Archive for the ‘Surveillance’ Category

21 Aug 2017

Privacy Tech-Know Blog: Cookieless Identification and Tracking of Devices


We are regularly told to block or ‘clear our cookies’, or use a private browsing mode, if we don’t want to be tracked as we visit websites. Website operators and marketing, advertising, and other tracking companies, however, have developed other ways of tracking us, called ‘fingerprinting’, which work even if you clear or block your cookies. How prevalent is this kind of cookieless tracking? How accurate is it? And what are the implications for our ability to control our personal information and protect our privacy interests?

Read the rest of this entry »


13 Jun 2017

Privacy Tech-Know Blog: Who’s Watching Where You’re Driving?


When you drive down the road or park your car, have you considered who might be recording where your car was at any given time, and where that information is stored and shared? Public agencies and private companies are using Automated Licence Plate Recognition (ALPR) systems to track vehicles throughout Canada, today.

ALPR systems have privacy implications because they record where specific vehicles are at given times, often without the driver realizing that such information is being captured.

Read the rest of this entry »


6 Mar 2017

Privacy Tech-Know Blog: Let me virtually assist you


The way we interact with our digital devices has evolved over time: from specific commands in command line interfaces, to graphical user interfaces (GUIs), to touch-based interfaces. Virtual assistants (VAs) are the next step in this evolution, and they present new privacy challenges. These assistants, such as Siri (Apple), Alexa (Amazon), Cortana (Microsoft), or simply ‘Google’, are designed to respond to your spoken or written commands and take some action. Such commands let you place phone calls, order a car service, book a calendar appointment, play music or buy goods.

The use of these assistants is on the rise: a 2015 Gartner study found that 38 per cent of Americans had used a virtual assistant in 2015 and that two-thirds of customers in developed markets would use them daily in 2016. The most commonly-used VAs are voice-based, however, much of the presented information also applies to text-based VAs.

Read the rest of this entry »


10 Feb 2017

Privacy Tech-Know Blog: The actual privacy benefits of virtual private networks


Virtual Private Networks (VPNs) let you establish a secure communications channel between your computing device and a server. After connecting to the server, you could gain access to a private network that has work files or applications, or use the server as a relay point to then access Internet content when browsing from a public network.

There are several reasons for using a VPN: you might need to remotely access information held on corporate servers while travelling or working from home; you might be wary of the insecure wireless networks you’re using; or you might want to access online content that’s blocked on the network you’re connected to but is accessible from the server somewhere else. Sometimes a company will require you to use a VPN, meaning the company will dictate the security and type of VPN you use (for example, your employer). Whereas when you make a consumer decision to use a VPN you’re responsible for making these decisions on your own.

In the wake of Edward Snowden’s revelations, a large number of consumer VPN providers have sprung up, and security experts now often suggest that you use a VPN when accessing the Internet from an insecure network (e.g., a café, public library, or other free Wi-Fi hotspot). This blog post will help you understand what to look for when choosing between different VPN services.

Read the rest of this entry »


9 Nov 2016

Privacy Tech-Know Blog: Pay me to regain access to your personal information! Ransomware on the rise


business growth 1

Ransomware is a type of malicious software (malware) which, when installed on a device or system, prevents access to that device, or that device’s content or applications. Once installed and operational, the malware prompts you to pay a ransom to restore full functionality to the device. Personal or sensitive data have been targeted with ransomware, or accessed when attackers were rifling through organizational computers or networks. In fact ransomware has affected a range of devices, including those running Windows, OS X, and Android, and has affected healthcare providers, police services, public schools, universities, and various types of businesses, in addition to individual consumer users. It’s an increasingly prevalent issue, with Symantec estimating that Canadians were affected by over 1,600 ransomware attacks a day in 2015.

Read the rest of this entry »


20 Nov 2014

A warning to webcam users


Update:

    Shortly after this letter was sent, the OPC was pleased to see that the website stopped broadcasting footage from unsecured webcams.

    The incident highlights the need for anyone with a webcam in their home or business to ensure they take steps to secure the camera.

