Comments in Response to Consultation on Matters Related to 9-1-1 Service

Submission of the Office of the Privacy Commissioner of Canada to the Canadian Radio-television and Telecommunications Commission (CRTC)

---

March 1, 2013

Mr. John Traversy
Secretary General
Canadian Radio-television and Telecommunications Commission
Central Building
1 Promenade du Portage
Gatineau, Quebec K1A 0N2

Re: Telecom Notice of Consultation CRTC 2012-686 – Call for comments re: matters related to 9-1-1

Dear Mr. Traversy:

1. On December 17, 2012, the CRTC issued Telecom Notice of Consultation 2012-686 announcing the appointment of an Inquiry Officer to conduct research on 9-1-1 service in Canada and inviting participants to comment on questions set out in Appendix 1 of the Notice.

2. The Office of the Privacy Commissioner of Canada (OPC) makes this submission as an interested party to the proceedings, pursuant to its legislative mandate^{Footnote 1} to protect the privacy rights of individuals and promote the privacy protections available to Canadians.

3. Appendix 1 to the Notice of Consultation sets out several questions about the existing 9-1-1 service and Next Generation (NG) 9-1-1. We do not have a mandate or the expertise to respond to these questions.

4. Our submission consists of the following sections:

• I – The Complementary Roles and Authorities of the OPC and CRTC
• II – 9-1-1 and Emergency Services
• III – NG 9-1-1 and the Need for Robust Privacy Protections

I - The Complementary Roles and Authorities of the OPC and CRTC

5. The OPC’s mandate is to oversee compliance with the Privacy Act, which applies to the personal information management practices of federal government departments and agencies, and the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s federal private sector legislation. PIPEDA applies to organizations that collect, use, or disclose individuals’ personal information in the course of commercial activity. It does not apply to organizations covered by provincial legislation that has been deemed to be substantially similar to PIPEDA.

6. PIPEDA, however, continues to apply to federal works, undertakings, or businesses (FWUBs) across Canada, which includes telecommunication companies. In relation to FWUBs, PIPEDA covers both customer and employee personal information.

7. In general, PIPEDA would not apply to the personal information handling practices of most public safety answering points (PSAPs) since they are not typically engaged in commercial activity.

8. The Privacy Act would generally not apply to PSAPs since they are not usually operated by federal government departments or agencies. Under Canada’s constitutional framework, the provincial and territorial governments and local authorities provide the first response to the vast majority of emergencies.

9. Provincial or territorial legislation may apply to PSAPs. For example, we are aware that the Government of Manitoba has passed The Emergency 911 Public Safety Answering Point Act that contains confidentiality provisions and penalties for misusing personal information received by a PSAP.

10. The CRTC derives its authority to regulate the telecommunications industry from the Telecommunications Act. Under section 7 of the Telecommunications Act, the telecommunications policy objectives include the safeguarding and protection of individuals’ telecommunications privacy. In particular, paragraphs 7(a) and (i) of the Telecommunications Act state:^{Footnote 2}

7(a) to facilitate the orderly development throughout Canada of a telecommunications system that serves to safeguard, enrich and strengthen the social and economic fabric of Canada and its regions;…

7(i) to contribute to the protection of the privacy of persons.

11. As my Office has noted in previous submissions to the CRTC, while the OPC and CRTC’s roles are complementary, they are not redundant, given the difference in functions and powers.^{Footnote 3} PIPEDA is a statute of general application that applies to diverse industries, while the Telecommunications Act is sector-specific and enables the CRTC to create specific guidelines and regulations to address concerns within the industry.^{Footnote 4}

II - 9-1-1 and Emergency Services

12. Our Office has previously provided comments to the CRTC with respect to 9-1-1 service. In 2005, we provided comments re: Telecom Public Notice CRTC 2005-7, Access to information contained in the incumbent local exchange carriers’ emergency 9-1-1 databases for the purpose of providing a Community Notification Service.

13. We were pleased at the extent to which the CRTC was able to accommodate privacy considerations in its decision, Telecom Decision CRTC 2007-13.

14. In our comments we pointed out that “All too often, privacy is viewed as an impediment to protecting public safety. By establishing clear and consistent procedures to protect personal information, a well-designed CNS [Community Notification Service] can enhance public safety without sacrificing privacy.” We believe that observation is equally relevant to designing a next generation 9-1-1 (NG 9-1-1) service.

