All Articles

2017 Rogers Transparency Report

Introduction

This year marks the publication of our fifth annual Transparency Report. This report contains details on the number of requests for personal information[1] of our customers that we received in 2017 from government and law enforcement.[2] Since Rogers first started reporting on transparency, there has been a sea-change in awareness on issues related to privacy, consumer protection and transparency. The Canadian public is more aware of the importance of the privacy of their personal data. This corresponds with broader societal trends such as the increase in smartphone use, more reliance on IoT-enabled devices (e.g. smart watches), and an increase in cyber-security issues.

The one thing that has not changed over the past five years is Rogers’ unwavering commitment to protecting our customers and their data.

The Value of Collaboration

It is important to Rogers that we maintain open and constructive dialogue with the organisations that submit data requests to us. Protecting our customer data is our first priority, yet we are also committed to public safety. We engage with government and law enforcement agencies to understand what their needs are when it comes to the requests they make to us. We work with them to ensure our responses are reasonable and lawful, always with our customer’s best interests at the forefront.

Staying Current, Staying Transparent

We are continually trying to improve our transparency reporting. For example, last year we provided more granularity on where we rejected or disclosed customer information. This year, we are building on this approach and have provided statistics on how often a request was made where there was no data available. Finally, having provided information on tower dumps[3] in the past few reports, we have added a separate section this year, which contains specific details on tower dumps. This section includes the total requests that were made, fulfilled, rejected, partially rejected because we felt the request was too broad or where a request was only partially disclosed because some of the data that was requested was not available.

Transparency Parameters

As a federally regulated company, Rogers is governed by Canadian laws. This dictates both how we protect customer information and how government and law enforcement agencies can compel us to provide it to them.  As this report demonstrates, that does not mean we provide this information unchallenged. It is important, though, that our customers be aware that there are some aspects of transparency reporting that remain outside of our control. Some stakeholders suggest that we are not being fully transparent if we do not disclose to our customers that their information has been the subject of a third party data request.  There are legal reasons that prevent such disclosure, such as requirements in some legislation and court orders that prohibit disclosure to customers.

Endorsements

While it is important to share with you how we advocate on behalf of our customers to protect their data, we also value what our stakeholders say about us:

“We at The Provincial ROPE Squad deal with critical incident calls and extremely high risk offenders on a daily basis. Over the years, your assistance and professionalism has been second to none. On behalf of the ROPE Squad, I would like to thank the team at Rogers for the, ever-so, diligent work that has helped make our city and our province a safer place.” — Paul Holder, OPP Repeat Offender Parole Enforcement (ROPE) Squad

“As government surveillance practices continue to evolve in unpredictable ways, Rogers’ willingness to provide a lens into these practices is critical to the public’s ongoing understanding of how their rights are being respected and highly commendable.” — Tamir Israel, Samuelson-Glushko Canadian Internet Policy and Public Interest Clinic 

Conclusions

Rogers remains committed to engaging with government, law enforcement and the privacy community at large to maintain dialogue on transparency reporting. Education and awareness are key factors in understanding your rights as a customer and knowing what the data in this report represents.  We welcome your comments and feedback on this report.  You can contact us at [email protected]

Sincerely,

Deborah Evans,
Associate Chief Privacy Officer

[1] Customer information includes name, contact information such as mailing address, billing and payment records, information about the services received from Rogers and related usage, and recorded complaints or private correspondence with us. Personal information does not include any aggregated or de-identified information that cannot be associated with an individual.

[2] This report covers the Rogers, Fido and chatr brands.

[3] A tower dump is a technique used to identify all devices that were utilised in the coverage area of a cell site during a defined period of time.

[4] We measure the total requests based on the number of impacted customers. For example, one Court Order that requests information on 10 customers counts as 10 requests. Emergency responder requests from 911 are not included in the total as we will always respond to these requests to the best of our ability. However, emergency requests from law enforcement agencies are included in the total because there is an interpretive role in such requests and we have some scope to protect customer data.

[5] This total does not include the number of customers impacted by tower dumps. In the 2016 report, the total did include it but, upon review, we are now reporting this data separately to increase transparency.

[6] A tower dump is a technique used to identify all devices that were utilised in the coverage area of a cell site during a defined period of time.

[7] In 2016 we didn’t specifically track partially rejected or partial disclosures, but the total of those numbers are included in this number.

[8] This number represents the potential number of customers that could have been impacted if Rogers had not challenged any tower dump requests.