PrivacyCampTO – Colin McKay

Liveblogged Julianna | 19 June 2010 | 3 Comments

Colin McKay – Privacy Commissioner’s office

  • was at another Privacy discussion yesterday with professionals and academics
  • hard to explain range of opinions and positions of people who are aware of Privacy issues
  • when you want a simple overview of privacy issues on something like Facebook, do you cover a narrow but quick overview?
  • Colin – Masters on intelligence collection, and not as tech savvy as others, but is a sucker for the latest toys
  • Colin discussing different computers he has used in the past
  • Colin (Director of Research) focuses on Education and Outreach for the Privacy Commissioner, learning about what Canadians think of privacy and how we use technology; distills information for Commissioner
  • moved from monitoring conferences in the background to participating and reading blogs and reviewing podcasts
  • Commissioner supports research/projects outside of their own work
  • Colin is able to support complaints through his own budget
  • Commissioner commissioned essays on deep packets, which got them prepared to handle some complaints that came up; setup a website regarding the technology for Canadians; posted essays on website on WordPress format to allow for feedback
  • Commissioner trying to be more open and conversational with their research –> assuming some risks because this is new for most governmental offices

Subjects on Commissioner’s radar

  • electronic health records: responsibility of some of the provincial commissioners with legislation; a different federal agency is looking at EHR certification – Privacy Commissioner is tracking this
  • national security aparatus vs corporations (law enforcement techniques and private companies; contracted law enforcement)
  • electronic health records & First Nations
  • info guide on Credit reports developed in Quebec
  • U of T – video surveillance and video analytics, notice for video surveillance
  • U of T digital wallets
  • pediatric bio banks
  • Ryerson – privacy protection as risk analysis in corporate practice
  • Ryerson – incorporating privacy into the smart grid
  • Ryerson – targeted ads

Privacy Commissioner – Toronto Office

  • Having only an office in Ottawa was becoming an issue
  • Toronto office considered a regional presence
  • Setting up an office in Toronto – focuses on PEPIDA (mostly coming from banking & insurance companies in Toronto)
  • hiring a few investigators and someone with a background in policy and outreach
  • have a building in mind
  • want to have the office ready for the fall
  • news release


How do you deal with moving targets like Facebook?

  • compliance process – ongoing dialog with the company; public stance from Commissioner is muted to keep the dialog open and ongoing
  • investigations based on the complaints received, while companies change their policies ongoing
  • there are individual investigators and others looking at overall issues related to an industry
  • process for enforcing privacy on tools is long – research, report, request commitment, take to court if no compliance

Assuming changes to PEPIDA go through, what will happen to breach notificaton from companies (e.g. compnaies saying “we didn’t think that was an issue”)

  • lot of debate on where the line in the sand is for when notification is given on privacy breach
  • will be a mix of awareness and trial and error
  • discussions happening with companies on where that line should be
  • Commissioner’s office encouraging discussions with organizations/companies when a breach does occur
  • challenge is dealing with medium and small sized organizations because they don’t have staff to handle these issues
  • many companies are already working with privacy breach notifications in some jurisdictions and apply them to all jurisdictions

e-Health – perception that the Commissioners office hasn’t championed privacy rights of Canadians. Office has been mostly silent on this.

  • provincial commissioners & federal commissioners for privacy + health policy offices
  • federal level looking at certification model
  • argument is that the model itself is fundamentally flawed

PIPEDA and privacy of Canadians re commerce

  • some advocates feel PIPEDA is too lenient
  • PIPEDA also needs to take companies interests into consideration
  • people need to have broad range of privacy

CRTC has become so archaic, but how can Privacy law/legislation keep current and avoid becoming archaic?

  • need to constantly monitor market and make changes
  • constantly working on tweaks and amendments
  • Privacy legislation requires an overhaul, and Commissioner is aware of this
  • Commissioner working with other privacy offices/commissioners

Regional office in Toronto being headed up by someone who used to work with a bank – is this too cozy?

  • opportunity to pull someone with expertise in both industry and policy
  • acknowledge that Commissioner will need to align the staff’s interests with the office

Does the Commissioner’s office interact with the PMO regarding communications issues?

  • spoke with PCO office once since he’s been working for the Commissioner
  • receive no direct instruction from PCO on communications of privacy issues
  • requests sign-offs
  • Commissioner accountability – appeared before Parliament 24 times last year; also appear before Senate and National Security committees
PIPEDA – does it need to be stronger? how do we enforce it?
  • normal process of investigation is initiated by individual complaints
  • organization & core processes being rebuilt
  • Another PIPEDA review starting next year
  • conversations happening with legal scholars

How can the Privacy Commissioner keep up with complaints?

