Remarks delivered to the Annual Conference of the Canadian Association for Security and Intelligence Studies, October 30, 2009 by Chantal Bernier, Assistant Privacy Commissioner of Canada
… As you may know, I came to the Office of the Privacy Commissioner of Canada from the Department of Public Safety, where I had the privilege of serving as Assistant Deputy Minister in the Community Safety and Partnerships Branch.
As such, I have had substantial engagement in a range of security and intelligence files.
My entire presentation is premised on this tenet: Privacy and security are not at odds.
On the contrary: I would put to you that measures to protect privacy must be integral to any initiatives to fight terrorism or other crimes.
Why? Because we live in a free and democratic society where individuals enjoy the right to live, to move around, to communicate and to go about their daily lives, free from unwarranted interference by the state.
And for practical reasons too:
Any effort towards greater security that is strictly tailored to the actual risk — and that therefore minimizes the infringement of privacy or other rights — will be more targeted and more effective.
For example, an investigation that is carried out in accordance with the law, and in a way that respects privacy and other rights, will yield cleaner evidence and a more compelling case for the prosecution.
In other words, all the work that is poured into greater security is more likely to pay off if it is carried out in a strategic, targeted manner. And an essential consideration in that regard is due respect for the right to privacy.
Airport scanners
Another file in which we are deeply involved relates to plans by CATSA, the Canadian Air Transport Security Authority, to install millimetre-wave whole-body imaging scanners at several Canadian airports.
These machines can penetrate clothing to expose concealed objects such as weapons or drugs. Their principal advantage over metal detectors is that they can identify non-metallic objects, such as ceramic weapons or liquid or plastic explosives.
Our Office has examined two Privacy Impact Assessments, or PIAs, prepared by CATSA — first for a pilot test conducted at Kelowna Airport, and more recently for the full program.
As we told CATSA earlier this week in our response to its PIA, we consider this technology to be inherently sensitive as it reveals an outline of the traveller’s body. Many people may perceive it as privacy invasive.
As such, we have worked with CATSA to ensure appropriate privacy safeguards.
One of the key results is that the technology will be used only for secondary purposes, after an individual has already passed through the metal detector. What’s more, the scans will be voluntary, with passengers given the option of going through them, or having a physical pat-down.
And — this is key from a privacy perspective — the images will not be recorded, printed or transmitted. Indeed, they will be deleted as the passenger leaves the scanner.
Four tests
In weighing this and any other government initiative with a potential impact on privacy, our approach is to apply four tests: Necessity, proportionality, effectiveness, and the existence of less-intrusive alternatives.
We ask ourselves: Is the proposed measure really necessary? Have the proponents offered proof of a genuine problem, with no other viable solutions?
Our next criterion is proportionality. Many measures will infringe on privacy; that is just the price we pay for living in a community. Any benefit to the group will generally restrict some liberties of the individual, but the invasion of privacy must be proportionate to the benefit derived.
We also want some assurance of effectiveness. We want to ensure that a measure that infringes on privacy, in the name of the collective good, really meets that specific objective.
As for the fourth test: If a measure is proposed that will affect the privacy of individuals, we want to know that it is justifiable on the grounds that there are no less intrusive alternatives already available.