The government’s program using cellphone mobility data from Canadians to inform public health policies was under review again on Feb. 28 by the House ethics committee, with witnesses arguing that while privacy might have been respected, transparency was lacking and the country’s privacy laws are outdated.
Michael Geist, a law professor at the University of Ottawa who specializes in the internet, said it appears the government acted properly since the data used had been aggregated and de-identified, and its use during a pandemic “may well be beneficial.”
“Yet, despite all of these factors, something doesn’t sit right with many Canadians,” said Geist.
For him, the “foundational problem” lies with the fact that Canadian laws are “no longer fit for purpose and in dire need of reform.”
“We need laws that provide greater assurances that our information is protected and will not be misused, that policies are transparent, and that consent is informed.”
It was revealed last December that the Public Health Agency of Canada (PHAC) has been using cellphone data to track the anonymized movements of Canadians since the onset of the pandemic in order to measure the effectiveness of lockdowns and inform other public health policies.
PHAC obtained its data from wireless carrier Telus, from crowdsourcing company Tutela (by way of the Communications Research Centre), which collects mobility data by embedding its software in over 3,000 cellphone applications, as well from the health analysis company BlueDot.
“Telus collected data, and was requested to do so by the Public Health Agency. But it did so without the awareness of millions of Canadians,” said witness Jean-Pierre Charbonneau, former Quebec parliamentarian and professional speaker on ethics.
Charbonneau decried the lack of transparency and said the government has been trivializing the issue.
“When we don’t use the mechanisms in the legislation to protect people and their personal information, well then we lose people’s trust. We lose their trust in their elected officials and in their society.”
Geist agreed there could have been more transparency, saying there’s been limited disclosure and the Privacy Commissioner hasn’t been actively engaged. “It’s quite clear this could have been done far better.”
Privacy Commissioner Daniel Therrien told that same committee on Feb. 7 that his offer to review the collection of data had been rejected by the government, which consulted its own privacy advisers instead.
PHAC was seeking to extend and broaden its program and published a Request for Proposal (RFP) in December to enlist the services of a contractor who could provide it with data coming off cellphone towers for the next five years, with an intent to also use the data for other issues than the pandemic.
Since PHAC’s program had not been broadly advertised, opposition MPs have been pressing on the issue to find out if privacy rights were violated and why the government has not been more forthright about it.
On Feb. 8, a motion was adopted in the House of Commons to request that PHAC suspend its data program until it is further examined, with the Conservatives, the Bloc, and the NDP defeating the Liberals in the vote. However, the motion is non-binding and the government can choose to ignore it.
The government has said the privacy of Canadians has not and will not be violated because data was de-identified and aggregated, and that the information about PHAC’s program could be pieced together through various sources such as government press releases and statements.