The article you just read was brought to you by a few thousand dedicated readers. Will you join them?

Thanks for coming by The Tyee and reading one of many original articles we’ll post today. Our team works hard to publish in-depth stories on topics that matter on a daily basis. Our motto is: No junk. Just good journalism.

Just as we care about the quality of our reporting, we care about making our stories accessible to all who want to read them and provide a pleasant reading experience. No intrusive ads to distract you. No paywall locking you out of an article you want to read. No clickbait to trick you into reading a sensational article.

There’s a reason why our site is unique and why we don’t have to rely on those tactics — our Tyee Builders program. Tyee Builders are readers who chip in a bit of money each month (or one-time) to our editorial budget. This amazing program allows us to pay our writers fairly, keep our focus on quality over quantity of articles, and provide a pleasant reading experience for those who visit our site.

In the past year, we’ve been able to double our staff team and boost our reporting. We invest all of the revenue we receive into producing more and better journalism. We want to keep growing, but we need your support to do it.

Fewer than 1 in 100 of our average monthly readers are signed up to Tyee Builders. If we reach 1% of our readers signing up to be Tyee Builders, we could continue to grow and do even more.

If you appreciate what The Tyee publishes and want to help us do more, please sign up to be a Tyee Builder today. You pick the amount, and you can cancel any time.

Support our growing independent newsroom and join Tyee Builders today.
Before you click away, we have something to ask you…

Do you value independent journalism that focuses on the issues that matter? Do you think Canada needs more in-depth, fact-based reporting? So do we. If you’d like to be part of the solution, we’d love it if you joined us in working on it.

The Tyee is an independent, paywall-free, reader-funded publication. While many other newsrooms are getting smaller or shutting down altogether, we’re bucking the trend and growing, while still keeping our articles free and open for everyone to read.

The reason why we’re able to grow and do more, and focus on quality reporting, is because our readers support us in doing that. Over 5,000 Tyee readers chip in to fund our newsroom on a monthly basis, and that supports our rockstar team of dedicated journalists.

Join a community of people who are helping to build a better journalism ecosystem. You pick the amount you’d like to contribute on a monthly basis, and you can cancel any time.

Help us make Canadian media better by joining Tyee Builders today.
We value: Our readers.
Our independence. Our region.
The power of real journalism.
We're reader supported.
Get our newsletter free.
Help pay for our reporting.

Your Information Is Not Secure

Thousands of government breaches point to need for reform.

By Michael Geist 1 May 2013 |

Michael Geist, whose column runs weekly on The Tyee, holds the Canada Research Chair in Internet and E-commerce Law at the University of Ottawa, Faculty of Law. He can reached via email or online here.

image atom
Feds have repeatedly ignored calls to make security reforms.

As Canadians focused last week on the aftermath of the Boston Marathon bombing and the RCMP arrests of two men accused of plotting to attack Via Rail, the largest sustained series of privacy breaches in Canadian history was uncovered but attracted only limited attention.

Canadians have faced high-profile data breaches in the past -- Winners/HomeSense and the CIBC were both at the centre of serious breaches several years ago -- but last week, the federal government revealed that it may represent the biggest risk to the privacy of millions of Canadians as some government departments have suffered breaches virtually every 48 hours.

The revelations came as a result of questions from NDP MP Charlie Angus, who sought information on data, information or privacy breaches in all government departments from 2002 to 2012. The resulting documentation is stunning in its breadth.

Virtually every major government department has sustained breaches, with the majority occurring over the past five years (many did not retain records dating back to 2002). In numerous instances, the Privacy Commissioner of Canada was not advised of the breach.

Most vulnerable departments

Some of the most vulnerable departments are those that host the most sensitive information. For example, Citizenship and Immigration Canada suffered 161 breaches in 2012 -- more than three per week -- affecting hundreds of people. The department only disclosed the breaches to the Privacy Commissioner of Canada on five occasions.

Human Resources and Skills Development Canada famously suffered a massive breach last year -- 588,384 individuals were affected -- but less well known is that the department has had thousands of other breaches over the past few years. In 2007, a breach affected 28,651 people, yet the Privacy Commissioner of Canada was not informed and the department is unsure of whether the breach resulted in criminal activity.

Virtually no department has been immune to security breaches with nearly 100,000 individuals affected by breaches at Agriculture and Agri-Food Canada since 2008, almost 5,000 individuals hit at Fisheries Canada with no reporting to the Privacy Commissioner of Canada, and just under 200 breaches at the RCMP affecting an unknown number of people.

If a similar situation occurred involving a major Canadian bank, retailer or telecom company, there would be an immediate outcry for tougher rules on mandatory disclosure of security breaches. Yet the federal government plays by different rules, with no liability and no legal requirements to disclose the breaches.

Calls for reform repeatedly ignored

Successive federal privacy commissioners have urged the government to reform the badly outdated Privacy Act to at least hold government to the same privacy standard that it expects from the private sector. But those calls for reform have been repeatedly ignored.

Most recently, Privacy Commissioner of Canada Jennifer Stoddart identified 12 seemingly uncontroversial reforms, including strengthening annual reporting requirements by government departments, introducing a provision for proper security safeguards for the protection of personal information, and creating legislated security breach notification requirements. None of the recommendations have been implemented.

In fact, Canadian privacy failures dot the legislative landscape. Bill C-12, the Canadian private sector privacy bill intended to implement reforms that date back to hearings conducted in 2006 lies dormant in the House of Commons. A review of the private sector privacy law that was required by law in 2011 has seemingly been forgotten. Anti-spam legislation passed in 2010 and touted as a key part of the government’s cybercrime strategy is stuck as Industry Minister Christian Paradis dithers on the applicable regulations.

No institution has greater access to the personal information of Canadians than the federal government. The public entrusts it to keep their information secure and to take all appropriate action should a security breach occur. The latest revelations indicate that the failure to live up to that trust is spread across virtually all government departments and to the political leaders that have failed to introduce much-needed legislative privacy safeguards.  [Tyee]

Share this article

The Tyee is supported by readers like you

Join us and grow independent media in Canada

Facts matter. Get The Tyee's in-depth journalism delivered to your inbox for free


The Barometer

Tyee Poll: Are You Preparing for the Next Climate Disaster?

Take this week's poll