When I am in front of St. Paul’s I get some comments that run in themes. It’s as if some people get together and decide to make very similar comments all within a few days. The latest theme is “You can’t complain because it’s free”. The following are some of the “passer-by” comments and my comments are in brackets.

It’s free (no, the citizens pay for it)
They pay for it (assume she meant the politicians and no, we pay for it), but it comes from out taxes (which we pay)
They need it to pay for health-care (That would imply that they are selling our information which, I understand, is illegal)
Isn’t it great that in Canada you can complain about something that’s free (it isn’t free).

If one takes that line of thinking that it’s free then we can’t complain if the roads are not repaired because their “free”; we cannot complain if the fire department does not go to fires because their “free”; we cannot complain if water doesn’t flow through pipes and through our taps because it’s “free”, and so on.

Then again maybe I’m wrong, maybe our health-care is free. Maybe we don’t pay a dime towards our health-care. In which case, would someone please explain why we pay taxes? Where does the money go? Who does pay for our health-care? Do the medical people work for free?

Then again, maybe I’m right and this is the best excuse “they” can come up with for illegally sharing our information and destroying our rights.
Here’s another comment that was quite bizarre (well, more bizarre than usual). A woman told me she worked in the pharmacy area of the hospital, that she had noticed changes over the last two years and wasn’t that enough for my purposes. I asked her what changes had occurred and could she prove it. She refused to answer either question. It’s like being given a blank piece of paper and having someone tell you there is writing on the paper so isn’t that good enough. Presumably, she operates on the premise that she said it therefore it is. Isn’t that a god complex?​


I understand the BC privacy commissioner is reviewing BC Hydro’s privacy protection (or lack thereof) regarding the information the smart meters will be collecting.(Metro, 7/29/11). I’m sure she will find that everything is just fine. That seems to be the privacy commissioner’s job.

Because I try to protect my privacy rights, I have filed a few privacy complaints with both the provincial and federal privacy commissioner’s office. Even when I have been absolutely right – NOTHING CHANGES. Even when the privacy commissioner quotes a specific act or law that has been violated/broken – NOTHING CHANGES. Even when the privacy commissioner’s office recommends that the organization/company make changes – NOTHING CHANGES.

So, I consider the privacy commissioner essentially useless to normal people. However, it seems that they are an invaluable asset to the government and organizations/companies. When a person complains to a ministry or other organization/company, that ministry or other organization/company just tells that person that if they are not happy then that person can take the matter to the privacy commissioner, knowing full well NOTHING WILL CHANGE. It’s the equivalent of telling someone to file their complaint in file 13 (for those of you not familiar with the term, that’s the garbage can where things are dumped, never to be seen again). It seems to be a very comfortable diversionary tactic.

In fact, I strongly suspect that the government set up the privacy commissioner’s office just for this purpose.

So sad, I had such hopes for it. Instead, it seems to be just another government organization wasting taxpayer money.


(bold and italics are mine)

An organization called Kids First Canada has been raising awareness of the violation of children and parent privacy rights. Information is collected and linked, from preconception to adulthood, on your children and family (in fact, it appears that the information will be collected from preconception to death). Twenty-four pages of information, on each child entering school, has been collected by the Ministry of Education using a personal education number (PEN). This information was linked to HELP (Human Early Learning Partnership). HELP is a government funded research consortium of universities. According to HELP’s, and associates, websites, it links the child’s information to their family data such as medical, birth, death, hospital, perinatal, mental health, census, pharmaceutical, school achievement, daycare, children in province’s care, stress, injury and Workers compensation board. This list is expected to increase; for example, HELP wants access to our personal income tax data, patterns of employment, time use, etc. Note that this is not information that is shared that can never be tracked back to you; it can be tracked back to you.
I understand that this is part of the Integrated Management System (see prior blog). This means that there will be thousands of access points to this information.

Until 2010 this information was collected and linked without parents consent. In 2010 this was changed from no consent to passive consent, in other words you have to sign a paper that says you don’t want you child’s information collected/shared? What if the paper gets lost, or you are busy and forget, or don’t read very well, or don’t understand what you read, etc. The schools say they will explain it to parents but I suspect they will not explain all the negatives to collecting/sharing your child’s information (as much a time as knowledge issue). If your child’s personal information ends up in the database all HELP has to say is that “they didn’t receive a signed paper”. It would be hard to prove them wrong. On the on the hand, if they must have a signed paper before collecting/sharing the information then they would have to have the paper on file to prove they received it.
Kids First Canada are asking that written parental consent be required and all information collected without parents permission be destroyed.

