Latest news with #PrivacyCommissioner
CTV News
5 days ago
- CTV News
‘Profoundly damaging': U.K. and Canadian officials on the 23andMe global data breach
Watch Privacy Commissioner of Canada and U.K. Information Commissioner provide update on the joint investigation into the data breach that impacted 7-million people.
CTV News
13-06-2025
- Health
- CTV News
B.C.'s privacy watchdog weighs in on health AI boom – as doctors warn it's not a substitute
As a growing number of doctors adopt artificial intelligence tools in their offices and hospitals, British Columbia's privacy commissioner is urging them to do their homework on privacy requirements. CTV News sat with Michael Harvey, B.C.'s Information and Privacy Commissioner, for an in-depth discussion around AI and found the area isn't just nuanced, it's being developed and assessed as the technology evolves. 'There is no question that our laws need to be reformed to adapt to the changing technological circumstances,' he stated. 'That said, it's not like there's no laws that apply to AI in the health sector or other sectors.' Notifying patients they're using the technology is the minimum, Harvey said, but health-care practitioners should go further if they're using scribes or other software in their practice. 'Even in situations where it might not be strictly legally necessary to do more than notify, I think it's a good advice for clinicians to really take that extra step and have a bit of a conversation,' said Harvey. 'Because we're talking about new types of applications here, organizations would be well advised to hold themselves to a higher bar of express consent.' What's clear and not so clear There are two aspects privacy watchdogs are monitoring as AI permeates the health-care system, in particular: the data being used to train the models, and the experience of the patients receiving care. Harvey said if a provider is gathering information they need to notify the patient, and if it's being used for a secondary purpose like training an AI, 'generally speaking, you should have to consent for that purpose, but there are exceptions in the law.' He was clear that while a program could be approved for one type of use, it can't just be used for another purpose without a fresh assessment of the privacy impact 'because sometimes that can even change the whole legal basis for the program,' and whether it's in compliance with B.C. privacy laws, which aren't the same as our federal legislation or U.S. HIPAA laws. Harvey encouraged patients to ask their health-care provider questions about what kind of data is being used, and to contact his office to report any red flags that he may need to take a look at, since 'protecting people's trust in the health system should be a very high priority.' Doctors warn of limits As the province's health-care system continues to see long waits for patients to see family doctors or emergency room physicians, Doctors of B.C. worries that patients will try to self-diagnose with AI when the technology isn't meant for that purpose. 'We don't want serious illnesses or serious conditions to be missed,' said president Dr. Charlene Lui, who insisted that the public and health-care providers alike should consider AI to be a tool, rather than a substitute. She said that every doctor has stories of experiences throughout their career where they spotted signs of cancer, diabetes, or other serious medical conditions while meeting with a doctor for another reason. Lui is a family doctor herself, and will always remember an appointment with a woman who'd gone to see her for her own health issue and had brought her baby – who immediately caught Lui's attention and was quickly rushed to hospital. 'The baby had heart surgery that day,' she said. 'There is something about seeing a physician that quick scan that a physician does that I think is often underappreciated.' This is the second part in a CTV Vancouver series taking a deep dive into the use of artificial intelligence in health care. You can read part one on everyday uses here.
CBC
12-06-2025
- Politics
- CBC
Ford government used code words to make it 'unduly difficult' to search Greenbelt records: report
Social Sharing Ontario Premier Doug Ford's government broke its legal, record-keeping obligations amid its now-reversed decision to open up parts of the protected Greenbelt lands for housing, the province's information and privacy commissioner has found. Political staff were using code words to thwart document requests and left a surprisingly small paper trail for such a consequential policy, Commissioner Patricia Kosseim wrote as part of her annual report. A number of freedom-of-information appeals her office received on Greenbelt-related requests revealed concerning, systemic issues, she wrote. "The Greenbelt-related appeals offer a clear example and cautionary tale about the consequences of inadequate recordkeeping," the IPC report said. "When key government decisions are not properly documented, when code words are used, or when records are stored in fragmented ways across personal and official systems, transparency suffers, and with it, public trust." In addition to issues previously highlighted by the auditor general around political staff deleting Greenbelt emails and using personal accounts, the government sometimes used code words in communications. Staffers sometimes referred to the Greenbelt project in messages as "special project," or "GB," or "G..," with references to G.. being next to impossible to find. Those terms and their inconsistent use made it "unduly difficult" to search for Greenbelt-related records, Kosseim wrote. "Worse, the use of the code word "G.." made it virtually impossible to find relevant records, given that the asterisk ("..") is used as a technical wildcard when conducting text searches, returning any word starting with "G," she wrote. That meant having to forego using the code word "G.." as a search term, so some Greenbelt records may have been missed, Kosseim wrote. "These practices not only violate legal record-keeping obligations, they also erode public trust in the integrity of government decision-making," she wrote. "The public has a fundamental right to know how and why decisions are made, especially those that impact protected lands like the Greenbelt. When records are obfuscated and made difficult, if not impossible, to find through evasive code words, transparency is compromised, and oversight becomes illusory." But there was also a "surprising" lack of Greenbelt documentation at all, which undermines transparency, Kosseim found. "The near-total absence of decision-making documentation is particularly concerning, especially on a file as high profile and consequential as changes to the Greenbelt," the report said. "Despite evidence of meetings and discussions involving premier's office staff and ministry staff about the Greenbelt, there was very little documentation of what was said or decided in those conversations, aside from a few contemporaneous notes taken by ministry staff." The RCMP is in the midst of an investigation into the government's decision to remove 15 parcels of land from the Greenbelt to remove 50,000 homes — a process the auditor general and integrity commissioner have found favoured certain developers. Premier Doug Ford's office says the government has taken several steps to strengthen record-keeping practices, including reminding staff to preserve and manage records in accordance with requirements and holding training sessions, and will continue to comply with legal obligations. NDP Leader Marit Stiles said "enough is enough," because the last time political staff were found to be deleting government records, one went to jail. A top aide to former premier Dalton McGuinty was convicted of illegal use of a computer relating to his destruction of potentially embarrassing documents about the Liberal government's costly decision to cancel two gas plants before the 2011 provincial election. Stiles said there should be consequences for these new failings. "When will the premier finally answer for the disturbing culture of dodging accountability and disappearing records within this government?" she wrote in a statement.
