Endnotes

1. This paper is an extract from a future release of Sookman Computer Law: Acquiring and Protecting Information Technology (Carswell)

2. Privacy and the Canadian Information Highway: Building Canada's Information and Communications Infrastructure, Industry Canada 1994, available at http://strategis.ic.gc.ca/SSG/ih01095e.html. See also, Anne Cavoukian, Who Knows: Safeguarding Your Privacy in a Networked World 1995 (Random House).

3. Jeffery H. Reinman "Driving to the Panopticon: A Philosophical Exploration of the Risks to Privacy Posed by the Highway Technology of the Future, Santa Clara Computer and High Technology Law Journal - Privacy and ITS, March 1995.

4. Privacy and the Canadian Information Highway: Building Canada's Information and Communications Infrastructure, Industry Canada 1994, available at http://strategis.ic.gc.ca/SSG/ih01095e.html.

5. The Canadian Electronic Commerce Strategy, Industry Canada 1998, available at http://e-com.ic.gc.ca., The Protection of Personal Information: Building Canada's Information Economy and Society, Industry Canada, January 1998, available at http://strategis.ic.gc.ca.privacy, Dismantling the Barriers to Global Electronic Commerce, OECD, Turku, Finland, 19 - 21 November 1997 (DSTI/ICCP (98) 13/Final, European Initiative In Electronic Commerce, A Framework for Global Electronic Commerce, the Whitehouse, July 1, 1997, available at http://www.e-commerce.gov/framework.htm .

6. OECD, Implementing the OECD Privacy Guidelines and the Electronic Environment: Focus on the Internet, D.S.T.I./ICCT/Reg. (97) 6/Final, September 9, 1998, available at http://www.oecd.org.

7. OECD, Privacy and Data Protection: Issues and Challenges, March 1992.

8. Roger A. Clarke, Information Technology and Dataveillance, Communications of the ACM, Vol. 31.5, May 1998.

9. Privacy and the Information Highway, Regulatory Options for Canada, Industry Canada, December, 1996, available at http://www.strategis.ic.gc.ca.

10. Privacy and the Information Highway, Regulatory Options for Canada, Industry Canada, December, 1996, available at http://www.strategis.ic.gc.ca.

11. See, for example, the offer provided by Free-PC.com to give away free computer systems to the first 10,000 customers who sign up for the company's free Internet access service. In return, customers provide a great deal of personal information and consent to surveillance concerning the use of the PC including tracking every Internet site visited by the user. Wired News, March 15, 1999.

12. Privacy and Electronic Identification in the Information Age, Information and Privacy Commissioner/Ontario, November 1994, available at http://www.ipc.on.ca.

13. Geographic Information Systems, Information and Privacy Commissioner/Ontario, April 1997, available at http://www.ipc.on.ca.

14. Ann Cavoukian, Information and Privacy Commissioner/Ontario, Privacy: The Key To Electronic Commerce, , April 1998, available at http://www.ipc.on.ca.

15. Anne Wells Branscomb, Who Owns Information? From Privacy to Public Access (Basic Books, 1994).

16. Ann Cavoukian, Information and Privacy Commissioner/Ontario, Privacy: The Key To Electronic Commerce, , April 1998, available at http://www.ipc.on.ca.

17. Business-to-Consumer Electronic Commerce: Survey of Status and Issues, OECD (1997), available at http://www.oecd.org.

18. Ann Cavoukian, Data Mining: Staking a Claim on Your Privacy, Information and Privacy Commissioner/Ontario, January 1998, available at http://www.ipc.on.ca.

19. Susan Gindin, "Lost and Found in Cyberspace: Informational Privacy in the Age of the Internet", 34 San Diago Law Review, 1153 (1997), available at http://www.info-law.com/lost.html.

20. Self-Regulation and Privacy On-Line: A Report to Congress, Federal Trade Commission, July 1999, available at http://www.ftc.gov/reports/privacy3/toc.htm

21. Self-Regulation and Privacy On-Line: A Report to Congress, Federal Trade Commission, July 1999, available at http://www.ftc.gov/reports/privacy3/toc.htm.

22. oel R. Reidenberg et al., Data Protection Law and On-Line Services: Regulatory Responses, Study for the Commission of the European Community, December 1998, available at http://www.europa.eu.int/comm/dg15/en/media/dataprot/studies/regul.htm.

