Back to IPC main page Information and Privacy Commissioner/Ontario
80 Bloor Street West
Suite 1700
Toronto, Ontario
M5S 2V1
416-326-3333
1-800-387-0073
Fax: 416-325-9195
TTY (Teletypewriter): 416-325-7539
Web site: www.ipc.on.ca


July 27, 2001



Secretary General
Canadian Radio-Television and Telecommunications Commission
Ottawa, Ontario
K1A 0N2

RE: PUBLIC NOTICE CRTC 2001-60-1
Confidentiality provisions of Canadian Carriers

1. As part of its mandate, the Office of the Information and Privacy Commissioner/ Ontario (IPC) comments on the privacy implications of emerging or existing information practices and services. In keeping with this mandate, we would like to comment on whether the written consent of customers should continue to be required in order to allow carriers and their affiliates to share customer information.

2. Does the current written consent rule place Canadian carriers at a competitive disadvantage compared to competitors such as cable companies? How should the Commission balance the privacy concerns with the issue of competitive equity?

3. In our view, privacy protections should never be sacrificed in favour of competitive equity. If a level playing field is sought, then privacy safeguards should be harmonized to the most appropriate standards, rather than to the lowest common denominator.

4. Should a Canadian carrier be permitted to disclose confidential customer information to an affiliated company without the written consent of the subscriber?

5. In our view, Canadian carriers should only be permitted to disclose confidential customer information to an affiliated company with the express consent of the subscriber. The appropriate form of the consent (i.e., written versus oral) depends on the circumstances in which the consent is being sought. If the carrier's primary mode of contact with its customers is by telephone, then it would be appropriate to obtain consent orally over the telephone. If the primary mode of contact is electronic, then it would be appropriate to obtain consent electronically. What is important is that there be a written record of an express consent having been given.

6. If such disclosure is permitted, should it be subject to any restrictions? For example, should such disclosure only be permitted for the purpose of allowing the affiliated company to market or provide its products and services to the subscriber?

7. In obtaining the express consent of the individual for the disclosure of personal information, carriers should set out the specific purposes for which the information may be disclosed. Disclosure should be permitted only for those specific purposes.

8. If written consent is not required:

i) What type of consent (e.g., express or implied) would be sufficient to allow a Canadian carrier to disclose to an affiliated company confidential subscriber information?

ii) Assuming express consent is required, what measures would be adequate for obtaining express consent for such use and disclosure?

iii) What are the circumstances that would indicate implied customer consent to allow a carrier to disclose the customer's confidential information to affiliated companies?

9. In our view, express consent would be necessary to allow a Canadian carrier to disclose to an affiliated company confidential subscriber information.

10. Before it can be considered to be valid, consent for the disclosure of confidential subscriber information must:

  • relate to the specific information being disclosed;
  • be informed;
  • be given voluntarily; and
  • not be obtained through misrepresentation or fraud.

11. Consent to the disclosure of information is informed if the individual who gives the consent has, at the time of giving the consent, the information that a reasonable person would require in the circumstances to make a decision. The information that a reasonable person would require includes:

  • The name of the party who will receive the information;
  • The purpose of the disclosure;
  • The nature and extent of the information to be disclosed;
  • The reasonably foreseeable consequences and benefits of giving or withholding consent to the disclosure.

12. In addition, consent should be time limited and revocable by the individual at any time.

13. The Personal Information and Electronic Documents Act provides some guidance on what is appropriate in terms of the form of the consent (i.e., express or implied) and the way in which it is sought (i.e., in writing or orally). Both the form of the consent and the manner in which it is sought may vary depending upon the circumstances and the type of information. The type of consent and the way in which it is sought should take into consideration the sensitivity of the information, the reasonable expectations of the individual, and the circumstances in which the information is being collected. An organization should generally seek express consent when the information is likely to be considered sensitive. However, the federal legislation does not require consent to be in writing. For example, consent may be given orally when information is collected over the telephone. Where it has been given orally, there must be a written record of an express consent having been given.

14. In our view, confidential subscriber information is sensitive personal information. For example, it could be used to identify the names and addresses of all friends, family members and business associates who are in contact with the individual by telephone. Accordingly, express consent for the use and disclosure of this information should be required under all circumstances. A requirement to obtain express consent in writing is an additional safeguard that would help to ensure that there is a written record of an express consent having been given. A written consent also provides the best evidence that the consent is, in fact, truly informed and valid. However, written consent may not be appropriate or necessary in all circumstances. Provided that individuals are adequately informed about what they are consenting to and there is a written record of an express consent having been given, it is our view that carriers should be permitted to seek consent in the form that is appropriate in the circumstances.

15. In addition, where the individual has provided consent, the disclosure of subscriber information should be on a need to know basis. The information should only be disclosed to those individuals who require the information for the specific purposes to which the individual has consented. In addition, the disclosure should be limited to the minimum amount of personal information that is required to fulfill the specified purposes.

16. In our view, implied customer consent for the disclosure of subscriber information would not be appropriate under any circumstances.

17. In the approved tariffs of incumbent local telephone companies, the term "affiliate" is defined as any person controlling or controlled by the same person that controls the company and includes a related person. Is this definition sufficient for the current purposes and, if not, what would be a sufficient definition of an affiliate?

18. In our view, this definition is not sufficient for the current purposes. It is not clear what is intended by the inclusion of "a related person" in the definition of an "affiliate." This could be construed to mean any person who has any relationship with the affiliate. An ambiguous definition of this nature would lead to a correspondingly ambiguous consent. For example, if the consent were to specify that confidential customer information might be disclosed to an affiliate of the carrier, this would mean not only the affiliate, but also any individual with a relationship with the affiliate. To avoid ambiguity, the definition of an affiliate should be made as narrow and specific as possible.

19. Information stored in a centralized database:

i) If confidential customer information shared among affiliated companies is stored in and accessed from a centralized database, does that raise any particular privacy issues?

ii) Should there be any restrictions on the collection and storage in this manner of confidential subscriber information? If so, what should they be?

iii) Should access to such database be subject to any conditions? If so, what should they be?

20. Storing confidential subscriber information in a centralized database with shared access poses a number of privacy issues. Technological and procedural privacy and security measures would have to be implemented to ensure that only the minimal amount of personal information is accessed by authorized persons, on a need-to-know basis, for the purposes to which the individual has consented.

21. In addition, since the risk of privacy breaches can never be totally eliminated, individuals who consent to the disclosure of their personal information among affiliates should be made aware of the benefits and risks of having their personal information stored on a shared central database and provided with an opportunity to refuse to have their personal information made available in this manner.

Thank you for considering our views on this matter.

Sincerely yours,


Ann Cavoukian, Ph.D.
Commissioner


The Information and Privacy Commissioner/Ontario Web site is provided as a public service to promote access to information and protection of privacy.

We appreciate hearing your comments and suggestions about this site. Please send them to [email protected].


[Main Page] [Search] [Site Map]