Some concerns:
– information is being collected without the consent of parents
– information used for purposes not identified
– “HELP has stated in media and elsewhere that names and addresses are not used. However, given that HELP obtains Personal Identification Numbers, medical numbers and postal codes, etc. names and addresses would not be needed to individually identify a person or a family.” (1)
– “Judging from the types of data being collected -i.e. perinatal records, hospital records, census, etc. – parents’ and mothers’ personal records are also linked.” (1)
– “with increased use of electronic testing in school, children’s personal beliefs, plans, opinions and experiences expressed in writing could potentially be linked.” (1)
– Will this pigeon-hole the kids, i.e. are they compliant, do they fit certain peoples expectations, are they “different”, etc.?
– Commercialization – HELP and its group has funding from organizations like the Canadian Institutes for Health Research whose mission is to “work with all partners in a concerted effort to move research from an academic setting to the marketplace”. Also from the CIHR website “CIHR is committed to facilitating the commercialization of health research in Canada in support of its overall mandate.”
– “The public has not consented to this collection of data or its use”.(1)
– Cost – we are paying a lot of money for these people to take our information and use it as they choose, sharing with those they choose, without our knowledge or consent
– The “rules” can change tomorrow without our knowledge, much less our consent.
– Security – The government has shown repeatedly that it cannot, and will not, protect the information in its care.

Just think when your children/grandchildren, nieces/nephews grow up, all their personal information will be available at the press of a button by probably just about anyone (banks, insurance companies, employers, future spouses/friends, universities, and so on). Did your children misbehave in school, did they get along with other kids, were they slow starters in school, did they have any medical issues, what is their family background, were there family problems, etc.

As Kids First Canada say “ Our children are not resources to be mined through schools at huge public expense while many parents struggle to pay for basics”. And neither are we adults.

It is not a question of whether all this information, linked to each person, will be “accessed” but how fast. We were told our medical information was confidential, to be shared only with those directly involved in our medical care, only to find out that it is shared with doctors, hospitals, clinics, pharmacies, their suppliers, researchers (and apparently lots of other people/organizations – who go to the “business office” and plug their computers into the database); and that information is now going to be linked to government ministries and I am sure the list will expand; all without our consent (and in most cases – our knowledge). The government just took the information. And once it’s “out there”, it’s “out there”. You don’t get it back. The people who have this information will know more about you, and your family, than you know about yourself and your family; and they will use it for their own gain.

Some other databases they could link with include the police database. Apparently they’ve been keeping information even on law-abiding citizens (2). And, of course, the Smart Meter. Just think of the information those graphs would provide – the time you get up, the time you go to bed, whether you work out of home, if you go out in the evening and which nights, if you go on holidays and when, have family/friends over for the holidays, and much more.

And, as has been shown, once the government has your information, they can change the rules (laws) at anytime, without consulting us – unless we make that illegal. If you want our personal information, get our written permission.

We have a right to privacy. We have a right to control our own personal information. The politicians, and their friends, are repeatedly violating that right.

Here is some additional information from HELP, Population Data BC’s and Edudata Canada’s websites:

HELP’S website states “HELP’s leading edge research has resulted in British Columbia being the first and only jurisdiction in the world to monitor the development of young children as they enter kindergarten at a population level.” – versus person-specific?????

“Researcher access to data will be approved by the Data Steward for a holding using a harmonized Research Agreement process through Population Data BC. Named programmers have access to Identifiers to perform linkages on intake only. Content Data are stored on a separate server, and are accessed by named programmers to perform Research Extracts as defined through a Research Agreement. In no cases are Content Data and Identifiers brought back together. This separation of information safeguards the privacy of personal information. “ (HELP)

If you have all the personal information of an individual, I doubt it would take much to “connect the dots”. A person lives in a particular postal code, has x number family members, is x age, etc. And, as Kids First say: “this is a false assurance of privacy as names are not needed when personal numbers are used.” Plus, there will be numerous “links” to all these other databases, and the more links, the greater the likelihood that this “separate server” with all your information,with your identifier number, will be accessed. How hard would it be to track, or intercept, a link? We also know that government people have accessed individual’s information in violation of the law when it suited their agenda (The Veteran’s affair for example) The Data Stewards are the government ministries and public agencies (but they don’t seem to list them all), nor are the agreements shown.

As noted above in one sentence they say that “separation of data safeguards …your privacy” then later admits that your data isn’t safe by saying “Risk of exposure is significantly lower than that of most Data Providers as we separate Identifiers from Content Data”. So, they do admit that there is a risk of exposure, they just don’t say how high a risk (and I’d want proof, not just words). By the way, HELP is looking for a part-time privacy officer whose duties will involve “addressing breach response management” – application deadline – April 19, 2011. Nothing like being prepared with the right excuse to explain why your very personal, confidential, information was shared with the world.

