Bill C-30: What’s it all about? (Video)

March 15, 2012

You’ve probably heard a lot recently about Bill C-30.  It’s technically called the Protecting Children from Internet Predators Act but commonly referred to as the “Lawful Access” Bill.   To learn more about this highly controversial law please watch this short video –  click here>>

Leave a Comment » | Government, Lawful Access, Monitoring, Privacy | Tagged: , , | Permalink
Posted by Brian Bowman

What’s at stake with Bill C-30 (lawful access)?

March 1, 2012

I was pleased to join CBC Manitoba’s Marcy Markusa last week for a panel debate about the proposed online surveillance Bill during Information Radio’s morning broadcast.  Click here to listen to the debate (audio clip – 11:29 in length).

More to follow on this important Bill.

Leave a Comment » | Access to Information, Government, Internet, Lawful Access, Legislation Update, Monitoring, PIPEDA, Privacy, Privacy Commissioner, Privacy Commissioner of Canada | Tagged: , , | Permalink
Posted by Brian Bowman

Discussing Bill C-30 with CityTV Winnipeg (Video)

March 1, 2012

I recently discussed Bill C-30 (lawful access) with host Jeremy John on CityTV’s Breakfast Television Winnipeg. Click here to watch the discussion about this controversial online surveillance Bill.

Leave a Comment » | Access to Information, Government, Internet, Lawful Access, Monitoring, Privacy | Tagged: , , , , | Permalink
Posted by Brian Bowman

Access to Information webinar: Watch now!

January 26, 2011

Thanks to everyone from across Canada who attended today’s Access to Information webinar. If you weren’t able to attend, you can now watch/listen to the webinar here. Topics covered included:

  • Overview of access to information 101: the basics
  • The 3 vantage points: public bodies, applicants & third parties
  • Review of recent cases/headlines
  • Identifying key legal and PR landmines
  • Discussion of trends in access to information
  • Practical tips for managing requests in a cost-effective manner 

Leave a Comment » | Access to Information, Government, Ontario's Information and Privacy Commissioner, Redactions, Webinar | Tagged: , , | Permalink
Posted by Brian Bowman

WikiLeaks a wakeup call

December 20, 2010

Recent news coverage about WikiLeaks has focused on the leaked documents and ethics, or lack thereof, of WikiLeaks’ founder, Julian Assange. Rightfully so.

The formerly classified documents are tantalizing and the story behind Assange and his WikiLeaks website is fascinating. But amidst the media chatter about the damage inflicted by WikiLeaks itself, the circumstances surrounding the initial release of secret documents from the U.S. government to WikiLeaks should provide a wake up call for other governments and corporations here at home.

Read more>>

Leave a Comment » | Access to Information, Data Protection, Employee Monitoring, Safeguarding, Safekeeping, Security, Security Breach, Technology | Tagged: , , , , , | Permalink
Posted by Brian Bowman

Access to Information Webinar

November 29, 2010

Managing access to information requests by public sector organizations has never been more challenging than it is today. Complex public-private sector business arrangements, growing expectations for access by the public and increasing volumes of electronic records are all making it difficult to navigate access to information laws in the context of the real world. As a result, I thought that a one hour complimentary webinar would help! I hope you can attend.

What topics will be covered?

  • Overview of access to information 101: the basics
  • The 3 vantage points: public bodies, applicants & third parties
  • Review of recent cases/headlines
  • Identifying key legal and PR landmines
  • Discussion of trends in access to information
  • Practical tips for managing requests in a cost-effective manner

Who should attend?

Public bodies who are subject to access to information laws, private-sector organizations who regularly deal with public bodies and individuals/organizations who routinely initiate access to information requests under public sector access to information laws. 

When is the webinar? 

Wednesday, January 26th, 2011 from 1 – 2 PM (CST)

Please register <here> (space is limited)

Leave a Comment » | Access to Information, Ombudsman, Webinar | Tagged: , , , | Permalink
Posted by Brian Bowman

Lessons from the Veteran Affairs Canada privacy breach

October 8, 2010

The recent headlines over the Veteran Affairs Canada privacy breach should serve as a useful reminder to all organizations – public and private sector – of the necessity to implement internal policies and procedures for the management of personal information. Much attention is paid these days by the media to privacy breaches that involve external parties, such as hackers, who foil the security safeguards of organizations. However, in my experience the bigger threat to privacy if often from within an organization.