23. Self-Regulation and Privacy On-Line: A Report to Congress, Federal Trade Commission, July 1999, available at http://www.ftc.gov/reports/privacy3/toc.htm.

24. Privacy On-Line: A Report to Congress, FTC June 1998, available at http://www.ftc.gov/reports/privacy3/toc.htm.

25. The Emerging Digital Economy, United States Department of Commerce, available at http://www.ecommerce.gov.

26. Privacy On-Line: A Report to Congress, FTC June 1998, available at http://www.ftc.gov/reports/privacy3/toc.htm.

27. Joel R. Reidenberg et al., Data Protection Law and On-Line Services: Regulatory Responses, Study for the Commission of the European Community, December 1998, available at http://www.europa.eu.int/comm/dg15/en/media/dataprot/studies/regul.htm.

28. Joel R. Reidenberg et al., Data Protection Law and On-Line Services: Regulatory Responses, Study for the Commission of the European Community, December 1998, available at http://www.europa.eu.int/comm/dg15/en/media/dataprot/studies/regul.htm.

29. Self-Regulation and Privacy On-Line: A Report to Congress, Federal Trade Commission, July 1999, available at http://www.ftc.gov/reports/privacy3/toc.htm.

30. Hiawatha Bray, "The Ubiquitous Cookie Helps Those Who Watch You", Boston Globe, February 21, 1999.

31. Hiawatha Bray, "The Ubiquitous Cookie Helps Those Who Watch You", Boston Globe, February 21, 1999.

32. Joel R. Reidenberg et al., "Data Protection Law and On-Line Services: Regulatory Responses", Study for the Commission of the European Community, December 1998, available at http://www.europa.eu.int/comm/dg15/en/media/dataprot/studies/regul.htm.

33. Hiawatha Bray, "The Ubiquitous Cookie Helps Those Who Watch You", Boston Globe, February 21, 1999. The potential for profiling of individuals was raised by privacy experts after DoubleClick announced it had agreed to buy Abacus Direct Corp., a company which analyses and collects data on retail and catalogue shoppers, "Internet Firms Developing Ads Targeted to Users", June 16, 1999, NewsExcite.com; Courtney Macavinta "DoubleClick Not Worried About Privacy Charges", Net News.com, June 15, 1999.

34. Self-Regulation and Privacy On-Line: A Report to Congress, Federal Trade Commission, July 1999, available at http://www.ftc.gov/reports/privacy3/toc.htm.

35. Susan Gindin, "Lost and Found in Cyberspace: Informational Privacy in the Age of the Internet", 34 San Diago Law Review, 1153 (1997), available at http://www.info-law.com/lost.html.

36. OECD, Implementing the OECD Privacy Guidelines and the Electronic Environment: Focus on the Internet, D.S.T.I./ICCT/Reg. (97) 6/Final, September 9, 1998, available at http://www.oecd.org.

37. Privacy On-Line: A Report to Congress, FTC June 1998, available at http://www.ftc.gov/reports/privacy3/toc.htm.

38. See, GeoCities, Docket No. C-3849 (Fed. 12, 1999) (Final Decision and Order available at http://www.ftc.gov/os/1999/9902/9823015d&o.htm).

39. See, Liberty Financial, Case No. 9823522 (Proposed Consent Agreement available at http://www.ftc.gov/os/1999/9905/1btyord.htm).

40. Self-Regulation and Privacy On-Line: A Report to Congress, Federal Trade Commission, July 1999, available at http://www.ftc.gov/reports/privacy3/toc.htm.

41. http://www.forrester.com

42. For a summary of the report see, Chet Dembeck "Report Labels Internet Privacy Policies "A Joke", E-Commerce Times, September 16, 1999.

43. Joel R. Reidenberg et al., "Data Protection Law and On-Line Services: Regulatory Responses", Study for the Commission of the European Community, December 1998, available at http://www.europa.eu.int/comm/dg15/en/media/dataprot/studies/regul.htm.

44. Susan Gindin, "Lost and Found in Cyberspace: Informational Privacy in the Age of the Internet", 34 San Diago Law Review, 1153 (1997), available at http://www.info-law.com/lost.html; Joel R. Reidenberg et al., "Data Protection Law and On-Line Services: Regulatory Responses", Study for the Commission of the European Community, December 1998, available at http://www.europa.eu.int/comm/dg15/en/media/dataprot/studies/regul.htm.

