access to information Ambush Marketing big data citizen science confidential information copyright data protection ecommerce and internet law Electronic Commerce electronic commerce and internet law Extraterritoriality fair use freedom of expression Geospatial geospatial data intellectual property Internet internet law invasion of privacy IP open courts open data open government personal information Privacy proactive disclosure takings trademark law trademarks transparency
Monday, 29 August 2016 09:43
A pair of interesting copyright lawsuits are making their way through the federal court and are worth watching for the novel issues they raise and the potential they have for shaping copyright law in Canada.
One of these is actually a series of lawsuits brought by the news service Blacklock’s Reporter against a total of 7 federal government departments and agencies and 3 Crown corporations and agencies. Blacklock’s provides articles on a subscription basis only; it accuses the various defendants of having accessed copies of its articles without having subscribed to the service and in breach of their copyrights. The defendants argue that Blacklock’s “employs a pattern of writing misleading or inaccurate articles about an organization with the expectation that these articles would be accessed and shared internally.” They then allege that Blacklock’s files access to information requests to uncover details of such access and distribution in order to issue claims for damages for copyright infringement. Essentially, they contend that Blacklock’s is engaged in copyright trolling. (Note that I wrote about an earlier law suit brought in Ontario small claims court by Blacklock’s against the Canadian Vintner’s Association here.)
The Federal Court has just upheld a prothonotary’s decision to streamline this litigation by issuing a stay of proceedings in 9 of the 10 lawsuits until certain legal issues have been aired and decided in the 10th. The decision is based on the view that since each of the cases raises similar issues, it would be more just and a more efficient use of resources to proceed in this way.
The defendants do not appear to deny having accessed the articles in question. Instead, they argue that the uses made of the articles in question were fair dealing (based on use of the material for “internal government reporting purposes”). They also raise the defense of copyright misuse. Copyright misuse relies on an argument that the copyright owner, through its conduct, is attempting to secure for themselves a broader right than it is entitled to by law. The defence now has a considerable track record in the United States, but remains novel in Canada. Clearly this litigation raises interesting arguments that make it worth following. The five-day trial for the case that is to go forward has been scheduled for September 2016.
A second case involves what is called a “reverse class action law suit” brought by Voltage Pictures against an as-yet unidentified group of defendants for copyright violation related to the downloading of films in which Voltage holds copyright. Typically a class action law suit is brought by a large group of plaintiffs who have all been harmed by the same wrong allegedly committed by a single defendant. The class action law suit allows plaintiffs to pool their efforts and it makes for a more efficient use of judicial resources. Class action law suits can also be used to hold defendants to account in cases where large numbers of people are negatively affected, but no single individual has suffered enough economic harm to make it worthwhile taking their case to court. In these ways, class action law suits improve access to justice. The reverse class-action law suit is quite another animal. In a reverse class-action law suit, there is a single plaintiff who essentially is arguing that it has been harmed by the actions of multiple defendants. Rather than sue each defendant individually, they proceed against a single defendant who is considered representative of the much larger class.
Voltage has recently succeeded in having a court compel Rogers Communications Inc. to reveal the name and address of a subscriber whose account has been linked by Voltage to allegedly illegal downloading activity. This will be the representative defendant in a law suit that may put the activities of thousands of other as yet unnamed ISP subscribers at issue. Of course, a court has yet to certify the reverse class action law suit.
Voltage’s strategy comes as both the courts and Parliament have put limits on the extent to which ordinary consumers can be targeted in copyright infringement lawsuits for non-commercial uses of works. By significantly limiting the damages available in such instances, Parliament made it deliberately difficult for copyright holders to launch law suits seeking massive amounts of damages against ordinary individuals – a practice that has become notorious in the United States. The “notice and notice” provisions of the Copyright Act also protect against sweeping accusations of copyright infringement that might otherwise limit freedom of expression by compelling the take down of content that might fall within the fair dealing exceptions to copyright infringement. Canadian courts have also been quite protective of individual privacy, requiring that a plaintiff establish a bona fide claim of copyright infringement before a court will issue an order compelling a service provider to produce customer name and address information that is linked to the allegedly infringing activity. The reverse class action lawsuit offers plaintiffs a work-around to some of these protective measures and could open the door to the large-scale pursuit of those who download unauthorized content over the internet. Both copyright owners and users’ rights advocates will be watching this case with interest.
Monday, 22 August 2016 06:55
A 2016 European Commission report titled Survey report: data management in Citizen Science projects provides interesting insights into how such projects manage the data they collect. Proper management is, of course, essential to ensure that the collected data can be used and reused by project leaders as well as by other downstream users. It is relevant as well to the protection of the privacy of citizen participants. The authors of this report surveyed a large number of citizen science projects. From the 121 responses received they distilled findings that explore the diversity of the citizen science projects, and that reveal a troubling lack of thorough data management practices. A significant shortcoming for many projects was the lack of appropriate data licences to govern reuse of either raw or aggregate data collected.
There has been growing pressure on those carrying out research using public resources to make the fruits of the research – including the research data – publicly available for consultation, verification or reuse. But doing so is not as simple as a binary open/closed choice. There are a number of different questions that researchers must address: Should the raw data be made open or only the aggregate data? Should it be immediately available or available only after an embargo period? Is all data suitable for release or should some be protected for public policy reasons (such as protecting privacy)? And what, if any, terms and conditions should be imposed on reuse?
On the issue of data licensing, Schade and Tsinaraki found that the conditions imposed on reuse by different projects varied. A majority of those who made data available believed that the data was in the public domain, while others imposed conditions such as non-commercial or share-alike restrictions. When asked which license they used to achieve these goals, 32 out of 56 respondents indicated that they used one of the commonly available template licences such as Creative Commons or Open Data Commons. A surprising number of respondents indicated that no particular licence was used. While data released in this way might be presumed to be “open”, the usefulness of the data might well be hampered by a lack of clarity regarding the scope of permitted reuse.
