, distraction, and obfuscation, we are inviting the public to join our call for the government to keep its promise of reforming FIPPA. We have included four main points; the inclusion of a duty to document within FIPPA is just the beginning. Over the coming months, we’ll expand on the other points.

If you are interested to learn more about the FIPPA, and our role in getting the legislation passed, check out our podcast. We have an episode on the history of the Act and an episode on the duty to document.

But the most important thing that you can do, is to add your name to our petition and voice your support for the privacy and information rights of British Columbians.

Support information and privacy rights for British Columbians today

2019 Update to ‘The Connected Car’

Cover of the Connected Car update for 2019

This report updates FIPA’s 2015 ground-breaking report, The Connected Car: Who is in the Driver’s Seat? As may be expected, there have been major developments both in technology and policy since our first Connected Car report.

Technology that was once exclusively available in high end vehicles has become commonplace. According to one estimate, 98 per cent of vehicles in North America and Europe will be connected by 2021. Car companies are constantly seeking new ways to profit from the collection of data taken from their vehicles, often in partnership with large technology companies like Apple and Google.

Cover of the Connected Car update for 2019

As technology advances, there have been more studies undertaken on what these changes mean for privacy rights. There have been pushes for stronger and more comprehensive legislative activity. Perhaps the most significant legislative change to date is the General Data Protection Regulation in the European Union. Other jurisdictions have also been mooting improved legislation as well as codes or standards to govern particular sectors of the economy or society, including Canada.

The privacy policies of the various car companies have also changed since 2015, generally for the better. One major improvement over what we found in 2015 was that with two exceptions, companies selling connected cars in Canada had their privacy policies available on their Canadian websites.

This allowed us to do a comparison of the privacy policies of the various companies (Original Equipment Manufacturers or OEMs) selling large numbers of cars and trucks in Canada (more than 1000 sales per annum).
We reviewed the privacy policies of 36 different vehicle brands of manufacturers from all over the world. The scope of the research focused on the policies’ treatment of protected data, the openness and accountability of protected data, the accountability to third party processors, whether the policy recognizes the right of access for an individual to his or her own data, the accuracy and security of the data, the purpose specification and notice of changes, the limitations of the use, collection and retention of data, and the types of consent mechanisms that are being used by the manufacturers. In addition, we considered if there are any options for the individual to opt-out. We compared our findings to our 2015 findings in our original Connected Car report to see what had changed.

We found that OEMs’ terms of service and privacy policies respecting connected car services showed significant improvement over 2015. Still these policies are still inadequate when compared to all major data protection principles and requirements under Canadian data protection law.

Although some manufacturers have made an effort to be specific about their uses of personal data and to explain their policies more clearly, key elements of OEM policies are still often unclear or expressed in very broad language. The worst examples are the very broad purposes OEMs continue to provide for collecting, using and sharing personal information, sometimes alongside specifics and sometimes not. While there is now a wider disparity among OEMs in terms of the adequacy of their connected car privacy policies, certain gaps and problems remain across the board.

In light of these shortcomings, and the federal Privacy Commissioner’s repeated statements that he has not received a complaint about this issue, we have decided to remedy this situation. A complaint to Commissioner Therrien is attached to this report, and we hope it will give him the opportunity to bring clarity in an authoritative ruling on this issue.

Download the resource.

For more than twenty years, the B.C. Freedom of Information and Privacy Association has relied on the support of our community to provide resources, educational programming, and one-on-one advice. By making a contribution to the Association in exchange for this resource, you’re helping us provide another two decades of service to Canadians and supporting more publications like this in the future. There is no minimum donation amount. Every bit helps.

Click here to make a donation. We hope you consider supporting the Associations.

Let us know what you think: If you have comments, questions, or concerns about the report, please send them to FIPA at fipa@fipa.bc.ca or tweet to us @BCFIPA.

Support BCCLA and their fight to stop illegal spying!

Since 2014, the BC Civil Liberties Association (BCCLA) has been pushing back against the Canadian Security Intelligence Service (CSIS) and the Royal Canadian Mounted Police (RCMP) through complaints filed with the Security Intelligence Review Committee (SIRC), the oversight body for CSIS.

BCCLA alleges that CSIS illegally spies on activist and environmental groups that operate in Canada and passes that information on to petroleum companies.

The BC Freedom of Information and Privacy Association (FIPA) supports BCCLA’s pursuit of government transparency, accountability, and the public’s right to question those in power.

In addition, FIPA concurs that spying on people who are exercising their right to protest is an attack on our freedom of expression, an abuse that cannot be tolerated in a free and democratic society.

We encourage you to support BCCLA, along with the other organizations involved in the complaint (Sierra Club of BC, the Dogwood Initiative, Leadnow.ca, and STAND), by learning more about their challenge to the unconstitutional spying on Canadians.

The time for information rights reform is here!

We are asking the BC Government to keep their promise.

Sign the petition for FIPPA reform today!

The BC Freedom of Information and Protection of Privacy Act (FIPPA) was meant to help create a culture of openness and transparency within the government.

Today, however, we frequently see public bodies failing to create records or destroying them in order to avoid the possibility of release. We are getting more calls and hearing more stories from concerned citizens who are not able to get the information they are looking for or who have found their privacy rights breached by a public body with little or no recourse.

Over the past year, we have tried to work with government on improving FIPPA. One year later, there has been no action and we do not have any sign that the government will move forward on legislative change.

What are the issues?

We’re calling for:

  • A legislated duty to document under FIPPA
  • Bringing public bodies’ subsidiaries under FIPPA
  • Implement Mandatory Privacy Breach Notification
  • Expand the oversight of the Office of the Privacy Commissioner in the areas of Privacy

What can you do?

Sign the petition for FIPPA reform today! Along with our partners at the BC Civil Liberties Association, we’re asking you to add your voice to our call for government to make the legislative changes they promised.

By signing the petition, you’ll be directly telling Premier John Horgan, Minister Jinny Sims, and Attorney General David Eby that information and privacy rights are important to you.