Lessons from Québec: towards a national policy for information privacy in our information society

Boyer, Nicole-Anne

05 1900

While on the broadest level this paper argues for a rethinking of governance in our "information society," the central thesis of this paper argues for a national policy for data protection in the private sector. It does so through three sets of lessons from the Quebec data protection experience. These include lessons for I) the policy model, (2) the policy process, (3) the policy area as it relates to the policy problem as well as general questions about governance in an information polity. The methodology for this paper is based on a four-part sequential analysis. The first part is a theoretical and empirical exploration of the problem, which is broadly defined as the "tension over personal information." The second part looks comparatively at how other jurisdictions have responded to the problem. The third part assesses which model is the better policy alternative for Canada and concludes that Quebec regulatory route is better than the national status quo. The fourth part uses a comparative public policy framework, as well as interviews, to understand the policy processes in Quebec and Ottawa so that we can highlight the opportunities and constraints for a national data protection policy in the private sector.

Information policy -- Canada

Privacy, Right of -- Canada

Privacy, Right of -- Québec (Province)

Data protection -- Canada

A new Canadian intellectual property right : the protection of data submitted for marketing approval of pharmaceutical drugs

Stoddard, Damon.

January 2006

In order to market and sell a new pharmaceutical drug in Canada, the Minister of Health requires the initial applicant to submit clinical test results demonstrating that the drug is safe and effective for human use. Subsequent applicants, who typically lack the resources to conduct expensive clinical trials, must refer to and rely upon the initial applicant's data in their applications to market a generic version of the drug. / On June 17, 2006, the federal government of Canada published a proposed data protection regulation, which would provide an initial applicant with eight years of protection for clinical test results submitted in a new drug submission. This protection would lead to an eight year period of market exclusivity for the drug associated with the clinical test data, regardless of whether that drug was protected by a Canadian patent. / In this thesis, the author first describes what data protection is on a practical level, and distinguishes data protection from other forms of intellectual property rights. Next, the author discusses how various jurisdictions choose to protect clinical test data submitted to their health authorities. Canada's international obligations pursuant to the NAFTA and the TRIPS Agreement are also examined. In this regard, the author argues that Canada is under no obligation to provide initial applicants with eight years of data protection. Furthermore, the author argues that exclusive time-limited property rights in clinical test data are difficult to justify from a theoretical perspective. Finally, the author prescribes certain legislative changes to Canada's proposed data protection regulation.

Data protection -- Law and legislation.

Drugs -- Law and legislation -- Canada.

Drug development -- Canada.

Asmens duomenų apsauga darbo vietoje / Protection of personal data at the workplace

Bučinskas, Liudas

20 March 2006

Naujų informacinių technologijų pažanga įtakojo ir darbo santykius, iš esmės pakeitė darbo vietos supratimą, supaprastino ir paspartino daugelį darbo procesų. Tačiau tai parodė ir neigiamą savybę: darbdaviui atsirado poreikis kontroliuoti, kokiais tikslais darbo vietoje darbuotojai naudoja informacinės technologijas ir ar jomis nepiktnaudžiauja, tam pasitelkiant elektronines sekimo priemones. Elektroninio stebėjimo ir kontrolės priemonės įgalino darbdavius rinkti milžiniškus kiekius duomenų apie savo darbuotojus ar net kištis į jų asmeninį gyvenimą. Todėl išryškėjo konfliktas tarp darbuotojo teisės į privatumą ir darbdavio teisėtų verslo interesų, kurio sprendimo variantas – teisinėmis priemonėmis pasiektas balansas tarp šių teisinių vertybių. Darbo tema „Asmens duomenų apsauga darbo vietoje“ yra pakankamai plati, todėl autorius iš esmės nagrinėja, jo manymu, vieną problematiškiausių aspektų – elektroninį darbuotojų stebėjimą iš kontrolę. Darbe siekiama atskleisti privatumo darbo vietoje ribas, analizuojamos literatūroje pateikiamos elektroninio darbuotojų stebėjimo ir kontrolės priežastys, nagrinėjamos technologijos ir būdai darbuotojams sekti bei jų keliama grėsmė darbuotojų privatumui. Taip pat autorius analizuoja teisinio reglamentavimo ypatumus, susijusius su darbuotojų privatumu bei jų elektroniniu stebėjimu ir kontrole skirtingose teisinėse sistemose, daugiausiai remdamasis JAV, ES ir Lietuvos teisės aktais ir identifikuodamas pagrindines problemas. Nagrinėdamas... [to full text] / The progress of new modern technologies has made an impact on industrial relations and essentially changed the concept of a workplace. The work aims to reveal workplace privacy limits, to analyse the reasons of electronic monitoring and surveillance found in literature, to investigate the methods and technologies to survey employees and the possible threat to employees privacy caused by these methods. The author also analyses the peculiarities of legal regulations related to employees’ privacy and electronic monitoring and surveillance in different legal systems, his analyses being mainly based on the law of the USA, the EU and Lithuania and on the identification of the main problems.

