The Standing Committee on Access to Information, Privacy and Ethics recently tabled their report from their study: “Federal Government's Use of Technological Tools Capable of Extracting Personal Data from Mobile Devices and Computers.”
PIPSC takes our members’ privacy extremely seriously, which is why we’re pleased to see that our insights and concerns influenced the committee’s report and that several of our key recommendations were adopted. Notably, the report emphasized our position on the greater obligation to conduct privacy impact assessments (PIAs) and the need to consult with the Privacy Commissioner before using new or substantially updated technological tools.
“Technology is moving at a fast pace, and our practices need to reflect that reality.” PIPSC President Jennifer Carr (pp. 44).
Among other issues, the report highlights our concerns around:
- Employee consent, especially given that current privacy policies were formulated before the advent of cloud-based services (pp. 39)
- The significant variation in consent practices across different institutions.
- Conducting PIAs (pp. 37, pp. 41) and the need for real consequences when senior bureaucrats fail to conduct these assessments appropriately.
- The necessity of Treasury Board to establish clearer guidelines on when new and modified programs require new PIAs.
PIPSC will continue to defend the rights of our members and advocate that the government accept our recommendations to prioritize your privacy in evolving workplaces.