Post Tagged with: "stoddart"

Privacy Breaches Expose Flaws in the Law

My weekly Law Bytes column (Toronto Star version, homepage version) focuses on the need for Canadian privacy reform in light of last week's security breaches involving CIBC and retailer giant Winners. I note that these two incidents highlight the fragility of sensitive, personal information that is entrusted to Canadian businesses as well as the inadequacy of current Canadian privacy legislation. Business groups have cautioned against privacy law reforms, yet as the risk of identity theft grows, the calls for change are likely to become more vocal.

While the U.S. pushes forward with security breach disclosure legislation, Canadian business has argued strongly against similar reforms. The Information Technology Association of Canada, which features representatives from companies such as BCE, Telus, Rogers, Microsoft, Nortel, and Research in Motion on its board of directors, warned against mandatory notification legislation in an appearance before a parliamentary committee last month.

January 22, 2007 — 3 comments — Columns

Privacy Commissioner Launches New Contributions Program

The Privacy Commissioner of Canada has launched this year's contributions program, supporting both research and an NGO conference.

January 15, 2007 — Comments are Disabled — News

PIPEDA Hearings – Day 03 (Privacy Commissioner of Canada)

The Privacy Commissioner of Canada appeared before the committee on Monday in what is likely to be the first of two appearances (she indicated she would return at the end of the hearings). While the Commissioner asked for security breach disclosure legislation and identified cross-border data transfers as a concern, the big story of the day is that she effectively killed the prospect of order-making power. A shift toward order-making power was raised in both prior hearings and is likely to surface again when several privacy advocates appear before the committee. My guess is that the issue is now dead – the Commissioner opened by stating that she was not seeking any additional enforcement powers.

The move took committee members by surprise – several asked for clarification or reasons behind the decision. The Commissioner indicated that order making power raised other concerns and that it was premature to change the PIPEDA framework. With order making power likely finished (the committee is not going to add order making power if the Commissioner and the Industry Minister don't want it), the key remaining issues to look out for are security breach disclosure, cross-border transfers, the costs of PIPEDA to small business (a big concern for the Conservative members of the committee), and questions around the definition of "work product."

A full review of the day's events, thanks to Kathi Simmons, follows.

November 28, 2006 — Comments are Disabled — News

PIPEDA Review Underway Today

My weekly Law Bytes column (Toronto Star version, homepage version) examines the PIPEDA review which begins today. Representatives from Industry Canada will lead off, followed over the next week by privacy experts and the Privacy Commissioner of Canada. With the hearings expected to extend into mid-December, I argue that it […]

November 20, 2006 — Comments are Disabled — Columns

Hearings Offer Chance to Fix Holes in Privacy Law

Appeared in the Toronto Star on November 20, 2006 as Hearings Open Door to Fixing Deficient Privacy Law When the Canadian government enacted private sector privacy legislation – known as the Personal Information Protection and Electronic Documents Act (PIPEDA) – it included an important provision mandating a parliamentary review of […]

November 20, 2006 — Comments are Disabled — Columns Archive