This past week, Canadians have been looking south of the border and working to make sense of the torrent of executive orders being issued by U.S. President Donald Trump. Amid the chaos, one order has escaped mass attention — but it has profound impacts on the privacy of Canadians.
Trump’s directive to “ensure that [U.S. agencies’] privacy policies exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy Act,” was immediately seized upon by Internet law and privacy expert Michael Geist, who sounded alarm bells that the order eliminates essential privacy protections Canadians have long depended on.
When Canadians communicate with each other online — and their data stays within our borders — these communications are legally protected under the Charter of Rights and Freedoms, ensuring certain constitutional safeguards from mass surveillance, which can reveal everything from your search history, location, and login details, as well as the identities of your contacts.
However, in the United States, Canadians’ data has, for most of history, been vulnerable. Basic protections were enacted under the U.S. Privacy Act only as recently as 2007. However, in a post-Snowden world, stripping digital communications of what few protections they have seems unthinkable. Trump’s directive comes amid a flurry of debate over the Canadian government's ongoing Consultation on National Security.
In 2015, the previous government passed the Anti-Terrorism Act, more commonly known as Bill C-51, which has been widely panned as a disaster for Canadian privacy. It extended warrantless access to sensitive private information and granted unprecedented leeway to share that information with over a dozen federal agencies. Over 40,000 Canadians responded in detail to the government’s consultation on Bill C-51, with many demanding its full repeal and the implementation of common sense oversight provisions, in a move to claw back a modicum of privacy.
Canadians are sick of seeing the current government drag its heels on privacy reform. Despite a promise by Public Safety Minister Ralph Goodale to fully release the results of the consultation, Bill C-51 is now approaching its two-year anniversary, and the privacy rights of Canadians are being routinely violated while it stays in force.
Armed with the knowledge that Canadian intelligence agencies work hand in hand with their U.S. counterparts — through international spying alliances such as the Five Eyes — we know that vast amounts of our personal information are routinely handed over to U.S. agencies. And with President Trump’s erasure of privacy protections for this data, it's important to put the extent of this information sharing into context.
Late last year, a scathing Federal Court of Canada ruling reprimanded the Canadian Security and Intelligence Service for illegally collecting and storing huge amounts of telecommunications data on Canadians for more than a decade. The ruling raised many questions among privacy advocates, including just how much of the information collected by CSIS ended up in the hands of the U.S. government. Although concerns about Canada's sharing of information with the United States long predate the Trump administration, the president's order stripping key privacy protections from Canadians elevates the issue from a nagging concern to a problem that federal decision-makers, including Privacy Commissioner Daniel Therrien, urgently need to address.
The volume and sensitive nature of this information effectively provides Trump's administration with an open window into the private lives of countless innocent Canadians.
How might the United States use this data? That's a question many are now asking, especially in light of another recent executive order banning entrance into the United States for people from seven majority-Muslim nations. Concerns around religious and ethnic profiling certainly top the list of concerns, but they’re far from the only ones.
There’s no doubting that the personal consequences of inappropriate information sharing with foreign governments can be profound. In recent years, over 200 Canadians have publicly come forward to say that despite never having broken the law, their personal or professional lives have been ruined due to such information disclosures. We’ll never know how many others impacted have chosen to stay silent.
These are not petty concerns: they carry with them real, lived impacts for the individuals affected — and those with “nothing to hide” may still have much to fear.
As the case of Maher Arar tells us, the impacts can be devastating.
If you are a Canadian Muslim traveling to or through the US DON't COUNT ON THE CANADIAN GOVT TO PROTECT YOU. JUST TRUST ME ON THIS.— Maher Arar (@ArarMaher) January 29, 2017
Now, with a majority of Canadians regularly hosting their emails, photos, and financial information on U.S. servers, there's a lot we don't know. But here's what we do know: Canadian data is frequently shared with U.S. agencies. The longer the practice of careless and irresponsible information sharing continues, the greater the risk to Canadians, and the further the erosion of trust in government agencies that are ostensibly there to keep us safe.
It is long past time Canada’s data-sharing policies are reviewed by federal decision-makers. OpenMedia will be filing a formal complaint, on behalf of our community and Canadians, with the Privacy Commissioner of Canada asking for an urgent review of the privacy impact of such data-sharing policies, particularly in light of Trump’s executive order.
Right now the privacy of Canadians is at risk. Data sharing is not benign, and we can’t sit by and ignore its impacts any longer. All Canadians deserve privacy and security online — and our government has a responsibility to make this happen.
Meghan Sali is a communications specialist with OpenMedia, a Vancouver-based international digital rights non-profit that works to keep the Internet open, affordable, and surveillance-free. Find her on Twitter at @megasali or @OpenMediaOrg.