We
had long ago entered an age, a new age if you wish, of data or
information collection. Not only is information collected it is
shared for all kinds of reasons. This sharing of information is on
all levels of government and business, and the word sharing is used
to calm one about the
process. After all as children it had been imbedded in our
brains that sharing is a good thing, mind you at times that may be
true. Though too often the sharing really only covers for the act of
selling, and selling does always infer the exchange of monetary
consideration.
As
society evolved it became apparent that information, particularly
personal information must be safeguarded in some fashion. The result
of this realisation was the birth of the Freedom of Information and
Protection of Privacy Act (R.S.O. 1090. c.F.31), commonly abbreviated
to FIPPA. Its history began with a request by Ontario's Attorney
General to convene the Williams Commission in 1977 with a mandate to
report on public information policies of the Government of Ontario.
The Williams Commission presented its report in August 1980.
Eventually Bill 34 was introduced in July 1985, resulting in the Act
coming into effect on January 1st 1988.
Information
gathering had progressed dramatically since 1988 to where we are
today. There are those who will claim that nothing is private
anymore, and that may be true. Governments face issues of security
and demand the need of a greater net to gather all kinds of
information. Businesses on the other hand faces competition at a
level unheard of even in 1988 justifying their demands on the need of
information.
In
Ontario there is the Information and Privacy Commissioner with a base
mandate to decipher the difference between the need of information
and the wanting of it for various cloudy reasons. Ann Cavoukian,
Ph.D developed Privacy by Design in
the 90's, a concept she herself describes as “to address
the ever-growing and systemic effects of Information and
Communications Technologies, and of large-scale networked data
systems.”
Dr.
Cavoukian further developed the 7 Foundational Principles. Of the
seven, number one is headlined as Proactive not Reactive,
Preventative not Remedial, and it states - “The Privacy by
Design (PbD) approach is characterized by proactive rather than
reactive measures. It anticipates and prevents privacy invasive
events before they happen. PbD does not wait for privacy risks to
materialize, nor does it offer remedies for resolving privacy
infractions once they have occurred – it aims to prevent them from
occurring. In short, Privacy by Design comes before-the-fact, not
after.”
Further
in Principle number two, Privacy as the Default Setting, it
states, “No action is required on the part of the individual to
protect their privacy – it is built into the system, by default.”
All of these principles and PhD language sound convincing, if we
were some 200 hundred years in the future where IT systems ran
everything and Arnold Schwarzenegger was not needed to say “I'll be
back.” Sadly today's reality has one spanner in the works, and
that is humanity, leaving one hell of a question for Dr. Ann
Cavoukian. How do all these 7 Foundational Principles work in the
hands of human beings who are not “embedded” in their “design
and architecture”?
It
is time to present three detailed breaches of FIPPA and the
wonderfully articulated Foundational Principles requesting comment
from Dr. Ann Cavoukian. As comment is not expected each is being
presented separately in an official capacity to the Privacy
Commissioner of Ontario, Ann Cavoukian, PhD. for requests for
investigation.
In
the Niagara Region of Ontario, the Regional Municipality of Niagara
has an Information and Privacy Analyst, Matthew Trennum, who even has
a short biography listed on the Privacy by Design site.
It states that “Matthew
Trennum is the Information and Privacy Analyst with the Access &
Privacy Unit at Niagara Region. Working in the dual role, Matthew is
responsible for coordinating the formal freedom of information
request process, and working to ensure corporate compliance with the
privacy policy and the privacy breach management protocol.” Sounds
somewhat impressive, it further claims that Trennum had worked to
train over 1500 staff in privacy protection, “and
has helped put Niagara Region on the map when it comes to privacy in
the municipal public sector.”
Now what happens to FIPPA and the
PbD Foundational Principles if it can be shown that Matthew Trennum
the expert in “privacy breach management protocol” had lied?
Matthew Trennum is not an IT system, and no “defaults” can be
“embedded” in his “design and architecture.” Yet facts and
evidence as provided are both alarming and needing investigation.
On
August 22nd
2002 a Mr. Preston Haskell had sent an email to a Janet Pilon, former
Regional Clerk at Niagara Region, requesting details surrounding an
issue of pollution. Ms. Pilon referred this request to Matthew
Trennum. The following day Trennum responded to Mr. Haskell
suggesting that a freedom of information request be filed by Mr.
Haskell. By mid-September the response from Matthew Trennum included
this opening statement, “I
have conducted a search for information, and have a few responsive
records for you in this request. These are emails and water tests
from storm water on the site.” This
email was followed up with another by Matthew Trennum to Mr. Preston
Haskell on September 19th
2012. In it Trennum says “As
I informed you yesterday, the records that you have requested are
available once we receive your $5.00 application fee. If you wish to
mail us a cheque, please provide me with your return address so I can
send these records to you by courier.”
These
two emails were clear from Matthew Trennum to Mr. Haskell. Trennum
had located the records requested and only wanted a $5.00 fee and an
application requesting them. In fact by September 19th
2012, Trennum was happy to just have the $5.00 fee. He clearly
states, “...so I can
send these records to you by courier.” No
misinterpretations can be made here in what Matthew Trennum said in
writing to Preston Haskell.