In addition to providing access to data, the authors of the Report asked whether citizen science researchers allowed open access to research results (presumably in the form of published papers and other output). While the overwhelming majority of projects indicated that they used open access options (ranging from public domain dedication to open access with conditions), Schade and Tsinaraki also found that 14 of the projects they considered used licences with terms that were not consistent with the reuse conditions that the researchers had identified. Clearly there is a need for greater support for projects in developing or choosing appropriate licences.
Although many of the projects indicated that they provided access to their data, the duration of that access was less certain. The authors found that 42% of projects intended to guarantee access to their data only within the lifespan of the project. The authors also found that 40% of projects that provide data access do not provide comprehensive metadata along with the data. This would certainly limit the value of the data for reuse. Both these issues are important in the context of citizen science projects, which are often granted-funded and temporally-limited. The ability to archive and preserve research data and to make it available for meaningful access and reuse should be part of researchers’ data management plans, and is something which should be supported by research institutions and funding agencies.
Overall, the Report provides data that suggests that the burgeoning field of citizen science needs more support when it comes to all aspects of data management. Proper data management practices will help citizen science researchers to meet their own objectives, to share their data effectively and appropriately, and to protect the rights and interests of participants.
Note: In 2015 I drafted a report, with Haewon Chung, for the Wilson Center Commons Lab titled Managing Intellectual Property Rights in Citizen Science. This report addresses many licensing issues related to the collection, sharing and reuse of citizen science data and outputs. It is available under a Creative Commons Licence.
Wednesday, 17 August 2016 06:28
Canada’s anomalous and downright dysfunctional official marks system is once again deserving of attention as the Rio Olympics unfold. The protection of Olympic marks in Canada reveals many of the deficiencies of this system.
Under the Trade-marks Act, “public authorities” in Canada can sidestep the whole process for application, review and registration of trademarks by simply asking the Registrar of Trade-marks to advertise whatever logo or word mark they have come up with for whatever undertaking they are engaged with. This includes the names and/or logos of government departments (eg: Heritage Canada & Design), the names and/or logos of municipalities (City of Windsor & Design) or even the names of publicly-funded institutions such as the National Gallery of Canada. At the other end of the spectrum are the myriad logos, slogans and words associated with government activities that are largely run as businesses, such as lotteries and casinos. Official marks are available to any ‘public authority’ and the meaning of this term has not always been clear. In the last 15 years or so the courts have tightened up the definition of a “public authority”, but nonetheless the register is crowded with official marks held by entities that were never entitled to hold them. These illegitimate official marks will remain protected unless someone spends their hard earned money to challenge them in court. This is just one of the ways in which the official marks regime is deeply flawed. The marks never expire; there is nothing in the Act that prevents them from being identical to or confusing with trademarks in which registered trademark owners may have invested a great deal of resources; and none of the limitations on the registrability of trademarks apply. There is also no mechanism (short of going to court) by which a mark can be removed from the Register by anyone other than the public authority once it is advertised. The Register is crowded with obsolete official marks. These marks stand in the way of new trademark registrations.
The Canadian Olympic Committee (COC) has long relied upon official marks to protect hundreds of marks relating to current and past Olympic Games and activities. Yet this protection was not enough for the IOC. In 2007, Canada enacted the Olympic and Paralympic Marks Act (OPMA) to fulfill a commitment made to the IOC in Vancouver’s bid for the 2010 Winter Olympics. Controversially, the OPMA added a new protection against ambush-marketing, and I have written about this aspect of the legislation elsewhere. But it also created a list of protected Olympics-related marks in Schedule 1. These marks are protected for as long as they remain on the Schedule. They include 39 basic Olympic and Paralympic related marks and logos. Further, the federal government can, by regulation, add new marks to the list whenever there is a need to do so. The OPMA also created a second schedule for the protection of Olympic marks related specifically to Games hosted by Canada. These marks would be protected only for the period of time set out in that schedule. In other words, they were limited to the period directly before and after the hosted event. There was no schedule for marks related to Olympic Games that were not hosted by Canada, such as the Rio Olympics.
In spite of this special legislation for Olympic-related marks, the COC still relies upon the official marks provisions of the Trade-marks Act to protect Olympics-related marks. Some of the marks found in Schedule 1 of the OPMA are also official marks under the Trade-marks Act (see, for example: FASTER HIGHER STRONGER, OLYMPIAD, OLYMPIC GAMES and OLYMPICS). This means that even if the federal government decided to remove these marks from this Schedule, they would still receive protection under the Trade-marks Act. The situation was much worse prior to 2014, when the COC (finally) withdrew from the Register of Trade-marks many of its official marks that also appeared in Schedules 1 and 2 of the OPMA, thus limiting the impact of the double-protection. Of course, this double protection endured for 7 years before being rectified, and it has not been completely corrected. Further, it was done purely voluntarily. Nothing in Canadian law prevents the COC from asking the Registrar of Trade-marks to advertise the same marks again as official marks. The legislative dysfunction is also evidenced by the surfeit of Olympic marks that are still protected as official marks including, for example, WINTER OLYMPIC GAMES, SUMMER OLYMPIC GAMES, OLYMPIC FLAME, OLYMPIC TORCH, and the list goes on. In addition, there is a pile of Olympic clutter on the Register, including marks and logos from past Olympiads such as the ones in Lake Placid, Calgary, Torino, Seoul – you get the picture.
For the Rio Games, the Canadian Olympic Committee has chosen to use the Trade-marks Act to protect two Rio-specific marks as official marks: Rio 2016, and Rio 2016 & Rings Design. Anyone who, misled by the title of the Olympics and Paralympics Marks Act, checked that statute to see what Olympic marks were protected and which ones were not, could be forgiven for missing those two – but forgiven they will not be if they use either of the marks.
There really are two issues here that need to be addressed. The first is that the federal government must do something about the hugely problematic category of official marks. That the official marks regime is dysfunctional is a well-known fact. The federal Liberals surely know this; when they were in opposition, MP Geoff Regan brought forward a private member’s bill to address the regime’s deficiencies.
The other problem is that the government has put in place two different regimes that can be used simultaneously to protect Olympic and Paralympic marks, and the (limited) checks and balances in one are not reflected in the other. The result is a mess of, well, Olympic proportions.
