The piece linked below raises interesting issues on the limits of privacy (especially in the context of a public health crisis) and the responsibility of private and public institutions to have processes in place to deal with unusual requests for customer data.
LINK: Metrolinx handed over user data. Why privacy experts say that’s a good thing (by Shruti Shekar for Yahoo!)
Metrolinx tweeted Monday that it gave Toronto Public Health contact information associated with Presto payment cards used on specific trips between March 2 and 4 after a rider was diagnosed with COVID-19.
Experts applauded the Ontario transportation agency, saying others must have the ethical responsibility to ensure there is documentation and proper screening in place when faced with requests for user information. They say this will balance protecting individual privacy against the broader public threat.
In its tweet, Metrolinx said that under Ontario’s privacy act it was permitted to “disclose personal information in compelling circumstances affecting the health or safety of individuals, provided we notify them.”
Anne Marie Aikins, senior manager of media at Metrolinx, said in an interview that the agency has had a “very strict process” put in place since the 2003 SARS outbreak and has since been “strengthened over the years….”
What do you think?