Five years ago, on January 2, 2004, a new age of privacy was creeping across Canada and this blog was born. The day before, at the stroke of midnight, the Personal Information Protection and Electronic Documents Act (Canada) had come fully into force. The Alberta and British Columbia Personal Information Protection Acts also became effective on the first day of 2004.

Since then, we have seen dramatic changes in privacy throughout the world: Identity theft is on the rise; there have been literally thousands of data breaches exposing the personal information of millions of people; governments are looking for easier access to personal information; video surveillance is more widespread; more personal information is generated digitally and aggregated in private hands.

And in the past year specifically, things have remained interesting on the privacy front. We've seen debate over changes to PIPEDA without anything definitive coming from the mandatory five year review. We've also seen arguments put forward to reform the public sector Privacy Act. Focus has also been drawn to the increasing practice of examining laptops at US border crossings. Litigation between Viacom and Google has raised awareness of log information that's often retained by internet companies. And Google has also been sued by a couple claiming their privacy has been violated by presenting pictures of their house in Google Street View. But in the last year, the one big privacy story that was supposed to have the largest impact on Canadians was the implementation of the National Do Not Call List. Whether it has, in fact, had an impact is the subject of debate.

I'd like to thank the many thousands of readers of the blog for visiting this site and thanks to those who have contacted me with comments, compliments, suggestions and links to interesting news. It's been a pleasure to write and I plan to keep it going as long as there's interesting privacy news to report.

Birthday cake graphic used under a creative commons license from K. Pierce.

Labels: border, dncl, google, google street view, identity theft, incident, laptop, lawful access, pipeda review, privacy, privacy act, telemarketing, video surveillance

Today is the first day for consumers to add themselves to the Canadian Do Not Call List (https://www.lnnte-dncl.gc.ca/) but the online system has been overwhelmed with people looking to get added to the list.

If you want more info on the national DNCL, you can check out some past posts and these resources:

• Canadian Do Not Call List - Wikipedia, the free encyclopedia;
• C-37, amending the Telecommunciations Act permitting the Do Not Call List;
• National Do Not Call List (DNCL) info from the CRTC
• Unsolicited Telecommunications Rules and Amendment to the Unsolicited Telecommunications Rules;

And if you're inclined to tell telemarketers not to call you, you should also take advantage of iOptOut, which also appears to be down.

Labels: dncl, privacy, telemarketing

Michael Geist has been a critic of the legislation enabling the new Canadian "Do Not Call List", which specifically permits calls from polling companies, newspapers, political parties and others. So to enable users to opt out even more, Michael has developed a website that sends specific do not call requests to individual companies and organizations. Check it out:

iOptOut - Welcome to iOptOut

Welcome to iOptOut

The Canadian government passed legislation in 2005 mandating the creation of a do-not-call registry. The registry is scheduled to take effect in mid-2008, yet many Canadians may be disappointed to learn about the exemption of a wide range of organizations (registered charities, business with prior relationships, political parties, survey companies, and newspapers). Under the law, exempted organizations are permitted to make unsolicited telephone calls despite the inclusion of the number in the do-not-call registry. However, organizations must remove numbers from their lists if specifically requested to do so. IOptOut takes advantage of this approach by allowing Canadians to create and manage a personal do-not-call list that begins where do-not-call legislation ends. Once you register, you'll be able to view a categorized list where you can opt-out of further contact from exempt organizations.

To do this we send an email notification to each organization on your behalf requesting that your name, email address and phone number(s) be removed from their active marketing lists.

Labels: breach notification, dncl, privacy, telemarketing

The CRTC is about to embark on crafting Canada's "do not call" regime. The regulator is seeking input from interested parties at hearings to be held in May in the Ottawa region. See http://www.cbc.ca/mobile/story/national/2006/02/20/crtc-060220.

Technorati tags: Privacy :: Telemarketing.

Labels: dncl, information breaches, telemarketing

Yahoo! News - Privacy commissioner investigating new Rogers 'negative option' complaint:

"TORONTO (CP) - The federal privacy commissioner's office has opened an investigation into a Toronto man's complaint that the Rogers Wireless service contract includes a 'negative option' privacy policy that is illegal.

Communications consultant Michael Krauss complained in September about a fine-print section of the company's service agreement that requires cellphone customers to fill out an online form or contact a customer service representative to prevent Rogers from disseminating information to other Rogers companies for telemarketing. 'I have commenced an investigation under the Personal Information Protection and Electronic Documents Act (PIPEDA) that Rogers Wireless is allegedly using negative consent when obtaining customers' permission to collect, use and disclose their personal information,' senior privacy investigator Kasia Krzymien told Krauss in a letter dated last Friday.... "

Labels: dncl, information breaches, privacy, telemarketing

Both the Toronto Star and CTV are carrying stories predicting that long-awaited "no not call" legislation is on the way, sooner rather than later.

CTV.ca | Canadian do-not-call legislation coming: report:

"By the end of next week, Canadian lawmakers could be considering a bill aimed at ending the scourge of unwanted phone calls from telemarketers.

According to a report in The Toronto Star, legislation to create a national do-not-call registry similar to one already launched in the United States is expected to be tabled before the end of next week.

The bill is expected to bar telemarketers from calling anyone on the list, unless they have established a pre-existing relationship. That means someone who's requested information about a specific service can be contacted.

Previous legislation that would have allowed Canadians to register with such a list died with the last federal election call.

Under current Canadian Radio-television and Telecommunications Commission regulations, telemarketing agencies must maintain their own registry of people not wishing to be called. Numbers appearing on those lists can't be faxed or phoned for three years....."

And from the Toronto Star:

TheStar.com - National 'do-not-call' registry likely:

"The Liberal government is widely expected to introduce legislation next week that would create a national do-not-call registry, giving Canadian households the option of shielding themselves from unwanted telemarketing calls.

A similar registry was introduced with great fanfare last year in the United States and has already attracted more than 66 million households. Government and industry sources said a bill is likely to be tabled before the House of Commons breaks next week for the holidays, but could be delayed until it sits again in late January.

'I am convinced now that they have every intent of doing it, and doing it very soon,' said John Gustavson, president of the Canadian Marketing Association, which has supported a national registry since 2001. 'We think it's the right way to go, and we think it will be valuable information for marketers and valuable relief for consumers.'...."

As a complete aside, I find it interesting that Canadian marketing organizations, unlike their US counterparts, favour DNC laws and privacy laws.

Labels: dncl, information breaches, telemarketing

TheStar.com - CRTC puts new rules on hold:

"Strict rules imposed on telemarketers in May have been put on hold pending the outcome of a regulatory review.

The Canadian Radio-television and Telecommunications Commission has decided to reconsider its new rules in response to a complaint filed in August by the Canadian Marketing Association.

The association, with 800 members that include major financial institutions, telephone operators and media companies, argued that the high cost of complying with the regulations will put many smaller phone marketers out of business and result in job loss across an industry that employs 270,000...."

Labels: dncl, information breaches, telemarketing

The CRTC has temporarily suspended the application of their recent changes to the Canadian telemarketing rules. The full text of the decision is here and the "blurb" is below:

Telecom Decision CRTC 2004-63

Telemarketing

Telecom Decision:

2004-63 The Commission approves, with one exception, the Canadian Marketing Association's (CMA's) application to stay Review of telemarketing rules, Telecom Decision CRTC 2004-35, 21 May 2004, pending the disposition of the CMA's application to review and vary that Decision. The stay applies to all requirements set out in Decision 2004-35 except the requirement that telecommunications service providers track and report complaint statistics; this requirement becomes effective 1 January 2005. Reference: 8662-C131-200408543. [.pdf]

Readers interested in Canadian telemarketing law and the regulation of it by the CRTC in particular are encouraged to check out Mathew Englander's site devoted to the topic at http://www.mathew-englander.ca/canada-telemarketing-law.htm

Labels: dncl, information breaches, telemarketing