This blog was written with assistance from Summer Law Student Molly Waldman.
In Liberal Party of Canada v. The Complainants, 2024 BCSC 814, the Supreme Court of British Columbia confirmed that British Columbia's Personal Information Protection Act (PIPA) applies to federal political parties.
Residents want to know how political parties use their personal data
The province's Personal Information Protection Act (PIPA) legislates the rules around how private sector and not for-profit organizations collect, use and disclose personal information.
In 2019, three B.C. residents requested access under PIPA to any of their personal information being held by political parties as well as how that information was being used. Turned down by the parties, the residents asked the Office of the Information and Privacy Commissioner of British Columbia to investigate the political parties' "privacy protection policies and practices and their compliance with PIPA."
The political parties objected to the investigation on constitutional grounds, arguing that they are federal organizations regulated solely under the Canada Elections Act (CEA), which legislates federal elections in Canada. The Commissioner referred the concerns to an outside adjudicator. In March 2022, the adjudicator found that PIPA was constitutionally applicable to federal political parties.
The political parties challenged this to the Supreme Court of B.C.
B.C. Supreme Court agrees with Commissioner that PIPA applies
The Court reviewed the decision and affirmed that federal political parties are subject to PIPA and that the parties are able to comply with PIPA without defying the rules set out in CEA. The Court also agreed with the Commissioner's finding that PIPA complements CEA by legislating certain aspects regarding the collection, use and disclosure of personal information that the CEA is silent on.
The Court highlighted this as an example of co-operative federalism, noting:
"Co-operative federalism favours, where possible, the concurrent operation of statutes enacted by federal and provincial levels of government."
PIPA requires organizations that receive requests from a B.C. resident to disclose the personal information they have about the resident, how the information has been used and, if it has been disclosed, to whom. The Court emphasized the requirements under PIPA do not impact the political parties' authority under the CEA to collect and use personal information, nor do they interfere with Parliament's jurisdiction over federal elections.
An appeal of the ruling was filed in June, 2024 with the B.C. Court of Appeal.
Amendments to the Canada Elections Act before the House
On March 20, 2024, the federal government introduced changes to the CEA in Bill C-65, an Act to amend the Canada Elections Act. In addition to a number of amendments around voting procedures, the bill includes amendments focused on protection of personal information and notification protocols in the event of a privacy breach.
Bill C-65 is not yet law at the time of this blog.
Key takeaways
We will be monitoring developments as the application of privacy laws to political parties unfolds. In the meantime, because political parties may be subject to privacy legislation, parties should:
- Be familiar with privacy legislation to understand the requirements that apply to their organization.
- Develop and implement privacy programs to align with privacy requirements and best practices.
- Take practical steps to mitigate privacy risks such as having clear privacy policies and training for staff, having procedures in place to respond to access requests, and ensuring that only authorized individuals have access to sensitive and/or personal information.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.