    As well, it is important for companies that manufacture and sell Internet connected cameras to emphasize the importance of changing the factory default password – and make it as clear and easy as possible for people to do so.

The Office of the Privacy Commissioner of Canada is working with international and provincial counterparts to address the issue of a Russian website that has posted links to footage of unsecured surveillance videos from remote access webcams in use around the world, including Canada.

We fully support UK Information Commissioner Christopher Graham’s call for Russian authorities to take immediate action to take down the site.

We are also in the process of contacting the operators of the website to urge them to take down the webcam images.

In the meantime, we are urging anyone with a webcam in their home or business to ensure that they take steps to secure the camera – make sure you are not using the factory default password.

Check out the UK Commissioner’s blog on this issue.


8 Apr 2013

Surveillance technologies and children


A complaint investigation about a daycare that offered webcam monitoring to parents caused us to consider the prevalence of high tech surveillance tools in the day-to-day lives of children. Specifically, we wondered how technical surveillance might affect kids’ feelings about privacy.

To gain some insight into this issue, we examined current research on the effects of surveillance on children and youth. The resulting paper is Surveillance technologies and children.

The research we examined raised questions about the potential effects of surveillance on children’s social development in the long term, particularly as it pertains to children’s feelings of trust and autonomy. Some research suggested that persistent surveillance could even result in children not knowing how to establish their own privacy, or recognize the privacy of others.

But it seems that this area is only beginning to be studied. We would like to see more research being done on this subject, taking into account children of different age groups and varying levels of surveillance. Having more information about how surveillance impacts children’s attitudes, life skills, moral development, and sense of privacy would help parents find the appropriate balance between protecting their children and respecting their children’s need for independence and privacy. It might also focus more attention on those who track our children for less altruistic purposes, like for profit.

Have a read, and let us know in the comments: Do you think surveillance of children has an impact on their long-term development? We would love to hear from you.


21 Nov 2012

Employee privacy – a balancing act


Companies are always seeking ways to improve productivity.  The most innovative and successful methods can create some positive buzz around a company.

Other approaches can sometimes be ill-advised, premature or ineffective, and this can make waves within an organization.

Last month, a law firm in Toronto was the subject of some media interest over its highly controversial plan to use fingerprint-scanning technology to monitor the comings and goings of its administrative staff. The plan was meant to ensure that staff were not “abusing the system” with lengthy lunch breaks and short work days. Media reports and blog posts zeroed in on the privacy implications of such a plan.

Our Office wouldn’t have oversight over this specific employment matter – we only have oversight into matters of employee privacy in federal works, undertakings, or businesses (lovingly referred to as “FWUBs”). Otherwise, employee privacy is largely a provincial matter, with several provinces having passed privacy legislation that applies to personal information of private sector employees. It’s unfortunate that there is little redress for employees in those provinces that do not have legislation in place, this being one such case in point.

An employer’s need for information should be balanced with an employee’s right to privacy. While employers may be focused on increasing productivity, they should seek to ensure that they weigh the benefits of any potentially privacy-invasive plans against the costs — and not just economic  costs.  Cost considerations should include potential impact on staff morale, loss of trust and loss of human dignity.

Law firms, in particular, could set a model example in how they handle personal information when managing their law practice. In Girao v. Zarek Taylor Grossman Hanrahan LLP, Hon. Justice Richard Mosley wrote,

““Law firms providing advice to clients who deal with the personal information of their customers must be knowledgeable about privacy law and the risks of disclosure. Lawyers also have a public duty to protect the integrity of the legal process. The failure of lawyers to take measures to protect personal information in their possession may justify a higher award than that which would be imposed on others who are less informed about such matter.”

While the Federal Court was referring to the personal information of clients rather than employees in those circumstances, it’s still a significant message about the high standards of conduct judges expect lawyers to live up to.

We hope law firms will take the opportunity to consult our privacy guidance for lawyers. And we hope organizations will take advantage of the other resources we have on dealing with workplace privacy issues, including our fact sheet for human resources professionals.

