COVID-19 Contact Tracing and Uncharted Constitutional Waters

by Amy Chen

On July 29, 2020, Lisa Austin, Andrea Slane, Vincent Chiao, and David Lie joined Director Cheryl Milne of the Asper Centre to discuss their collaborative research paper: Test, Trace, and Isolate: COVID-19 and the Canadian Constitution. The paper (also co-authored with Beth Coleman, Martha Shaffer, and François Tanguay-Renaud) reviews the benefits, limitations, and constitutional implications of contact tracing apps. The webinar can be viewed online here.

What are Contact Tracing Apps?

Dr. Lie began the panel by giving an overview of the different types of contact tracing apps. Contact tracing is a method for controlling infectious disease outbreaks by identifying, notifying, and monitoring individuals who have been exposed to the disease. In response to the COVID-19 pandemic, countries have been utilizing smartphone apps to conduct digital contact tracing in conjunction with manual human contact tracing. These apps fall into two categories – apps that are centralized and integrated with manual human contact tracing, and apps that are decentralized and work parallel to manual tracing. Dr. Slane noted that different liberal democracies have tried different frameworks. Australia and Singapore have adopted the centralized approach; Germany, Austria, and Switzerland have adopted the decentralized approach; some countries (i.e. Bahrain, Kuwait) have tried more privacy-intrusive apps that collect GPS data.

Ontario will be using the decentralized model through an API developed and supported by Apple and Google. The app, which is currently in its beta testing phase, uses Bluetooth to communicate with other phones that have the app installed. This allows the app to track and record the names of those who have come into close contact. If an individual tests positive for COVID-19, they can voluntarily upload the list of recorded names onto the app’s server. If other users have been in contact with the same individuals, they will be notified through the app. The app may also show a “risk score” and recommend high-risk individuals to get tested.

Pros and Cons of the Decentralized Framework

There are two upsides to this decentralized framework: 1) it is technologically supported by Apple/Google and 2) it is more privacy-protective. However, the panelists stressed that this also means that there are many downsides. First, Professor Austin noted that Apple and Google’s role has not been sufficiently scrutinized. The app will be governed by the technical decisions of these large technological companies rather than the decisions of our democratically elected governments. While Australia has experienced some technical difficulties with their centralized app, their government has been able to pass legislation regarding data control and usage.

Second, a privacy-protective app means that the data is limited in its accuracy and effectiveness. Dr. Lie pointed out all the ways in which the data could be distorted. The app relies entirely on individuals to voluntarily report their positive diagnoses, which means that many positive cases could be missed. Users could put fake names on their phones or repeatedly change their names, which makes it harder to track infected individuals. Proximity data, which is calculated based on the strength of the phones’ Bluetooth signals, could be inaccurate if the signals are disrupted. It is uncertain what percentage of the population needs to get the app for it to be effective. It is even uncertain whether digital contact tracing would supplement manual contact tracing efforts.

The most concerning aspect about the decentralized approach is that health authorities will only have limited access to the data collected by the app. Health authorities would not be able to contact infected individuals and provide them with education and health support. They would not be able to assess the effectiveness of the app, particularly its effectiveness for vulnerable communities. Dr. Slane indicated that the app will not be accessible for individuals who do not have access to smartphones, who have language barriers, who distrust technology, and who distrust state action or surveillance. Publicly accessible data is needed to develop effective targeted approaches for communities that are disproportionately affected by the pandemic.

Digital Contact Tracing and the Charter

Digital contact tracing requires a balancing between our personal privacy rights and public health outcomes. As explained by Professor Austin and Professor Chiao, the Charter is an important framework in assessing how to balance these rights in a way that is justifiable in a free and democratic society.

The Federal Privacy Commissioner has stated that data collected by the apps must be used in a way that is consistent with the principles of necessity and proportionality. What that means is hard to assess ex ante since we are in “uncharted waters”, but there are several contextual factors to keep in mind. First, we would need to know exactly what Ontario’s public health goal is in pushing out contact tracing apps. If the goal is to make manual tracing more effective, it may be harder for the government to justify why a decentralized privacy-protective app is necessary or proportional.  Second, privacy rights dictated by the Charter are traditionally assessed a criminal “state vs. individual” context. While courts may be concerned with protecting individuals from the overreach of state power in the criminal context, individual privacy rights may be given less weight in the context of a public health emergency. Finally, how the rights will be balanced will likely be determined through political decisions rather than through legal decisions.  If the app is widely perceived to be effective, courts are unlikely to disturb the government’s decision. If the app is perceived to be ineffective, the government will likely take actions without prompting from the courts.

