Wiertz Sebastien - Privacy by Sebastien Wiertz (CC BY 2.0) https://flic.kr/p/ahk6nh

Privacy

Federal Court Orders Privacy Commissioner to Investigate Complaint

The Federal Court of Canada yesterday issued an important decision addressing the jurisdictional reach of Canada's privacy legislation. The case involved a complaint launched by Pippa Lawson of CIPPIC against U.S.-based Abika.com over the collection and use of her personal information. The Privacy Commissioner refused to investigate, arguing that Abika.com declined to cooperate with the investigation and that she therefore lacked the jurisdiction to proceed.

CIPPIC applied for judicial review and yesterday won the case. The court gets it exactly right – "with respect, I think the Commissioner did not distinguish her power to investigate from the effectiveness of her investigation."

February 6, 2007 — 1 comment — News

PIPEDA Hearings – Days 9 (banking industry) and 10 (Chamber of Commerce, Insurance)

The PIPEDA hearings resumed this week appearances by groups from the banking sector, the Canadian Chamber of Commerce, and the insurance industry. CIPPIC has details on day nine and ten. The committee is now focused almost exclusively on a single issue – security breach notification legislation. There appears to be […]

February 2, 2007 — 3 comments — News

Scassa on Citizen Journalism and Privacy

Dal law prof Teresa Scassa points to the intersection between user-generated video and PIPEDA.

January 31, 2007 — Comments are Disabled — News

CIPPIC Files Complaint in Data Breach Case

The Canadian Internet Policy and Public Interest Clinic has filed a formal complaint with the Canadian Privacy Commissioner, requesting a formal investigation into the widely-reported security breach suffered by the Winners group of companies, and affecting consumers who shop at any Winners or HomeSense store in Canada. CIPPIC is concerned […]

January 25, 2007 — Comments are Disabled — News

Privacy Breaches Expose Flaws in the Law

My weekly Law Bytes column (Toronto Star version, homepage version) focuses on the need for Canadian privacy reform in light of last week's security breaches involving CIBC and retailer giant Winners. I note that these two incidents highlight the fragility of sensitive, personal information that is entrusted to Canadian businesses as well as the inadequacy of current Canadian privacy legislation. Business groups have cautioned against privacy law reforms, yet as the risk of identity theft grows, the calls for change are likely to become more vocal.

While the U.S. pushes forward with security breach disclosure legislation, Canadian business has argued strongly against similar reforms. The Information Technology Association of Canada, which features representatives from companies such as BCE, Telus, Rogers, Microsoft, Nortel, and Research in Motion on its board of directors, warned against mandatory notification legislation in an appearance before a parliamentary committee last month.

January 22, 2007 — 3 comments — Columns