| 4. Information Technology Procurement
|
| 4.1 |
Financial Administration
Act |
| 4.2 |
Government
Contracts Regulations |
| 4.3 |
Treasury
Board Contracting Policy |
| 4.4 |
Treasury
Board Interim Policy on Decision Making in Limiting Contractor Liability in Crown Procurement Contracts |
|
|
| 5. Canada's Trade Law Obligations
|
| 5.1 |
North American
Free Trade Agreement; (click on "NAFTA") |
| 5.2 |
World
Trade Organization Agreements |
|
|
| 6. Security |
| 6.1 |
Treasury
Board Government Security Policy |
| 6.2 |
Treasury
Board Policy on Electronic Authorization and Authentication |
| 6.3 |
Treasury
Board Policy on the Use of Electronic Networks |
| 6.4 |
Treasury
Board Policy for Public Key Infrastructure Management in the Government
of Canada |
| 6.5 |
PIPEDA |
| 6.6 |
Audit
Guide - Information Technology Security |
| 6.7 |
Lawful Access Consultation Paper,
Department of Justice, August 25, 2002 |
|
|
| 7. Tort Liability |
| 7.1.1 |
Crown
Liability and Proceedings Act |
| 7.1.2 |
Treasury
Board Common Look and Feel Guidelines |
| 7.2 |
Cases |
| |
|
Canadian |
| |
7.2.1 |
Braintech Inc. v. Kostiuk (1999),
171 D.L.R. (4th) 46, B.C.C.A., leave to appeal to the Supreme Court was
denied. (The Court held that "[t]he exercise of jurisdiction is determined by examining the level of interactivity and the commercial nature of the exchange of information that occurs on a web site.") |
| |
7.2.2 |
Hercules Management Ltd. v. Ernst &
Young, [1997] 2 S.C. R. 165. (The Court held that liability in tort
only arises where a prima facie duty of care is owed to the plaintiff according
to the traditional principles of law as established by prior jurisprudence
and where that duty is not negated or limited by policy considerations.) |
| |
|
|
| |
|
U.S. |
| |
7.2.3 |
T.J. Hooper v. Northern Barge,
60 F (2d) 737 (1932). (It may be negligent not to use the best available technology notwithstanding it is not yet the custom in the industry.) |
| |
7.2.4 |
United States v. Carroll Towing,
159 F.2d 169 [2d Circ. 1947]. |
| |
7.2.5 |
Pittman Estate v. Bain (1994),
112 D.L.R. (4th) 257 (Ont. G.D.) |
| |
7.2.6 |
Zippo Manufacturing Company v. Zippo
Dotcom Inc., 952 F. Supp. 1119 W.D.Pa 1997) (The Court held that the
likelihood that personal jurisdiction can be constitutionally exercised
based on entity's presence on Internet computer networks is directly proportionate
to the nature and quality of commercial activity that entity conducts over
the Internet. The Court has jurisdiction when the site is active, ie, the
operator of the site enters into contracts or operates some form of e-commerce,
as opposed to it being passive, ie. the operator maintains a passive website
that simply posts information.) |
| |
7.2.7 |
Huggins v. Citibank, N.A., [2003] Opinion No. 25691 (11 August 2003) (South Carolina Supreme Court). (The Court declined to recognize a legal duty of care between credit card issuers and those individuals whose identities may be stolen, stating that the relationship, if any, between the two is far too attenuated to give rise to the level of a duty between them.) |
| |
7.2.8 |
Intel v. Hamidi, 71 P.3d 296 (2003). (California Supreme Court held that e-mail sent from the Plaintiff's former employee to its current employees did not constitute trespass. Plaintiff failed to demonstrate damage to its computer system or impairment to its functioning.) |
|
|
| 8. Privacy |
| 8.1 |
Federal |
| |
8.1.1 |
Privacy
Act |
| |
8.1.2 |
PIPEDA, Part 1 |
| 8.2 |
Policies and
Other |
| |
8.2.1 |
Treasury
Board, Common Look and Feel for the Internet |
| |
8.2.2 |
Treasury
Board Policies on Access to Information |
| |
8.2.3 |
Treasury
Board Policies on Privacy |
| |
8.2.4 |
Treasury Board
Privacy Impact Assessment Policy and Guidelines |
| |
8.2.5 |
Privacy Impact Assessment E-Learning Tool |
| |
8.2.6 |
Lawful Access Consultation Paper, Department of Justice, August 25, 2002 |
| 8.3 |
Provincial/Territorial |
| |
8.3.1 |
See
the Privacy Commissioner's web-site for Provincial/Territorial privacy legislation |
| 8.4 |
Cases |
| |
|
Canadian |
| |
8.4.1 |
Smith v. Canada (Attorney General) ,
[2001] 3 S.C.R. 902, ((CCRA/HRD data-matching case) Information given to the
Unemployment Insurance Commission by the Canada Customs and Revenue Agency
disclosed that the appellant had continued to receive employment insurance
benefits during a period when she was out of the country. The Supreme Court
held that the appellant could not have had a reasonable expectation of privacy
in relation to the information she disclosed to CCRA. |
| |
8.4.2 |
R. v. Plant, [1993] 3 S.C.R. 281 (The Court
held that the search of computerized records was not unreasonable and did
not fall within section 8 of the Canadian Charter of Rights and Freedoms.
