Information & Ethics committee  Well, I've written about it.

Information & Ethics committee  Do you mean the one related to the tower dump?

Information & Ethics committee  This was an interesting case. It came to court because the telecommunications companies involved brought a charter application to court, not because the accused individuals raised charter issues with respect to their rights. Essentially the police were investigating a jewellery store robbery.

Information & Ethics committee  Well, it was more than that. They wanted to know every cellphone transmission that had gone through the tower. In addition, they wanted the subscriber information linked to those cellphone numbers from the companies, they wanted credit card and billing information, and they wanted to know who those 43,000 people who had just been in that part of the city people were calling,.

Information & Ethics committee  I don't think I know enough about the system specifically to know what kind of access is forecast, but there are technological ways, even within a large shared database, that you can create different levels of access for different persons or parties that have access to that database.

Information & Ethics committee  I would emphasize the importance of two levels of breach reporting, similar to what's been done with PIPEDA. When the PIPEDA amendments come into effect, you're going to have a first level of breach reporting when breaches reach a certain threshold of harm, and that triggers an obligation to notify both the Privacy Commissioner and individuals who may be facing that potential for harm.

Information & Ethics committee  The directly related problem with the current standard is that it's too soft and is capable of multiple interpretations. The desire to move to a necessity standard is to try to bring to bear more firmly the concept of data minimization, which is an important data protection principle because it requires a reduction of the amount of information that is collected in the first place.

Information & Ethics committee  Yes, that's essentially through information-sharing provisions that are found in both the Criminal Code and in PIPEDA, the private sector data protection legislation, which allows for disclosure. In the Criminal Code, it's disclosure in the context of law enforcement; in PIPEDA, it can be law enforcement, but it can be in relation to an investigation or in relation to the enforcement of any law of Canada or a province, so the range of regulatory purposes is much broader.

Information & Ethics committee  With respect to the written agreements—and I think the commissioner refers to written agreements in a prescribed form—that the devil's going to be in the details. It will depend to a very large extent on what that prescribed form is, how detailed those written agreements are, and what the exceptions are.

Information & Ethics committee  Thank you, Mr. Chair, and thank you for the opportunity to address this committee on the issue of the reform of the Privacy Act. I have had a chance to review the commissioner's recommendations for Privacy Act reform and I am generally supportive of these proposals. I'm going to be focusing my remarks today on a few specific issues that are united by the theme of transparency.