A longstanding weakness in Canada and strength in Europe could soon come under heavy fire from the Trump regime.
About 26 years ago, Canada’s last major privacy reform, the Personal Information Protection and Electronic Documents Act (PIPEDA) had received royal assent. At the time, it was a major milestone for the protection of Canadian privacy laws. Of course, back then, the world was a very different place and, as anyone with even a hint of knowledge about technology in general, technology moves quickly at breakneck speeds.
Indeed, the way these privacy laws are framed, it actually made sense at the time. Canada would have various provincial privacy commissioners as well as a federal privacy commissioner. They have the power to look into various instances of privacy incidents and, if they find violations, they would issue a strongly worded letter. At the time of the bill becoming law, this was actually a sensible option because, back in the day, the biggest privacy concerns were companies not properly shredding their documents and leaving that information available to any random dumpster diver who could use that personal information to steal someones identity.
The idea that someone could steal thousands of identities through a data leak was a foreign concept because you might be asked by someone at the time if you intend on bringing a fleet of vans to steal that many identities. Either way, enforcement of sending strongly worded letters worked because data leaks were localized and publishing a document that a company didn’t properly shred their documents was generally more than enough to shame them into complying with the law.
That world is long gone and replaced with a world where a database can be leaked or breached, exposing the identities of not just thousands, but hundreds of thousands or millions of identities. What’s more, the companies involved are international. Probably the prime example of why Canada’s privacy laws are now an abysmal failure was the Cambridge Analytica scandal. Not only did Facebook laugh off the strongly worded letter, but also got the courts to rule that Facebook did nothing wrong – a ruling that was polar opposite to numerous other jurisdictions where even the patchwork system in the US still managed to fine Facebook $5 billion over the very same scandal. The law said that Facebook had done bad and Facebook responded with what amounts to “yeah, you got a problem with that”. All the law could do was respond with what amounts to “no… not at all. It’s a very nice loss of data… very beautiful. Anyway, have a good day.”
Suffice to say, Canada’s privacy laws are so pathetic, we may as well not have any at all. To pour salt in the wound, Canadian lawmakers are completely unbothered that Canadians have no protection at all from criminal activity on this front at all. They spent all these years dragging their feet even as the privacy scandals mount. All of this over laws that were merely half measures at best in the first place that doesn’t actually solve very many of the longstanding problems in the system.
While Canadian lawmakers have spent decades sitting on their hands apart from whenever their political parties can further pillage that information for themselves, Europe took a very different approach. In 2018, the overwhelming conclusion was that business as usual simply doesn’t work in a modern technological era. So, they passed the GDPR (General Data Protection Regulation). The laws and regulations weren’t necessarily perfect (enforcement in certain jurisdictions was a reoccurring problem in the years since), but it set a global standard for what modern privacy laws should be doing.
In a nutshell, it set a standard for how that personal information can be stored and requires companies to be forthcoming whenever they suffer from a data breach or leak (solving one of the biggest problems in data protection because companies routinely hid these issues). Should an incident occur, fines can be levied against companies. I know, there’s a revolutionary concept: fining companies when they break the law. While the expectation was that such laws would be emulated by other countries who now find themselves falling behind in the global efforts to protect privacy, that ultimately didn’t come to fruition as the temptation to exploit that data and negligently leaving it randomly lying around on the web proved to be an all too profitable prospect – especially in the world of data brokers who have far FAR too much personal information on you without your permission.
Unfortunately, we are seeing reports that could undo all of that. Whether it is the almost complete lack of movement in Canada or Europe actually moving things forward and actually bothering to protect their citizens at all, there is now a global threat on this front: the Trump regime. US diplomats are reportedly being instructed to press countries to either abandon privacy reform or rescind what few protections that exist in this world. From Reuters:
President Donald Trump’s administration has ordered U.S. diplomats to lobby against attempts to regulate U.S. tech companies’ handling of foreigners’ data, saying in an internal diplomatic cable seen by Reuters that such efforts could interfere with artificial intelligence-related services.
Experts say the move signals the Trump administration is reverting to a more confrontational approach as some foreign countries seek limits around how Silicon Valley firms process and store their citizens’ personal information – initiatives often described as “data sovereignty” or “data localization.”
In the State Department cable, dated February 18 and signed by U.S. Secretary of State Marco Rubio, the agency said such laws would “disrupt global data flows, increase costs and cybersecurity risks, limit Artificial Intelligence (AI) and cloud services, and expand government control in ways that can undermine civil liberties and enable censorship.”
The cable said the Trump administration was pushing for “a more assertive international data policy” and that diplomats should “counter unnecessarily burdensome regulations, such as data localization mandates.”The State Department did not provide comment on the cable. However, it said the U.S. strongly supports cross-border data flows that promote growth and innovation while protecting privacy, safety, and free expression and stands ready to partner with countries that share those goals.
This report appears to showcase an early warning sign that the Trump regime is increasingly interested in increasing their foreign interference operations. While foreign interference is nothing new for the US given that the far right funded a terrorist attack and occupation in Ottawa back in 2022, this marks a more clear effort to interfere in the legislative processes of other countries on the privacy front.
Indeed, over the last year, the Trump regime has been putting considerable pressure on Canada and, at times, ironically driving positive change such as the rescinding of the Digital Services Tax. While that was truly a positive development given the affordability crisis in Canada, there was no way this pressure was always going to inadvertently drive positive change. The efforts to stymie any efforts to protect the privacy rights of citizens is a worrying thing to witness. What’s more, the US is already pressuring Canada to pass American style warrentless wiretapping – a debate that should’ve died out completely a decade ago. So, it’s entirely possible that the US could not only thwart efforts to protect people’s personal information, but also demand that Canada pass laws that make the situation even worse.
Europe could be a much more interesting conflict. After all, Europeans are much more willing to protect peoples personal information. As such, efforts to try and scrap critical data protection laws could result in fierce resistance from the Europeans. After all, in 2020, there was the famous Max Schrems court ruling which said that companies must vet personal information before it is sent overseas. So, even if politicians did decide to cave, the citizens might be more likely to resist these efforts.
Either way, the US is seemingly looking into trying to shake down countries to reduce their privacy protections of citizens. How far the US is willing to take this remains to be seen. Still, at the very least, there are initial efforts to push for the reduction of privacy rights of citizens.
(Via @MGeist)
Drew Wilson on Mastodon, Twitter and Facebook.
Discover more from Freezenet.ca
Subscribe to get the latest posts sent to your email.