Law

Privatumas

Elektroninis stebėjimas ir kontrolė

Asmens duomenų apsauga

Privacy

Elektronic monitoring and surveillance

Personal data protection

The Protection of Pharmaceutical Patents and Data under TRIPS and US-Jordan FTA: Exploring the Limits of Obligations and Flexibilities: A Study of the Impacts on the Pharmaceutical Sector in Jordan

Abughanm, Saad

26 March 2012

In 2000, Jordan signed the Agreement on Trade-related Aspects of Intellectual Property Rights (the TRIPS Agreement) and a free trade agreement with the US (USJFTA). Both commitments have required Jordan to comply with various obligations, including full compliance with the minimum standards for the protection of intellectual property rights (IPRs) under the TRIPS Agreement and TRIPS-Plus IP standards set out under the terms of the USJFTA. Enticed by views that strong IP protection would create prosperity in the Kingdom by promoting technological innovation and inducing transfer and dissemination of technology to Jordanians, Jordan implemented the provisions of TRIPS and the USJFTA to the letter. However, Jordan focused little attention on important “TRIPS flexibilities”. In particular, Jordan has qualified parallel importation and limited the grounds of compulsory licenses. In addition, Jordan provides pharmaceutical testing data with data exclusivity. This thesis focuses on the Jordanian experience in the pharmaceutical sector. It argues that strong patent protection has not been conducive to the promotion of technological innovation and the transfer and dissemination of technology. Moreover, this protection has resulted in adverse outcomes such as increased drug prices, unavailability of essential medicines in some public hospitals for serious diseases, and a dwindling local pharmaceutical industry, in part, as a consequence of its inability to access advanced, patented technology on reasonable commercial terms. The thesis also investigates the legitimacy of establishing certain grounds of compulsory licensing by Jordan, even in light of the TRIPS-Plus obligations under the USJFTA. It advocates that such grounds contribute to the promotion of technical innovation, lead to the transfer of advanced technology, and above all improve access to affordable medicines. Finally, the thesis explores Jordan’s obligations to protect pharmaceutical testing data under TRIPS and USFTA arguing that neither of these two instruments requires data exclusivity as claimed by Pharmaceutical Research and Manufacturers of America (PhRMA) and some developed countries.

Jordan

developing countries

TRIPS agreement

pharmaceutical patent

access to medicines

data protection

0398

Advance passenger information passenger name record : privacy rights and security awareness

Banerjea-Brodeur, Nicolas Paul

January 2003

An in-depth study of Advance Passenger Information and Passenger Name Record has never been accomplished prior to the events of September 11 th. It is of great importance to distinguish both of these concepts as they entail different legal consequence. API is to be understood as a data transmission that Border Control Authorities possess in advance in order to facilitate the movements of passengers. It is furthermore imperative that harmonization and inter-operability between States be achieved in order for this system to work. Although the obligations seem to appear for air carriers to be extraneous, the positive impact is greater than the downfalls. / Passenger Name Record access permits authorities to have additional data that could identify individuals requiring more questioning prior to border control clearance. This data does not cause in itself privacy issues other than perhaps the potential retention and manipulation of information that Border Control Authorities may acquire. In essence, bilateral agreements between governments should be sought in order to protect national legislation. / The common goal of the airline industry is to ensure safe and efficient air transport. API and PNR should be viewed as formalities that can facilitate border control clearance and prevent the entrance of potentially high-risk individuals.