“HELP partner, Population Data BC, offers the research community access to one of the world’s largest collections of health care, health services and population health care data; “Population Data BC offers qualified researchers access to a rich source of linkable, person specific, but de-identified data on British Columbia’s four million residents, in many cases from 1985 forward. Current data holdings include health care and health service records, population and demographic data and occupational data. Population Data BC continues to expand its data holdings and is working to bring in datasets from education, early childhood development, work place, and the environment”. Who are these researchers? Are they people from supplier/pharmaceutical/other businesses (many foreign companies subject to the Patriot Act) and how is the information being used?
“The Canadian Education Data Network (Edudata Canada) is developing user-friendly educational research databases from British Columbia and elsewhere. The mission is to create an infrastructure that makes K-12 education data available to researchers, policy makers and other qualified individuals and organizations, subject to privacy and confidentiality guidelines”. Now they say that in addition to sharing with researchers, they will also share with government & “others”. Also, when they say education data it sounds like they are sharing school grades when, in fact, it includes much more.
How can we monitor Population Data BC’s use of the data to ensure it is being used as contractually agreed upon?
All usage of the data will be regulated by an Information Sharing Agreement with the data provider which will outline how the provider can monitor the use of the data on an individual basis. This will include regular reports and is outlined further in Population Data BC’s Audit Policy. Again this tells us absolutely nothing since we won’t know what is in the contract, how they are being monitored or if Population Data BC is upfront about any violations. And no mention of independent audits. In fact, their audit policy is not on their website. And, as we know from the Auditor General’s audit of the hospital database, the data provider wasn’t monitoring the use/disposal of the data they had shared, so why would we believe that hundreds or thousands of other data providers will monitor the data they share..
CYDTRU – Child and Youth Developmental Trajectories Research Unit – “an emerging research unit within HELP is developing a program of research that will track children’s development over time” “…utilizing linkable health, child development (school readiness), education, community resource and socio-demographic data. These databases will enable research projects that can trace individual developmental trajectories (anonymized) from conception to high school leaving, across various facets of the health, social and educational systems for all children in B.C.” “CYDTRU researchers are working in collaboration to identify and create additional data sets that will enhance the current stock of trajectories data… – …to develop and expand the number of population-based person-specific databases and to conduct research projects.” In other words, they are planning to collect even more information on us. As long as there are links back to the person it is not anonymous.
“The BCLHD (BC Linked Health Database) infrastructure brings together person-specific, population-based, longitudinal* data across a broad range of health and societal factors from the late 1980s onwards. The BCLD is one of only a small number of resources in the world where longitudinal research on an entire population can be conducted”. I guess other countries respect their peoples privacy, their peoples rights. Also note that they say entire population, not just children.
For more information you can contact,,; www.edudata,,

* a longitudinal study is a correlational research study that involves repeated observations of the same items over long periods of time – often decades. Longitudinal studies track the same people. – Wikipedia

(1) Kids First Canada
(2) Office of the Information & Privacy Commissioner for BC (OIPC), March 25, 2011, Commissioner Shares BC Civil Liberties Concerns Over Information


In BC, a lawsuit is now underway, after it was discovered that about 800,000 newborn blood samples, together with names and birth dates, had been stored on information cards since 1999, in a storage facility operated by a private contractor; and the blood samples had been shared with researchers – WITHOUT THE PARENTS KNOWLEDGE, MUCH LESS THEIR CONSENT. (1)

