A recent report by Canada’s privacy commissioner revealed that the Royal Canadian Mounted Police’s (RCMP) use of facial recognition technology was in violation of the Federal Privacy Act.
Indeed, it was reported that the facial recognition software made by Clearview AI used by RCMP was compiling data and personal information on hundreds of Canadians. Hence, the commissioners denounced Clearview AI and RCMP for illegal mass surveillance and a clear violation of citizens’ privacy rights.
The Federal Privacy Act states that no personal information should ever be collected by a government institution unless it is for an operating program or activity. Hence, the RCMP has then to ensure that the database it was using was compiled legally. However, the RCMP declared that the law doesn’t expressly impose a duty to confirm the legal basis for the collection of personal information by its private sector partners.
This thus shows how public-private partnerships involving digital technologies can lead to new risks for privacy.
It was finally reported that the RCMP would be implementing the Office of the Privacy Commissioner’s recommendations so as to improve its policies, systems, and training. By doing so, it will conduct privacy assessments of third-party data collection practices in order to ensure that any personal information is collected and used in accordance with Canadian privacy legislation.