London police accessed a provincial database containing personal health records of people who tested positive for COVID-19 more than 10,000 times over a four month period, according to a group of legal and civil liberties organizations.
Aboriginal Legal Services, the Black Legal Action Centre, the Canadian Civil Liberties Association, and the HIV & AIDS Legal Clinic Ontario are now demanding police delete any information obtained from the database.
In a letter sent to the London Police Services Board, the four organizations state records from the province indicate the COVID database was accessed 10,475 times by London police. That gives the local police service one of the top five per capita access rates in Ontario.
"The abnormally high number of times the data was accessed raises concerns about whether the database was being used appropriately and whether this large amount of personal information is still being used locally," the letter reads.
Police were granted the power to use the database in early April when the Ford government passed an emergency order authorizing the release of names, dates of birth, and addresses of Ontarians who had tested positive for COVID-19. Police ability to access the database was revoked by the government on July 22 following a legal challenge from the same group of organizations. They had argued the data-sharing violated individuals’ statutory privacy and constitutional Charter rights.
"While we welcome the province’s decision to stop sharing this information with police services, we remain deeply concerned about the continued local storage and use of personal health information that has already been accessed by police services across the province," the groups stated in their letter addressed to board chair Dr. Javeed Sukhera.
A copy of the letter was also sent to London Police Chief Steve Williams.
In addition to requesting any personal health information obtained by police through the database be deleted immediately, the organizations want to know where the information is being stored, who has access to it and for what purposes, and whether anyone's data has been accessed since July 22. They also want to know what process the police service will use to delete any information that was downloaded from the database.
The organizations are also calling on the police board to see that an audit of officers' use of the database is conducted and the results made public. They maintain the audit should outline who was authorized to use the database, whether it was accessed for authorized purposes and the reason for such an abnormally high access rate.
"Transparency and accountability require that the public be informed of the reasons for London Police Service’s unusually high number of searches against the database," the letter concluded.