The Lawbytes podcast resumes for another season with a special episode on privacy as I’m joined on the podcast by Daniel Therrien, the Privacy Commissioner of Canada. Commissioner Therrien recently used Data Privacy Day to deliver a speech at the University of Ottawa focused on privacy reforms and a new consultation on AI and privacy. He joined me on the podcast to talk about his term as commissioner, the major challenges he’s faced, the state of Canadian privacy law, and the prospect for reform. Following our conversation, the podcast features audio of the Commissioner’s bilingual speech at the law school.
Post Tagged with: "therrien"
Rewriting Canadian Privacy Law: Commissioner Signals Major Change on Cross-Border Data Transfers
Faced with a decades-old private-sector privacy law that is no longer fit for the purpose in the digital age, the Office of the Privacy Commissioner of Canada (OPC) has embarked on a dramatic reinterpretation of the law premised on incorporating new consent requirements. My Globe and Mail op-ed notes the strained interpretation arose last Tuesday when the OPC released a consultation paper signalling a major shift in its position on cross-border data transfers.
Canadian Privacy Commissioner Signals Major Shift in Approach on Cross-Border Data Transfers
The Office of the Privacy Commissioner of Canada has released a consultation paper that signals a major shift in its position on data transfers, indicating that it now believes that cross-border disclosures of personal information require prior consent. The approach is a significant reversal of longstanding policy that relied upon the accountability principle to ensure that organizations transferring personal information to third parties are ultimately responsible for safeguarding that information. In fact, OPC guidelines from January 2009 explicitly stated that “assuming the information is being used for the purpose it was originally collected, additional consent for the transfer is not required.”
A Failure of Enforcement: Why Changing the Law Won’t Fix All That Ails Canadian Privacy
Canadian Privacy Commissioner Daniel Therrien renewed his call for an overhaul of Canada’s private-sector privacy legislation this week. Responding to a national data consultation launched by Innovation, Science and Economic Development Minister Navdeep Bains, Therrien recommended enacting a new law that would include stronger enforcement powers, meaningful consent standards and the extension of privacy regulations to political parties. My Globe and Mail op-ed argues that while the need for a modernized privacy statute has been evident for some time, Canada’s privacy shortcomings are not limited to a decades-old legal framework struggling to keep pace with technological change.
Why the Canadian Privacy Commissioner’s Proposed Right to be Forgotten Creates More Problems Than it Solves
The right to be forgotten, which opens the door to public requests for the removal of search results that are “inadequate, irrelevant or no longer relevant”, has been among the world’s most controversial privacy issues since it was first established in Europe in 2014. My Globe and Mail op-ed notes that the new right responds to concerns with potential reputational harms from inaccurate or misleading information online, but faces the challenge of balancing privacy protections with the benefits of the Internet for access to information and freedom of expression.
The Privacy Commissioner of Canada waded into the debate on Friday with a new draft report concluding that Canadian privacy law can be interpreted to include a right to de-index search results with respect to a person’s name that are inaccurate, incomplete, or outdated. The report, which arises from a 2016 consultation on online reputation, sets the stage for potential de-indexing requests in Canada and complaints to the Privacy Commissioner should search engines refuse to comply.