Canadian privacy commissioner proposes legal overhaul

Share this article:

Canadian Privacy Commissioner Jennifer Stoddart has called for fundamental reforms to Canada's privacy law that would make companies more accountable for privacy violations.
 
Her recommendations would overhaul the Personal Information Protection and Electronic Documents Act (PIPEDA) legislation, first passed in 2000, in four main areas. 

First, organizations would be forced to report personal information breaches to the commissioner and affected individuals.
 
The updated law also would give the commissioner stronger enforcement powers, including statutory damages. IN addition, she would be able to order organizations to take mitigating measures.
 
A third measure would increase accountability, introducing "enforceable agreements" that would see companies carry out the commissioner's recommendations within a set time period. They would also be required to demonstrate a privacy compliance program on request.
 
Finally, they would be forced to reveal how many personal information disclosures they had made to law enforcement without the owner's knowledge or consent.
 
Canadian privacy legislation is long past its 2011 deadline for a formal quinquennial review. The first review resulted in Bill C-12, which is now languishing in parliament. John Lawford, executive director of the Ottawa-based Public Interest Advocacy Centre (PIAC), said the recommendations are a productive precursor for the next review.
 
“They may as well admit defeat on the first review, get rid of Bill C12, which has been described as inadequate, and then start again with new hearings,“ he said.

Share this article:
You must be a registered member of SC Magazine to post a comment.

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

More in SC Canada

CSEC mishandled private communications, says watchdog

Canada's foreign spy agency mishandled information on private communications that it had collected by mistake, according to the most recent report by a government watchdog.

National Research Council breached

Canada's National Research Council has written to partner companies informing them of a breach of its cybersecurity systems.

Canadian ISP used In $83,000 cryptocurrency heist

A Canadian ISP has been identified as the source of a cryptocurrency hack that stole $83,000 over four months.