1. This is, in fact, a DNA database. “DNA is your personal signature, and it uniquely identifies us” (Jennifer Puck, University of California, San Francisco) (5)
2. These spots are being shared with researchers, without the parents knowing who the researchers are, who they work for, what kind of research they are doing, to whom they subcontract, etc.
3. Bill 11, passed in May 4, 2010, gives the Minister of Health power to collect, gather, use and share personal information without any notice to or consent from affected individuals.. In other words, your personal information can be shared with governmental and law enforcement agencies, without notice or consent. The B.C. Civil Liberties Association (BCCLA) is trying to have this reversed. (7)
4. The information may be used to discriminate against the individuals by employers, banks, insurance companies, your child’s future spouse, etc. “You could make inferences about their future health, about their future behaviour, and if you got samples from their parents or a DNA databank, you can make inferences about family relationships.” (4)
5. The DNA also provides information on other family members (8)
6. The researchers/private companies may manipulate, alter or splice the DNA. (3)
7. The amount of information that can be obtained from DNA is expected to increase (8)
8. The genetic information could be used for unethical purposes such as human cloning,etc.(5)
9. De-identified blood samples are linked to personal information and you can trace the link. The blood samples are stored with a code number in one place that can be easily matched to names stored in another place. (4)
10. The blood samples and other information could be accessed by pharmaceutical and biotechnology companies, commercial companies who might bias or manipulate research findings. (10)
11. “The dark side is the commercial value of the human body. If the nature of the specifics of a given individual is available to the people searching for organ matches, the finding of a match might be someone who is not dead. Yet. (Ultra Bob) (5)
12. How securely is access controlled or is it like our hospitals, where audits have shown that almost anyone could access information. It has also been suggested that there isn’t any system, no matter how good, that can’t be abused and “once it’s out there, it’s out there” (10) And it’s not just hackers that are a concern but employees with, for example, a flashdrive which can be put into a database to download information.
13. Conflict of interest – “…Just look at the conflict of interest statement in any pharmacogenomics journal today and you will find that the head of each of the major studies and a select group of investigators, funded by public tax payers money from NIH, and YOUR DNA, are going to make huge profits from royalties and huge salaries these physicians-researchers earn because they control proprietary samples that are otherwise hard to come by. Just by tying a SNP to a treatment outcome or diagnostic outcome, there are big profits in the healthcare business to be made; with no real innovation! Hence, one wonders about the real motivation underlying collection of blood samples with consent and especially without consent – a cure or a profit!” (11)
14. Ownership – Who owns the specimens and anything created from the specimens. (10)
15. Cost – It apparently costs quite a lot to store the blood samples in the right climatic environment. Is this how you want our health care dollars spent? (3)

Medical people certainly had lots of opportunity to tell people and ask for their consent. They verbally explained why the “heel prick” (taking a newborn’s blood) was important for testing for diseases, they handed out pamphlets, and there was a website. But apparently not one person in the medical field, in over 800,000 births, mentioned that the children’s blood was being stored indefinitely and used by others. Apparently no one in the medical field thought people would be interested in knowing the bloodspots were being stored and shared (or so they say), despite the fact that this had become an issue worldwide. (2)

In 2002, the public forced South Carolina to pass a law regulating the collection, storage, and use of blood samples. (9)
In Texas a lawsuit was settled when the state agreed to destroy the stored blood spots. New legislation requires parental consent and allows parents to opt out and all projects must also be published on the agency’s newborn screening website. However, a second lawsuit has been filed because they (the plaintiffs) had not been told, during the first lawsuit, despite asking numerous times, that the blood spots had been sold, traded and bartered. (13)
Blood spot samples apparently were also sent to the U.S. Department of Defense and Homeland Security. The U.S. Department of Defense, who were using the blood samples to build an international database, reportedly destroyed the samples (of course, you never really know, do you???). (13)(6)

A Dublin hospital has stored the DNA of all the people born in the country since 1984, creating a database. This was done without the individual’s or parents knowledge, and apparently in contravention of the law; and despite having an ethics committee. (14)

Now that this issue about the children’s blood spots has been brought into the open by the public, the BC Newborn Screenings Program has a notification on its website regarding storage. But, of course, it only mentions the positive and not the negative aspects of storing the blood samples. It allows parents to fill out and submit a form requesting the destruction of the blood spot (opt out), as opposed to being asked for their written permission to store/use the blood spot (opt in). It seems that the blood spot cannot be stored unless the parent agrees to it being used by others.
What happens if your form gets “lost”. The medical/researcher people could say they never received it. It would be hard to prove them wrong. On the other hand, if they must have a signed paper before storing/sharing the blood samples/name/DOB then they would have to have the paper on file to prove they have a legal right to store/share the blood samples.

So what happens to everyone else’s health samples. For example, when you go for a physical or an operation and blood/tissue samples are taken, are they being stored somewhere? What else has the medical/political people decided we don’t need to know.

Some comments that I thought were particularly interesting:
Researcher | 10:11 a.m. Feb. 9, 2010
“I have worked in research for over 10 years. My job is to make sure that everyone obeys the law. When it comes to human research, the law is designed to protect the people who are the subject of research. Blood and tissue samples are your property even after they have been removed from your body, and researcher(s) can only do with them what they have gained your legal consent to do. That is the issue here. These researcher(s) do not have legal consent to do what they are doing. So many researchers feel like this is a hindrance. They would prefer to just be able to do whatever they want. They all think that what they are doing is for the greater good. If it is going to produce valuable results, it can and should be done legally. If you don’t think these regulations are necessary, do an internet search on the Nuremberg Code, the Tuskeegee experiment, etc. Whether you care what happens to your child’s samples or not, it is in everyone’s best interest that researchers are forced to be accountable for what they do, and gain the proper consent. “(5) In BC, the politicians have taken the right to give legal consent, to decide what happens to your body parts, from you and given it to themselves.

