The post-9/11 emphasis on the need for security has exacerbated the difficulty of balancing the individual right of privacy with the state’s right to know, especially at border crossings. And more and more the fulcrum those two balance upon is the personal electronic device, be it a laptop, a tablet or a smartphone.
The credit card used to be the thing we wouldn’t leave home without, these days it’s our electronic devices, particularly smartphones. They have become indispensable when travelling, especially now that travel providers have made tickets and boarding passes available electronically.
In a submission to the Standing Committee on Access to Information, Privacy and Ethics at the end of September, various CBA groups underlined the many ways in which the law has failed to keep pace with technology, and the impact that failure has on Canadians at the border – including lawyers protecting solicitor-client privilege.
“The information storage capacity and the privacy concerns arising from them are completely different than those arising from physical storage vessels like luggage, which shaped the early principles of ‘briefcase law’,” the submission notes.
Briefcases have a limited ability to tell others about you – you can edit their contents, check the pockets, vacuum them out if need be and unless you put souvenir stickers on them they can’t tell anyone where you’ve been. A smartphone on the other hand is a pocket-sized tick-tock of all your activities – where you were and when, who you called, who you texted (and how often), what web pages you like to look at, your finances, shopping history. If you’ve synched your Fitbit to it, it can even give out details of your health, including how often you exercise and what you eat. It’ll spill dirt on you quicker than your little brother the first time you bring a date home.
“The modern reality was unknown when the relevant provisions of the Customs Act were drafted,” the submission says.
“The Supreme Court has clearly established that the greater intrusion on privacy, the greater the constitutional protections and a greater justification is required. And while there may be a diminished expectation of privacy at the border, this expectation is not completely extinguished.”
The Privacy Commissioner has begun an investigation into searches of electronic devices by the Canadian Border Service Agency, as the practice of “suspicionless searches” has come under increasing scrutiny. During his appearance on Bill C-23, Commissioner Therrien noted that the bill “recognizes the sensitivity” of other kinds of searches, such as strip searches, but does not acknowledge that a search of a smartphone might be far more intrusive because of the kind of information it can hold.
The submission discusses whether a smartphone can be deemed a “good” as defined under the Customs Act, and says the Act “has no application to electronic information in or accessible through an electronic device.” Instead, the groups argue, the more pertinent analogy is mail. Customs officials are allowed to examine envelopes, but may not open an individual’s mail without a reasonable belief that the envelope contains a regulated, controlled or prohibited substance.
“Immeasurable amounts of electronic information stream in and out of Canada through fiber optic cables without any degree of scrutiny by the CBSA. Any review of this information without a warrant would be constitutional under the Charter, and no court would issue a warrant for wholesale fishing expeditions of it. How can information stored on an electronic device carried by a traveller be any different? The inevitable conclusion is that a warrant or other judicial approval must be obtained prior to examining the information contained or accessed through an electronic device at the border.”
The submission contains a total of 17 recommendations dealing with everything from concerns expressed in earlier submissions about Bill C-21 and particularly Bill C-23, the Preclearance Bill, which it notes is highly intrusive on privacy rights; the need for a working group to develop a defined policy for searches at the border that involve information protected by solicitor-client privilege, and for that policy to be readily available on the CBSA website; the need for effective CBSA oversight and complaint mechanisms; and that any sharing of personal information gathered at the border be subject to applicable privacy rules.