  • recently just took care of backlog of requests
  • conducts and commissions research to support complaint investigations

PrivacyCampTO – Opening Remarks

Liveblogged Julianna | 19 June 2010 | 0 Comments

Opening remarks – Kate Raynes-Goldie and Nick Longstaff

  • Nick Longstaff will be facilitating
  • Nick’s personal privacy was invaded. Here’s the story!
    Was in a wonderful love affair, with a conversation via email. Her ex bf cracked her email password, read the correspondence and corresponded with Nick for 5 emails. Nick then questioned whether he should have written anything at all.
    Was a lesson in what to put in writing. While we’re looking at large-scale privacy at corporate level, should also think about privacy re how we treat it personally.
  • This is an unconference! Encourage personal exchange
  • (Kate is playing with the mic)
  • Welcome to the 1st Privacy Camp in Canada!
  • Very timely, with all of the things happening with Facebook and the use of internet by all now
  • Kate is working on her PHD on Privacy and Facebook
  • What do you want to get out of this? What do you want to discuss? What changes do you want to see?
  • Facilitation game – Nick looks excited
  • Nick placed a tape on the floor as a scale of level of privacy
  • Objection to 1-dimensional concept of privacy
  • People seems to want to focus on personal control of privacy
  • Do people want to talk about the control they exert or the control they feel they have?
  • Nick proposing the amount of control we feel
  • People want a second axis for the amount of information they share
  • Sharing more + sharing less (own information for this excersize)
  • Taller is more control, shorter is less control
  • Mass chaos!
  • Almost everyone was standing up, so people seem to want control
  • This is also very subjective – there are no clear units for how to describe this.


  • Perception – politics/issues
  • External Feedback
  • Relativity!
  • Context – space and community
  • Different control/share levels in different spaces/communities
  • Change (reacting to external factors & feedback)
  • What’s at risk/Level of trust

Exercise 2

  • Share 1 piece of information on a piece of paper
  • 1 person asked what is happening with the piece of paper:
    You will have complete control over the information
  • Another asked whether the terms will change
  • Nick asked who will hand over their paper
  • A few people offered right away; others offered after some time & a thank you; some people offered to sell the paper to Nick
  • Nick now has candies to pass out in exchange for candy
  • 5 people go up to exchange their info for candy
  • A few people have said that they are going to wait to see what else is being offered in exchange for the info
  • Nick & Kate now offering $5
  • 3 seconds – 1 person took the offer of $5
  • Someone saying that he won’t take anything in exchange for the info until he knows what will happen to the info
  • Now to offer providing secure storage of the info. Who will now offer the info? – 3 people responded
  • Now everyone being asked to close their eyes
  • Kate announced that the Terms of Service has changed.
  • Nick has locked all of the info in the vault of plastic bag
  • Nick wants to know if anyone objects to the information being shared?
  • Some people say they’re okay, but others object because they didn’t agree to this.
  • Nick is now shredding all of the pieces of paper in the vault of plastic bag
  • Someone offered information in exchange for candy but gave him fake information.
  • Someone else only provided public information that was already available
  • Some people also make their decision to exchange info based on their perception of trust.
  • Lots of talk about whether Nick needed the information he was asking for.
  • Someone noticed that Nick tried to buy trust before earning it
  • Nick noticed that he also didn’t have Kate introduce him and give him credibility
  • Nick asking us to think about when we felt comfortable and uncomfortable during the excersize

Kate’s thank-yous:

  • Jason Nolan
  • Edgelab – Jason Nolan, Alex Bal
  • Luke Walker
  • David Fono
  • Julianna Yau
  • Melanie Chin
  • Peter @TorontoDigital
  • Privacy Commissioner
  • Hacklab


  • invites participation
  • ability to talk with other attendees – not just listen to speakers
  • breaks down separation between speaker and audience
  • more casual than a formal conference
  • people are more comfortable in participating
  • unconference always has a slot where all sessions are interesting
  • importance of math – rule of 2 feet (go where you want to go)

Housekeeping items

  • Nick hopes we can summarize a few recommendations & questions to stimulate discussion through the larger privacy network
  • intro to speedgeek format – also talk about how you relate to Privacy and if you’re working on policy, etc

PrivacyCampTO Liveblogging and Twittering: Watch this space!