“It’s fine and good to say these can’t be identified, but how real is that?” said Hank Greely, a Stanford University bioethicist. “Just because you don’t have a name or Social Security number doesn’t mean you can’t identify it. Once we start using DNA for more and more things like regular medical records, somebody could do a cross-check and say whose blood it is.” (12)
One: Telling people that their biospecimens are retained and used for important research, that strict privacy and confidentiality protections are in place, and that “we’re good stewards” of the biospecimens without providing accessible, clear information about those policies, fails to meet even minimum standards of transparency.
Two: Failure to acknowledge that public attitudes and values about consent, genetic research, and privacy/confidentiality may conflict with those of researchers and policymakers can lead to public distrust of biospecimen research and impede important research.
Three: Genuine public engagement in developing policies for biobanking initiatives takes time and resources. But the payoff – trust in the research enterprise and willingness to provide biospecimens – is worth the effort. (9)


1. The Globe & Mail, May 11, 2010, Jane Armstrong, Vancouver Parent Challenges Unauthorized Archiving Of Infant’s Genetic Blueprint
2. CBC News, May 12, 2010, Scott Applewhite, Storing B.C. Babies’ blood violates privacy: group
3. Infowars Ireland, February 8, 2010, Newborns’ DNA Routinely Harvested For Government Bio Banks
4. In the Media, February 26, 2009, Barbara Sowell, DNA Testing Without Parental Consent?
5. Deseret News, February 8, 2010, Lauran Neergaard, Blood tests of newborns stirring major ethics debate
6. American-Statesman, May 10,2010, Mary Ann Roser, State agency swaps babies’ blood for supplies
7. British Columbia Civil Liberties Association, May 12, 2010, New law may create largest DNA database in Canada
8. Statement of Claim filed with the Supreme Court of Canada, May 14, 2010, British Columbia Civil Liberties Association website
9. The Hastings Centre Report, September 8, 2009, Karen J. Maschke, Disputes over Research with Residual Newborn Screening Blood Specimens
10. Exploring existing and deliberated community perspectives of newborn screening: informing the development of state and national policy standards in newborn screening and the use of dried blood spots; Ian Muchamore, Luke Morphett and Kristine Barlow-Stewart, December 13, 2006
11. The Scientist – Magazine of the Life Sciences, December 23, 2009, Consent issues nix blood samples, Anonymous poster – Non-Profit banking of DNA from blood for Profit
12. Washington Post, June 30, 2009, Rob Stein, Newborns’ Blood Samples Are Used for Research Without Parents’ Consent
13. Infowars Ireland, NaturalNews, February 20, 2010, Ethan A. Huff, Texas ordered to destroy five million blood samples illegally taken from babies without consent
14. Sunday Times, December 27, 2009, TJ McIntyre, “Is Temple Street Hospital Holding A De Facto National DNA Database


The government wants to share our information with social media groups like Facebook. Let me tell you a bit about the ethics of Facebook. Apparently they are “profiling” (I don’t know what else you would call it) people who don’t even have an account with them and who do not knowingly use their site.
I received some emails from Facebook wanting to know if I wanted to be someone’s “friend”. I am trying to figure out how Facebook gets my email address. The people I spoke with said they never gave it to Facebook; one said Facebook “just went in and took it” (whatever that means).
But on the last email, Facebook also listed other people that I know (interestingly, I never received a “do you want to be their friend on Facebook” email for some). I call that profiling, tracking people you communicate with. I am not registered with them and do not knowingly use their site but still they collect information on me. And obviously Facebook benefits from this information (and whoever they share it with) or they wouldn’t be collecting it.
In a letter (regarding another privacy complaint) on the Office of the Privacy Commissioner of Canada website (OPC to CIPPIC – under Commissioners Findings – PIPEDA 2009) it states “On the issue of retaining non-user’s email addresses, Facebook confirmed it does not use email addresses to track the success of its invitation feature. In fact, it states that it does not keep a specific list of such addresses for its own use.” It appears that Facebook lied to the Privacy Commissioner.
I filed a complaint with the federal Privacy Commissioner’s office in May of 2010. The Privacy Commissioner’s office is “negotiating” with Facebook. I have asked the Privacy Commissioner’s Office not to negotiate away any more of my rights.
Facebook has had a number of privacy issues, yet the government wants to share with Facebook our personal, confidential information. This would give Facebook even more information for their profiling and, quite possibly, the government will get more information on us, such as a list of the people with whom we communicate.


