Data breach bill dies as Canadian Parliament prorogues
Two controversial pieces of privacy legislation have been killed after Canada's prime minister prorogued parliament.
Bill C-12, which would have introduced mandatory data breach provision rules, died on the order paper after the government ended the current parliamentary session in mid-September. The prorogation also killed Bill C-30, which dealt with ISP surveillance.
Prorogation ends the current parliamentary agenda, effectively terminating parliament without dissolving it, and mopping up any outstanding bills on the order paper. All bills not already passed are effectively deleted, although there are some measures that can be taken to reintroduce bills in the next parliamentary session without having to start from scratch. Parliament starts up again on Oct. 16.
Bill C-12 had come under criticism from privacy groups for not being tough enough. John Lawford, executive director and general counsel of Canada's Public Interest Advocacy Centre (PAIC), had said that it didn't give the privacy commissioner enough information to enforce data breach notification measures. In any case, she has no order-making capability, he complained.
Also axed was Bill C-30, the Protecting Children from Internet Predators Act. This proposed legislation included lawful access clauses that would have mandated surveillance by ISPs. The bill had languished in parliament for months following the resignation of sponsor Vic Toews in July.
Prorogation won't affect private members bill C-475, which would also lead to mandatory data breach notifications, as private members bills aren't affected by it. However, private members' bills, which are introduced by MPs outside cabinet, are far less likely to become law.