Airline passenger security screening

Biometric identification

Privacy, Right of

Data protection -- Law and legislation

Privacy and technological development : a comparative analysis of South African and Nigerian privacy and data protection laws with particular reference to the protection of privacy and data in internet cafes and suggestions for appropriate legislation in Nigeria.

Laosebikan, Foluke Oyelayo.

January 2007

No abstract available. / Thesis (Ph.D.)-University of KwaZulu-Natal, 2007

Theses--Law.

Geo-immersive Surveillance and Canadian Privacy Law

Hargreaves, Stuart Andrew

09 January 2014

Geo-immersive technologies digitally map public space for the purposes of creating online maps that can be explored by anyone with an Internet connection. This thesis considers the implications of their growth and argues that if deployed on a wide enough scale they would pose a threat to the autonomy of Canadians. I therefore consider legal means of regulating their growth and operation, whilst still seeking to preserve them as an innovative tool. I first consider the possibility of bringing invasion of privacy actions against geo-immersive providers, but my analysis suggests that the jurisprudence relies on a reasonable expectation of privacy approach that makes it virtually impossible for claims to privacy in public to succeed. I conclude that this can be traced to an underlying philosophy that ties privacy rights to an idea of autonomy based on shielding the individual from the collective. I argue instead considering autonomy as relational can inform a dialectical approach to privacy that seeks to protect the ability of the individual to control their exposure in a way that can better account for privacy claims made in public. I suggest that while it is still challenging to craft a private law remedy based on such ideas, Canada’s data protection legislation may be a more suitable vehicle. I criticize the Canadian Privacy Commissioner’s current approach to geo-immersive technologies as inadequate, however, and instead propose an enhanced application of the substantive requirements under Schedule 1 of PIPEDA that is consistent with a relational approach to privacy. I suggest this would serve to adequately curtail the growth of geo-immersive technologies while preserving them as an innovative tool. I conclude that despite criticisms that privacy is an inadequate remedy for the harms of surveillance, in certain commercial contexts the fair information principles can, if implemented robustly, serve to regulate the collection of personal information at source in a fashion that greatly restricts the potential for those harms.

law

privacy

google

surveillance

streetview

feminist legal theory

autonomy

PIPEDA

data protection

Canada

mapping

Internet

0398

Geo-immersive Surveillance and Canadian Privacy Law

Hargreaves, Stuart Andrew

09 January 2014

Geo-immersive technologies digitally map public space for the purposes of creating online maps that can be explored by anyone with an Internet connection. This thesis considers the implications of their growth and argues that if deployed on a wide enough scale they would pose a threat to the autonomy of Canadians. I therefore consider legal means of regulating their growth and operation, whilst still seeking to preserve them as an innovative tool. I first consider the possibility of bringing invasion of privacy actions against geo-immersive providers, but my analysis suggests that the jurisprudence relies on a reasonable expectation of privacy approach that makes it virtually impossible for claims to privacy in public to succeed. I conclude that this can be traced to an underlying philosophy that ties privacy rights to an idea of autonomy based on shielding the individual from the collective. I argue instead considering autonomy as relational can inform a dialectical approach to privacy that seeks to protect the ability of the individual to control their exposure in a way that can better account for privacy claims made in public. I suggest that while it is still challenging to craft a private law remedy based on such ideas, Canada’s data protection legislation may be a more suitable vehicle. I criticize the Canadian Privacy Commissioner’s current approach to geo-immersive technologies as inadequate, however, and instead propose an enhanced application of the substantive requirements under Schedule 1 of PIPEDA that is consistent with a relational approach to privacy. I suggest this would serve to adequately curtail the growth of geo-immersive technologies while preserving them as an innovative tool. I conclude that despite criticisms that privacy is an inadequate remedy for the harms of surveillance, in certain commercial contexts the fair information principles can, if implemented robustly, serve to regulate the collection of personal information at source in a fashion that greatly restricts the potential for those harms.

law

privacy

google

surveillance

streetview

feminist legal theory

autonomy

PIPEDA

data protection

Canada

mapping

Internet

0398

SCRIPSIT : a model for establishing trustable privacies in online public spaces.