This is some additional information regarding ICM.

My blog of April 12, 2009 mentions a project called the Information Access Layer, which includes electronic health information and what is called the “Integrated Case Management Project (ICM)”.

The intent of this project is to collect all the client personal data collected by community service organizations that accept money from the government and link (share) the information to government ministries and their private sector contractors. And, it is believed, this information will eventually be shared nationally, and possibly, internationally. In other words, all information that you provide to the government, and any organization that takes a dime from the government, could be linked and shared.

According to a bulletin by the Ministry of Housing and Social Development, Deloitte Inc. has been contracted to develop the computer system. They claim that it will cost $181 million over six years but may start to be implemented by the end of 2010.

If you read “Culture of Care…or Culture of Surveillance?” at, you will note the many concerns. These concerns include identity theft, people not accessing needed services because of privacy issues, legal risks and liabilities to the organizations, the lack of resources to implement the privacy and informational requirements (not to mention the diversion of those resources from aiding the people to providing information to the government), the constitutional right of the province to implement this system

The government has shown, repeatedly, that it neither has the desire nor is capable of protecting the information they collect. As has been proven, when the government says that the information will only be accessed by those who “need” the information, they lie, or, at the very least, have yet to prove that it is not a lie.

Once this information is shared, it is “out there”, it cannot be taken back. The information shared will follow the people for the rest of their lives. And, the government, once it has the information, can change the rules and do whatever it wants with the information (example is the e-health system – when you gave your personal information to a doctor or hospital, over the years, did you know that it would be shared).

Also, the government has yet to operate in an open, transparent, accountable manner. So, we will not know specifically who is accessing the information.


In comments to the privacy review (1), Paul Fraser, Acting Information and Privacy Commissioner, recommended to “Add to FIPPA a “duty to document” key prescribed government decisions”. “The OIPC has investigated hundreds of complaints concerning the fact that a requested record does not exist, as one was never created”. “…a “duty to document” be contained in access to information legislation, which would include a requirement for detailed documentation of key government actions and decisions, and an obligation to keep records up to date and readily retrievable, with penalties for non-compliance. A duty to document key government decisions is critical to good governance.”
The government and all the agencies and corporations of the government don’t like to document anything because that makes them accountable, which I assume, is one of the reasons the hospitals/clinics refuse to state specifically who has access to our information. So, I will provide some tips based on my own experiences:
1. We have a right to have the information provided by government in writing so I have been told by government staff. And, that you can report them if they refuse to put it in writing.
2. They (those who don’t want to put it in writing) will tell you that it is easier to discuss it on the phone (or in person behind closed doors) and they will put the conversation in writing later. I have found that what is later written (if something actually gets written) usually has little resemblance to what was said. So now I insist that it be put in writing, and it helps to prevent misunderstandings.
3. They insist that they just want to say one thing on the phone (or in person). I think of it as the “foot in the door” tactic. They don’t stop at one thing and, before you realize it, they have said everything. And nothing is in writing. If I get caught in this tactic now, I let them know that, since they lied and nothing was in writing, it didn’t happen, the conversation never took place. And, because it isn’t in writing, they can’t prove the conversation took place.
4. I had one person from the government who kept phoning me, despite the number of times that I said that I wanted to communicate only in writing. I should have reported him but instead, if I answered the phone I would repeat that I wanted everything in writing and hang up. If he left a message on my answering machine, then I would email him, restating what he had said on the phone and providing an answer. That way he either had to deny what was in my email or, by default, agree that it was what he had said. The end result was that it was in writing.
5. If someone refuses to put it in writing when asked (government or other), if they won’t be held accountable, then I know that what they have to say isn’t worth my time (the hospitals are an example). And, in fact, may put me at risk because there is a reason they don’t want it in writing. I also think it lacks in ethics and integrity.
There are obviously occasions when I don’t need it in writing. It’s a judgement call. But if I have to think about whether I need it in writing or not, I get it in writing.

(1) Office of the Information & Privacy Commissioner for BC, March 15, 2010, Submission of the A/Information and Privacy Commissioner to the Special Committee to Review the Freedom of Information and Protection of Privacy Act
(2) The Tyee, April 1, 2010, Andrew MacLeod, BC Lousy at Guarding Privacy


In an earlier blog (November 11, 2009) I wrote that the government had decided to review the Privacy Act for the 3rd time since its inception, and that the committee was composed entirely of politicians and that I didn’t have high hopes for a positive outcome.