Fast
forward to March 19th
2014 some 18 months later. Here a request application was filled out
and the $5.00 fee paid. The FOI request was for the same information
as made by Preston Haskell in August 2012. Mr. Haskell requested
information on what tests were done on the soil and water, who had
done the tests, what were the results and where was the soil dumped.
The March 2014 application had the
$5.00 paid up front
and the request for information related to who did the testing, what
were the results of the tests on soil and water, and where was the
soil dumped.
Both
the August 2012 request and March 2014 request were for the same
records and information. September 2012 Trennum said, “the
records that you have requested are available...” and,
“...so I can send
these records to you...”. On
April 17th
2014 this was the response by Matthew Trennum, “Please
be advised that no records have been found.” Matthew
Trennum the guy who “has helped put the Niagara Region on the
map...” (privacybydesign.ca)
has LIED! The only
question is who did Trennum lie to?
Matthew Trennum lied, that is
proven, but who to and why now is the real question. Both the
requests centred on a serious environmental issue and the lies by
Trennum have serious repercussions. Why did Matthew Trennum lie?
Who instructed Trennum to lie? Why was the lie necessary? What was
the real story behind the contamination on that land? More and more
questions and no answers. Maybe Trennum would be willing to shed
some light on this polluted trail of evidence.
As someone who has worked “to
ensure corporate compliance protocol,” Trennum is painted as an
expert. Now evidence is revealed that proves Trennum lied regarding
an FOI request. Yet that is not all, there is more to question
Trennum on.
On
June 6th
2014 a letter was sent by Matthew Trennum advising
me that a freedom
of information request had been received by the Niagara Region. Mind
you that means Trennum received the request as the Privacy by Design
website states in his short bio: “Matthew
is responsible for coordinating the formal freedom of information
request process.” This
request as described in the letter by Trennum dated June 6th
2014 is specific, as all requests for FOI have to be. Someone had
requested a copy of an email I
had sent to
Regional Chair Gary Burroughs, the date of my
email is quoted and
the subject matter.
My
response on June
9th
was clear. First of all
I objected the
release of anything relating to my
email to Gary
Burroughs. Secondly, I
raised a more
alarming issue of a breach of privacy legislation at region. I
also requested to
have the individual who made the request identified. Matthew Trennum
sent this as a reply, “Unfortunately,
I am unable to inform you who made the request. Nor do I know
whether the requester has any direct knowledge of the existence of an
email.”
It
has been proven with direct evidence that Matthew Trennum is willing
to lie even in writing. Here in this situation he says that “I
am unable to inform you who made the request...,” does
this mean Trennum is not willing to or simply that he claims he does
not know the identity of the individual? For this request to have
been made a request form and $5.00 application fee was required. Who
can forget the fiasco between Mr. Haskell and Trennum. The request
form requires the details of the individual who is making the
request. In addition to those details the request form requires
information in order to be processed, it states in a box “Detailed
description of requested records.”
Here
lies the breach of legislation, how was that individual able to know
of an email sent directly to the Regional Chair Gary Burroughs? In
his reply of June 9th
Trennum states, “Nor
do I know whether the requester has any direct knowledge of the
existence of an email.” Yet
the original letter sent by Trennum June 6th
clearly states that an FOI request was received “for
the following records.” It
then describes clearly the request was for my
email sent on a
specific date, who it was sent to and the subject.
Matthew Trennum has set the stage
for more deceit and more intentional misconceptions. Who is Trennum
covering up for? My email was sent directly to Regional Chair Gary
Burroughs. Whoever made this request, whether it was Mayor Brian
McMullan or Regional Councillor Debbie Zimmerman, it has not been
established. Whoever it was, that individual had been provided with
direct details in breach of legislation. It is impossible to avoid
one question now. As it was Regional Chair Gary Burroughs who
received the email and not anyone else, when and who did Gary
Burroughs exchange this information with, and for what possible gain?
All
Freedom of Information (FOI) requests are required to have specific
and detailed information, the letter of June 6th
by Trennum clearly and specifically states the request was my email
to Regional Chair Gary Burroughs. Yet Trennum only days later lies
that he doesn't know if “the requester has any direct knowledge of
the existence of an email.”
Breaches of law and legislation at
Niagara's regional government are far from surprising. Yet look at
the bio for Matthew Trennum on how he has “put Niagara Region on
the map,” the only question now is what that map really leads to.
Another
entity, which is part of the Regional Municipality of Niagara,
Niagara Regional Housing is under investigation for breaching the
whistleblower legislation. Matthew Trennum, Privacy analyst at the
Region lied to cover-up details over a heavily contaminated
brownfield development site. Now the same privacy analyst who boasts
that he has taught or trained some 1500 staff on privacy protection
covers up the breach of legislation with the FOI request. One
doesn't need a GPS to decipher the direction Niagara Region is
heading towards.
It is time for Dr. Ann Cavoukian as the Information & Privacy Commissioner to look at a situation where embedding and design together with architecture are simple human weaknesses. In this situation all the theory of function and privacy protection become worthless. Privacy has been sold the same way as pork bellies, and if analogies of maps are still required then simply follow the directions as set out here.
Send comments to: demtruth@gmail.com
No comments:
Post a Comment