Rodda, Paul Trevor-John.

January 2004

This dissertation proposes a model supporting the creation of trustable privacies in public online spaces, with the model demonstrating the potential for supporting trustable data handling in the qualitative domain. Privacy and trust, from the pivotal perspective of the individual were identified as crucial intangibles in the qualitative research and personal trust domains. That both privacy and trust depend heavily upon credible mechanisms for privacy became clear during the literature review and interview processes. Privacy, in its many forms, is a concept requiring greatly varying degrees of anonymity, confidentiality and control (Rotenberg, 2001; Lessig, 1998) and this was position was validated by literature and by qualitative comments by academic interviewees. Facilitation of secondary users including academics, public and private organisations, communities, casual information browsers is a goal of this research. This goal of facilitation is supported by the model proposed, and is discussed in Chapter 6, where future work is discussed. The core requirement to address confidentiality, ethics, privacy, ownership and control of data (Corti, 2000) is satisfied by the model as proposed and discussed. Expected outcomes of this research project are summarised as: • Proposed model for the creation of trustable privacies in public spaces. [Primary outcome] • Promotion of collaboration amongst domains and disciplines through improved universal access to archived data [Secondary outcome] • Identification of application domains outside of the initially identified domain set [Secondary outcome]. Self-Contained ReposItory ProcesSIng Template (SCRIPSIT) describes a model supporting a decentralised, trustable set of structures and mechanisms. SCRIPSIT has its eponymous origin in the Latin word scripsit, meaning "he or she wrote". / Thesis (M.A.)-University of KwaZulu-Natal, Durban, 2004.

Privacy, Right of.

Computers--Access control.

Data protection.

Theses--Digital media.

Quantifying steganographic embedding capacity in DCT-based embedding schemes.

Zawilska, Anna.

January 2012

Digital image steganography has been made relevant by the rapid increase in media sharing over the Internet and has thus experienced a renaissance. This dissertation starts with a discussion of the role of modern digital image steganography and cell-based digital image stego-systems which are the focus of this work. Of particular interest is the fact that cell-based stego-systems have good security properties but relatively poor embedding capacity. The main research problem is stated as the development of an approach to improve embedding capacity in cell-based systems. The dissertation then tracks the development of digital image stego-systems from spatial and naïve to transform-based and complex, providing the context within which cell-based systems have emerged and re-states the research problem more specifically as the development of an approach to determine more efficient data embedding and error coding schemes in cell-based stego-systems to improve embedding capacity while maintaining security. The dissertation goes on to describe the traditional application of data handling procedures particularly relating to the likely eventuality of JPEG compression of the image containing the hidden information (i.e. stego-image) and proposes a new approach. The approach involves defining a different channel model, empirically determining channel characteristics and using them in conjunction with error coding systems and security selection criteria to find data handling parameters that optimise embedding capacity in each channel. Using these techniques and some reasoning regarding likely cover image size and content, image-global error coding is also determined in order to keep the image error rate below 1% while maximising embedding capacity. The performance of these new data handling schemes is tested within cell-based systems. Security of these systems is shown to be maintained with an up to 7 times improvement in embedding capacity. Additionally, up to 10% of embedding capacity can be achieved versus simple LSB embedding. The 1% image error rate is also confirmed to be upheld. The dissertation ends with a summary of the major points in each chapter and some suggestions of future work stemming from this research. / Thesis (M.Sc.Eng.)-University of KwaZulu-Natal, Durban, 2012.

Data encryption (Computer science)

Data protection.

Digital images.

Cryptography.

Computer security.

Theses--Electronic engineering.