An Introduction to Data Trusts in Québec
Written by Anne-Sophie Hulin, Law Postdoctoral Fellow — Data Trust and Governance*
Une version française de ce billet a été publiée ici.
There is a growing erosion of public trust in the way that many organizations process personal data for analytical purposes. Recent cases related to urban data governance or the use of non-consensual facial recognition in a commercial context have heightened this public distrust, given the breaches of privacy and the fact that individuals are losing the ability to control the data they generate on a daily basis. The need to find new solutions to restore collective trust is increasingly pressing. The regulation of artificial intelligence (AI) practices must be (re)considered in order to better protect the rights of individuals.
While a host of normative frameworks already ensures that data governance respects individual rights and interests (e.g., Montréal’s Digital Data Charter), its scope is necessarily limited due to a lack of a binding nature. There is, concurrently, a converging trend among Québec and Canadian policy makers to reform privacy laws. As welcome as these initiatives may be, they remain subject to delays in legislative procedures. Still, in the interim, it would be false to assume that the law leaves us without any means to address the need for a more adequate data processing framework. Property law offers a number of innovative solutions to address these issues. Better known in wealth management, a trust is a promising tool to link data governance with the objectives of responsible AI. It is crucial to examine the scope of this tool (1) and the factors behind its appeal (2).
1. What is a data trust?
A trust is a patrimony by appropriation, i.e. a body of rights and obligations assigned to a given purpose (art. 1260 C.C.Q. ). It may be established for the benefit of designated individuals. It can also be established for an objective purpose, i.e. for a specific purpose with no determined beneficiaries. A trust may serve a private purpose such as preserving property or protecting assets (arts. 1268 and 1269 C.C.Q.), and it can have a socially useful purpose when it supports a cause of general interest (art. 1270 C.C.Q.).
A trust is an autonomous patrimony assigned to a purpose, the legal regime of which is set out in Book IV (“Property”) of The Civil Code of Québec. A trust is not a legal person; rather, it is an entity that is contingent on a specific way of holding rights that does not equate to ownership (arts. 911 and 915 C.C.Q.).
The assets that make up a trust patrimony are assigned to a purpose, and their ownership is limited to that same purpose. The trustee [editor’s note: a physical or legal person] is not an owner, but rather an administrator of another individual’s property, since they administer a patrimony that is not their own, and that is also separate from their own (art. 1299 C.C.Q.). As such, the trustee exerts legal powers over the trust patrimony. This means they have “the control and the exclusive administration of the trust patrimony […],” as well as “the exercise of all the rights pertaining to the patrimony and [they] may take any proper measure to secure its appropriation” (art. 1278 C.C.Q.).
The trustee is also subject to a series of obligations (prudence, diligence, honesty, loyalty) which are the necessary counterpart to the legal powers they have over the assets placed in the trust. The nature of their mission also warrants that the trustee be accountable for their administration to the beneficiaries of the trust or, in their absence, to the settlor or any other person with an interest in the trust (art. 1287 C.C.Q.). In the event that a trustee breaches their obligations, they become personally liable (art. 1308 C.C.Q.). The trustee is, therefore, the key player in a trust: without a trustee, the trust patrimony is static since neither the settlor nor the beneficiaries have any true rights over it (art 1261 C.C.Q.).
A data trust is an application of the common law trust that is unique in its purpose. This raises a few considerations:
First, a trust patrimony consists of data, or at least the legal rights to data (essentially the right to (re)distribute). Such an assertion may cause difficulties for lawyers, because personal data cannot be a component of a patrimony without being re-qualified as property. However, this qualification of data is highly debatable, as is their ownership [1].
As opposed to the challenging conciliation between the non-rivalrous nature of data and their subjection to ownership, the patrimonialization of data presents fewer difficulties. Beyond the admission of the immateriality of property, the depersonalization and anonymization of personal data should transform personal data from a component of privacy to a tradable property. These theoretical qualification issues have not hindered the rise of an international data market that includes personal data, as the latter present a strong economic potential to the point where many companies have based their business model on their exploitation [2].
The creation of a data trust requires a transfer of property from the settlor’s patrimony to the trust patrimony (art. 1261 C.C.Q.). Data trusts could thus be set up by data controllers. There is also nothing to prevent a data trust from being formed by more than one data controller.
A data trust becomes, therefore, a useful tool to regulate data pooling between different institutions.
