Canadian Privacy Commissioner Daniel Therrien renewed his call for an overhaul of Canada’s private-sector privacy legislation this week. Responding to a national data consultation launched by Innovation, Science and Economic Development Minister Navdeep Bains, Therrien recommended enacting a new law that would include stronger enforcement powers, meaningful consent standards and the extension of privacy regulations to political parties. My Globe and Mail op-ed argues that while the need for a modernized privacy statute has been evident for some time, Canada’s privacy shortcomings are not limited to a decades-old legal framework struggling to keep pace with technological change.
Post Tagged with: "pipeda"
Last week, the Privacy Commissioner of Canada filed a reference with the federal court in a case that was billed as settling the “right to be forgotten” issue. Yet a careful read of the application reveals that the case isn’t about the right to be forgotten. Rather, it involves a far more basic issue: is Google’s search engine service subject to PIPEDA, Canada’s private sector privacy law? The case arises due to a right-to-be-forgotten complaint (a complainant wants search results referencing news articles they say are outdated, inaccurate, and disclose sensitive information removed from the Google search index), but the court is not being asked whether the current law includes a right-to-be-forgotten. Instead, the very application of Canadian privacy law to Google search is at stake.
The Canadian Journalism Foundation and CIPPIC partnered on a terrific event yesterday on privacy and freedom of expression in the digital age. The event, held at the Globe and Mail Centre in Toronto, focused on the right to be forgotten. It included conversations with Privacy Commissioner of Canada Daniel Therrien, Google’s Peter Fleischer, and a debate between David Fraser and Keith Rose. I was featured on the final panel in a conversation with the Globe and Mail’s Susan Krashinsky Robertson. The discussion, embedded below, focused on a wide range of privacy issues, including the need to update PIPEDA, pressure from the EU to improve Canada’s privacy law, how to foster meaningful consent, and the right to be forgotten.
Coming Soon (or at least by November): Government Sets a Date for Data Breach Disclosure Rules To Take Effect
Several years after passing into law, the Canadian government has finally set an effective date for long-overdue data breach disclosure rules. The requirements were included in the Digital Privacy Act that was passed in 2015, but the accompanying regulations literally took years to finalize. Earlier this year, I argued that the failure to expedite security breach disclosure rules was an embarrassing failure for successive Conservative and Liberal governments, placing the personal information of millions of Canadians at risk and effectively giving a free pass to companies that do not adequately safeguard their customers’ information.