Personal Information in the Public Sector

AuthorBarbara Von Tigerstrom
Pages232-290
232
CHAPTER 4
PERSONAL
INFORMATION IN
THE PUBLIC SECTOR
Legislation in all Canadian jurisdictions governs personal information
that is collected, used, and disclosed by public sector institutions. At
the federal level, the relevant provisions are found in the Privacy Act,1
while in the provinces they are contained in freedom of information and
protection of privacy (FOIP) or access to information and protection of
privacy (ATIP) statutes, alongside provisions dealing with the general
right of access to informat ion, which are discussed in Chapter 3.2 Most of
these statutes were enacted in the 1980s and 1990s, with the federal Act
replacing provisions dealing with personal information that were added
to federal human rights legislation in the 1970s.3 Their purpose is to
provide a degree of transparency and control with respect to personal
information in governments’ hands, including giving individuals the
right to access and request correct ions to their own personal informat ion
and preventing unauthorized collection, use, and disclosure of personal
information.4 The protection of privacy is considered sufficiently import-
ant that this legislation has been described as “quasi-constitutional” in
1 RSC 1985, c P-21 [Privac y Act].
2 In this ch apter, the terms “FOIP statutes” or “FOIP legisl ation” will be used to
refer to the provinc ial/territori al and federal legislat ion collectively.
3 Peter Gillis, “The Priv acy Act: A Legislative Hi story and Overview” (1987) 1987
Canadian Huma n Rights Yearbook 119 at 123.
4 See, for example, Freedom of Infor mation and Protection of Privac y Act,RSBC
1996, c 165, s 2(1) [BC FOIPPA].
Personal Infor mation in the Public Sector 233
nature;5 it ha s equal status with the general r ight of access to information,
and the two regimes must be interpreted together.6
Although the relevant statutes use the term “privacy” or “protec-
tion of privacy” in their titles and purpose statements, this is some-
what misleading.7 Their substance is both narrower and broader than
it would suggest. Although the limits on collection, use, and d isclosure
do provide some protection for individuals’ privacy, in fact, the legis-
lation allows fairly broad latitude for the government to hold, use, and
share personal information for a variety of purposes. The provisions
also extend beyond privacy protection to a broader set of principles
dealing with the management of personal information. These princi-
ples, referred to as “fair information principles” or “fair information
practices,” are set out in Guidelines published in 1980 by the Organi-
sation for Economic Co-operation and Development (OECD),8 and can
be summarized as follows:
Collection Limitation: Collection of personal data should be limited,
should be done by fair and lawful means, and should generally be
done with the knowledge and consent of the individual.
Data Quality: Personal data should be relevant to, and as accurate,
complete, and up-to-date as necessary for, the purposes for which
they are used.
Purpose Specification: The purposes for which personal data are to
be used should be specified before data are collected and use should
be limited to these purposes or compatible and specified purposes.
Use Limitation: Personal data should be used for other purpose s only
with the individual’s consent or as authorized by law.
Security Safeguards: Personal d ata should be protected against loss or
unauthorized access, destruction, use, modification, or disclosure.
Openness: Developments, practices, and policies regarding personal
data should generally be open and individuals should be able to
readily determine the existence and nature of personal data, the use
of data, and the identity and location of the data controller.
5 See Lavigne v Canad a (Office of the Commissioner of Officia l Languages),2002
SCC 53 at paras 23 –25 [Lavigne] (referring to the feder al Privacy Act).
6 Dagg v Canada (Minister of Finance), [1997] 2 SCR 403at para 55, La Forest J [Dagg].
7 See Willi am Bonner & Mike Chiass on, “If Fair Information Pri nciples Are the
Answer, What Was the Q uestion? An Actor-Network Theory Investigation of t he
Modern Constit ution of Privacy” (2005) 15 Information & Organizat ion 267 at 280.
8 Organisation for Economic C o-operation and Developmen t, “OECD Guide-
lines on t he Protection of Privacy and Tran sborder Flows of Personal Data”
(23 September 1980), online: www.oecd.org/sti/ieconomy/oecdguidelinesonthe
protectionofprivacyandtransborderflowsofpersonaldata.htm.
INFORM ATION AND PRIVACY LAW IN CANADA234
Individual Participation: Individuals should have the right to obtain
confirmation of whether the data controller holds personal data on
them; have such data communicated to them, subject to exceptions
that are explained and can be challenged; and challenge and have
corrected personal data relating to them.
Accountability: A data controller should be accountable for compliance
with measures giving effect to these principles.
These principles strongly influenced legislation in Canada and else-
where.9 In Europe, the relevant legislation tends to use the term “data
protection,” but reflects many of the same core principles. Although
these principles have remained relevant, Canada, like other juris-
dictions, is responding to changes in technology and international
developments by engaging in a process of reviewing and modernizing
public sector privacy legislation.10
A.SCOPE OF APPLICATION
The scope of application of public sector personal information legislation
parallels that of access to information, in that it covers information in
the custody or control of a “government institution” or “public body,” as
defined by the legislation.11 The bodies to which the legislation applies
are defined in each statute, often supplemented by a list in a schedule or
regulation to the statute. They include government ministries or depart-
ments, agencies, boards, and other public offices. Although the scope is
broad, it does not necessarily include all organizations with important
public functions, with courts and political parties being notable excep-
tions.12 There are a few instances in which a person or institution is sub-
ject to personal information provisions but not access to information:
9 See, for example, Bonner & Chias son, above note 7 at 275.
10Canada, Depar tment of Justice, “Moderniz ing Canada’s Privac y Act” (2019),
online: www.justice.gc.ca/eng/csj-sjc/pa-lprp/modern.html. For di scussion of
relevant international developments, see Chapter 1, Section C.
11See Chapter 3, Section A.
12Depending on the juris diction, courts are not included a s public bodies, or
most court records (in some c ases, except for court admin istration records) are
excluded from the st atute’s scope, or both. On political p arties, see Dara Lith -
wick, “Priv acy and Politics: Federal Political Pa rties’ Adherence to Recogn ized
Fair Informat ion Practices” (2016) 10 Journal of Parliamentar y & Political Law
39; Information and P rivacy Commissioner of O ntario, Thirty Years of Access and
Privacy Ser vice: 2017 Annual Report (2 018), onli ne: www.ipc.on.ca/wp-content/
uploads/2018/06/ar-2017-e-web.pdf a t 47.