Digital contact tracing could engage both s. 7 and s. 8 Charter interests. The apps could engage an individual’s interests in life, liberty, and security if the data was used to enforce quarantine or lift isolation measures in an unsafe manner. Whether the principles of fundamental justice would be violated would depend on a multitude of variables that cannot be determined at this time. In addition, the apps could engage our privacy interests associated with our anonymity or our biological cores. The nature and scope of the section 8 right would be context-specific. For instance, individuals may inadvertently waive or diminish their reasonable expectation of privacy by volunteering data and accepting the terms and conditions of the app. On the other hand, section 8 may protect individual privacy if data was used for purposes that were not consented to (i.e. law enforcement, immigration). Individual privacy rights may also be engaged in circumstances that are not governed by the Charter. Businesses may conduct informal voluntary screening questionnaires as a condition for accessing services, or employers may ask employees to use the digital tracing apps in the workplace. These issues would have to be dealt with through quasi-constitutional private sector data protection laws.

Ultimately, the panelists argue that digital contact tracing must be integrated alongside traditional human contact tracing for there to be effective health outcomes. Given the shifting public health landscape, the scope of the legal ramifications of contact tracing apps is still unknown. The panelists stressed that public trust in the app, our governments, and our public health authorities will be crucial in determining the effectiveness of digital contact tracing.

Amy (Jun) Chen is a 1L JD Candidate at the Faculty of Law and is the Asper Centre’s current summer Research Assistant.

A Preliminary Look at Bill C-59 and its Implications on Canadian Privacy Rights

By Natasha Anzik

 

The Liberals’ new national security legislation, Bill C-59, was tabled in the House of Commons on June 20th, 2017. The ten-part, 139-page legislation has taken a robust look at the current state of Canadian national security, proposing many changes and additions, but still leaves several gaps in the protection of Canadian privacy rights.

Last December the Asper Centre’s Privacy and National Security Working Group made a submission to the Department of Public Safety Canada and to the Department of Justice. This submission primarily dealt with the Charter implications of warrantless access to basic subscriber information, but also considered data retention and systems of review. Bill C-59 has also been criticized for its failure to address issues with regard to the Security of Canada Information Sharing Act, including its overbroad definition of security and the vast amount of information sharing permitted. While not discussed here, or as part of the Asper Centre’s submission, it is evidence of the breadth of issues that remain unresolved.

Basic Subscriber Information

The Asper Centre’s submission was made in response to Bill C-51 and the 2016 National Security Green Paper and called for several reformations to the accessibility of basic subscriber information (BSI) in order to be compliant with s. 8 of the Charter. BSI can simply be a name, address, telephone number, and matching an IP address. This seemingly unremarkable information, the working group argued, should be protected from warrantless access as the combination of this information can lead to inferences about an individual’s registered services, interests, organizational affiliations, and geographic location and therefore may engage one’s s. 8 Charter rights.

Issues were raised with respect to the Green Paper’s suggested lower evidentiary requirements for obtaining lawful access to BSI, and how this lower standard would run counter to the spirit of s. 8, which protects against unlawful searches. This argument was supported by the Supreme Court’s decision in R. v Spencer, which holds that subscriber information can carry a high expectation of privacy, and disclosure of this information is vulnerable to Charter challenges. As this decision was specific to Internet subscriber information, the working group recommended a consistent standard for the sharing, retention, and destruction of personal information across different platforms. Consistency across all law enforcement agencies would also help prevent backdoor information sharing. Another issue raised by the working group is that the metadata regime of the Criminal Code has historically been unclear, and interpreted to suggest that communications service providers can readily disclose subscriber information. The Asper Centre thus advocated for a federal law that clearly prohibits the voluntary disclosure of subscriber information by telecommunications companies, and requires judicial authorization for access.

