I was pleased to join CBC Manitoba’s Marcy Markusa last week for a panel debate about the proposed online surveillance Bill during Information Radio’s morning broadcast. Click here to listen to the debate (audio clip – 11:29 in length).
More to follow on this important Bill.
Leave a Comment » | 
Access to Information, Government, Internet, Lawful Access, Legislation Update, Monitoring, PIPEDA, Privacy, Privacy Commissioner, Privacy Commissioner of Canada | Tagged: Access to Information, Privacy, Workplace Surveillance | 
Permalink
Posted by Brian Bowman
Canada’s Privacy Commissioner has just released the final report of her Office’s consultations on the online tracking, profiling and targeting of consumers by marketers and other businesses. “Most people have no idea about the rich trail of data they leave behind when they browse the Internet, use social networking sites, or engage the geo-location functions of their mobile devices,” the Commissioner observed. Organizations that track the online activities of Canadians must be more upfront about their practices, Privacy Commissioner Jennifer Stoddart has concluded… “it comes down to meaningful consent, which entails informed consent”.
Leave a Comment » | Device Fingerprinting, Facebook, Marketing, Monitoring, Privacy, Privacy Commissioner of Canada, Social Networking Websites, Technology | Tagged: Cloud Computing, Facebook, Internet, Privacy, Privacy Commissioner, Social Networking | Permalink
Posted by Brian Bowman
The Privacy Commissioner of Canada has called for legislation empowering her to impose substantial fines against major corporations that fail to adequately protect Canadians’ personal information from preventable breaches.
“I am deeply troubled by the large number of major breaches we are seeing, including serious incidents in recent weeks that have affected hundreds of thousands of Canadians,’’ Jennifer Stoddart said in a speech today at the Canada 3.0 forum in Stratford, Ont. “It seems to me that it’s time to begin imposing fines – significant, attention-getting fines – on companies when poor privacy and security practices lead to breaches.” To learn more, read the complete news release.
Leave a Comment » | Data Protection, Legislation Update, Privacy, Privacy Breach, Privacy Commissioner of Canada | Tagged: PIPEDA, Privacy, Privacy Breach, Privacy Commissioner | Permalink
Posted by Brian Bowman
Canada’s Privacy Commissioner has just released her latest e-newletter, Privacy Perspectives. Today’s installment includes:
Leave a Comment » | Privacy, Privacy Commissioner of Canada, Youth | Tagged: Privacy Commissioner | Permalink
Posted by Brian Bowman
The recent headlines over the Veteran Affairs Canada privacy breach should serve as a useful reminder to all organizations – public and private sector – of the necessity to implement internal policies and procedures for the management of personal information. Much attention is paid these days by the media to privacy breaches that involve external parties, such as hackers, who foil the security safeguards of organizations. However, in my experience the bigger threat to privacy if often from within an organization.
In this recent case involving Veteran Affairs, a veteran had filed a complaint with the Office of the Privacy Commissioner of Canada (“OPC”) alleging that Veterans Affairs had violated the Privacy Act by including excessively detailed and sensitive medical information in briefing notes to the Minister of Veterans Affairs. The complainant also alleged that Veteran Affairs had transferred his medical file to a hospital administered by Veterans Affairs without his consent.
The OPC has issued the following formal recommendations to Veterans Affairs, but they should also serve as useful recommendations to other organizations:
Leave a Comment » | Access to Information, Data Protection, Due Diligence, Government, Privacy, Privacy Breach, Privacy Commissioner of Canada, Safeguarding, Safekeeping, Security Breach, Training | Tagged: Access to Information, Due Diligence, Personal Information, Privacy Commissioner, Privacy Compliance, Safeguarding | Permalink
Posted by Brian Bowman
Canada’s Privacy Commissioner, Jennifer Stoddart, released her 2009 – 2010 Annual Report to Parliament on the Privacy Act today. In her Annual Report, Stoddart says that “[t]he federal government’s use of handheld communications devices and its practices for disposing of unneeded paper documents and surplus computers could expose the personal information of Canadians to unauthorized disclosure”.
Key lessons for the private sector from today’s Annual Report include, among other things, (1) a reminder of the need to assess the threats/risks inherent in wireless communications and to fill any gaps in policies and/or practices related to smart phones, Wi-Fi networks and data stored on mobile devices and (2) ensuring that policies and procedures are in place for paper shredding and the disposal of surplus computer equipment.
Read the full Annual Report here>>.
