Updated: Two pieces of scotch tape that show why Statistics Canada doesn’t care about your privacy


***

Update:

As of December 3rd, 2018, one week following the publication of this blog post, and a couple of weeks after more than 400 Canadians exercised their privacy rights and requested their personal information through an OpenMedia campaign that FIPA assisted with, Statistics Canada has announced that they are suspending their practice of obtaining personal credit records from TransUnion and are delaying their plans to access the banking details of 500,000 Canadians.

Information contained in this blog post was cited in an article in the Globe and Mail that originally broke the story. 

***

I wish that was some kind of elaborate metaphor.

When I heard that Statistics Canada had been accessing the credit scores of Canadians, I wanted to find out if I was affected. I filed a request under the Privacy Act for “any records or data related to me that was received by Statistics Canada from TransUnion,” which is one of Canada’s two credit bureaus.

As someone interested in privacy and privacy rights, I was curious as to why Statistics Canada would be interested in my personal financial information and how they would safeguard it.

The offending envelope, replete with scotch tape and addressed to the wrong person.

The letter I received confirmed that Statistics Canada had, in fact, accessed my complete credit history. It was apparently protected though; the letter went on to explain that any personal information that could identify me had been scraped from my financial information. They had only recombined the information and re-identified me in order to fulfill my request (Click on the image to the below right to read the full letter).

Then they tucked these sensitive records, which contain my complete credit profile, into an envelope, attempted to close it with two pieces of scotch tape, and sent it to me in the mail.

Two pieces of scotch tape.

Forget for the moment that I had asked for electronic copies of my records and that Statistics Canada made a choice to print this sensitive financial information and send it through the mail.

Please also forget that the envelope was addressed to the wrong person.

Click the image to read about Statistics Canada’s “essential security” measures

Because I’m able to open the package, read the letter from Statistics Canada detailing the importance of safeguarding my personal financial information, flip through several pages that contain my Social Insurance Number, birth date, address, contact information, all of my banking information, including available credit, debts, accounts, balances, and more—and then I’m able to seal the envelope closed again with those same two pieces of scotch tape.

I would never know if this envelope had been opened prior to arriving at my residence.

If Statistics Canada does, in fact, take privacy seriously and does believe that it can responsibly hold the detailed and sensitive financial records of Canadians, then it needs to be able to comply with the Privacy Act in a way that doesn’t mean sacrificing privacy. That is the tragically ironic position that Statistics Canada finds itself in.

Here is one possible solution that Statistics Canada could consider employing as an additional “essential security measure”: Send an encrypted CD-ROM through the mail and provide a password in a separate letter or through email. This two-step authentication method means that anyone who interrupts the original package won’t have access to the sensitive records that Statistics Canada holds.

It would also mean providing access to the records through the means that I had initially requested.

The back of the envelope shows an intact seal.

But Statistics Canada made a choice about how they were going to respond to the request that I made through the Privacy Act. In doing so, they both fulfilled my request and put my privacy at tremendous risk. Perhaps, they were trying to send a message: Don’t bother us about our security measures if you want your data to be kept safe.

But alas, there is a saying that goes something like, “Attribute not to malice what can be attributed to incompetence.” This example illustrates why Statistics Canada shouldn’t have access to the sensitive financial information of 500,000 Canadians.

In era where trust in public bodies is eroding, and progressive technologists look towards adopting decentralized models like block chain, our government needs to be rebuilding trust. For Statistics Canada, that starts with taking decisive steps towards protecting the privacy of Canadians, of doing the fundamental work to earn the trust of its stakeholders.

And, quite frankly, two pieces of scotch tape won’t cut it.

Bryan Short is the Program Director at BC FIPA. He holds a master’s degree in Journalism and a bachelor’s degree in English Literature from the University of British Columbia.