Telecom Commission Letter Addressed to Daniel Therrien (Office of the Privacy Commissioner of Canada)

Ottawa, 22 July 2016

Our reference: 1011-NOC2016-0116

BY EMAIL

Daniel Therrien
Commissioner
Office of the Privacy Commissioner of Canada
daniel.therrien@priv.gc.ca

RE:     Establishment of a regulatory framework for next-generation 9-1-1 in Canada, Telecom Notice of Consultation 2016-116 – Requests for information

Dear Mr. Therrien:

Pursuant to the procedure set out in Establishment of a regulatory framework for next-generation 9-1-1 in Canada, Telecom Notice of Consultation 2016-116, 29 March 2016, attached are requests for information addressed to the Office of the Privacy Commissioner of Canada.

Responses to these requests for information are to be filed with the Commission by 23 August 2016.

Sincerely,

Original signed by Kim Wardle for/

Sheehan Carter
A/Director, Competition and Emergency Services Policy
Telecommunications Sector

c.c.    Renée Doiron, CRTC, 819-997-2755, Renee.Doiron@crtc.gc.ca
James Ndirangu, CRTC, 819-997-3670, James.Ndirangu@crtc.gc.ca

Attach. (1)


Attachment 1

  1. In paragraphs 20, 63, and 64 of PIAC’s intervention, PIAC indicated that opt-in consent should be required for the collection, use, and transmission of certain types of personal information for emergency purposes. Provide your view, with supporting rationale, on whether opt-in consent should be required for the disclosure of certain types of personal information for the purpose of a 9-1-1 communication (e.g. from telematics and Internet of Things devices). If so, indicate for which types of information opt-in consent should be required and why. Also provide your view on the Commission’s role in this regard.
  2. In paragraphs 33 and 34 of the Coalition pour le service 9-1-1 au Québec’s (Coalition) intervention, the Coalition indicated that access to a Canadian NG9-1-1 network by Americans raised confidentiality and privacy issues in light of the Patriot Act. Provide your view on the risks and challenges regarding privacy issues associated with access to Canadian NG9-1-1 network(s) by foreign jurisdictions, for example, in light of the Patriot Act. Also provide your view on possible measures that the Commission could implement to mitigate these privacy issues, if any measures are required.
  3. In paragraph 77 of TELUS Communications Company’s (TELUS) intervention and paragraph 57 of the Coalition’s intervention, these parties indicated that information on third parties could potentially be transmitted without the third party’s consent for the purpose of a 9-1-1 communication, for example, through images and videos. Provide your view on the risks and challenges regarding privacy issues associated with the disclosure of third-party personal information without consent during a 9-1-1 communication. Also provide your view on possible solutions and/or measures that the Commission could implement to mitigate these privacy issues, if any measures are required.
  4. In paragraphs 7 to 9 of your intervention, you indicated that the Personal Information Protection and Electronic Documents Act (PIPEDA) would not apply to the personal information handling practices of most public safety answering points (PSAPs), but that provincial or territorial legislation may apply.
    1. Are you aware of which province/territory has legislation in place governing the collection, use, and disclosure of personal information related to 9-1-1 communications by PSAPs and/or other emergency responders? If so, provide a description of the legislation and outline the major differences between these different legislations.
    2. Indicate, with supporting rationale, whether and what gap(s) exists between provinces and/or territories with respect to the protection of personal information provided during a 9-1-1 communication. Provide your view on the risks and challenges associated with any possible gap(s).
    3. Provide your view on possible solutions and/or measures that the Commission could implement to mitigate these privacy issues, if any measures are required, taking into account the Commission’s jurisdiction and existing privacy legislation.
Date modified: