Wednesday, June 9, 2021
Lisa M. Austin and Andrea Slane (University of Toronto - Faculty of Law and University of Ontario Institute of Technology (UOIT), Legal Studies) have posted Digitally Rethinking Hunter v Southam on SSRN. Here is the abstract:
Canadian debates about lawful access -- the legal regime that authorizes various methods used by law enforcement to intercept and/or search or seize information for investigatory purposes -- need a new solution space for the digital age, one that is able to incorporate new technological solutions for minimizing rights-infringements and to provide new forms of accountability and safeguards against misuse. However, this is not simply a matter of adopting the popular framework of “privacy by design”, or even a reworked “lawful access by design”. We argue that an appreciation of the challenges of the digital world require us to rethink our basic constitutional framework. The Canadian constitutional framework for lawful access was set out by the Supreme Court in Hunter v Southam and then refined in the subsequent jurisprudence. We argue that this framework is ill-suited to contemporary digital challenges to informational privacy and requires four fundamental shifts. First, its basic point-of-collection focus needs to shift to the broader life-cycle of the data. Second, it needs to shift away from its categorical approach to informational privacy, where some categories of information are thought to be inherently more private than others, and instead approach informational privacy in terms of the use-context of the data. Third, this framework needs to shift away from a dominant focus on privacy and recognize a broader set of rights and interests at stake in lawful access practices, including the rule of law, equality, and other fundamental freedoms. Fourth, this framework needs to shift away from its exclusive focus on procedural safeguards at the point-of-collection (e.g. the warrant requirement) and consider procedural, legislative, and technical safeguards throughout the life-cycle of the data as well. Once we have a constitutional framework that is better able to address the digital era then we can more precisely craft new techniques for protecting rights, ensuring accountability, and safeguarding against abuse within this framework. Indeed, we can then see why some of these techniques are constitutional requirements. The pay-off for doing so, we argue, is a way of enabling specific justified uses of data by law enforcement, while safeguarding the data against non-justified uses over its life-span.