Friday, 05 August 2016 06:30
The BBC has reported that the U.S. Olympic Committee is taking a hard line against companies that use the twitter hashtag #Rio2016 in their tweets and who are not official sponsors of the Games. The USOC holds a registered trademark in the US for Rio2016. According to the BBC story, while the USOC is prepared to tolerate the non-commercial use of the hashtag in tweets by individuals, it draws the line at corporate use.
The move is hardly surprising – for decades now Olympic organizers have been trying to crack down on ambush marketing. Ambush marketing relies upon the creation of mental associations between a major event (in this case, the Olympics) and the products or services of non-sponsor companies. They can do so through trademark law, which protects the registered trademarks of the event, as well as through special laws prohibiting ambush marketing. These special laws have proven controversial because they ban the creation of “associations”, and such associations can be generated by using ordinary words that are descriptive of the event, its location or the year in which it is held.
Sponsors pay top dollars for sponsorship rights and insist upon a high degree of protection for this investment, and event organizers will insist that these revenues are necessary in order to make the games a success. Without the sponsorship money, the story goes, there would be no games. Thus everyone wins if sponsors’ rights are protected. The story is, however, a bit more complicated than that. There are many companies that invest, in one way or another, in amateur sporting associations and in athletes. A company that sponsored a promising young athlete for years, allowing her eventually to train and compete at the national level would find that when that athlete finally made it to the Olympics, they might run afoul of ambush marketing laws by publicly celebrating her achievement. “XYZ Corporation celebrates Jane Doe in her quest for Olympic Gold!” would, for example, most likely attract cease and desist letter.
The Twitter hashtag issue is both interesting and controversial. According to Twitter, hashtags are a device created on Twitter to allow for the indexing of key words or topics. In other words, hashtags facilitate conversations on a vast social network and allow people both to follow and to participate in those conversations. Thus, while Rio 2016 may be registered trademark of the USOC, #Rio2016 is an indexing term that allows people interested in the summer games to follow Twitter conversations on that subject. For the USOC to assert that non-sponsor companies cannot use the hashtag is to tell them that they cannot participate in those conversations. As such, their position likely goes too far. At least one U.S. court would seem to agree. In 2015 the U.S. federal district court in Eksouzian v. Albanese ruled that it was not trademark infringement to use a trademarked term in a hashtag “because hashtags are merely descriptive devices, not trademarks, unitary or otherwise, in and of themselves.”
Ironically, the push to crack down on so-called ambush-marketing may have its greatest impact on small businesses that do not have the resources to fight back when sent a cease-and-desist letter. As my co-authors and I noted in a 2011 article on ambush marketing, the real competitors of Olympic sponsors are generally large corporations with teams of lawyers that can help them design marketing campaigns that stay just on the right side of any anti-ambush marketing legislation.
Coverage of this issue can also be found in the article in Le Devoir by Boris Proulx “Ne sera pas Rio qui veut”.
Tuesday, 02 August 2016 07:20
Municipal police services in North America now commonly make digital crime maps available to the public online. These interactive maps allow individuals to choose a particular part of their city, as well as a window of time (crimes in the last 7, 14 or 21 days, for example). They can search for all mapped crimes in this time frame or can limit their search to particular types of crime. The results are returned in the form of icons on a map of the selected area. The icons represent different categories of criminal activity, and clicking on each icon will reveal basic information about the incident. The maps can be used for many purposes. For example, someone who is thinking of parking their vehicle overnight in a particular part of the city might search to see if there are many thefts of vehicles or thefts from vehicles in that area. Prospective home buyers or renters might also use the maps to assess the incidence of crime in neighborhoods they are considering. Most crime maps of this kind allow users to sign up for email alerts about crime in their neighborhood, and the maps also provide a means for individuals to send in tips about mapped crimes.
A police service that decides to offer an interactive crime map to the public can choose to create their own crime map (usually by hiring a tech services company to build one) (for examples of this option see the maps from Winnipeg or Halifax) or they can contract with one of a number of leading crime mapping companies in North America. These companies typically offer a range of data analytics services to police. Often the crime maps are offered for free, with the hope that the police service will purchase other analytics services. The 3 leading companies are all based in the United States, but they offer hosting on their platform to police services across North America.
In a new paper that has just been published in the International Journal of e-Planning Research, I look at the practice of crime-mapping in 3 Canadian municipalities – Ottawa, London and Saint John. The police services in each of these cities have contracted with a different one of the 3 leading U.S.-based crime mapping companies. In my paper I consider how these crime maps present particular narratives of crime in the city. These narratives may be influenced in subtle or not so subtle ways by the fact that the mapping platform is U.S.-based. These influences may show up in the rhetoric around the crime maps used by the host company, the crimes or other types of data chosen (or not chosen) for mapping, and the descriptions on the host platforms of the type of data featured on the maps. I also evaluate the quality of the mapped data, and explore how laws shape and constrain the use and reuse of crime data.
While the crime maps are superficially attractive and easy to use, there is reason to be concerned about their use. In my research for this paper, I learned that it is possible to access the maps either through the host company’s site or through the police service’s website. Depending on the route chosen, the messaging (including a description of the mapped data, the purpose of the map, and its limitations) is different. While disclaimers on the police services’ sites may warn of the limitations of the data provided, those who access through the host platform are unware of these deficiencies. The mapped data provide a very partial account of crime in the city, and critics of this type of crime mapping have raised concern both about the potentially misleading nature of the maps, and the particular narrative of urban crime they convey.
My paper also explores issues of control and ownership of the mapped data and the impact that this has on the ability of civil society groups either to critically assess the data or to create other tools and analytics that might combine crime data with other urban data. While the crime mapping platforms do not claim ownership of the data that they map (according to the sites, ownership rests with the police services), they do prohibit the scraping of data from their sites – and there is evidence of legal action taken to pursue data scrapers. In most cases, police services do not make the same data provided to the crime mapping companies available as open data. This allows the police service (in conjunction with the limitations built into the crime mapping platforms) to largely control how the data is presented to the public. At the same time, the presence of a publicly accessible crime map might itself be used by a police service as a justification for not making the same crime data available as open data. (I note that Vancouver, which hired a company to create its own crime map, also makes the mapped data available as open data (although it updates it with less frequency than the mapped data).
Ultimately, the paper asks whether this model of crime mapping advances or limits goals of transparency and accountability, and what lessons it offers about the use of private sector civic technologies to serve public sector purposes.
Note: The research behind this paper was recently featured by H.G. Watson in her article in J-Source titled “Reporters need to dig deeper into crime maps to tell the whole story”. The article also discusses April Lindgren’s interesting article on the relationship between police information and journalism titled “Covering Canadian Crime: What Journalists Should Know and the Public Should Question”.
Monday, 20 June 2016 07:10
The federal government has just released for public comment its open government plan for 2016-2018. This is the third such plan since Canada joined the Open Government Partnership in 2012. The two previous plans were released by the Conservative government, and were called Canada’s Action Plan on Open Government 2012-2014 and Canada’s Action Plan on Open Government 2014-2016. This most recent plan is titled Canada’s New Plan on Open Government (“New Plan”). The change in title signals a change in approach.
The previous government structured its commitments around three broad themes: Open Data, Open Information and Open Dialogue. It is fair to say that it was the first of these themes that received the greatest attention. Under the Conservatives there were a number of important open data initiatives: the government developed an open data portal, an open government licence (modeled on the UK Open Government Licence), and a Directive on Open Government. It also committed to funding the Open Data Exchange (ODX) (a kind of incubator hub for open data businesses in Canada), and supported a couple of national open data hackathons. Commitments under Open Information were considerably less ambitious. While important improvements were made to online interfaces for making access to information requests, and while more information was provided about already filled ATIP requests, it is fair to say that improving substantive access to government information was not a priority. Open dialogue commitments were also relatively modest.
Canada’s “New Plan” is considerably different in style and substance from its predecessors. This plan is structured around 4 broad themes: open by default; fiscal transparency; innovation, prosperity and sustainable development; and engaging Canadians and the world. Each theme comes with a number of commitments and milestones, and each speaks to an aspirational goal for open government, better articulating why this is an initiative worth an investment of time and resources.
Perhaps because there was so great a backlash against the previous government’s perceived lack of openness, the Liberals ran on an election platform that stressed openness and transparency. The New Plan reflects many of these election commitments. As such, it is notably more ambitious than the previous two action plans. The commitments are both deeper (for example, the 2014-2016 action plan committed to a public database disclosing details of all government contracts over $10,000; the New Plan commits to revealing details of all contracts over $1), and more expansive (with the government committing to new openness initiatives not found in earlier plans).
One area where the previous government faced considerable criticism (see, for example Mary Francoli’s second review of Canada’s open government commitments) was in respect of the access to information regime. That government’s commitments under “open information” aimed to improve access to information processes without addressing substantive flaws in the outdated Access to Information Act. The new government’s promise to improve the legislation is up front in the New Plan. Its first commitment is to enhance access to information through reforms to the legislation. According to the New Plan, these include order-making powers for the Commissioner, extending the application of the Access to Information Act to the Prime Minister and his Ministers’ Offices, and mandatory 5-year reviews of the legislation. Although these amendments would be a positive step, they fall short of those recommended by the Commissioner. It will also be interesting to see whether everything on this short list comes to pass. (Order-making powers in particular are something to watch here.) The House of Commons Standing Committee on Access to Information, Privacy and Ethics has recently completed hearings on this legislation. It will be very interesting to see what actually comes of this process. As many cynics (realists?) have observed, it is much easier for opposition parties to be in favour of open and transparent government than it is for parties in power. Whether the Act gets the makeover it requires remains to be seen.
One of the interesting features of this New Plan is that many of the commitments are ones that go to supporting the enormous cultural shift that is required for a government to operate in a more open fashion. Bureaucracies develop strong cultures, often influenced by long-cherished policies and practices. Significant change often requires more than just a new policy or directive; the New Plan contains commitments for the development of clear guidelines and standards for making data and information open by default, as well as commitments to training and education within the civil service, performance metrics, and new management frameworks. While not particularly ‘exciting’, these commitments are important and they signal a desire to take the steps needed to effect a genuine cultural shift within government.
The New Plan identifies fiscal transparency as an overarching theme. It contains several commitments to improve fiscal transparency, including more extensive and granular reporting of information on departmental spending, greater transparency of budget data and of fiscal analysis, and improved openness of information around government grants and other contributions. The government also commits to creating a single portal for Canadians who wish to search for information on Canadian businesses, whether they are incorporated federally or in one of the provinces or territories.
On the theme of Innovation, Prosperity and Sustainable Development, the New Plan also reflects commitments to greater openness in relation to federal science activities (a sore point with the previous government). It also builds upon a range of commitments that were present in previous action plans, including the use of the ODX to stimulate innovation, the development of open geospatial data, the alignment of open data at all levels of government in Canada, and the implementation of the Extractive Sector Transparency Measures Act. The New Plan also makes commitments to show leadership in supporting openness and transparency around the world.
The government’s final theme is “Engaging Canadians and the World”. This is the part where the government addresses how it plans to engage civil society. It plans to disband the Advisory Panel established by the previous government (of which I was a member). While the panel constituted a broad pool of expertise on which the government could draw, it was significantly under-utilized, and clearly this government plans to try something new. They state that they will “develop and maintain a renewed mechanism for ongoing, meaningful dialogue” between the government and civil society organizations – whatever that means. Clearly, the government is still trying to come up with a format or framework that will be most effective.
The government also commits in rather vague terms to fostering citizen participation and engagement with government on open government initiatives. It would seem that the government will attempt to “enable the use of new methods for consulting and engaging Canadians”, and will provide support and resources to government departments and agencies that require assistance in doing so. The commitments in this area are inward-looking – the government seems to acknowledge that it needs to figure out how to encourage and enhance citizen engagement, but at the same time is not sure how to do so effectively.
