The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.
For full contact information and a brief bio, please see David's profile.
The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.
This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.
Wednesday, August 03, 2005
A little while ago, I referred to a posting by Timothy Grayson, discussing the lack of a common vocabulary about privacy (see The Canadian Privacy Law Blog: The language of privacy). That posting on Grayson's blog has garnered a lot of attention, most recently from David Kearns of Network World:
What's the meaning of 'privacy'?
"...Last week, I read a lament by Timothy Grayson (he works for the Canadian Postal Administration, but likes to talk about identity) called "I guess I just don't understand Privacy" http://timothygrayson.com/blog/archives/000737.html.
It seems that a Canadian Privacy Commissioner had ruled that those sometimes annoying inserts that come along with your bank statement amounts to a breach of the customer's privacy. Read the whole entry by Grayson (and the articles he links to) as it's much too long to re-create here. But I do like his reasoning:
"To be an invasion of one's privacy presumes that all communication and contact with a person has to be approved by the recipient. The logical extent of this is that there can be no communication because the initial mover is prevented from moving. That logical extent is, of course, ridiculous. But what it does present is bold relief of the inherently unworkable nature of a 'privacy culture' that extends the definition of privacy in this excessive, individual-centric way."
In other words, we need some generally understood definitions of terms like "privacy," "identity," "personal information," etc. How can we ever hope to move to a worldwide, federated, everybody's-included identity metasystem if we can't even agree on the meaning of "identity" and "privacy" and can't tell which information is "personal" and what isn't?"
Labels: information breaches
The Canadian Privacy Law Blog is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License.