Prisoner’s Privacy Rights

27 Oct, 2014

The federal organizations with one of the worst track records on privacy continues to suffer from lack of awareness, lack of training and a lack of reporting, according to a recent audit.

Auditors reviewing the privacy of inmates at federal institutions noted that Correctional Service Canada staff didn’t report all privacy breaches at all. Auditors noted that they saw first- hand an inmate return a report to guards because the document was given to him by mistake.

The potential privacy breach wasn’t reported, auditors wrote.

According to the report, released over the summer, CSC staff were told that institutional culture, “fear of reprimand” and lack of awareness about ‘what actually constitutes a privacy breach’ were among the reasons why privacy breaches weren’t being reported.

The internal audit team concluded ‘offender safety may be jeopardized if these systemic issues continue.’
The audit renewed concerns about the privacy practices in prisons that were identified in 2006, with auditors noting that CSC had yet to implement some recommendations from that eight year old report.

The service was to implement sweeping changes by the end of July, including training packages.

“CSC collects a vast amount of personal information about offenders to be able to manage them,” said Veronique Rioux, CSC’s spokeswoman.

“CSC is committed to ensuring that privacy breaches of offenders personal information do not occur and is dedicated to informing staff and enforcing best practices internally. Any breach of privacy is taken very seriously by CSC and is addressed immediately.”

Federal prisons have a balancing act when it comes to meeting Privacy Act obligations: the report notes that staff have to weigh privacy against security concerns and a space crunch where some offenders double-bunk (meaning inmates have easier access to another’s private information) or staff have to share one office (meaning private files could be seen by others).

The audit found staff at each prison used encrypted laptops to protect information, but still used ‘generic portable media drives’, such as USB keys, which can easily go missing. Missing portable drives led to two high-profile privacy breaches at Employment and Social Development Canada in late 2012 that affected 600,000 people.

But lack of awareness and training remained top of mind of auditors.

“It appears that some of the issues discussed in the report are similar to issues we deal with through complaints to our office, for example, a lack of privacy awareness and the need to limit access to personal information,” said Valerie Lawton, a spokes- woman for the federal privacy commissioner.

Source: Postmedia News

Leave a reply