In this recent case involving Veteran Affairs, a veteran had filed a complaint with the Office of the Privacy Commissioner of Canada (“OPC”) alleging that Veterans Affairs had violated the Privacy Act by including excessively detailed and sensitive medical information in briefing notes to the Minister of Veterans Affairs. The complainant also alleged that Veteran Affairs had transferred his medical file to a hospital administered by Veterans Affairs without his consent.

The OPC has issued the following formal recommendations to Veterans Affairs, but they should also serve as useful recommendations to other organizations:

  • “Take immediate steps to develop an enhanced privacy policy framework with adequate protections and controls to regulate access to personal information within the department.
  • Revise existing information-management practices and policies to ensure that personal information is shared within the department on a need-to-know basis only.  Personal information, including but not limited to sensitive medical information, should not be shared with programs that have no operational requirements for access to such information.
  • Provide training for employees about appropriate personal information-handling practices.
  • Review procedures to ensure that consent is obtained prior to personal information being transferred to veterans’ hospitals.”

Leave a Comment » | Access to Information, Data Protection, Due Diligence, Government, Privacy, Privacy Breach, Privacy Commissioner of Canada, Safeguarding, Safekeeping, Security Breach, Training | Tagged: , , , , , | Permalink
Posted by Brian Bowman

Let’s talk privacy and access to information

September 27, 2010

CJOB|680′s Geoff Currier recently asked me to participate in his live radio program called “The Nighthawk”. Geoff and callers raised a number of issues related to privacy and access to information law including the following question that Geoff asked… “Once I go on Twitter/Facebook, do I automatically surrender my privacy rights?  In Vancouver wherein an alleged gang rape and some photos of the victim were posted online and distributed out there…what does our law say about that? You are standing on Portage & Main and you kiss your wife and I happen to take a photograph of that… is that an invasion of your privacy?” To hear the answer to this and other questions please listen to the live broadcast recording here>>

Thanks to Geoff Currier and CJOB|680 for the invitation to participate in the program.

Leave a Comment » | Access to Information, Defamation, Facebook, Online Reputation Management, Privacy | Tagged: , | Permalink
Posted by Karen

Controversial privacy law changes take hold

May 17, 2010

Amendments to Manitoba’s patient privacy law are now in effect. The controversial changes to The Personal Health Information Act went largely unnoticed in the province, but will have big implications for Manitobans and the fundraising foundations that many hospitals, personal care homes or other designated health care facilities rely upon to support innovation in health research and patient care. What were these amendments and why are they controversial?

Read more>>

Leave a Comment » | Access to Information, Health Care, PHIA, Privacy | Tagged: , , , | Permalink
Posted by Brian Bowman

Should you say “no” to the police?

April 7, 2010

Imagine this scenario… The police show up at your office and demand access to records relating to one of your customers. You want to help the police (as you should), but are concerned about violating your customer’s privacy rights. What should you do?

Well, the first thing you should do is ask the police for written documentation relating to their request. You should also immediately contact a lawyer with appropriate expertise because this type of scenario can be a legal minefield. For example, are you actually dealing with the police or some bold scam artist? Do the police have the legal authority to demand the requested information? Should they have a warrant?

Presuming that you end up providing the records to the police, you’ll need to ensure that you’re not providing too much information. If the records of your customer are co-mingled with another individual, you’ll need to consider whether you can legally provide the police with access to the other person’s information. Are you then barred from telling the customer that the police were at your office? What sort of internal records should you keep to document that the police accessed your files? How long do you need to keep those internal records?

It’s never fun to say “no” to the police. They are, after all, typically armed. But hopefully the police will make it easy for you to satisfy yourself, and your lawyer, that working cooperatively with them won’t violate your customer’s privacy and unnecessarily exposing your business to liability.

2 Comments | Access to Information, Due Diligence, Lawful Access, Privacy | Tagged: , , , , | Permalink
Posted by Brian Bowman

« Previous Entries
Follow

Get every new post delivered to your Inbox.

Join 77 other followers