A federal contractor hired to manage airport COVID test kits yesterday was cited for keeping 147,000 travelers’ email addresses for sales pitches. Quarantine Act regulations had forced travelers to surrender their emails to receive test results..“Individuals required to undergo COVID-19 testing at the border do not expect the personal information they provided to the organization conducting tests to be subsequently used for promotional purposes,” wrote Philippe Dufresne, federal privacy commissioner. “Organizations that collect personal information, including sensitive information such as health information as part of a COVID-19 test, must consider these circumstances.”.According to Blacklock's Reporter, Biron Groupe Santé Inc. of Brossard, Quebec received a $68.3 million federal contract to run COVID tests at Montréal’s Trudeau International Airport last March 30. “Biron was mandated by the government to conduct Covid-19 testing on travelers,” wrote Commissioner Dufresne..Air passengers subsequently received emails from Biron’s sales department. The company sells sleep aids, DNA tests and other products. One traveler told the Privacy Commissioner he was “shocked to receive such an email” after having to comply with the COVID testing..“Biron was the only company offering this service at the airport,” wrote the Commissioner. “Consequently travelers arriving in Montréal had no choice but to do business with Biron to comply with the rules issued by the Public Health Agency.”.“In this situation travelers would not normally expect their personal information to be used for reasons other than mandatory testing,” said the Commissioner. Biron Groupe disclosed it had compiled email addresses for 147,000 in its sales database but agreed to delete the records..“In response to our questions Biron explained it had received a few complaints from other travelers,” wrote the Commissioner. “It had therefore decided to stop sending promotional emails to travelers arriving in Canada who were not already clients. Biron explained to the Commissioner it had initially considered a business relationship had been established with the travelers in question.”.The citation under the Personal Information Protection And Electronic Documents Act carried no fine. Commissioner Dufresne yesterday complained his office should have authority to levy cash penalties..Cabinet on June 16 introduced Bill C-27 An Act To Enact The Consumer Privacy Protection Act that would permit the Commissioner to impose unspecified fines on scofflaws. The Act would restrict commercial use of personal information without consent including the “selling, bartering or leasing” of names and addresses..A similar Bill C-11 introduced in 2020 lapsed in the last Parliament. Both bills exempt government data collection from privacy protections.
A federal contractor hired to manage airport COVID test kits yesterday was cited for keeping 147,000 travelers’ email addresses for sales pitches. Quarantine Act regulations had forced travelers to surrender their emails to receive test results..“Individuals required to undergo COVID-19 testing at the border do not expect the personal information they provided to the organization conducting tests to be subsequently used for promotional purposes,” wrote Philippe Dufresne, federal privacy commissioner. “Organizations that collect personal information, including sensitive information such as health information as part of a COVID-19 test, must consider these circumstances.”.According to Blacklock's Reporter, Biron Groupe Santé Inc. of Brossard, Quebec received a $68.3 million federal contract to run COVID tests at Montréal’s Trudeau International Airport last March 30. “Biron was mandated by the government to conduct Covid-19 testing on travelers,” wrote Commissioner Dufresne..Air passengers subsequently received emails from Biron’s sales department. The company sells sleep aids, DNA tests and other products. One traveler told the Privacy Commissioner he was “shocked to receive such an email” after having to comply with the COVID testing..“Biron was the only company offering this service at the airport,” wrote the Commissioner. “Consequently travelers arriving in Montréal had no choice but to do business with Biron to comply with the rules issued by the Public Health Agency.”.“In this situation travelers would not normally expect their personal information to be used for reasons other than mandatory testing,” said the Commissioner. Biron Groupe disclosed it had compiled email addresses for 147,000 in its sales database but agreed to delete the records..“In response to our questions Biron explained it had received a few complaints from other travelers,” wrote the Commissioner. “It had therefore decided to stop sending promotional emails to travelers arriving in Canada who were not already clients. Biron explained to the Commissioner it had initially considered a business relationship had been established with the travelers in question.”.The citation under the Personal Information Protection And Electronic Documents Act carried no fine. Commissioner Dufresne yesterday complained his office should have authority to levy cash penalties..Cabinet on June 16 introduced Bill C-27 An Act To Enact The Consumer Privacy Protection Act that would permit the Commissioner to impose unspecified fines on scofflaws. The Act would restrict commercial use of personal information without consent including the “selling, bartering or leasing” of names and addresses..A similar Bill C-11 introduced in 2020 lapsed in the last Parliament. Both bills exempt government data collection from privacy protections.