Second, the regime of the administration of the property of another under which the trustee operates (art. 1299 et seq. C.C.Q.) prescribes measures for supervision. While these measures were initially conceived in the context of wealth management, they can easily be applied to data governance; just as the trustee has a duty to render a regular account of their management (arts. 1351 to 1354 C.C.Q.), they could be required to conduct a regular privacy impact assessment [3]. Similar to their obligation to make safe investments (art. 1304 C.C.Q.), the trustee should consent to a safe use of the data, i.e. one that respects the rights of individuals.
Finally, no matter the extent of their powers, the preservation of the trust patrimony is at the core of the trustee’s mission (arts. 1301 and 1306 C.C.Q.). Such an obligation is particularly significant for data governance, where cybersecurity and the protection of information system integrity are of paramount importance, as evidenced by the discussions surrounding Bill 64.
2. Why create a data trust?
The growing interest in data trusts mainly pertains to issues related to the sharing of personal data or, more broadly, all data of a sensitive nature (e.g. urban data, humanitarian data). Indeed, the loss (or lack) of control by individuals over the data they generate stems from the limitations of the consent rule for personal information, as well as from the fact that individuals do not benefit financially from sharing the personal data they have generated themselves. It is with regard to these power imbalances that the idea of data trusts has gained momentum in common law. It is also present in Canada’s Digital Charter.
Although subject to discussion [4], data trusts have also given rise to the concept of a civil law data trust, the Québec form of which is certainly the most adapted to the issues mentioned above. If purpose is the keystone of the Québec model — unlike the common law trust — it is also a pillar of the regulations governing the processing of personal information. Purpose circumscribes the reasons and modalities for collecting the data, and thus for sharing them. With the Québec trust, purpose is no longer a guiding principle, but rather a constraint with which the trustee must comply or risk personal liability. Although there are shortcomings regarding the supervision and liability of trustees, the processing of data is duly attached to, and constrained by, the purpose for which the trust was established. More broadly, since it can serve a purely objective purpose, the data trust could efficiently link the pursuit of common good with data governance.
Personal data cannot be collected or shared without the consent of the individual from whom it is extracted. As consent has practical limits within the context of massive data, it is deprived of any value, and the rule must be adapted to the current context. In keeping with the proposals made at the federal level to avoid the constraints of consent (clause 39 of Bill C-c11), the trust would make it possible to implement metaconsent [5]: by consenting to place their data in trusts, individuals delegate their consent to the trustee, who is then responsible for assessing the extent to which the use and sharing of the data is consistent with the trust provisions. In this way, individuals indirectly gain control over data processing through the trustee.
The choice of trustee is thus critical, as are the qualities that the trustee must possess. For instance, when a data trust is established to promote and secure the common good, this purpose must be reflected in the selection of the trustees. The failure of the connected neighbourhood project by Sidewalk Labs in Toronto is a prime example: the data governance methods implemented in this case were criticized for being incompatible with the project’s purpose. The regime of administration of the property of another to which the trustee is subject prevents the risk of conflicts of interest (arts. 1310 and 1314 C.C.Q.). However, we must reflect on the set of qualities required in a data trustee, especially if the data are seen as common goods, and to satisfy the tenets of responsible AI. These discussions must also define the level of data governance and legal expertise required of the trustee.
Ultimately, although the conditions of their deployment remain uncertain, data trusts are an innovative and consensual tool from a data governance perspective. They are also a promising legal device for the pursuit of ethical and responsible AI.
[1] Sjef van Erp, «Management as Ownership of Data» in Sebastuan Lohsse, Reiner Schulze and Dirk Staudenmayer (eds.), Data as Counter-Performance — Contract Law 2.0, Munster Colloquia on EU Law and the Digital Economy, Nomos Verlagsgesellschaft, Baden-Baden, 2020, p.77–93.
[2] Ibid.
[3] See section 3.3 of the Private Sector Act as amended by section 95 of Bill 64 and section 63.5 of the Access Act as also amended by section 14.
[4] Jeremiah Lau, James Penner and Benjamin Wong, (2020). The basics of private and public data trusts. Singapore Journal of Legal Studies, 2020(1), p.90–114.
[5] Regarding this idea, see: Ploug T, Holm S. Meta consent: A flexible and autonomous way of obtaining informed consent for secondary research, online: https://www.bmj.com/content/350/bmj.h2146.
This post is the sole responsibility of its author.
It was first published on The Cyberjustice Laboratory blog on November 26, 2020. The Cyberjustice Laboratory is a space for reflection and creation that analyzes the impact of technology on justice and develops concrete technological tools that are adapted to the reality of justice systems.
*Translation: Angelina Mazza; translation editing: Anne-Sophie Hulin and Julie Levasseur
