Some people worry that certain companies have access to too much of our personal information, and they question the use those companies sometimes make of that data. Such worries should not be dismissed altogether, but objectively speaking, governments are by far the greater threat to our privacy, as recent spying scandals amply demonstrate. And because of these scandals, privacy watchdogs are finally starting to pay more attention to the privacy threat posed by governments.
Montreal's La Presse newspaper revealed on Friday, April 11, that the Office of the Privacy Commissioner of Canada was considering creating a new position of Inspector General to oversee the intelligence community in order to protect the public, in the wake of Edward Snowden's revelations regarding certain activities of the National Security Agency (NSA).
As pointed out in a working paper, existing oversight bodies do not have the tools they would need to control the flow of information between different branches of the intelligence community. The idea of creating a new position to perform this function was finally abandoned, however, as it was deemed too complex to implement.
The relevance of such an "Inspector General" position is debatable. But it's a good sign that the Commissioner is paying more and more attention to the risk that the government itself poses to the privacy of ordinary people.
Indeed, as was revealed just recently, the NSA has known about the Heartbleed bug for at least two years. This bug, which has been in the news for the past couple of weeks, lets hackers gather sensitive information by giving them access to computer servers. According to Bloomberg, the NSA even regularly used the bug to gather confidential information instead of alerting the public, leaving millions of users vulnerable to all sorts of computer attacks.
Let's not forget, either, those secret documents released by Edward Snowden showing that Ottawa allowed the NSA to spy on Canadians during the G8 and G20 summits in 2010. In fact, the American agency was collaborating closely with its Canadian counterpart, the Communications Security Establishment Canada (CSEC), which also engages in computer hacking and in the electronic eavesdropping of citizens, according to the CBC.
Even though the Office of the Privacy Commissioner's intention to respond to this problem by creating a new position for this express purpose did not materialize, it was at least a step in the right direction. Up until now, the media and the relevant authorities have seemed more concerned with rapping the knuckles of companies that use data collected from Internet users on certain websites in order to sell them goods and services.
Now, there's nothing wrong with raising concerns about respect for privacy with regard to certain commercial practices. But the quantity and quality of data collected, the use to which they are put, and the potential violations of respect for privacy have nothing in common with those of governments and their spy agencies.
And actually, another worrisome aspect of this issue is that large Internet corporations like Google and Facebook are often forced to reveal information about their users to the government. And in certain cases, the government even steals this data.
In the economy, where personal data is at the heart of more and more business models, this information is generally used in order to provide targeted advertising. The general public does not appear to have a problem with this, as long as appropriate privacy controls are in place.
If we want to protect people's privacy, we of course need to demand much more transparency regarding the secret programs of our governments. But we also need to protect businesses from those same governments and their seemingly insatiable appetites for our personal data.
Michel Kelly-Gagnon est président et directeur général de l'Institut économique de Montréal. Il signe ce texte à titre personnel.