The appellant did not hold a reasonable expectation of privacy in these
records that outweighed the state interest in enforcing narcotics laws.) |
| |
8.4.3 |
R. v. Duarte, [1990] 1 S.C.R. 30. (audio
recording). (The interception of private communications without a court
authorization, even with the consent of one of the parties to the communication,
infringed the section 8 Charter rights of any other party to the communication
who did not consent to the interception.) |
| |
8.4.4 |
R. v. Wong, [1990] 3 S.C.R. 36. (The Court
found that surreptitious video surveillance by police of suspected illegal
gambling in a hotel room was an unreasonable search and seizure under section
8 of the Charter and was not justified under section 1 of the Charter.) |
| |
8.4.5 |
R. v. Weir, [2001] A.J. No. 869, upholding
[1998] A.J. No. 155 (Alta. Q.B.). (During a routine repair service, the
ISP discovered pornography material in the defendant's e-mail. The ISP contacted
the police who then asked for a warrant to search the accused's residence.
A computer and disks containing further pornographic pictures were seized.
The accused argued that e-mail carries an expectation of privacy, and that
the police had conducted a warrantless search and seizure by requesting
and receiving access to the initial e-mail message. While the court found
that e-mail did carry a reasonable expectation of privacy, this privacy
expectation was less than could be expected with first class land mail.
The Court ruled that the evidence was admissible and the accused was convicted.
The decision was upheld on appeal. |
| |
8.4.6 |
R. v. Bryan, [1999] O.J. No. 5074 (QuickLaw),
Oct. 29, 1999, (Ont. S.C.J.). |
| |
8.4.7 |
Iorfida v. MacIntyre (1994), 21 O.R. (3d)
186 (Ont. Ct. Gen. Div.). |
| |
8.4.8 |
R. v. Stewart (1988), 63 CR. (3d) 305 (S.C.C.). |
| |
8.4.9 |
R. v. Collins, [1987] 1 S.C.R. 265. |
| |
8.4.10 |
Irwin Toy Ltd. v. Doe, [2000] O.J. No. 3318 (QuickLaw), (The Ontario Superior Court ordered an ISP to reveal the identity of one of its customers alleged to have defamed and to have stolen confidential information from the plaintiffs.) |
| |
8.4.11 |
Loblaw Companies Ltd. v. Aliant Telecom Inc, 2003 NBQB 215. (The Court granted leave to discover ISPs in order to identify an intended defendant.) |
| |
8.4.12 |
See Decisions of the Privacy Commissioner respecting the Personal Information Protection and Electronic Documents Act and respecting the Privacy Act |
| |
|
|
| |
|
U.S. |
| |
8.4.13 |
Urofsky
v. Gilmore, U.S. District Ct., Eastern District of Virginia, No.
98-1481 (February 10, 1999). |
| |
8.4.14 |
Mainstream Loudon v. Board of Trustees of the
Loudon County Library, U.S. District Ct., Eastern District of Virginia,
April 7, 1998, and Nov. 213, 1998 Brinkema J. |
| |
8.4.15 |
McVeigh
v. Cohen, U.S. District Ct. D.C., Jan. 26, 1998, Sporkin J. |
| |
8.4.16 |
O'Connor v. Ortega, 480 U.S. 709 (1987). |
| |
8.4.17 |
New Jersey v. T.L.O., 469 U.S. 325 (1985). |
| |
8.4.18 |
Kyllo
v. United States, (99-8508) 121 S.Ct. 2038. (The Court held that
where the government uses a thermal imaging device that is not in general
public use, to explore details of a private home that would previously have
been unknowable without physical intrusion, the surveillance is a search
and is presumptively unreasonable without a warrant.) |
