Red Privacy Button Keyboard
Image from

The second of the Harper government’s pieces of digital legislation has been steadily going through the Senate, but it may now get more public attention because it has been referred to the House of Commons Industry committee for another looksee.

As University of Ottawa law professor Michael Geist notes in a blog this week, bill S-4 — also known as the Digital Privacy Act — was supposed to be good news for the government. It includes provisions making it mandatory for organizations covered under the act to report personal data breaches to individuals and the federal privacy commissioner.

But it also has a section allowing organizations to disclose personal data on customers or partners it holds without consent or a court order under certain circumstances. Those include an investigation of a civil breach of an agreement — which could mean a private company looking to sue someone — or contravention of federal or provincial laws.

The government has made a number of explanations why the section is needed, including arguing that the current federal privacy legislation (PIPEDA) allows information sharing, that it would allow businesses to share information in a very limited way, and that disclosure of personal information may be needed by regulatory bodies.

Geist has been a long-time critic of the section, arguing that there is no need to give the private sector more access to personal data without a court order than they already have. He notes that regulatory bodies already have exemption from the proposed legislation, and that PIPEDA does not have the broad exemption that S-4 has.

“The reality is that the expansion of voluntary disclosure of personal information without consent or court oversight is both overbroad and a serious threat to the privacy of Canadians,” Geist writes. “Indeed, when coupled with the expansion of voluntary warrantless disclosure to law enforcement in Bill C-13 (through full legal immunity) and the revelations of more than a million annual disclosures of subscriber information to law enforcement, it paints a picture of the government undermining privacy while claiming to protect it.”

The Industry committee examination of the legislation will be the last time an attack can be mounted on it. No date for a hearing has yet been set.

Previous articleZero-day Windows exploit could come via PowerPoint
Next articleIBM under fire
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]