Well, it is worse than even I expected. It appears that the real purpose for the review was to have the Privacy Act changed to allow the government to legally centralize control of all the personal information obtained from citizens who receive government services. This information would come from all sources contracted to provide government services, including independent community service organizations. The ICM (Integrated Case Management) system would be shared across provincial ministries (and god knows who else) since I’m sure they won’t tell us who has access. ALL WITHOUT OUR CONSENT.
And the government wants to store the database outside of Canada. I’m sure that would be in the United States, where the Patriot Act would give the US access to all our personal information. That, of course, assumes that they don’t already have it. To add insult to injury the “government” hired a foreign company to handle all our personal information. What’s wrong with Canadian companies, Canadian people. The government always talks about promoting Canadian companies, Canadian jobs, then hires foreign companies.
Currently the government is only allowed to store our information outside Canada for short periods of time. Why does our information have to go outside Canada at all? As you will see in future blogs, the government is prepared to spend huge sums of our money in collecting our information, why don’t they invest in protecting it – inside Canada. Then again, Nancy Napolitano of U.S. Homeland Security did say she wanted more information on Canadians. Maybe this is how it happens.


The Acting Information and Privacy Commissioner, Paul Fraser, to his credit, has pointed out the governments inability to protect personal information. This was shown in a report, dated February 9, 2009 (I believe they mean’t 2010), from the Office of the Information and Privacy Commissioner for BC, on an investigation on the large-scale privacy breach by the Ministry of Children and Family Development (MCFD). In the report “Commissioner Fraser found MCFD and MHSD failed to make reasonable security arrangements to protect personal information from risks such as unauthorized access, collection, use, disclosure or disposal as required by the Freedom of Information and Protection of Privacy Act (FIPPA). In addition, “Commissioner Fraser found a troubling lack of knowledge within the Ministries about the rules respecting the protection of personal information”. So, not only do they not protect personal formation, they don’t even know the privacy rules.
Some of the recommendations in the report by the Special Committee to Review the Freedom of Information and Protection of Privacy Act (based on recommendations of various groups/individuals) are:

Recommendation 20: Amend the Act to allow an individual to consent to the collection, use and disclosure of their personal information by a public body (similar to the Personal Information Protection Act).
“OIPC and privacy advocates….questioned whether the concept of consent was meaningful because of the power imbalance between the clients and providers of on-line, integrated government services.”

This was from OIPC – Cantelon letter 21 Apr 10 – From Paul Fraser under Consent, Collection and Disclosure:
“We strongly disagree with government’s submission that FIPPA should permit collection of personal information with consent. One of the internationally recognized privacy principles is that the collection of personal information must be limited to that which is necessary for the purposes identified by the organization. Permitting government to collect more than is necessary via a consent mechanism violates this privacy principle and would be inconsistent with all other public sector privacy legislation in Canada. Any “consent” would be meaningless given that citizens would not have any genuine or real choice to consent if they want or need to obtain government services.”

As you will note in a later post on the children, this can result in a situation tantamount to blackmail, i.e. give us your consent or we will deny you medical service.

​Recommendation 22: Consider holding public consultations on data sharing initiatives.
The OIPC submission, presented to the Special Committee on March 31, 2010, also focused on the privacy provisions of the Act. The submission pointed out that new information technologies enable data sharing initiatives on a scale and frequency that were never contemplated at the time the Act was drafted. The new ways in which the personal information contained in electronic databases is being collected, used and disclosed in data sharing projects raise significant privacy issues. When there is a bulk disclosure of personal information from a large database of one public body to another public body, citizens usually do not know how their personal information is being reconfigured, who is accessing it, for what purpose, whether it is accurate and how they can access it. This is particularly true where the transferred data is linked with personal information in other databases.
For this reason, the OIPC argued the public must be engaged in discussions around protecting privacy rights in data sharing projects. Its submission recommended that a code of practice be
developed by government in an open and transparent manner with stakeholder consultation through something like a White Paper process. A public consultation process on data sharing was successfully conducted by government and the Commissioner’s office in Britain in recent years.
The Special Committee supports the idea of a consultation process because we see it as a way to educate British Columbians on how the Act works now and how requests are treated by public bodies. We have concerns, though, about the prescriptive tone and broad scope of this OIPC amendment (as well as the one requiring the Commissioner’s approval for data-sharing initiatives).
Our own recommendation to government in regard to consultation is more modest.”

