What are your Rights?

What are digital rights?

The right to access the internet has been identified by the United Nations in 2016 as a human right. With access to the internet, users possess digital rights, which include things like freedom of expression and privacy. The convenience of technology comes at a tradeoff between privacy and security due to mass surveillance, data collection by governments, corporations, and organizations, and its monetization for corporate profit.

Why you should care
Sale of personal data

When tracing back the digital footprint you have been leaving behind since your earliest Tweets, Facebook status updates, and embarrassing Instagram photos, many students do not realize the implications this data may have in the future. In fact, many features of the internet such as long and complicated Terms of Service agreements, the lack of meaningful and informed consent, and surveillance and/or sale of your personal data* by social platforms are largely unquestioned by users. When online services are labelled “free,” consider the cost of privacy.

Personal Data: refers to data that points to an identifiable individual. Includes data such as: legal name, home 
address, age, sex, internet Protocol address (IP address), location data.  

Marginalized groups are oftentimes affected disproportionately by practises of mass surveillance and data collection. Access to the internet is not unilateral within our communities, nationally, or around the world. Additionally, marginalized groups may opt for “free” services, which comes at a cost of mass surveillance and personal data collection by companies as a result.  

Abuse of privacy

While mass surveillance and collection of personal data by governments and corporations may on the one hand be used for national security and research purposes, these practices can also be abused. When we just click through a Terms of Service agreement, we may be unknowingly signing away privacy rights in exchange for using the platform. This data may be sold to unknown third parties, used during legal investigations, or for the creation of targeted advertising strategies. In thinking about striking a balance between privacy and security, let’s take a look at the Canadian legislation to learn how your digital rights are being protected.    

Chart showing compliance with privacy laws

Canadian Legislation

Canada has two federal privacy laws which are enforced by the Office of the Privacy Commissioner* — the Privacy Act and the Personal Information Protection and Electronic Documents Act (PIPEDA).

*Office of the Privacy Commissioner: is independent of the Canadian government and is responsible for 
protecting and promoting privacy rights and compliance with the Privacy Act and the Personal Information 
Protection and Electronic Documents Act (PIPEDA).

The Privacy Act— outlines how federal governmental institutions are able to collect, use and disclose an individual’s personal data. The Act also outlines how individuals can correct personal data stored by the federal government.

Personal Information Protection and Electronic Documents Act (PIPEDA)— outlines how private organizations and corporations are able to collect, use and disclose an individual’s personal data for for-profit activities around Canada. PIPEDA does not apply to organizations and corporations that collect, use and disclose data for non-profit activities.   

Digital Privacy Actoutlines a series of amendment made to PIPEDA in 2015. The Act clarifies the definition of valid consent in collecting, using and disclosing an individual’s personal data. Consent is defined as an individual’s ability to understand “the nature, purpose and consequences of the collection, use or disclosure, to which they are consenting.” The Act also outlines exceptions where consent is overridden such as in the cases of detecting fraud.

Limitations with Privacy Legislation in Canada

Canada’s Privacy Act has remained largely unchanged since its adoption in 1983. Since 1983, major technological developments have shaped the world in ways unfathomable before, such as the digitization of information, e-commerce, smartphones, and the introduction of giants like Google and other social platforms. Loopholes in an outdated legislation may be used by the government to harness and use personal information about users. For example, in a telephone survey conducted in 2016 by the Office of the Privacy Commissioner, 78% of Canadians agreed that they would like to see updates to legislative safeguards put in place to protect Canadians’ personal data and greater transparency by governments and corporations about the ways in which data is being harnessed/used. Legislation is lagging behind rapid technological developments; especially in the fields of identity theft, data breaches and data breach reporting, and education.  

For Further Reading: