Canada will adopt measures intended to blunt the unwanted potential ‘long-arm’ effects of the USA PATRIOT Act. The initiative comes on the heels of recommendations by the federal Privacy Commissioner of Canada and her provincial counterpart in British Columbia. The federal Privacy Commissioner had recommended that the government re-examine the circumstances under which it allows personal information about Canadians to be processed outside Canada. The BC Privacy Commissioner had published a study on the potential impact of the USA PATRIOT Act on personal information outsourced to US-linked companies by governments in Canada (E-TIPSâ„¢, Vol 3, No 11, November 10, 2004).
Congress enacted the USA PATRIOT Act shortly after September 11, 2001 in order to expand the intelligence gathering and surveillance powers of law enforcement and national security agencies. The law allows American authorities to obtain records and other “tangible things” to protect against international terrorism and other clandestine intelligence activities. It allows searches, provided that “a significant purpose” of the search is foreign intelligence gathering. This change leaves open a back door for enforcement of ordinary criminal and regulatory laws, as well as anti-terrorism laws.
The USA PATRIOT Act also expands the circumstances under which the FBI can issue “national security letters” to compel financial institutions, phone companies and Internet service providers to secretly disclose information about their customers. There is no independent oversight of the demand authority. The FBI is required only to establish that the information it seeks is relevant to an authorized intelligence investigation. Until recently, third party recipients were permanently barred from revealing they had been served with such letters.
In 2003 and 2004, the Privacy Commissioner of Canada conducted a preliminary review of data sharing agreements between the Canadian federal government and US authorities and found that agreements were numerous, highly informal and subject to inadequate oversight. The Commissioner pledged to conduct a more comprehensive audit of Canada-US information sharing agreements in 2005. In response, the federal Treasury Board Secretariat asked federal agencies to devise and submit for review strategies for dealing with potential risks the US statute might pose to Canadians’ personal and other information held by those agencies.
The Treasury Board also led a working group to draft special clauses to be used in future business proposal requests and contracts with external service providers. The clauses are meant to enhance and clarify data custody and control issues, confidentiality requirements and conditions on use and disclosure.
For an article on federal government strategy, see
For an article on BC government’s response to long-arm provisions of USA PATRIOT Act, visit:
The “Office of the Privacy Commissioner of Canada’s Submission on the Implications of the USA PATRIOT Act” can be found at:
BC Information & Privacy Commissioner’s Report on the USA PATRIOT Act can be viewed at:
Summary by: Jason Young