CBC
09-06-2025
- CBC
RCMP thumb drive with informant, witness data obtained by criminals: watchdog
Social Sharing The RCMP lost a USB key containing personal information about victims, witnesses and informants, and later learned it was being offered for sale by criminals, the federal privacy watchdog says. A detailed report from the Office of the Privacy Commissioner of Canada reveals the RCMP told the watchdog about the breach in March 2022, prompting a lengthy investigation. The RCMP determined that the unencrypted storage device contained the personal information of 1,741 people, also including subjects of interest, informants, police officers and civilian employees. "The RCMP's investigation also established that only some of the documents on the device were password protected and that the device itself was not encrypted nor password protected," the privacy watchdog's report says. The Mounties learned from a confidential source three weeks after the loss that the data on the device was being offered for sale by members of the criminal community. "Given the nature and sensitivity of the information that the RCMP handles on a daily basis, [our office] would have expected the RCMP to have strict security measures in place to safeguard its information holdings," the privacy commissioner's report says. "We also would have expected for those measures to be stringently monitored and that the RCMP would take prompt action where non-compliance, whether accidental or not, is discovered." Privacy Officer Philippe Dufresne's office found the RCMP violated the Privacy Act, given that the personal information of individuals was disclosed without their consent. The privacy watchdog also concluded that RCMP personnel failed to report the loss of the USB storage device to the force's authorities in a timely manner. However, once aware of the breach, the RCMP's notification to affected individuals and the steps taken to manage the risk of further harm to them were "generally appropriate in the circumstance," the report says. Finally, Dufresne's office found the RCMP failed to take appropriate measures to safeguard the personal information. The privacy watchdog recommended the RCMP adopt strict security measures for the use of USB storage devices. This included measures not only to ensure that only approved USB devices are used, but also audits to confirm that devices are returned when no longer needed, as well as additional training, the report says. The commissioner reports that the Mounties agreed in principle to the recommendations but did not commit to implementing them within a specific timeline. RCMP spokesperson Robin Percival said Monday the force initiated a review of its security and privacy policies, as well as its awareness program, to ensure employees were reminded and sensitized of their continual responsibilities to protect sensitive information. "The program also addresses the immediate actions to be taken in case of a security breach," Percival said in a written response. The RCMP remains committed to preventing the use of unauthorized and unencrypted USB storage devices and to implementing appropriate measures and solutions across the country, she added.
RNZ News
04-06-2025
- Business
- RNZ News
Facial recognition: Supermarket trial 'a great starting point'
A system that was shared among retailers with a centralised offender dataset or watchlist could be looked at. Photo: 123RF Some national retail chains are considering whether to deploy their own facial recognition systems, says an industry group. A new evaluation by the Privacy Commissioner has given a "cautious tick" to the way Foodstuffs has trailed facial recognition in some supermarkets to combat shoplifting and aggression against staff. Justice Minister Paul Goldsmith says the option of having a centralised system of facial recognition is something he expects officials to consider. The evaluation said a system that was shared among retailers with a centralised offender dataset or watchlist could be looked at. "The suggestion is that this may potentially improve the effectiveness of retail use of FRT [facial recognition technology]." This might be where repeat offenders from other locations were not included on a store's watchlist, it added. "There are also suggestions that a centralised system could mitigate security risks such as data breaches, based on the assumption that it would be easier to protect than storage systems in individual businesses.". Such a step would require closer regulatory monitoring and oversight, according to the evaluation. Goldsmith said he expected a ministerial advisory group to look at the centralised option as well as others raised. The supermarket trial was a "great starting point", he said. The evaluation had noted privacy concerns must be carefully safeguarded, and the minister now expected the advisory group to continue to look at this technology "as an option to be used more widely". Retail NZ signalled that was on the horizon. It would not name any specific stores, but said other businesses had been watching the Foodstuffs trial and "a number" were investigating facial recognition technology for their own operations "in the near future". "We know that major retailers, some of the national chains, are certainly looking into it," it said on Wednesday. Retail NZ chief executive Carolyn Young said it was too early to say anything about the centralised option, as it was still reviewing the commissioner's evaluation. "Retailers are crying out for proactive solutions that prevent crime and enhance the safety of their staff and customers... alongside other crime prevention tools such as security guards, fog cannons, staff training, body cameras and other technology solutions." Young heads up a working group of a number of large retailers developing "agreed approaches" to crime prevention, including facial recognition. Across the Tasman, hardware chain Bunnings has been in a legal tussle over its use of facial recognition, with Australia's privacy watchdog accusing it of breaching thousands of customers' privacy, and the chain recently filing arguments against it. Sign up for Ngā Pitopito Kōrero , a daily newsletter curated by our editors and delivered straight to your inbox every weekday.
