The Office of the Privacy Commissioner of Canada received double the number of complaints in 2013 than it did the year before, according to an annual report the office released yesterday.
The privacy watchdog accepted 426 complaints from members of the public about privacy concerns in the private sector, says the report, which attributes the spike mainly to a surge of complaints about Bell Canada’s announcement last year that it would use clients’ account information to create more targeted ads.
But even without the Bell Canada grievances, there was a 17-per-cent increase in complaints last year compared to 2012, and telecommunications-related complaints made up half of all complaints.
The results are unsurprising in a year that saw whistleblower Edward Snowden reveal intrusive telephone and Internet surveillance practices, says McInnes Cooper privacy lawyer David Fraser.
“I think that there’s a greater awareness of privacy issues. One simply needs to recall that — although this report deals with the private sector and with companies — we have seen in the last year the Snowden revelations, a whole lot of discussion about what information telecommunications service providers provide to law enforcement,” he says.
“There’s been a lot more discussion in the media and other places about privacy, which perhaps translates into a greater awareness on the part of individuals about their personal information.”
Former privacy commissioner Jennifer Stoddart, who was replaced in June by Daniel Therrien, had a clear focus on digital privacy, says Fraser, who adds it will be interesting to observe if and how her successor will change that focus.
In the report, the office says one of the more significant investigations it conducted last year involved Google’s use of sensitive health information obtained through user searches. A complainant had started seeing advertisements for sleep apnea devices on web sites after he ran a Google search for the device.
“Our investigation found that the use of sensitive personal information in this manner did not correspond to the wording stated in Google’s own privacy policy. Further, the investigation identified shortcomings in the way the company monitors its advertisers and made several recommendations for remedial actions to stop privacy-intrusive ads,” the report says.
Google committed to implement the recommendations by June 2014 and the office says it has since been satisfied with the actions the company has taken to address the concerns.
Fraser says the privacy commissioner’s office tends to report only on high-profile investigations on its website. While useful, those reports give an “incomplete picture” of the kind of privacy questions it deals with and how it deals with them, he says.
“For those of us who practise in this area and are advising clients, more detail is helpful,” he says. “You don’t need to know the identity of anybody involved but you need to understand the issue.”
The report also discussed the results of the office’s scan of 326 Canadian web sites — which belonged to businesses from trip planning companies to paternity testing centres — to check whether proper privacy policies were in place.
“Indeed, we spotted problems on nearly half of all web sites examined,” the report says.
“For instance, nearly one in 10 had no discernable privacy policy at all. One in eight concealed their privacy-related information so well that they became trophies for only the most determined hunters,” he report says.
But globally, Canada’s results were far better than many other countries’, the report added.
“For instance, 21 percent of all sites and apps swept around the world had no privacy statement—more than twice the failure rate we discovered in Canada.”