15. We appreciate that first responders and other organizations that respond to emergencies often need to have access to personal information. Along with our provincial colleagues, we have developed a Privacy Emergency Kit that we expect to post on our website in the near future. The purpose of the guidance document is to help organizations enhance the timeliness and content of communications during an emergency while giving people confidence that their personal information will be handled appropriately.

16. Many of Canada’s privacy laws contain exceptions to allow the disclosure of personal information without consent in the event of an emergency. For example, paragraph 7(3)(e) of PIPEDA allows a disclosure without an individual’s knowledge or consent “to a person who needs the information because of an emergency that threatens the life, health or security of an individual and, if the individual whom the information is about is alive, the organization informs that individual in writing without delay of the disclosure.”

III – NG 9-1-1 and the Need for Robust Privacy Protections

17. Our understanding is this consultation is being driven by the need to update the 9-1-1 service infrastructure in Canada, and in the United States to take into account the dramatic changes that are taking place in communications technologies.

18. When 9-1-1 service was first introduced, most people communicated using limited capacity, analog landlines. It was later adapted to accommodate the need to be able to identify the location of wireless handsets. However, even today, most services can only accommodate voice calls and possibly calls by hearing- or speech-impaired persons.

19. NG 9-1-1 will potentially allow the public to make voice, text, or video emergency "calls" from a variety of communications devices via Internet protocol-based networks. As well, the NG 9-1-1 infrastructure will be able to receive communications from automatically triggered sensors such as automobile automatic collision notification systems and personal medical alert devices. NG 9-1-1 could even be linked to intelligent transportation systems.

20. In addition to voice and location data, it is envisaged that NG 9-1-1 will be able to receive text messages, images, video and even information such as health records and building plans.

21. NG 9-1-1 PSAPs will potentially receive far more data and potentially much more sensitive data from a privacy perspective. As well, they will receive this information not just from individuals calling 9-1-1 but potentially from a variety of sources.

22. Protecting this information will be critically important to the success of NG 9-1-1. Individuals will need to be confident that their information will be adequately protected. If not, there is a risk that a lack of trust could have a chilling effect on the use of the service. Individuals should not have to choose between their safety and well-being and the protection of their personal information.

23. We appreciate that it may be challenging to develop a robust privacy framework given the potentially wide range of entities that may be involved in providing NG 9-1-1.

24. PIPEDA or substantially similar provincial legislation will apply to some of these entities, for example telecommunications service providers, automobile manufactures and companies that provide home alarm or monitoring systems. However, some entities may fall outside the scope of federal, provincial or territorial privacy legislation.

25. Given the CRTC’s mandate to “contribute to the protection of the privacy of persons” we would urge the CRTC to carefully consider how best to ensure that privacy will be protected in the development and roll-out of the NG 9-1-1 infrastructure. One way to do this is to ensure that privacy considerations are taken into account at the planning and development stage.

26. A critically important part of the Inquiry Officer’s research should be to examine how this could be achieved, whether through standards, binding codes of conduct or other mechanisms.

27. These standards or other protection measures should be based on the fair information principles that are found in Schedule 1 of PIPEDA and are incorporated implicitly in almost all privacy laws throughout the world. These principles include the obligation to limit the collection of personal information, restrict how it can be used and disclosed, inform individuals how their information, including location information, will be used, safeguard the information and only retain it as long as necessary.

28. Public education should be an essential element of the roll-out of NG 9-1-1. Individuals need to be made aware of how their personal information will be used, with whom it will be shared, and how it will be protected.

29. Our understating is that one of the objectives of NG 9-1-1 is to create a standardized system that will function seamlessly throughout Canada and internationally, particularly in the United States. We understand that NG 9-1-1 will need to accommodate the reality of mobile communications.

30. At the same time, we are aware that, at present, 9-1-1 calls are not necessarily treated as confidential in some American jurisdictions. Our understanding is that in some states they are considered to be part of the public record. The Inquiry Officer should examine how privacy protections can be ensured in an interoperable environment.

31. NG 9-1-1 is still at a concept stage and it will undoubtedly be developed and implemented in stages. As a result, it is difficult for the Office of the Privacy Commissioner of Canada to identify all of the privacy issues that may arise. As the NG 9-1-1 infrastructure becomes clearer, more issues may arise, for example, it may rely on third party service providers such as “cloud” providers. This suggests that the assessment of privacy risks should be an ongoing process.

Conclusion

32. NG 9-1-1 raises many important and challenging issues from a privacy perspective. We appreciate the opportunity to provide comments.

Sincerely,

(Original signed by)

Jennifer Stoddart
Privacy Commissioner of Canada