Michael Geist’s latest column in the Toronto Star entitled Leaders weirdly silent on sweeping broadcast treaty is worth a read.

He talks about the meetings in Geneva about WIPO’s Broadcast Treaty. The article starts by saying: Government negotiators and broadcast officials descend on Geneva this week to continue negotiations on a treaty that few people have heard about, yet one which may have damaging long-term consequences for consumers, technology companies, telecommunications providers and the Internet.

Read the article

David Canton – for the London Free Press – September 9, 2006

Read this on Canoe

Have you ever thought your banking information might be leaked to foreign authorities?

Canada’s privacy commissioner, Jennifer Stoddart, is investigating the Society for Worldwide Interbank Financial Telecommunication (SWIFT) about whether that has happened.

The Belgium-based company provides more than 200 countries with messaging services and interface software to the global banking industry. SWIFT’s purpose is to act as an intermediary to transmit secure financial information exchanges among financial institutions.

The data in SWIFT’s possession are considered invaluable in the eyes of many foreign authorities.

The privacy commissioner suspects financial transactions by Canadians are being improperly disclosed to foreign government authorities via SWIFT.

There has been no confirmation that personal information pertaining to Canadians or Canadian banks has been subject to the improper distribution of information. On the other hand, neither SWIFT nor the U.S. government has said that the information given to the US government was limited to U.S. citizens and financial institutions.

SWIFT recognizes its role in the international financial infrastructure is a serious one, and co-operates with authorities to prevent illegal distribution of financial information. However, as to allegations involving SWIFT’s release of information to U.S. authorities, SWIFT’s website on policy compliance does not speak to the issue at all.

SWIFT’s statement on policy compliance released just two months ago completely avoided the issue.

Instead, SWIFT has released generalized and vague statements regarding compliance, and has merely stated that SWIFT has complied with all subpoenas.

This is a concern of privacy commissioners worldwide. Stoddart has expressed concern over the risks associated with improper personal financial information disclosure to foreign police or other government authorities, which is contrary to Canadian privacy law, including the Personal Information Protection and Electronic Documents Act (PIPEDA).

Stoddart has declined in the past to investigate outside of Canada for lack of jurisdiction.

Perhaps this investigation stemmed from concerns regarding SWIFT expressed by privacy commissioners around the world. Stoddart revealed that there are many times when it is not appropriate for the commissioner to act when the jurisdiction is outside of Canada.

The Canadian government has implemented procedures for the international exchange of banking data, which are meant to prevent unnecessary or inappropriate disclosures. However, the transfer of personal financial information to the U.S. government, to which SWIFT admits, clearly circumvents Canadian procedures and thus violates the requirement of appropriate purposes pursuant to PIPEDA.

A complaint has been filed by the Canadian Internet Policy and Public Interest Clinic (CIPPIC) under PIPEDA alleging that the six largest Canadian banks have failed to protect personal customer financial information from inappropriate disclosure by SWIFT. CIPPIC says Canada’s big six banks all use SWIFT to process international money transfers. Even though it is SWIFT that is distributing the information, the banks do not escape liability and remain responsible under PIPEDA.

The outcome of the investigation will prove to be interesting. If information on Canadians was improperly obtained according to Canadian law, how do we enforce that when it is done by foreign companies and governments? And what responsibility do Canadian banks have? They clearly have a responsibility to require subcontractors to comply with their privacy policies and Canadian privacy laws. But if the subcontractor ignores that, what obligations and options do they have?

If you are a foreign entity faced with a government demand for information, do you choose to say no and incur the wrath of that government, or to violate your contract with your bank customer?

It was 40 years ago today, Sept 8, 1966, when the first episode of Star Trek aired.

Take a look at a San Francisco Chronicle article about some Star Trek technology that has come true. Also at an article on a NASA site called The Science of Star Trek. Wired News has an interview with William Shatner.