 


26 Oct 2012

Privacy Pop – Our top ten films on privacy


Privacy and surveillance have always been compelling themes in pop culture, and Hollywood has certainly used the concepts to great effect. Below, in no particular order, is our own selection of the best films with a privacy theme.

Do you agree with our list, or do you think we’ve left something out? Let us know in the comments!

Louis 19, le roi des ondes (King of the Airways

The only comedy on our list, Louis 19 traces the path of Louis Jobin, a man initially thrilled to be chosen as the star of a reality TV show, only to discover that celebrity is not all it’s cracked up to be. Released in 1994, the movie predated the onslaught of reality TV shows, social networking sites and the concept of micro-celebrity.

A Scanner Darkly

Like a few of the other films on this list, A Scanner Darkly takes place in the not-too-distant-future, where surveillance is ubiquitous and constant. Based on the Philip K. Dick novel and directed by Richard Linklater, this film also considers notions of identity, and how the effects of surveillance on identity.

Caché (Hidden)

This Austrian-French thriller follows the lives of the Laurent family as they attempt to determine who has been secretly videotaping them. Released in 2005, the film has won numerous awards and earned global accolades from film critics.

The Conversation

Gene Hackman plays a plays a paranoid and brilliant surveillance expert in this 1974 film which may or not be the precursor to another movie which didn’t quite make our cut, Enemy of the State. Directed by Francis Ford Coppola, The Conversation has been praised for its “remarkably advanced arguments about technology’s role in society that still resonate today.”

Gattaca

Gattaca brings the themes of privacy and surveillance to the sub-atomic level. In this version of the not-too-distant-future, DNA plays a major role in determining future profession, potential mates and social class.

Minority Report

Before starting production, director Steven Spielberg assembled a group of futurists to get a handle on what the year 2054 might look like. That would explain the wealth of plausible technology showcased throughout the film, like this scene where Tom Cruise’s character is approached by pushy holographs with  personalized, targeted sales pitches.

The Lives of Others

Released in 2006. A Stasi agent takes an interest in a couple living in East Berlin and begins to monitor them – at first, with the intention of determining their loyalty to the Socialist Unity Party, but then increasingly for his own personal interest in their lives.

1984

George Orwell’s modern classic was brought to the big screen for a second time in 1984. (The first film adaptation was made in 1956.) Like all good cultural memes, this one introduced several new words and phrases into our vocabulary, including Big Brother, thoughtcrime, and memoryhole.

Rear Window

Man breaks leg, gets bored, spies on neighbours – high jinx ensue. The high-tech surveillance techniques featured in many of the other films on this list are nowhere to be found in this classic Hitchcock mystery.

Red Road

This Scottish film follows a CCTV operator who actively monitors a man from her past. Director Andrea Arnold has said her depiction of Glasgow as a city under constant surveillance was meant to provoke a debate about the use of CCTV networks.

 


21 Sep 2012

Citizens watching citizens


Waiting for his bus, a man watches as two people smash a glass window in an attempt to break into a building.  He takes his phone out of his jacket pocket, points it towards the couple across the street, and snaps a photo. He posts it to Twitter. “Incredible,” he writes. “At the corner of Wellington and Fifth.”

Welcome to the world of citizen journalism, where the ubiquity of camera-enabled smartphones and the exploding popularity of social media has led to the rise of citizens watching, and reporting on, the actions of other citizens.

In June 2011, bystanders documented  the scene as a riot broke out in downtown Vancouver following Game Seven of the Stanley Cup Finals. Tips were submitted by the public to the Vancouver police, which included over 1,000,000 photos and over 1,000 hours of video. These events provide a real-life scenario to study the emergence of citizen journalism and the potential for misuse of personal information that comes with it.

We commissioned two independent papers intended to further discussion on this topic. We asked Internet strategist Jesse Hirsh and lawyer Kent Glowinski to explore the technology and legal implications, and to consider possible legal protection for privacy within social media. These papers are now available on our website. We invite you to read them and let us know in the Comments section below what you think.