The State of Privacy in the Canadian State: Fallout from 9/11

TLDR: In this paper, the authors argue that before 11 September 2001, Canadian privacy protection policy had diverged in some significant ways with that of the United States, and that the privacy paradigm tends to be state-centric in two different senses.

Abstract: The literature on privacy and surveillance is rich and varied. Scholars, journalists, practitioners, and others from many nations have analysed the causes and consequences of the excessive collection and processing of personal information, and debated the merits of a range of legal, selfregulatory and technological solutions (Bennett and Grant, 1999). With few exceptions, most of this literature would share the following four assumptions: 1) privacy is an individual right; 2) privacy is something that we once had but is now eroding; 3) the privacy problem arises from structural and organisational forces that together reduce the ability of individuals to control the circulation of their information; and, 4) the organisations that are responsible for privacy invasion can be observed, resisted and regulated because they are subject to the laws of discrete and bounded liberal democratic states. These assumptions constitute the ‘privacy paradigm’ (Bennett and Raab, 2003). In contemporary circumstances, each of these assumptions can be questioned. Privacy protection can be regarded as a social value as much as it is an individual one (Regan, 1995). To argue that privacy is vanishing, eroding, dying and so on (e.g. Whitaker, 1999; Rosen, 2000), assumes that antecedent agricultural and industrial societies offered higher ‘‘levels’’ of privacy than conditions in current post-industrial societies, an assumption which is highly problematic. The sources of privacy invasions are also complex. The picture of an embattled individual trying to stem the tide of surveillance flowing from a range of impersonal and invulnerable structural forces makes good rhetoric for the privacy cause, but it distorts reality and oversimplifies social and political analysis. Privacy problems arise from a complex interplay of structure and agency. They occur when technologies work and when they fail, when humans have worthy motives and when they do not. However, the subject matter of this article most closely relates to the last assumption. The privacy paradigm tends to be state-centric in two different senses. First, the right to privacy is generally regarded as a benefit of state citizenship. This right is conferred on us by virtue of our national identities, be they Dutch, American, British, Canadian, or any other. The privacy and data protection laws, which provide us with certain guarantees about our personal information, reflect some essential principles of liberal democracy that are either enshrined in constitutions (such as in the US Fourth Amendment) or deeply embedded in the cultural and historical experiences of different societies. Second, contemporary discourse and policy prescriptions are generally dictated by a paradigm which suggests that our personal information still tends to be held within organisations that are easily identifiable and that operate within the boundaries of modern territorial states. It is not simply that the forces of globalisation have necessitated harmonised international solutions to the privacy problem; the growing policy interdependence has caused a proliferation in the number of transnational actors, and a progressive frequency and regularity of networking opportunities. It might be assumed that this transnational policy-making has caused a concomitant reduction in state sovereignty. The question is not, any more, whether data protection policy should be made at the international or the national governmental levels; data protection policy is, and must be, made at both levels. Rather, the question is how national and international regimes interact to respond to an inherently transnational policy problem caused by a global economy. Privacy is a global problem, and it is being addressed through a repertoire of policy instruments that also know few attachments to traditional conceptions of legal and territorial sovereignties (Bennett and Raab, 2003). This article charts the Canadian policy responses to the acts of terrorism on 11 September 2001. In brief, we argue that before 11 September, Canadian privacy protection policy had diverged in some significant ways with that of the United States. Policy developments were very much driven by international pressures, but from Department of Political Science, University of Victoria, Victoria, B.C., V8W 3P5, Canada *E-mail: cjb@uvic.ca **E-mail: martian@uvic.ca