Read the Chronicle article

Read the Science of Star Trek

Read the Wired interview

Rather than adding my 2 cents worth to the HP (thats Hewlett Packard – not Harrison Pensa) board of directors privacy/phone monitor controversy today (they didn’t think it was illegal?? – does the word fraud come to mind?), I’m pointing to a Digg post that mentions browsershots.org.

While Explorer may be the most popular web browser, its not the only one. That site allows you to enter your URL, and see what it looks like on other browsers. The site is suffering from too much traffic caused by the Digg effect – I suggest trying it in a couple of days.

Read the Digg post

Go to Browsershots.org

We are expecting 2 pieces of federal legislation soon dealing with copyright reform and lawful access. Both will be controversial.

David Fraser has a good comment on the role that private sector service providers should play in the balance between privacy and security – and its not to act as police.

Michael Geist continues with his 30 days of DRM series that deals with copyright reform issues, particularly, what the legislation might say about protecting DRM. He also has a good comment on the questionable thinking contained in an education ministers proposal.

My position on DRM is that is causes more problems than it solves, and defeating it should not be outlawed. Michael has focussed on all the exeptions that shouod be allowed to any provision outlawing defeating DRM. It just reinforces to me that this is getting way too complicated. Far simpler, easier, more certain, and balanced to forget any notion of outlawing tools to defeat DRM, and to expand the definition of fair dealing.

Read David’s comment on service provider roles

Read Michael’s comment on the education minister proposal

David Canton – for the London Free Press – September 2, 2006

Read this on Canoe

Statistics Canada recently revealed Internet use is on the rise.

Net use by Canadians has increased 46 per cent since 2002. Canadians spend an average 12.7 hours a week surfing the Internet, compared with an average of 8.7 hours in 2002.

The increase in Internet surfing comes with an unsurprising decrease in radio listening. Canadians listen to the radio an average of five hours a week, while TV remains the most-used media source among Canadians.

According to the survey, younger generations of Canadians spend the most time surfing the Net. This trend will likely increase as more classrooms become equipped with Internet technology and more sources of entertainment stem from the Internet.

In addition, a recent Gallup poll showed use of the Internet at work is on the rise. The average employee spends approximately 75 minutes a day using the Internet for non-work related activity.

With the rise in Net-surfing there’s a corresponding increase in privacy and security issues — two of the major social issues facing Canadians with respect to the Net. According to StatsCan almost 75 per cent of Canadians, both Internet users and non-users, expressed concern over security and privacy issues.

The concern is not surprising, considering the many ways information on the Internet can be tracked and saved. Too often, we hear about personal information being leaked or misused, either intentionally or accidentally.

Some of the main privacy concerns of consumers are whether their e-mail will be sold to third parties, fears of personal and financial information being stolen, and e-mail scams called “phishing,” where consumers receive messages from dishonest sources who disguise themselves as banks or credit card companies.

There are many products that create anonymity when surfing the web or instant messaging. These tools improve safety and security for individuals or businesses that surf the Net often.

To allay consumer fears of stolen credit or bank card numbers, consumers are encouraged to shop or relay confidential information at secure sites only. If you are prompted for personal information online, learn how it will be used and how it will be protected before you share it.

Online sites that begin with https: — with an “s” after http — indicate the website is secure. Also, if there is a padlock symbol displayed at the bottom of the screen, it is likely a secure site. An unbroken key symbol also demonstrates the site is secure.

Another way to protect your privacy is to do business with companies or institutions you already know.

David Fraser has a post telling about a dumpster in BC that was full of credit card receipts with card numbers and names. They were intended to go to the shredder.

Businesses must stop printing credit or debit card numbers and cardholder names on receipts – both the customer and their own copy. There is absolutely no need to do that – it breaches privacy laws – and increases the risk of fraud.

This is a pet peeve of mine, and of David Fraser. The Ontario Privacy Commissioner agrees – as evidenced by a letter she sent me a while back in response to a column I wrote. The credit card companies have policies that say they should not be printed.

So its beyond me why it still happens so often.

Read David’s post

Read an article of mine on the topic

Read the privacy commissioner’s response