Get this document and AI-powered insights with a free trial of vLex and Vincent AI

Get Started for Free

Unlock full access with a free 7-day trial

Transform your legal research with vLex

  • Complete access to the largest collection of common law case law on one platform

  • Generate AI case summaries that instantly highlight key legal issues

  • Advanced search capabilities with precise filtering and sorting options

  • Comprehensive legal content with documents across 100+ jurisdictions

  • Trusted by 2 million professionals including top global firms

  • Access AI-Powered Research with Vincent AI: Natural language queries with verified citations

vLex

Unlock full access with a free 7-day trial

Transform your legal research with vLex

  • Complete access to the largest collection of common law case law on one platform

  • Generate AI case summaries that instantly highlight key legal issues

  • Advanced search capabilities with precise filtering and sorting options

  • Comprehensive legal content with documents across 100+ jurisdictions

  • Trusted by 2 million professionals including top global firms

  • Access AI-Powered Research with Vincent AI: Natural language queries with verified citations

vLex

Unlock full access with a free 7-day trial

Transform your legal research with vLex

  • Complete access to the largest collection of common law case law on one platform

  • Generate AI case summaries that instantly highlight key legal issues

  • Advanced search capabilities with precise filtering and sorting options

  • Comprehensive legal content with documents across 100+ jurisdictions

  • Trusted by 2 million professionals including top global firms

  • Access AI-Powered Research with Vincent AI: Natural language queries with verified citations

vLex

Unlock full access with a free 7-day trial

Transform your legal research with vLex

  • Complete access to the largest collection of common law case law on one platform

  • Generate AI case summaries that instantly highlight key legal issues

  • Advanced search capabilities with precise filtering and sorting options

  • Comprehensive legal content with documents across 100+ jurisdictions

  • Trusted by 2 million professionals including top global firms

  • Access AI-Powered Research with Vincent AI: Natural language queries with verified citations

vLex

Unlock full access with a free 7-day trial

Transform your legal research with vLex

  • Complete access to the largest collection of common law case law on one platform

  • Generate AI case summaries that instantly highlight key legal issues

  • Advanced search capabilities with precise filtering and sorting options

  • Comprehensive legal content with documents across 100+ jurisdictions

  • Trusted by 2 million professionals including top global firms

  • Access AI-Powered Research with Vincent AI: Natural language queries with verified citations

vLex

Unlock full access with a free 7-day trial

Transform your legal research with vLex

  • Complete access to the largest collection of common law case law on one platform

  • Generate AI case summaries that instantly highlight key legal issues

  • Advanced search capabilities with precise filtering and sorting options

  • Comprehensive legal content with documents across 100+ jurisdictions

  • Trusted by 2 million professionals including top global firms

  • Access AI-Powered Research with Vincent AI: Natural language queries with verified citations

vLex

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT