Organization of the Month | May 2017

This month, we feature BC Freedom of Information and Privacy Association (FIPA), a Clicklaw contributor.

FIPA is a non-partisan, non-profit society established to promote and defend freedom of information (FOI) and privacy rights in Canada. They strive to empower citizens by increasing their access to information and their control over their own personal information. FIPA was the major force in getting BC’s Freedom of Information and Protection of Privacy Act passed.

// Upcoming Events

Wednesday, June 21: FIPA AGMFIPA will have a joint speaker with the Canadian Institute for Information and Privacy Studies. The public is welcome attend but only members can vote. Become a member today, and join FIPA for the AGM! For more information on membership, visit FIPA’s website.

Tuesday, July 11 @ 12:30pm: FOI 101 Online Webinar with Courthouse Libraries BC. Open to anyone interested in learning the basics of filing FOI requests and learning to navigate some common challenges that can arise as requests are processed. Stay tuned for more information! You can also subscribe here to stay updated on all Courthouse Libraries BC webinars.

September: Right to Know Week – FIPA will be hosting their annual FOI 101 workshop as well as the 7th BC Information Summit. More information to come, so be sure to check the FIPA website for the most recent updates. These events will be included on the Clicklaw blog’s monthly events posts.

// Q&A with Vince, FIPA Executive Director

Hi Vince, thanks for answering our questions. Can you explain what FIPA does?

A lot of what we do is helping people navigate a system that is completely alien to them, usually to get them information or documents they need to take care of other problems they may be having. We also do some education, but keeping in mind most people we help are focused on other issues–FOI is a means to an end.

Who does FIPA help?

We work to serve all of BC and even more so this year by providing our FOI 101 workshop through an online webinar with Courthouse Libraries BC, so that we can better reach the entire province. This interactive webinar will provide newcomers to FOI with practical skills to prepare and submit information requests that get results, and to navigate some common challenges that can arise as requests are processed. We are also actively engaged in national issues as well.

What are you working on now? 

We’re always working on exciting privacy and FOI reforms at both the provincial and federal levels, but with a new provincial government apparently ready to take office, we’re gearing up to really push for these reforms that have been largely ignored.

This year, we’ve also been doing work based on our 2015 The Connected Car: Who is in the Driver’s Seat? Report for the federal Privacy Commissioner. We have just appeared at a Senate Transportation committee hearing into autonomous and connected vehicles, and we hope to do an update on the report later this year. This exciting research will examine the current state of privacy protections in the Canadian car industry.

What’s something you’d like to clear up about FIPA?

A lot of people think we hold personal records in our office, or that we are a government body to whom they send their requests–but we don’t, and we aren’t!

What are you most excited about for FIPA?

We have the opportunity to deal with a very fast-changing field, especially working to ensure that new technological advances are also protective of our information and privacy rights.

Conversely, is there anything you are worried about?

I’m worried that we are being sold a bill of goods, trading our rights to information and privacy for convenience and/or claimed protection from danger.

Last question: if you could wave a magic wand and make one wish come true, what would it be, and why?

I’d wish that even a small percentage of the money and time being spent on developing new technologies and products was spent on ensuring that those technologies and products protect our information and privacy rights. It’s not impossible to protect privacy in the new information age, but there is a reluctance to devote the resources to make it happen.

// FIPA expertise brought to Common Questions

Thanks to FIPA, we also have a slew of new Common Questions on FOI, records, and privacy. Check them out by scrolling down on the Clicklaw home page:

Stay informed with FIPA:

01_Clicklaw_30px 01_Twitter_30px 01_Website_30px

Border rights: what you need to know

The BC Civil Liberties Association is a Clicklaw contributor. Our mandate is to preserve, defend, maintain and extend civil liberties and human rights in British Columbia and across Canada.

by Laura Track
Community Development Lawyer
This guest post has been cross-posted from the BCCLA news feed. 

Like many of you, I’ve been thinking a lot lately about my rights at the border. In light of reports that numerous Canadians have been refused entry to the United States for unclear or troubling reasons recently, not to mention the possibility that US officials could start demanding social media passwords from would-be travellers, I’m worried about delays, refusal, and protecting my privacy. And as a white woman born in Canada with an Anglophone last name, I probably have a lot less to worry about than many others.

Your rights at the border have been extensively canvassed in a wide range of media articles recently. We hope it’s useful to have this information available all in one place, but remember that the law can change and things are happening quickly, so don’t rely on this information for advice about your own specific situation.

There are also some tips for protecting your privacy at the bottom of the post.

The first thing to remember if you’re a Canadian travelling to the United States is that you do not have a free-standing right to enter the US. Many Canadians have been crossing the Canada-US border regularly and without incident for years, but it’s important to remember that US officials have no obligation to let you into the country and can deny you entry for all sorts of reasons that may seem arbitrary and unfair. And while it seems like we’re hearing about many more examples of troubling actions by US border officials right now, there have been many instances of unfairness over the years. Canadians have been refused entry to the US because of a history of depression and mental illness. The US didn’t lift its ban on ban on entry into the US by people with HIV until 2009.

The US Immigration and Nationality Act states that except in cases specified by Congress,

…no person shall receive any preference or priority or be discriminated against in the issuance of an immigrant visa because of the person’s race, sex, nationality, place of birth, or place of residence.

A spokesperson for US Customs and Border Protection (CBP) has stated that “CBP does not discriminate on the entry of foreign nationals to the United States based on religion, race, ethnicity or sexual orientation.” But despite these assurances, it may be difficult for some people to feel confident that their right to non-discriminatory treatment will be respected when we hear stories like that of the Muslim woman turned back after she was questioned about her religion, or the man denied entry after border guards read his profile on a gay hookup app.

The fact that information about both of these travellers was discovered on their cell phones raises another pressing question:

Can US border guards search my phone or laptop?

Image of laptop and phone by Ervins Stauhmanis (Flickr Creative Commons)

In a word: yes. And they can ask for your device’s password, too. You don’t have to give it, but it’s unlikely you’ll be allowed into the country if you don’t. The officer could even tell you that you’re banned from ever entering the United States, but there’s no legal basis for banning you for refusing to give a password, and lawyers say that such a ban could be challenged in court.

Of course, going to court is an arduous, expensive and time-consuming undertaking, one made all the more difficult by the fact that you’d have to sue in the US. You can seek the intervention of a supervisor while you’re being questioned and lodge a complaint with US Customs and Border Protection when you get home, but it may not make much difference. You can also report your experience to a local affiliate of the ACLU.

What about Canadian border guards? Do I have more rights as a Canadian when I’m coming back into Canada?

The right of every citizen of Canada to enter, remain in and leave Canada is protected by section 6 of the Canadian Charter of Rights and Freedoms. But your other Charter rights are significantly curtailed at the border, including your right to be free from unreasonable search and seizure and your usual protections against arbitrary detention and compelled self-incrimination.

Section 99 of the Customs Act gives Canada Border Service Agency (CBSA) officers the power to “examine any goods that have been imported and open or cause to be opened any package or container of imported goods” – basically, to search your stuff. “Goods” are defined to include “any document in any form.” Section 11 requires entrants to Canada to “answer truthfully any questions asked by the officer in the performance of his or her duties”, and section 153 forbids making “false or deceptive” statements to customs officers or acting to “hinder or prevent” officers in performing their duties.

These laws were created at a time when people crossed the border with a suitcase and maybe a briefcase, not with digital devices containing deeply personal information including photos, text messages, emails and search histories. However, despite the Supreme Court of Canada’s clear acknowledgment in a recent digital privacy rights case that “it is unrealistic to equate a cell phone with a briefcase or document found in someone’s possession”,[1] the CBSA interprets its power to search “goods” as including a power to search cell phones and laptops, and warrantless, suspicionless searches of digital devices are a matter of routine.[2]

Image of CBSA badge by Dave Conner (Flickr Creative Commons)

Unlike the US, which has published a detailed Privacy Impact Assessment on border searches of electronic devices, Canadian policies are much more difficult to find, making it harder for Canadians to understand and assert their rights. Interim guidelines obtained through an Access to Information Request and provided to the BCCLA offer a glimpse into CBSA’s policy. Officers can request passwords, though not for information stored “remotely or online.” If a traveller refuses, the device could be seized and held for a forensic examination. Nothing in the law or guidelines prevents CBSA from then copying the entire contents of the device.

The guidelines also state that until further instructions are issued, CBSA officers shall not arrest a traveller solely for refusing to provide a password. In response to questions from media, Scott Bardsley, press secretary for the minister of public safety, recently confirmed that the guidelines are still in place. The BCCLA has not independently confirmed that the guidelines are still operative and, in any event, they are only guidelines and should not be relied on as a definitive statement of the law.

As we detailed in a previous blog post, in 2015 (prior to the enactment of the guidelines) a Montreal man was charged with hindering or preventing an officer from performing their duties under the Customs Act after refusing to give up the password to his Blackberry when a CBSA officer demanded it. Mr. Philippon ultimately abandoned a constitutional challenge to his arrest and pled guilty to the charge. Until another case comes along, we simply do not know whether the CBSA’s powers include compelling people to provide passwords (though we certainly know that CBSA acts as if they have this power), or whether it is constitutional to arrest someone for refusing (though we know that people have been arrested in these circumstances).

So what do I do?

Image of travel bag and contents by Do8y (Flickr Creative Commons)

The safest thing you can do is to leave your device at home when you cross the border. That may not feel very realistic or practical, but if your whole life is on your device, that’s all the more reason to leave it behind. If it’s seized, you could be without it for a very long time.

If you must travel with your digital device, here are some things to consider:

  • Make a full backup. A recent backup will ensure you have access to your data if your device is detained.
  • Turn off your device when you’re crossing the border, disable fingerprint unlocking and require a strong password to log on. This will prevent a CBSA officer, or anyone else who wants access to your data, from simply turning on your device and browsing through its contents.
  • Wipe your device of any files you want to ensure remain private. If you’ve stored your backup online (see point 1), you can even download your data back onto your device once you reach your destination.
  • Encrypt important documents and files, or consider full disc encryption. Encryption essentially scrambles the contents of your electronic device. The data is unlocked by a passphrase. More and more laptops and handheld devices are coming with disc encryption software built in.
  • Separate privileged or confidential documents from other files. Privileged information is given the most protection, and in theory should not be viewed by border officers at all other than to verify that it is what you claim it to be. This certainly includes lawyers’ files, and can sometimes include doctors’ and psychologists’ records. Journalists have a limited privilege over their sources. If you have privileged information on a device that a border guard wants to search, be sure to alert them to its presence. This is much easier to do if the privileged materials aren’t mixed in with unprivileged materials.

Some people may worry that crossing the border with a wiped phone or encrypted files may look “fishy” and could expose them to heightened suspicion and scrutiny. We can certainly understand these concerns and encourage everyone to use their best judgment given their own circumstances, vulnerabilities and needs.

The more that we assert our privacy rights and take active steps to preserve and defend them, the more we help normalize these privacy-protective measures and the less “fishy-seeming” they will become.

[1] R v Fearon, 2014 SCC 77 at para 51.

[2] R v Saikaley, 2012 ONSC 6794 at para 14.

Stay informed with BCCLA:

01_Clicklaw_30px01_Twitter_30px01_Linkedin_30px01_Website_30pxFB-f-Logo__blue_29