City police violated privacy laws
Ruling raps 2012 campaign to find offenders
The office of Alberta’s Privacy Commissioner has found the Edmonton Police Service violated privacy legislation during a 2012 campaign to clear up outstanding warrants.
The report by the Office of the Information and Privacy Commissioner of Alberta said EPS “did not make reasonable security arrangements to protect personal information as required” under the province’s Freedom of Information and Protection of Privacy Act (FOIPP), and that the police agency “had authority to disclose some, but not all, of the personal information” released during the warrant campaign.
“Certainly this investigation has shown that privacy wasn’t something that was considered in the design and implementation of this initiative,” said Jill Clayton, the information and privacy commissioner.
The report, written by senior information and privacy manager Veronica Chodak, looked at Project OWE, a 2012 initiative by Edmonton police that publicly identified people with outstanding warrants. The report says personal information such as names, ages, photographs, height and/or weight was disclosed on about 170 people during the campaign, which involved both newspaper ads and online publication.
Project OWE sparked controversy when it was discovered that a teenage girl had been identified in one of the EPS advertisements, seemingly in contravention of the Youth Criminal Justice Act.
The report released Monday notes the privacy commissioner’s office doesn’t have jurisdiction to investigate potential contraventions of the federal Youth Criminal Justice Act, but that the commissioner decided to investigate the project of her own volition.
“It was a campaign that involved the release of personal information in a very public way and that’s the sort of thing that does get my attention,” Clayton said. “I had some questions of my own as to whether that was done in accordance with the FOIPP Act.”
There were no complaints filed by anyone who had their information disclosed by EPS.
The report found EPS policies and procedures generally “support overall privacy management,” but that little or no assessment was done before Project OWE in regards to the release of private information. Similarly, the report said there was nothing to show there had been an assessment of legal authority before the project began.
Areas of concern noted in the report were that EPS provided no information to demonstrate that the disclosure of the personal information was “necessary,” which is required under the FOIPP Act.
The report also found that the release of information in the project was inconsistent, and that EPS contravened the act when it published the names and photos of people no longer wanted on warrants. (Those people appeared with “solved” stamped over their image.)
The report recommended EPS develop a “review and approval process” plus a “Privacy Impact Assessment” for the privacy commissioner before launching a similar project in future.
Chief Rod Knecht said in a statement Monday that the EPS will establish a policy requiring a Privacy Impact Assessment, or similar legal review, for any such projects.
“Although the first Project OWE accomplished a lot, with more than 5,000 warrants cleared from the system, we acknowledge that some errors were made,” he said, adding the EPS plans more similar campaigns.