How technology impacts privacy.

by Patricia Jordan

Each day numerous companies create records about our personal habits. Our detailed personal information is used in ways that may surprise many, and while most of the purposes for gathering that information are benign, what is questionable is that the person whose information is being collected may be unaware of this process.

Loyalty programs are marketing initiatives that reward and encourage loyal buying behaviour by providing discounts or points. While many shoppers are aware that loyalty cards are used to compile profiles of their shopping habits, they may be unaware that this data is often shared with third-parties. Most large retailers collect personally-identifying information from customers when they apply for a loyalty card. Personally-identifying information includes your name, address, birth date, bank account, credit card number, telephone number and other information by which you can be identified. The use of radio-frequency identification (RFID) technology in loyalty cards raises privacy concerns, as the owner may be unaware of the RFID tag and that it can be read at a distance without the knowledge or consent of the individual.

In April 2006, Thomas Wellinger was sentenced to 19 to 30 years after pleading guilty to second-degree murder in Michigan. Oakland County Prosecutor Ken Frazee stated that Thomas Wellinger was traveling at approximately 70 MPH when he crashed his SUV into the back of a Honda, killing Judith Weinstein and her sons. Crucial evidence about his driving habits was gathered from his vehicle’s event data recorder (EDR). The EDR captures what happens in an automobile in the seconds before and after an airbag is released. The EDR indicated that the engine throttle speed was heavily engaged and for the five seconds prior to impact there was no attempt at breaking. The information gathered from the EDR was considered as crucial to the case against Wellinger.

In the future, a minor technological adjustment to the EDR could enable it to monitor the speed and driving habits of individuals, allowing police to issue speeding tickets without being present and to affect automobile insurance rates. While many know that Internet searches are stored in databases, many are unaware of how a cellphone’s tracking device can be used to remotely activate the microphone in a cellphone, allowing someone to eavesdrop on a conversation, or that a GPS vehicle tracking device can be used to track vehicle movement. Many businesses now monitor employees online through tracking service websites. GPS vehicle tracking devices send signals to an office computer pinpointing the location of vehicles in real time.

I asked Chris Bennett, a partner at Davis LLP who specializes in technology and privacy law, about how these new technologies impact privacy. In his words: “There is a constant tension between privacy law and new technology. For example, Google Street View is a fantastic way to get familiar with a foreign city before you travel there, but it also captures images of people on private property who did not consent to having their images appear online. Likewise, Facebook has become an enormously popular way to connect with people, but the amount of personal information collected and disclosed through Facebook is staggering and potentially dangerous. Canadian privacy law is able to address these issues, which is clear from the fact that Facebook has agreed to revise its privacy practices in response to a report issued by the Canadian privacy commissioner’s office. Tech companies therefore need to consider and address these privacy issues as part of their legal due diligence prior to commercializing their products and services.”

Patricia Jordan is the CBABC Web Manager. She welcomes your comments, questions and suggestions. Tel: 604-646-7861; Email: pjordan@bccba.org; visit: www.cba.org/bc.

This article was published in the December 2009 issue of BarTalk. © 2009 The Canadian Bar Association. All rights reserved.