Leave a Comment » | Government, Mobile devices, Privacy, Privacy Commissioner of Canada | Tagged: Government, Privacy Commissioner | Permalink
Posted by Brian Bowman
Earlier today, Canada’s Privacy Commissioner, Jennifer Stoddart, submitted to Parliament the OPC’s Annual Report on PIPEDA for the period from January 1 to December 31, 2009.
As the Commissioner notes, “the dominant theme of [the OPC's] work in 2009 was the protection of privacy in an increasingly online, borderless world. A case in point was the investigation that resulted in more public attention than any other in [the OPC's] history: Facebook.” The Commissioner notes two key issues, namely, Data without borders and Risks remaining in the wake of mortgage broker breaches.
Leave a Comment » | PIPEDA, Privacy, Privacy Commissioner of Canada | Tagged: PIPEDA, Privacy Commissioner | Permalink
Posted by Brian Bowman
Canada’s Privacy Commissioner, Jennifer Stoddart, has teamed up with nine other country’s privacy watchdogs today to warn Google and other organizations to better respect people’s privacy rights. The privacy commissioners have sent a letter to Google, accusing it of overlooking privacy values and legislation in launching new online products.
The privacy commissioners’ letter states, “we are increasingly concerned that, too often, the privacy rights of the world’s citizens are being forgotten as Google rolls out new technological applications. We were disturbed by your recent rollout of the Google Buzz social networking application, which betrayed a disappointing disregard for fundamental privacy norms and laws… Unfortunately, Google Buzz is not an isolated case. Google Street View was launched in some countries without due consideration of privacy and data protection laws and cultural norms. In that instance, you addressed privacy concerns related to such matters as the retention of unblurred facial images only after the fact, and there is continued concern about the adequacy of the information you provide before the images are captured… We therefore call on you, like all organizations entrusted with people’s personal information, to incorporate fundamental privacy principles directly into the design of new online services. That means, at a minimum:
The privacy commissioners’ demand that Google and other organizations better incorporate privacy into the design of new online services underscores the need for the “Privacy by Design” initiative that Ontario’s Information and Privacy Commissioner recently discussed in my “A Conversation with Dr. Ann Cavoukian” post. All organizations, regardless of their size (after all, we’re all not Google), would be well-advised to learn from today’s “buzz” about Google Buzz.
Leave a Comment » | Data Protection, Due Diligence, Ontario's Information and Privacy Commissioner, Personal Information, Privacy, Privacy Commissioner of Canada, Social Networking Websites, Technology | Tagged: Due Diligence, Google, Internet, Personal Information, Privacy, Privacy Commissioner, Privacy Compliance | Permalink
Posted by Brian Bowman
The Office of the Privacy Commissioner of Canada has just posted this excellent article about the dangers of forgetting about personal information submitted to create online profiles.
This really is the kind of personal information that identity thieves love so the OPC article is a useful read. In fact, businesses whose employees create accounts on their behalf would be well-advised to have employees read the OPC article.
Leave a Comment » | Identity Theft, Privacy, Privacy Commissioner of Canada | Tagged: Identity Theft, Internet, Online Reputation Management, Personal Information, Privacy Commissioner | Permalink
Posted by Brian Bowman
The 2010 Olympics are finally here! So too are the reportedly pervasive crowd surveillance cameras that are monitoring spectators’ every move.
Privacy advocates are already voicing concern. But unlike previous public debates regarding privacy and surveillance cameras, I expect that the concerns that’ll be raised during and after the 2010 Olympics will be more comprehensive than the traditional “privacy vs security” debate. For instance, Jennifer Stoddart, Canada’s Privacy Commissioner, recently commented on this blog that “one of the big issues will revolve around the pervasive crowd surveillance measures, and what will happen with all of the cameras and recordings after the flame is extinguished.”
Of course, there are legal tests that governments (and businesses) should use to determine the appropriateness of installing surveillance cameras in the first place. But once any organization has decided to install surveillance cameras there’s a corresponding requirement to appropriately manage the data that’s collected. For instance, organizations must ensure that they have security, retention and destruction policies in place. This is the “devil in the detail” that’s often overlooked.
I expect public scrutiny of the surveillance cameras being used during the 2010 Olympics. And such scrutiny will increase public expectations on businesses to properly manage data that they too collect by surveillance cameras.
2 Comments | Monitoring, Privacy, Privacy Commissioner of Canada, Safeguarding, Security, Technology, Video Surveillance | Tagged: Olympics, Privacy, Privacy Commissioner, Safeguards, Security, Video Surveillance | Permalink
Posted by Brian Bowman
You are currently browsing the archives for the Privacy Commissioner of Canada category.
