Page 34 - CCCA63_2013
P. 34
CCCA_V7No3_DataPrivacy-FIN_CCCA 13-09-24 1:48 PM Page 34 Feature wake of revelations by former U.S. National Security Agency Fasken Martineau DuMoulin LLP. For one thing, he has serious whistleblower Edward Snowden about wide-ranging govern- reservations about trade negotiators’ expertise to deal with the ment surveillance. The European Union is in the midst of bol- finer points of data privacy issues. For another, while global data stering and consolidating its fractured online data privacy legal flows may appear to dissolve national borders, that is to some framework. TPP members such as Australia and New Zealand extent an illusion. National governments have different views on are also considering strengthening existing privacy laws, and may the kind of information that should be shared, and regulate possibly even follow the lead of other TPP members like Brunei accordingly. Bridging the gap can be a long and daunting exer- and Vietnam by introducing new data residency laws that will cise. “How would members of the TPP do this?” Beardwood asks rhetorically, noting that it took Canada, the U.S. and the European Union years to reach an agreement that allowed companies in “Trying to... regulate the three jurisdictions to share data with each the flow of data for other. “How as a matter of practicality do you even arrive at common standards based on dif- procurement or protectionist ferent data and privacy regimes that are head- reasons will interrupt the ing in different directions? In the unlikely event that a common frame- digital economy.” work for the flow of data can be reached in the TPP free-trade talks, it would probably con- strain national governments and their regula- tors from forging their own unique privacy compel companies to store data they collect only on in-country policies, notes David Fraser, a Halifax privacy expert with servers. These developments alarm businesses worried that such McInnes Cooper. Legislators and regulators would likely have stringent data privacy regulations are in effect trade barriers that little leeway to deal with local concerns that may arise over how will stifle efficiency, lead to additional costs, create uncertainty personal data should be handled and by whom. “In a way it is a over its application and implementation, and disrupt interna- no-brainer that consistent rules and harmonized legislation is tional trade. Hence the need for an international data standard, much better than huge variability in different places, but in according to Ottawa privacy lawyer Kris Klein. “If the flow of international trade agreements countries make commitments data standards is done on an ad hoc basis, it creates a lot of uncer- that they are then expected to abide by and they would not be tainty,” says Klein, a partner with NNOVATION LLP. “That is able to come up with laws that are contrary to it,” says Fraser. why, if it was approached on a more global scale, and a set of That is arguably more troubling because in seeking to recon- nations agreed to a set of certain principles and implemented a cile privacy concerns and data protection standards with the pro- law recognizing those principles, then you would walk away motion of trans-border data flows, nobody really knows which from a lot of problems that we have seen in the last 10-15 years.” privacy regime might be used as a model in the TPP trade agree- Not everyone is swayed by the business rationale behind the ment. “Do we go with the notion of a high-water mark where push for international data standards. Businesses probably expect everybody follows the lead of the most restrictive data protection — “and if they don’t, they should” — that every time they enter regime, or do we go to the lowest common denominator and into a new jurisdiction to carry on business that they are going actually reduce the protection for personal information? The to have to deal with a different set of rules and regulations, be devil is in the details,” says Fraser. Indeed it is, says Antle. While they for employment standards, health and safety regulations, or there is “nothing inherently good or bad” about having a har- even product labelling, says Vancouver litigator Stephen Antle of monized regional standard protecting the use of personal infor- Borden Ladner Gervais LLP. “Data is not particularly unique,” mation, Antle points out that it is difficult to “intelligently debate adds Antle, a chartered arbitrator. “It is just another thing that the merits of whatever is being proposed in the TPP negotiations they should expect to deal with differently. Sure by all means without knowing what the content is.” Basic questions such as harmonize it but don’t expect it to be uniform.” what the data standards are going to be, how exactly are they Nor are all privacy experts are convinced that trade negotia- going to protect whatever it is that they decide to protect, and tions are the appropriate forum for discussions over data stan- whether there is going to be teeth in the agreement if a compa- dards. The host of issues surrounding data privacy are too com- ny violates standards have yet to be addressed publicly. plex to be held in trade talks, maintains John Beardwood of Antle, like others, will have to wait for answers. Though TPP 34 CCCA Canadian Corporate Counsel Association FALL 2013