In this respect, the New Plan offers perhaps a case in point. This is a detailed and interesting plan that covers a great deal of territory and that addresses many issues that should be of significant concern to Canadians. It was released on June 16, with a call for comments by June 30. Such a narrow window of time in which to comment on such a lengthy document does not encourage engagement or dialogue. While the time constraints may be externally driven (by virtue of OGP targets and deadlines), and while there has been consultation in the lead up to the drafting of this document, it is disappointing that the public is not given more time to engage and respond.
For those who are interested in commenting, it should be noted that the government is open to comments/feedback in different forms. Comments may be made by email, or they can be entered into a comment box at the bottom of the page where the report is found. These latter comments tend to be fairly short and, once they pass through moderation, are visible to the public.
Wednesday, 15 June 2016 08:46
Yesterday I appeared before the House of Commons’ Standing Committee on Access to Information, Privacy and Ethics, along with Professor David Lyon of Queen’s University and Professor Lisa Austin of the University of Toronto. The Committee is considering long overdue reform of the Privacy Act, and we had been invited to speak on this topic.
All three of us urged the Committee to take into account the very different technological environment in which we now find ourselves. Professor Lyon cogently addressed the changes brought about by the big data context. Although the Privacy Act as it currently stands largely address the collection, use and disclosure of personal information for “administrative purposes” all three of us expressed concerns over the access to and use by government of information in the hands of the private sector, and the use of information in big data analytics. Professor Austin in particular emphasized the need to address not just the need for accuracy in the data collected by government but also the need to assess “algorithmic accuracy” – the quality/appropriateness of algorithms used to analyse large stores of data and to draw conclusions or predictions from this data. She also made a clear case for bringing Charter considerations into the Privacy Act – in other words, for recognizing that in some circumstances information collection, disclosure or sharing that appears to be authorized by the Privacy Act might nevertheless violate the Canadian Charter of Rights and Freedoms. There was also considerable discussion of information-sharing practices both within government and between our government and other foreign or domestic governments.
The Committee seemed very interested and engaged with the issues, which is a good sign. Reform of the Privacy Act will be a challenging task. The statute as a public sector data protection statute is sorely out of date. However, it is also out of context – in other words, it was drafted to address an information context that is radically different from that in which we find ourselves today. Many of the issues that were raised before the Committee yesterday go well beyond the original boundaries of the Privacy Act, and the addition of a few provisions or a few tweaks here and there will not come close to solving some of these privacy issues – many of which overlap with issues of private sector data protection, criminal law and procedure, and national security.
The notes related to my own remarks to the Committee are available below.
Written Notes for Comments by Professor Teresa Scassa to the House of Commons’ Standing Committee on Access to Information, Privacy and Ethics, June 14, 2016
Thank you for the opportunity to address this Committee on the issue of reform of the Privacy Act.
I have reviewed the Commissioner’s recommendations on Privacy Act reform and I am generally supportive of these proposals. I will focus my remarks today on a few specific issues that are united by the theme of transparency. Greater transparency with respect to how personal information is collected, used and disclosed by government enhances privacy by exposing practices to comment and review and by enabling appropriate oversight and accountability. At the same time, transparency is essential to maintaining public confidence in how government handles personal information.
The call for transparency must be situated within our rapidly changing information environment. Not only does technology now enable an unprecedented level of data collection and storage, enhanced analytic capacity has significantly altered the value of information in both public and private sectors. This increased value provides temptations to over-collect personal information, to share it, mine it or compile it across departments and sectors for analysis, and to retain it beyond the period required for the original purposes of its collection.
In this regard, I would emphasize the importance of the recommendation of the Commissioner to amend the Privacy Act to make explicit a “necessity” requirement for the collection of personal information, along with a clear definition of what ‘necessary’ means. (Currently, s. 4(1) of the Privacy Act requires only that personal information “relate directly to an operating program or activity of the institution”.) The goal of this recommendation is to curtail the practice of over-collection of personal information. Over-collection runs counter to the expectations of the public who provide information to government for specific and limited purposes. It also exposes Canadians to enhanced risks where negligence, misconduct or cyberattack result in data breaches. Data minimization is an important principle that is supported by data protection authorities around the world and that is reflected in privacy legislation. The principle should be explicit and up front in a reformed Privacy Act. Data minimization also has a role to play in enhancing transparency: not only do clear limits on the collection of personal information serve transparency goals; over-collection encourages the re-purposing of information, improper use and over-sharing.
The requirement to limit collection of information to specific and necessary purposes is tied to the further requirement on government to collect personal information directly from the individual “where possible” (s. 5(1)). This obviously increases transparency as it makes individuals directly aware of the collection. However, this requirement relates to information collected for an “administrative purpose”. There may be many other purposes for which government collections information, and these fall outside the privacy protective provisions of the Privacy Act. This would include circumstances that is disclosed to a government investigative body at its request in relation to an investigation or the enforcement of any law, or that is disclosed to government actors under court orders or subpoenas. Although such information gathering activities may broadly be necessary, they need to be considered in the evolving data context in which we find ourselves, and privacy laws must adapt to address them.
Private sector companies now collect vast stores of personal information, and this information often includes very detailed, core-biographical information. It should be a matter of great concern, therefore, that the permissive exceptions in both PIPEDA and the Criminal Code enable the flow of massive amounts of personal information from the private sector to government without the knowledge or consent of the individual. Such requests/orders are often (although not always) made in the course of criminal or national security investigations. The collection is not transparent to the individuals affected, and the practices as a whole are largely non-transparent to the broader public and to the Office of the Privacy Commissioner (OPC).
We have heard the most about this issue in relation to telecommunications companies, which are regularly asked or ordered to provide detailed information to police and other government agents. It should be noted, however, that many other companies collect personal information about individuals that is highly revelatory about their activities and choices. It is important not to dismiss this issue as less significant because of the potentially anti-social behaviour of the targeted individuals. Court orders and requests for information can and do encompass the personal information of large numbers of Canadians who are not suspected of anything. The problem of tower dump warrants, for example, was recently highlighted in a recent case before the Ontario Supreme Court (R. v. Rogers Communication (2016 ONSC 70))(my earlier post on this decision can be found here). The original warrant in that case sought highly detailed personal information of around 43,000 individuals, the vast majority of whom had done nothing other than use their cell phones in a certain area at a particular time. Keep in mind that the capacity to run sophisticated analytics will increase the attractiveness of obtaining large volumes of data from the private sector in order to search for an individual linked to a particular pattern of activity.
Without adequate transparency regarding the collection of personal information from the private sector, there is no way for the public to be satisfied that such powers are not abused. Recent efforts to improve transparency (for example, the Department of Innovation, Science and Economic Development’s voluntary transparency reporting guidelines) have focused on private sector transparency. In other words, there has been an attempt to provide a framework for the voluntary reporting by companies of the number of requests they receive from government authorities, the number they comply with, and so on. But these guidelines are entirely voluntary, and they also only address transparency reporting by the companies themselves. There are no legislated obligations on government actors to report in a meaningful way – whether publicly or to the OPC – on their harvesting of personal information from private sector companies. I note that the recent attempt by the OPC to audit the RCMP’s use of warrantless requests for subscriber data came to an end when it became clear that the RCMP did not keep specific records of these practices.
In my view, a modernization of the Privacy Act should directly address this enhanced capacity of government institutions to access the vast stores of personal information in the hands of the private sector. The same legislation that permits the collection of personal information from private sector companies should include transparency reporting requirements where such collection takes places. In addition, legislative guidance should be provided on how government actors who obtain personal information from the private sector either by request or under court order should deal with this information. Specifically, limits on the use and retention of this data should be imposed.
It is true that both the Criminal Code and PIPEDA enable police forces and investigative bodies under both federal and provincial jurisdiction to obtain personal information from the private sector under the same terms and conditions, and that reform of the Privacy Act in this respect will not address transparency and accountability of provincial actors. This suggests that issues of transparency and accountability of this kind might also fruitfully be addressed in the Criminal Code and in PIPEDA, but this is no reason not to also address it in the Privacy Act. To the extent that government institutions are engaged in the indirect collection of personal information, the Privacy Act should provide for transparency and accountability with respect to such activities.
Another transparency issue raised by the Commissioner relates to information-sharing within government. Technological changes have made it easier for government agencies and departments to share personal information – and they do so on what the Commissioner describes as a “massive” scale. The Privacy Act enables personal information sharing within and between governments, domestically and internationally, in specific circumstances – for investigations and law enforcement, for example, or for purposes consistent with those for which it was collected. (Section 8(2)(a) allows for sharing “for the purpose for which the information was obtained or compiled by the institution or for a use consistent with that purpose”). Commissioner Therrien seeks amendments that would require information-sharing within and between governments to take place according to written agreements in a prescribed form. Not only would this ensure that information sharing is compliant with the legislation, it would offer a measure of transparency to a public that has a right to know whether and in what circumstances information they provide to one agency or department will be shared with another – or whether and under what conditions their personal information may be shared with provincial or foreign governments.
Another important transparency issue is mandatory data breach reporting. Treasury Board Secretariat currently requires that departments inform the OPC of data security breaches; yet the Commissioner has noted that not all comply. As a result, he is asking that the legislation be amended to include a mandatory breach notification requirement. Parliament has recently amended PIPEDA to include such a requirement. Once these provisions take effect, the private sector will be held to a higher standard than the public sector unless the Privacy Act is also amended. Any amendments to the federal Privacy Act to address data security breach reporting would have to take into account the need for both the Commissioner and for affected individuals to be notified where there has been a breach that meets a certain threshold for potential harm, as will be the case under PIPEDA. The PIPEDA amendments will also require organizations to keep records of all breaches of security safeguards regardless of whether they meet the harm threshold that triggers a formal reporting requirement. Parliament should impose a requirement on those bodies governed by the Privacy Act to both keep and to submit records of this kind to the OPC. Such records would be helpful in identifying patterns or trends either within a single department or institution or across departments or institutions. The ability to identify issues proactively and to address them either where they arise or across the federal government can only enhance data security – something which is becoming even more urgent in a time of increased cybersecurity threats.
Tuesday, 07 June 2016 15:29
The social sciences research community has been buzzing over the announcement on May 17, 2016 that the Social Sciences Research Network (SSRN) has been acquired by Elsevier Publishing Group.
SSRN is a digital repository that was created in order to enable researchers in the social sciences to share their work in advance of its publication. Prior to the launch of SSRN, long delays between submission and print publication of papers had been a significant problem for researchers – particularly those working in rapidly changing and evolving fields. In addition, it was not always easy to find out who was working in similar areas or to be aware of developing trends in research as a result of the long publication delays. SSRN allows researchers to publish working papers, conference papers, and pre-print versions of accepted papers – as well as (where permitted by journals) published versions of papers. Access to the database is free to anyone with an Internet connection. This too is important for sharing academic research more broadly – many published academic journals sit behind digital paywalls making broader public access impractical or impossible. SSRN has been a game-changer, and it is now widely used by academics around the world as a vehicle for sharing research.
Elsevier is a commercial publisher which has, in the past, focused primarily on the fields of science, technology and health. It publishes over 2000 international journals. In recent years it has developed other information “solutions”. These include not only digital publishing platforms, but also data analytics, as well as tools to enhance and facilitate collaboration among researchers.
The controversy over the acquisition of SSRN lies in the deep distrust many researchers seem to have about the willingness of a commercial publisher known for its top-dollar subscriptions and generally restrictive access policies to maintain a publicly accessible information dissemination service that is free to both academics and the broader public. The founders of SSRN maintain that Elsevier, which also publishes open access journals, understands the need for broad sharing of research and has no intention of placing the site behind a paywall. They argue that SSRN’s acquisition by Elsevier will only enhance the services it can offer to scholars.
Critics of the sale of SSRN to Elsevier raise a number of concerns. One of these is, of course, whether SSRN will genuinely continue to be available as a free resource for sharing research. The reassurances of both Elsevier and SSRN’s founders are firm in this respect. Nevertheless, there are concerns that Elsevier might more strictly police what content is available on SSRN. It is likely the case that some academics post articles to which their publishers hold the copyright on the view that enough time has passed since publication to make free dissemination normatively if not legally acceptable.
The potential that access to some content might be limited is only one of the issues that should be on scholars’ radar – and it is probably not the most important one. By acquiring SSRN, Elsevier will enhance its expanding analytics capability – and data analytics are an important part of its business model. Researchers should consider the nature and extent of these analytics and how they might impact on the publication, dissemination, valuation and support for research in other venues and other contexts. For example, how might granting agencies or governments use proprietary data analytics to make decisions about what research to fund or not fund? Will universities purchase data from Elsevier to use in the evaluation of their researchers for tenure, promotion, or other purposes? Does it serve the academic committee to have so much data – and its analytic potential – in the hands of a single private sector organization? Given that this data might have important ramifications for scholars, and, by extension, for society, are there any governance, accountability or oversight mechanisms that will provide insight into how the data is collected or analyzed?
Essentially, the noble project that was SSRN has evolved into a kind of Facebook for academics. Researchers post their articles and conference papers to share with the broader community – and will continue to do so. While for researchers these works are what define them and are the “value” that they contribute to the site, the real commercial value lies in the data that can be mined from SSRN. Who collaborates with whom? How many times is a paper read or downloaded? Who cites whom, and how often? The commercialization of SSRN should be of concern to academics, but it is data governance and not copyright that should be the focus of attention.
Thursday, 26 May 2016 09:48
What is the status of copyright protected documents or data sets that are provided to government institutions as part of regulatory, judicial or administrative processes? In my previous blog post I considered one instance where a court decided that a regulatory regime effectively expropriated the copyrights in works submitted to certain federal regulatory boards. In early May of this year, an Ontario court considered a similar issue: what happens to the copyright of land surveyors in the documents and drawings they prepare when these are submitted to Ontario’s electronic land registry system.
Keatley Survey Ltd. v. Teranet Inc was a class action law suit brought by a group of Ontario land surveyors against the private sector company authorized by the government to run its electronic land registry system – Teranet. Teranet recovers its costs of creating and operating the system by charging fees for access to and reproduction of the documents contained in the registry. The plaintiffs in this case argued that they had copyright in those documents, and that they were entitled to fees or royalties from the commercial use of these documents by Teranet.
It was undisputed by the defendants that there was copyright in the survey plans created by the plaintiffs. What was more contentious was the issue of ownership of that copyright. The defendants argued that copyright in the plans was owned by the Crown (in this case, the Ontario government). Under section 12 of the Copyright Act, Crown copyright subsists in works that are “prepared or published by or under the direction or control of Her Majesty or any government department. . . .”. The court rejected the argument that the plans were “prepared” under the control of government. Instead, Justice Belobaba ruled that the plans were produced independently of government by the surveyors at the requests of their clients. The fact that the plans might need to conform with regulatory requirements did not mean that they were prepared under the direction or control of the Crown. Justice Belobaba noted that if this argument were accepted, then “lawyers who file pleadings or facta at court registries would lose the copyright in their work simply because they complied with the statutory filing requirements about form or content.” (at para 33).
Teranet also argued that Crown copyright applied because the plans were “published” under the control of government. Justice Belobaba expressed doubts on this point, finding that the reference to publication in s. 12 of the Copyright Act did not independently create a basis for Crown copyright. He stated: “Just because the federal or provincial government publishes or directs the publication of someone else’s work (as opposed to governmental material) cannot mean that the government automatically gets the copyright in that work under s. 12 of the Copyright Act.” (at para 37) Nevertheless, he did not decide the matter on this point. Instead, he found that the legislation relating to the land registry system specifically establishes that any copyrights in surveys are automatically transferred to the Crown when they are filed.
Section 165(1) of the Land Titles Act and section 50(3) of the Registry Act both provide that “all plans of survey submitted for deposit or registration at a land registry office become “the property of the Crown”.” (at para 6). While this might simply refer to ownership of the physical property in the documents, Justice Belobaba found that other provisions in the statutes addressed the rights of the government to copy, computerize and distribute the documents, and to do so for a fee. He wrote: “The statutory prescription and authorization for copying the plans of survey strongly suggests a legislative intention that “property of the Crown” as used in these statutory provisions includes copyright.” (at para 7).
If copyright in these documents becomes the property of the Crown, how does this come about? The Copyright Act requires that any assignment of copyright must be in writing and signed by the owner of copyright. Justice Belobaba found that the declaration required of surveyors to certify that their plans are correct and in accordance with the legislation did not amount to an assignment of copyright. This is an interesting point. Ultimately, the court finds that copyright is “transferred to the province” when plans are deposited, but that there is no signed assignment in writing. This must, therefore, be a form of regulatory expropriation of the copyright in the surveys and plans. Here, any such expropriation is implicit, not explicit. Since copyright is a matter of federal jurisdiction, it is fair to ask whether a provincial government’s expropriation of copyrights is an improper interference with federal jurisdiction over copyrights. Certainly, a provincial government might require an assignment of copyright as a condition of the filing of documents; what is less clear is whether it can actually override the Copyright Act’s provision which requires assignments to be signed and in writing. There is an interesting jurisdictional question below the surface here.
Because the court concludes that the plaintiffs did not retain copyright in their surveys or plans, there was no need to consider other interesting issues in the case relating to fair dealing or whether there was a public policy exception permitting copying and distribution of the documents.
This decision combined that that in Geophysical Services Inc., strongly suggests that courts in Canada are open to arguments around the regulatory expropriation of copyrights by governments in the public interest. In both cases, the courts found support for the expropriation in legislation, although in neither case was it clear on the face of the legislation that expropriation of copyrights was specifically contemplated. As digital dissemination of information, public-private partnerships, and new forms of commercialization of data may impact the commercial value of information submitted to governments by private actors, governments may need to be more explicit as to the intended effects of their regulatory schemes on copyrights.