“Recommendation 23: Appoint a Government Chief Privacy Officer.
The OIPC submission also stated that a government-appointed Chief Privacy Officer is urgently required to act as a privacy advocate in the decision-making process and to ensure that privacy is fully considered and respected in any new initiative. This recommendation had been made by the former Information and Privacy Commissioner, and the current A/Commissioner in his investigation report into a recent privacy breach.
While the Special Committee is reluctant to create a new layer of bureaucracy, we think there is a need to educate ministries about what they can and cannot do in regard to privacy matters.”

If the public servants haven’t learned to read, to take courses or have an interest in protecting privacy by now, or interprets the Privacy Act in a self-serving way, I wonder if adding another layer of government bureaucracy will have any value. I still believe that we need transparency. I believe the public servants need to know we are monitoring them, holding them accountable. We need to know exactly what information is being collected, why it is being collected, specifically who has access, and specifically what measures are taken to protect that information. This should be followed up by independent reviews.

“Recommendation 24: Amend the Act to require that data sharing projects for the purpose of research must be subject to ethics review by an arm’s length stewardship committee.
The OIPC submission suggested too that some form of specific ethics review is necessary and desirable for government’s data sharing activities for the purposes of research. Complementary research-governance measures should be adopted in addition to the approval role for the OIPC. A committee of experts should be appointed by government that would function in a manner similar to research ethics boards of universities and the stewardship committees of the Ministry of Health Services. It would apply the criteria in s. 35(1) of the Act and such other criteria as are considered desirable in the committee’s terms of reference. The committee’s approval should be a mandatory precondition to disclosure of personal information by any public body for research purposes.”

This comes back to transparency and accountability. A committee of unknown individuals, agreeing to share our information with unknown research organizations, for unknown purposes – unknown to the individuals whose information will be shared. Why not recommend that consent be obtained from the people whose information is being shared? Why not identify who the researchers are, who they work for, what type of research they are doing with our information, and who will have access to our information, and who profits. After all, who selects these committees – not us!! Whose interests will these committee members serve? And if everything is above-board, then there is no need to hide this information. I just see this as another form of secrecy, and if you have secrecy you must have something to hide, and that may be fine, if it’s your information but it isn’t, its ours.

And from BC Office of the Privacy Commissioner – 2010 Annual Report News Release
“The risks to privacy presented by the growth of networked databases is a growing concern for public and private sector agencies, and a key challenge for the Office of the Information and Privacy Commissioner. This message was delivered in the office’s annual report, issued by Acting Information and Privacy Commissioner Paul Fraser, Q.C. today. “The erosion of privacy protection is nothing new, but the nature and magnitude of the risks to privacy provide increasing cause for alarm.”
New technologies are enabling, and driving the creation of more and more personal information data bases. “These systems collect and match disparate pieces of information about us and create a digital persona that not only may we be unaware of, but which may not represent an accurate picture of who we are,” the Acting Commissioner stated. “Yet this information will be used in decisions that affect us. I cannot understate the urgency of building these systems in a transparent, restrained and accountable way.”
Perhaps the first questions should be – do we (the patients, the citizens) need these systems, and who benefits.

I have not heard what the government will do. It can ignore all recommendations, or some recommendation; in essence it can do what it wants.


I understand from a newspaper article (The Province, August 27, 2010 pg. A10) that Auditor General John Doyle is in trouble with the politicians. There seems to be a conflict regarding who he works for – the politicians or the people. Fortunately, he believes that he works for the people and keeps doing his job and exposing wrong-doings of the politicians, including the violation of privacy rights. I hope he continues and doesn’t bend to political pressure.

There is a question I have regarding his report on the hospital database audit. Mr. Doyle’s report says that so many people were accessing patient information that it was impossible to sort out who was accessing the information. Doesn’t the CEO, Dr. David Ostrow, know who his suppliers are and which were accessing patient information? Doesn’t the CEO, Dr. David Ostrow, know who was allowed into the “business room” to plug their computers in the database and whose information they downloaded or was this available to anyone walking in off the street, no questions asked?

Madam Justice L’Heureux, of the Supreme Court of Canada, – Dube in R.V. O’Connor stated:
“Respect for individual privacy is an essential component of what it means to be free…When a private document or record is revealed the invasion is not with respect to the particular document or record in question. Rather, it is an invasion of the dignity and self-worth of the individual, who enjoys the right to privacy as an essential aspect of his or her liberty in a free and democratic society.” – R.v O’Connor [1995] 4 S.C.R. 411 at paras. 114, 119 – pg. 17
So, when someone violates your privacy rights they are also destroying your freedom and democracy.
We appear to have a segregated society in B.C., those whose privacy rights are respected in word and in action, and the rest of us whose privacy rights exist only on paper. Which group are you in??