Uncategorized Kate Raynes-Goldie | 19 June 2010 | 0 Comments

PrivacyCampTO is tomorrow – June 19! If you can’t join us or want the full social media back channel experience, we’re having much of the event liveblogged here by Julianna Yau and Melanie Ching, with @TorontoDigital on the live Twittering. And of course, don’t forget to watch #privacycampto.

See ya on the internets!

Free Lunch: Brought to You by Chef’s Catering

Announcements David Fono | 18 June 2010 | 0 Comments

Everyone loves a free lunch, and we’re very happy to thank Chef’s Catering for helping to provide one for PrivacyCampTO. Plus free breakfast and coffee, too!

PrivacyCampTO: just over a week away!

Announcements luke | 10 June 2010 | 0 Comments

PrivacyCampTO is now just over a week a away, and we’re very excited about the day that is starting to take shape!

We’re really looking forward to some lively discussions, given some of the recent changes in the privacy landscape–a groundswell of concern about Facebook’s ever-changing policies leading to “Quit Facebook” days; allegations of personal information being shared between various social media sites and their advertisers; and Google being accused of illegally collecting information about wi-fi networks in several countries.

Thanks to the generous support of the the EDGE Lab at Ryerson and the Office of the Privacy Commissioner of Canada, we’ve secured a great space, an excellent facilitator, and refreshments to get us through the day. Whether you’re a casual user looking for information on how your personal information is being shared and how you can open or restrict your online profiles, or whether you’ve got a project you’d like to share or issue you’d like to talk about, please join us! If you want to speak or have a topic you’d like to see addressed, please be sure to add it to our wiki–the schedule is really starting to take shape, but we’ll be sure to leave room for additions and changes the day of the event. And of course, be sure to register!

Office of the Privacy Commissioner of Canada on board as lead sponsor!

Announcements Kate Raynes-Goldie | 23 May 2010 | 0 Comments

We are pleased to announce that the Office of the Privacy Commissioner of Canada will be the lead sponsor for PrivacyCampTO. Thanks to their generous support, we will have a professional facilitator as well as breakfast and lunch provided for participants.

The office has done some amazing work, including investigating and forcing Facebook to improve its privacy practices to comply with Canadian law, so we are extremely excited to have them on board! hosting PrivacyCampTO social!

Announcements Kate Raynes-Goldie | 20 May 2010 | 0 Comments

We are pleased to announce that, Toronto’s own hacker collective and community space, will be hosting the post-event social fun time at their lab in Kensington market. It will be a great way to mix and mingle with other PrivacyCampTO attendees as well as a chance to check out their space and find out more about some of the great programs and events they run. And, did we mention there will be free beer?:)

Earlybirds sold out!

Announcements luke | 7 May 2010 | 0 Comments

We’re all out of earlybird tickets (congrats & thanks to the early signups who grabbed them up!) We’ve still got plenty of spaces left, though. Check out our registration site for more info. There’s a $10 fee for the remaining spaces, but we’ll waive it without question if it creates a barrier for anyone who wants to participate — just email kate [at] atmosphereindustries [dot] com and let us know.

Help us plan PrivacyCampTO!

Announcements luke | 26 April 2010 | 0 Comments

We’re still working out the format of our PrivacyCampTO (June 19 — register here), and we need your help. What topics would you like learn about? What topics  would you like to speak about? We’re looking to create an inclusive agenda with content for everyone from casual social media users to designers and developers. Visit our wiki and let us know what you’d like to see or share!

We’ll have a variety of presentation styles, from speedgeek to more conversational sessions, but we’d like to keep the conversation going in all sessions and avoid traditional Powerpoint lectures.

Registration is now open!

Announcements luke | 23 April 2010 | 0 Comments


PrivacyCampTO is an unconference happening in Toronto, Canada on digital privacy in the age of social media ubiquity. Everyone is welcome: educators, techies, policymakers, students, academics, librarians and casual users. The goal of PrivacyCampTO are is to look at privacy issues relating to everyday users and everyday situations both practically and theoretically. In other words, privacy for everyone.

When? Where?

PrivacyCampTO will be taking place from 9-5 on Saturday, June 19 at the Rogers Communications Centre @ Ryerson (80 Gould St, 3rd floor – map)

Interested in participating?

Everyone is welcome!

Registration is now open! Sign up over on Eventbrite.

Note: we are asking for a $10 donation to reserve your ticket. If this is a barrier to participation for you or your organization, email kate at atmosphereindustries dot com and we’ll waive it for you, no questions asked.