Monday, 16 May 2016 07:37
Can a government cut short the term of copyright protection in the public interest through a regulatory scheme? This question was considered in the recent decision in Geophysical Services Inc. v. Encana. In my previous blog post I discussed the part of the decision that dealt with whether the works at issue in the case were capable of copyright protection. In this post, I consider the regulatory expropriation issues.
Geophysical Services Inc (GSI) had argued that the government had violated its copyright in its compilations of seismic data and in its information products based on this data, when it released them to the public following a relatively short confidentiality period. The data had been submitted as part of a regulatory process relating to offshore oil and gas exploration. GSI also argued that the oil and gas companies which then used this data in their operations, without paying license fees, also violated their copyright. As discussed in my previous post, Justice Eidsvik of the Alberta Court of Queen’s Bench found that both the compilation of data and the related analytics were original works and were the product of human authorship.
The infringement issue, however, did not end with a finding of copyright in the plaintiff’s works. The outcome of the case turned on whether the government was entitled to release the information after the end of the 5-15 year confidentiality period established by the regulatory regime – and, by extension – whether anyone was then free to use this material without need for permission. The normal term of copyright protection for such a work would be for the life of the author plus an additional 50 years.
GSI was engaged in geological surveying, using seismic testing to create charts of the ocean floor. In order to engage in this activity it needed a permit from the relevant provincial and federal authorities: the National Energy Board, the Canada Newfoundland and Labrador Offshore Petroleum Board and/or the Canada Nova Scotia Offshore Petroleum Board. It was also required, as part of the regulatory process to submit its data to the relevant Boards. The process of mapping the ocean floor using seismic testing is time and resource intensive, and requires considerable human expertise. Once it was collected and compiled, GSI would license its data to offshore oil and gas exploration companies who relied upon the quality and accuracy of the GSI product to carry out their activities.
According to the regulatory regime any data or information submitted to a Board must be kept confidential by the Board for a specified period. Disclosure is governed by the Canada Petroleum Resources Act (CPRA). Section 101 of the CPRA provides that documentation submitted as part of the regulatory process is privileged and shall not be disclosed except for purposes related to the regulatory regime. In the case of data or information related to geophysical work, the period of privilege is 5 years. It was agreed by the parties that this meant that the data could not be disclosed without consent for at least 5 years. However, the plaintiff argued that its copyright in the materials meant that even if the privilege expired, the plaintiff’s copyrights would prevent the publication of its information without its consent.
In reviewing the legislative history, Justice Eidsvik concluded that it was the government’s clear intention to stimulate oil and gas exploration by ensuring that exploration companies could get access to the relevant seismic data after a relatively short period of privilege. The proprietary rights of GSI (and other such companies) could be asserted within the privilege period. According to the legislative history, this period was set as the amount of time reasonable to permit such companies to recoup their investment by charging licence fees before the data was made public. Justice Eidsvik found a clear intention on the part of the legislature to limit the copyright protection available in the public interest. The 5-year privilege period was designed to balance the rights of the copyright holder with the broader public interest in oil and gas exploration. She also found that the publication of the data was a form of compulsory licence – oil and gas exploration companies were free to make use of this data once it was released by the Boards. Essentially, therefore, the legislative regime provided for an expropriation – without compensation – of the remainder of the term of copyright protection. According to Justice Eidsvik, the inclusion of a no-compensation clause in the statute “acknowledges Parliament’s intent to confiscate private property in return for a policy it believed to be in the public interest to promote early exploration of its resources in the offshore and frontier lands.” (at para 237)
GSI argued that changes in technology combined with the high cost of collecting and processing the data had disrupted any balance that might have been contemplated in setting the original 5-year privilege period. In fact, although the legislation allows for the publication of the data after 5 years, the practice of the Boards has been to delay the release of the data anywhere up to 15 years. However, GSI still maintained that the balance was no longer fair or appropriate. Justice Eidsvik was clearly sympathetic to GSI’s arguments, but she found that as a matter of statutory interpretation the legislation was clear in its effect. She noted that it would be for Parliament to change the legislation if it needs to be adapted to changing circumstances.
The issues raised by this case are interesting. Copyright law already contains many provisions that aim to balance the public interest against the rights of the copyright holder. Fair dealing is just one example of these. In fact, the term of protection (currently life of the author plus 50 years) is another one of these balancing mechanisms. What the court recognizes in Geophysical Services Inc. v. Encana is that other federal legislation can limit the term of copyright protection in order to advance a specific public interest.
This is not the only circumstance in which copyright may be limited by laws other than the Copyright Act. Another case which has recently been settled without being resolved on the merits (Waldman v. Thompson Reuteurs Canada Ltd.—discussed in my blog post here) raised the issue of whether the open courts principle effectively creates an implied public licence to use any materials submitted to the courts as part of court proceedings. This would include documents authored by lawyers such as statements of claim, factums, and other such documents. In Waldman, these materials had been taken from court records and included in a pay-per-use database by a legal publisher.
There are other contexts in which materials are submitted to regulators and later made public as part of that process. (Consider, for example, patent disclosures under the Patent Act). The legislation in such cases may not be as explicit as the CPRA – Justice Eidsvik found this statute to be very clear in its intent to make this data open and available for reuse after the statutory confidentiality period. In particular, she cited from the parliamentary debates leading up to its enactment in which disclosure in the interest of stimulating oil and gas exploration was explicitly contemplated.
One question going forward is in what circumstances and to what extent do legislated requirements to disclose data or documents terminate copyright protection in these materials. Another interesting issue is whether a provincial government could establish a regulatory regime that effectively brings to an end the term of copyright protection (since copyright falls within federal jurisdiction). In an environment where intellectual property rights are increasingly fiercely guarded, Parliament (and the legislatures?) may need to be more explicit about their intentions to cut short IP rights in the public interest.
Canadian Trademark Law
Published in 2015 by Lexis Nexis
Electronic Commerce and Internet Law in Canada, 2nd Edition
Published in 2012 by CCH Canadian Ltd.
Intellectual Property for the 21st Century
Intellectual Property Law for the 21st Century: