By Diana Hall
Ryerson is taking a closer look at what Bill C-30, Protecting Children from Internet Predators Act, could mean for its own privacy obligations and students.
The federal public safety minister Vic Toews’s controversial legal access bill would grant extended police surveillance powers to acquire personal user information from providers, like Rogers, upon request. In some cases, online habits and information could be obtained without a judicial warrant, but the bill is still under review.
The bill identifies post-secondary institutions as being exempt from these extensive provisions, unless subjected to comply under court order. However, Avner Levin, director of the Privacy and Cyber Crime Institute at Ryerson University, doesn’t believe there will be a real exemption for universities in the “convoluted” bill.
“There’s a lot of ambiguity here,” Levin admitted. “This whole legislation is about completely other issues. Regardless of its name, it’s about making [information access] easier for law enforcement agencies.”
Heather Driscoll, special assistant to the General Counsel and information and privacy coordinator, said “What (Bill C-30) is suggesting is that we as citizens of Canada should be okay about giving up our privacy rights in the name of protecting children from internet predators.”
“And there are already lots of good methods available to do that,” she said.
Students feel the new bill is infringing on their privacy rights.
“If it were to be effective I’d be willing to sacrifice the privacy, but I don’t think it will be effective in the end,” said Elise Ashley, firstyear criminal justice.
Concern that Ryerson’s legal obligations and policies could change as a result of its recent partnership with Google was a cause for further caution.
“Just because we’re using Gmail and using their products, we don’t want to sort of be stuck all of a sudden with a lower level of protection,” said Levin.
From his understanding of the bill, Brian Lesser, director of computing and communications services said there will be minimum to low impact.
“I don’t see why Ryerson as a service provider would have to offer up personal information,” he said. Ryerson is currently subject to Ontario’s Freedom of Information and Protection of Privacy Act (FIPPA), as well as the university’s own Information Protection and Access Policy .
Both identify a legal obligation to secure personal information, such as personal addresses and telephone numbers, and related information revealing the sex, age, religion or marital status of an individual. However, the responsibility for looking into the consequences of Bill C-30 doesn’t rest solely on the university, Driscoll argued.
Understanding privacy policies should be a shared responsibility and subject to individual risk assessment.