The need for clarification of this area of law was echoed in the 2016 Green Paper. While the paper called for a clear law governing access to this information, Bill C-59 is notably silent on this issue. Although not considered now, its inclusion in the Green Paper suggests this issue will be addressed in future legislation, meanwhile this area of law will likely remain inconsistent and problematic for the privacy protection of Canadians.

While Bill C-59 does not address BSI specifically, the issue of access to information comes up in the regulation of the Communication Security Establishment’s (CSE) activities. The CSE is an intelligence network, focused on gathering information to protect Canada’s cyber security from external threats. The Bill provides for a large expansion of the powers of the CSE, but also provides several restrictions recognizing the potential for these expanded powers to engage the s.8 privacy rights of Canadians. One restriction includes limiting the CSE from directing their activities at Canada and people in Canada, but this does not prevent the agency from acquiring “publicly available information”, defined as information that can be made available upon request. Although the government argues that publicly available information would inherently have a lower expectation of privacy and therefore not engage s.8 of the Charter, this information could potentially include BSI that is voluntarily released by communication service provides. This allowance therefore could lead to privacy issues as described above. As the state of lawful access remains in flux, Canadians will remain vulnerable. These provisions will also be problematic in how they might inform the treatment of BSI in future legislation.

Systems of Review

One of the most prominent parts of the new Bill is its creation of the National Security and Intelligence Review Agency (NSIRA). The current system of review was an area of concern raised by the Asper Centre’s submission. The criticism focused on the limited powers of review allocated to the Privacy Commissioner and the review agencies for CSIS, the RCMP, and the CSE. This system not only creates a silo effect between agencies, but also demands increased resources and understanding to sufficiently oversee the mass of information in and between national security agencies. Bill C-59 addresses this issue and the need for increased accountability and public confidence in its creation of the NSIRA. Outlined in the Bill’s Charter Statement, the job of the NSIRA would be to “review and report in an integrated manner on the lawfulness of all national security and intelligence activities across government, thereby enhancing accountability, transparency and the safeguarding of human rights in Canada.” Part 2 of the Bill would also establish a quasi-judicial Intelligence Commissioner, who would review certain decisions regarding intelligence gathering. These new review systems seem promising in their ability to rectify the lack of broad oversight, to increase accountability, and to correct the current silo effect.

Data Retention

The Asper Centre’s submission also encouraged the establishment of a scheme of data retention that maintains a balance between Canada’s national security interests and privacy protections. The Asper Centre discouraged mandatory minimum retention schemes and unlimited information sharing between agencies, and argued that these data retention schemes should have a system of independent review for the use of information once obtained. Bill C-59 does not address this issue at length, but does allow the limited retention of datasets, which require judicial authorization that is valid for no more than two years. Dataset use must also be “strictly necessary”, and will be subject to review by the Intelligence Commissioner. While this change does not fully address all the concerns of the Asper Centre, it is a step forward in the establishment of a more robust scheme of information storage that hopefully will be refined to ensure further Charter compliance.

 

While this Bill has made strides with respect to the Asper Centre’s concerns, there are still some gaping holes with respect to the privacy protections afforded to Canadians. It seems unlikely that lawful access to basic subscriber information will be addressed in the passing of Bill C-59, as this was an issue at the attention of legislators as part of the Green Paper consultation process, but was actively excluded in the drafting of the Bill. Hopefully the review process of the Bill will lead to further clarification of the powers of the CSE in collecting information, how basic subscriber information relates to “publicly available information,” and may engage s. 8 of the Charter. These issues will have the potential to be raised to the Standing Committee on Public Safety and National Security this fall.

Natasha Anzik is the Asper Centre’s summer research assistant and an upcoming 2L JD Candidate at the Faculty of Law.

Professor Lisa Austin presented the Asper Centre brief to the Standing Committee on Access to Information, Privacy and Ethics

The submission, made on June 14, 2016 discussed how Privacy Act reform must take into consideration the Canadian Charter of Rights and Freedoms. The submission also made several recommendations to the Standing Committee.

The brief can be read here: Privacy Act Brief.