Confidentiality and privacy: A legal point of view
Privacy has become an essential aspect of everyday life, not only at work, but also at home. Privacy is related to almost everything we do on any given day, from simple work activities, like opening a document attached to an email from a client, to using our credit or debit card to pay for lunch at a restaurant. Privacy and confidentiality are often used interchangeably, but there is, however, a difference from a legal point of view.
“Privacy and confidentiality are words that cause a great deal of confusion,” says Dr. Danielle Miller-Olofsson, a lawyer and an expert in privacy law. “Privacy is a human right, and as such, it applies to every individual. Confidentiality, on the other hand, is more of an obligation owed by one party to another — usually, but not always, as a result of a relationship that exists between the parties. For example, as a professional, you have access to privileged information as part of your relationship with your client. Therefore, you have the obligation and professional duty to keep information and access to such information restricted. In many professions, confidentiality is a given and there is no need to enter into a non-disclosure agreement,” she adds.
Privacy in Canada
In Canada, there are laws that protect privacy. Generally speaking, the federal Personal Information Protection and Electronic Documents Act (PIPEDA) applies to all provinces except Alberta, British Columbia and Québec, which are exempted because they have passed their own provincial legislation that is functionally equivalent to PIPEDA. However, PIPEDA does apply to all federally regulated organizations in Canada, such as banks, airlines, postal services, etc.
As stated above, Québec has its own privacy act, which pre-dates the federal legislation. The Act respecting protection of personal information in the private sector was passed in 1993, while PIPEDA, the federal legislation, was adopted in 2000 to protect privacy in the private sector at the federal level.
According to the Office of the Privacy Commissioner of Canada, the different laws applied are based on several factors, such as the type of organization that collects the information (federal, provincial, private, etc.), the place where the organization is based, the kind of information involved, and whether the information crosses provincial or national borders.
The Office of the Privacy Commissioner of Canada provides information to individuals on how to protect their personal information and also sets out the rules for federal agencies and certain businesses to handle personal information correctly. “The Office of the Privacy Commissioner of Canada performs a balancing act between protecting the right of individuals to their privacy and the right of an organization to use that information for legitimate business purposes,” says Dr. Miller-Oloffson.
Privacy and confidentiality for big and small translation businesses
When it comes to translation, freelancers might find it more difficult than translation businesses to put security measures in place. Although there is a whole range of security solutions to choose from, they can be too expensive for individuals. But the weak link in security is often the end user, and measures should be taken to minimize risk. In his 2017 article “Keep a dedicated ‘guest computer’ for your houseguests,” Nick Douglas, staff writer for Lifehacker.com, suggests you have a spare computer for friends and family. As most freelance translators work at home and many share their computer with their spouse or children, this piece of advice is also useful for them. Having a dedicated work computer could prevent accidental disclosure of confidential files and personal information. Regardless of the type of document being translated, exposure to legal action and fines are potential consequences of a confidentiality or privacy breach, whether accidental or deliberate.
“Privacy laws apply to translation, as long as it’s carried out as a commercial activity,” says Dr. Miller-Oloffson. “Failure to comply with the law could result in fines ranging from $1,000 to $10,000 for a first offence, and from $10,000 to $20,000 for subsequent offences. If a legal action is brought against the translator or translation business, they will have to prove the disclosure was accidental by showing they had security mechanisms in place to prevent such breach. In such a case, courts are likely to be more lenient. However, if there was no security infrastructure in place, or if the breach was deliberate, courts will be more strict,” she concludes.
Danielle Miller-Olofsson, BC.L., LLB, LL.M., Ph.D., is Chief, Knowledge Management and Market Strategies at BCF Avocats d’affaires, as well as a member of the Bar of Quebec and a member of the Barreau de Paris. She holds a Ph.D. in Literature from l’Université de Montréal and a Bachelor of Laws from McGill University. In the last 17 years, she has held different positions in large law firms in both France and Canada. While working as a Marketing Director for a multinational law firm, she became particularly interested in privacy issues and decided to pursue a Master’s degree in Privacy Law at l’Université de Montréal.