45. Susan Gindin, "Lost and Found in Cyberspace: Informational Privacy in the Age of the Internet", 34 San Diago Law Review, 1153 (1997), available at http://www.info-law.com/lost.html; Joel R. Reidenberg et al., "Data Protection Law and On-Line Services: Regulatory Responses", Study for the Commission of the European Community, December 1998, available at http://www.europa.eu.int/comm/dg15/en/media/dataprot/studies/regul.htm.

46. For a description of these agents see, Tyler Hamilton, "They'll Be Your Butler, Your Personal Shopper, Your Matchmaker - Even Your Spy. Meet the Intelligent Software Agent, coming to a browser near you", Globe and Mail, September 30, 1999.

47. Joel R. Reidenberg et al., "Data Protection Law and On-Line Services: Regulatory Responses", Study for the Commission of the European Community, December 1998, available at http://www.europa.eu.int/comm/dg15/en/media/dataprot/studies/regul.htm.

48. Intelligent Software Agents: Turning a Privacy Threat into a Privacy Protector, Information and Privacy Commissioner/Ontario, available at http://www.ipc.on.ca.

49. Section 3.

50. Section 2(1).

51. RSC 1985, C. I-21.

52. Section 2(1).

53. Section 4(2).

54. Section 30(1).

55. Section 30(1).

56. Section 30(1) and Section 30(2).

57. See, for example, Part III of Ontario's Freedom of Information and Protection of Personal Information Act which extends data protection principles to personal information which does not exist in recorded form.

58. Section 2.1.

59. S.C. 1980-81-82-83, c. 111.

60. See the comments of the Supreme Court in Dagg v. Canada (Minister of Finance), [1997] 2 S.C.R. 3 in interpreting the term personal information under the Privacy Act.

61. See, Section 3 of the Privacy Act where these items are specifically included in the definition of "personal information".

62. See, Geographic Information Systems, Information and Privacy Commissioner/Ontario, April 1997, available at http://www.ipc.on.ca.

63. See the discussion of this issue in relation to European data protection laws in Joel R. Reidenberg et al., Data Protection Law and On-Line Services: Regulatory Responses, Study for the Commission of the European Community, December 1998, available at http://www.europa.eu.int/comm/dg15/en/media/dataprot/studies/regul.htm.

64. See the discussion of this issue in connection with French data protection law in Joel R. Reidenberg et al., Data Protection Law and On-Line Services: Regulatory Responses, Study for the Commission of the European Community, December 1998, available at http://www.europa.eu.int/comm/dg15/en/media/dataprot/studies/regul.htm.

65. The CSA Model Code has also generated significant international interest. In May 1996, the consumer policy group of the International Organization for Standardization (ISO) passed a unanimous, twenty-five country resolution in favour of a proposal to develop an international standard on privacy based on the CSA Model Code.

66. Section 5(1).

67. Section 11(1).

68. Section 5(3).

69. CSA Model Code Clause 4.2 of Schedule 1.

70. CSA Model Code Clause 4.2.1 of Schedule 1.

71. CSA Model Code Clause 4.2.2 of Schedule 1.

72. CSA Model Code Clause 4.2.4 of Schedule 1.

73. CSA Model Code Clause 4.2.3 of Schedule 1.

74. Section 5(3).

75. Joel R. Reidenberg et al., Data Protection Law and On-Line Services: Regulatory Responses, Study for the Commission of the European Community, December 1998, available at http://www.europa.eu.int/comm/dg15/en/media/dataprot/studies/regul.htm.

