Canadian Cross Border Privacy Laws

Canada passed a privacy act in 1983 that lays down the groundwork for how the government must treat information collected about its citizens. Basically, the precepts are as follows:

-- The individual must be informed when and why data are collected.
-- The data must not be disclosed without the individual's consent (with some exceptions).
-- Residents have the right to view data collected about them and can request a correction if it's inaccurate.

The Act prevents the government from secretly sharing or using the data in any manner which is not appropriate and without the individual's permission. While the spirit of the Act is not uncommon, Canada takes privacy very seriously. This can cause conflict with other countries in instances where information crosses borders.

Canada's public health care system necessitates that citizens' personal health data be stored in a large database. This data also are subject to privacy laws. But sometimes this data are housed outside of Canada or, for purposes of processing, must be transferred across country lines, in which case its Canadian protection might cease. The USA Patriot Act expands the power of American law officials to investigate personal information records that are stored within the United States if terrorism is suspected. This violates Canadian law and can be a strong privacy concern.

Canada's Personal Information Protection/Electronic Documents Acts sets up standards for data privacy. Like the privacy act, it obligates an organization to reveal what data it collects and how it uses the data. It also obligates it to use it strictly for the purpose acknowledged. Similarly, an individual is given the right to access and request corrections to this data, as well as complain about abuses.

An EDL is a Canadian driver's license, which can be used to cross the border into America. The EDL database contains private data. As the citizen crosses the border, a variety of identifying data are disclosed to United States officials. This data then becomes the property of the United States, which means Canadian privacy laws no longer protect it and America can disclose as it applies to American law. This is unlikely to be considered a privacy violation by most as the information disclosed is similar to that found on a passport. But the only method by which disclosure can be prevented is to abstain from crossing the border.