The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.
For full contact information and a brief bio, please see David's profile.
The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.
This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.
Tuesday, May 30, 2006
The Federal Privacy Commissioner of Canada has released her Annual Report to Parliament for 2005 (pdf). It is worth a read since it highlights many of the activities of that office that are not reported on elsewhere. It also includes a synopsis of a range of pending applications before the Federal Court of Canada that haven't been referred to elsewhere.
Here is the media release related to the report:
Tabling of Privacy Commissioner of Canada's 2005 Annual Report on the Personal Information Protection and Electronic Documents Act: Commissioner takes tougher stance
Ottawa, May 30, 2006 –There has been progress in advancing the privacy rights of Canadians in the private sector, but the Privacy Commissioner’s Office intends to be more assertive in ensuring that all businesses are complying with the law, according to the Privacy Commissioner of Canada, Jennifer Stoddart, whose 2005 Annual Report on the Personal Information Protection and Electronic Documents Act (PIPEDA) was tabled today in Parliament.
In 2005, the Privacy Commissioner began taking a stronger stance with respect to the recommendations made to organizations in her letters of finding. She began asking organizations that are the subject of well-founded complaints to state the corrective measures they would take – and when these measures would be implemented. In the one situation in which the company did not implement the recommendations, the Commissioner’s Office took the matter forward to the Federal Court. All other organizations have rapidly committed to providing redress and making systemic changes to their personal information management practices.
“Businesses, large and small, have demonstrated goodwill, commitment to community values and openness to change when it comes to protecting privacy,” states Ms. Stoddart in her report. “But I am concerned that apparent compliance does not always result in truly effective privacy and security practice. This goodwill needs to be translated into practice.”
Overall, information handling practices brought to the attention of the Privacy Commissioner’s Office show a high level of compliance with PIPEDA among Canadian companies. And the Commissioner is pleased that a recent trend toward settling complaints is continuing, with almost half of the 400 complaints in 2005 being settled to the apparent satisfaction of all parties.
Another theme of the report relates to technology, consumer trends and national security concerns, which continue to introduce novel uses for personal data and require ever greater amounts of it. It is time to revisit how the operating rules are defined and applied, and how adequate these rules are in a world of such rapid technological change.
Recent polling commissioned by the Privacy Commissioner’s Office suggests that 88 per cent of Canadians feel that it is important that privacy laws are updated to ensure they are keeping up with new technologies that may have an impact on their personal information.
PIPEDA came into effect in stages beginning in 2001, so the Office now has more than five years of experience dealing with the law. It is slated for a full Parliamentary review in 2006, which is expected to commence in the fall. This mandated review is vital and will present a unique opportunity to examine the Act’s effectiveness in protecting privacy rights in the marketplace. It will also give Parliamentarians the chance to help respond to growing attacks on personal information through identity theft, spam and fraudulent on-line activities. The Commissioner is urging the government to consider a similar review of the Privacy Act, the federal public sector privacy law, which has not been substantially amended since its inception in 1983.
As the Commissioner’s Office plans for its participation in this all-important review of PIPEDA, it will also continue to pursue preventive activities such as education, outreach, complaint resolution, as well as audits and reviews. The expectation of additional resources will further assist the Office in fully carrying out this multi-faceted mandate to protect and promote privacy rights.
The Office of the Privacy Commissioner of Canada is mandated by Parliament to act as an ombudsman, advocate and guardian of privacy rights in Canada.
— 30 —
The Canadian Privacy Law Blog is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License.