- Published: 15 July 2019
Brian Beamish says Ontario’s privacy laws have not kept pace with digital technologies and practices such as sensors, big data analytics and AI.
In his 2018 Annual Report, Privacy and Accountability for a Digital Ontario, Brian Beamish, Ontario’s Information and Privacy Commissioner, recommends several initiatives to enhance access to information and protection of privacy in Ontario.
Among the Commissioner’s recommendations is a call to modernise Ontario’s privacy laws to “address the risks posed by smart city technologies”.
“Ontario’s privacy laws are outdated in the face of current digital technologies and practices such as sensors, big data analytics, and artificial intelligence,” Beamish writes.
He calls in particular for a review and modernisation of the Freedom of Information and Protection of Privacy Act and its municipal counterpart.
Beamish said: “The technologies available today have the potential to unlock many benefits for communities and enable governments to deliver services more effectively and efficiently.
"However, they can collect, use and generate large amounts of data, including personal information. The use of data and technology must not come at the expense of privacy. Ontario needs an updated legislative framework that includes effective and independent oversight of practices related to personal information.”
Further recommendations include a call for tighter oversight of political parties concerning the large amount of sensitive personal information that they hold along with technological advances around collecting, integrating and analysing data.
“Sophisticated data practices can be used to target individuals, manipulate public opinion and influence election outcomes,” the report notes, adding: “The risk of breaches, both intentional and through human error, rises with the use of big data technology.“
Beamish calls for political parties to be subject to privacy requirements set out in Ontario’s privacy laws.
Beamish also highlights the potential of artificial intelligence (AI) to prevent data breaches in the health sector. The report notes that AI can identify minute anomalies in network systems, signalling privacy breaches in real time, and can be used to interpret network activity in ways that would not be possible through manual auditing and other preventative mechanisms.
“I would like to see the widespread use of AI to address the ongoing problem of unauthorised access in the health sector,” Beamish said.
Beamish’s report comes shortly after Alphabet-owned Google sibling Sidewalk Labs released the long-awaited and controversial plan for its Toronto smart city development. One particular area of contention has been around the collection and use of data.
Sidewalk Labs has put forward the idea of a government-sanctioned independent urban data trust, which would have responsibility for approving and overseeing "every single use of urban data in the district".
“We will not use personal information for advertising. We will not disclose personal information to third parties without explicit consent,” said Dan Doctoroff, CEO, Sidewalk Labs, when the draft master innovation and development plan (MIDP) was launched.
Doctoroff commented: "We are quite convinced that what we have proposed exceeds, quite substantially, existing Canadian and Ontario privacy laws."
However, he added: "That said, we also expect government to determine what the appropriate regime will be. We are absolutely prepared to comply with whatever regulatory or legal regime that they think is warranted."
In October last year, Ontario’s former information and privacy commissioner, Ann Cavoukian, resigned from her position as advisor to Sidewalk Labs because of concerns over personal data security.
Quelle/Source: Smart Cities World, 08.07.2019