76. CSA Model Code Clause 4.3 of Schedule 1.

77. CSA Model Code Clause 4.3.2 of Schedule 1.

78. CSA Model Code Clause 4.3.3 of Schedule 1.

79. CSA Model Code Clause 2.1.

80. CSA Model Code Clause 2.1.

81. CSA Model Code Clause 4.3.4 of Schedule 1.

82. CSA Model Code Clause 4.3.4 of Schedule 1.

83. CSA Model Code Clause 4.3.5 of Schedule 1.

84. CSA Model Code Clause 4.3.6 of Schedule 1.

85. Privacy On-Line: A Report to Congress, FTC June 1998, available at http://www.ftc.gov/reports/privacy3/toc.htm.

86. See, Section 8.18 for description of these technologies.

87. Section 7(2).

88. See, Section 7(3) for a list of these situations.

89. CSA Model Code Clause 4.4 of Schedule 1.

90. CSA Model Code Clause 4.8 of Schedule 1.

91. Section 5(3).

92. See, Section 8.5(f) which describes the collection practices of websites.

93. CSA Model Code Clause 4.4 of Schedule 1.

94. CSA Model Code Clause 4.4.2 of Schedule 1.

95. CSA Model Code Clause 4.5 of Schedule 1.

96. See, Ann Cavoukian, Information and Privacy Commissioner/Ontario, Data Mining: Staking a Claim on Your Privacy, January 1998, available at http://www.ipc.on.ca.

97. Ann Cavoukian, Information and Privacy Commissioner/Ontario, Data Mining: Staking a Claim on Your Privacy, January 1998, available at http://www.ipc.on.ca.

98. See, Joel R. Reidenberg et al., Data Protection Law and On-Line Services: Regulatory Responses, Study for the Commission of the European Community, December 1998, available at http://www.europa.eu.int/comm/dg15/en/media/dataprot/studies/regul.htm where these issues are discussed.

99. Joel R. Reidenberg et al., Data Protection Law and On-Line Services: Regulatory Responses, Study for the Commission of the European Community, December 1998, available at http://www.europa.eu.int/comm/dg15/en/media/dataprot/studies/regul.htm.

100. Joel R. Reidenberg et al., Data Protection Law and On-Line Services: Regulatory Responses, Study for the Commission of the European Community, December 1998, available at http://www.europa.eu.int/comm/dg15/en/media/dataprot/studies/regul.htm.

101. CSA Model Code Clause 4.5 of Schedule 1.

102. CSA Model Code Clause 4.5.2 of Schedule 1.

103. CSA Model Code Clause 4.5.2 of Schedule 1.

104. Section 8(8).

105. CSA Model Code Clause 4.5.3 of Schedule 1.

106. CSA Model Code Clause 4.6 of Schedule 1.

107. CSA Model Code Clause 4.6.1 of Schedule 1.

108. CSA Model Code Clause 4.6.2 of Schedule 1.

109. CSA Model Code Clause 4.6.3 of Schedule 1.

110. Ann Cavoukian, Information and Privacy Commissioner/Ontario, Data Mining: Staking a Claim on Your Privacy, January 1998, available at http://www.ipc.on.ca.

111. CSA Model Code Clause 4.7 of Schedule 1.

112. CSA Model Code Clause 4.7.1 of Schedule 1.

113. CSA Model Code Clause 4.7.3 of Schedule 1.

114. Privacy On-Line: A Report to Congress, FTC June 1998, available at http://www.ftc.gov/reports/privacy3/toc.htm.

115. For a discussion of this issue in relation to the Belgian and French data protection law, see Joel R. Reidenberg et al., Data Protection Law and On-Line Services: Regulatory Responses, Study for the Commission of the European Community, December 1998, available at http://www.europa.eu.int/comm/dg15/en/media/dataprot/studies/regul.htm.

116. Ibid.

117. Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, OECD, September 23, 1980, available at http://www.oecd.org//dsti/sti/it/secur/prod/PRIV-EN.HTM

118. CSA Model Code Clause 4.8 of Schedule 1.

119. CSA Model Code Clause 4.8.1 of Schedule 1.

120. CSA Model Code Clause 4.8.2 of Schedule 1.

121. CSA Model Code Clause 4.8 of Schedule 1.

122. Privacy On-Line: A Report to Congress, FTC June 1998, available at http://www.ftc.gov/reports/privacy3/toc.htm.

123. Privacy On-Line: A Report to Congress, FTC June 1998, available at http://www.ftc.gov/reports/privacy3/toc.htm.

124. Privacy On-Line: A Report to Congress, FTC June 1998, available at http://www.ftc.gov/reports/privacy3/toc.htm.

125. Privacy On-Line: A Report to Congress, FTC June 1998, available at http://www.ftc.gov/reports/privacy3/toc.htm.

126. Privacy On-Line: A Report to Congress, FTC June 1998, available at http://www.ftc.gov/reports/privacy3/toc.htm.

127. This legislation is described in Section 8.7 above.

[Part 1] [Part 2] [Part 3] [Part 4] [Part 5] [Main Menu]