Tag: Digital Privacy Act

Canadian government response to copyright and digital policy issuesCanadian government response to copyright and digital policy issues



The Internet and other digital technologies are transforming the everyday lives of all Canadians. The pace of change requires our legislative frameworks to be continually reviewed and adapted to these changing needs. The current government is tackling these challenges on numerous fronts including most recently in respect of copyright, anti-spam law (CASL), and privacy.

Copyright

The government has now started its mandatory review of the Copyright Act. The review was proceeded by a letter from Minister Bains and Heritage Minister Joly, both of whom share the copyright file, which provided some guidance to the INDU Committee.

Digital Privacy Act (Bill S-4) now lawDigital Privacy Act (Bill S-4) now law



The Digital Privacy Act was given a quick third reading in the House yesterday and was speedily given royal assent to become law earlier today. This law, which has been in the making since 2007, updates Canada’s comprehensive federal privacy legislation PIPEDA in quite significant ways. I previously summarized salient aspects of the law in my blog posts, Digital Privacy Act: Important work still to be done by the INDU Committee and Cyber threats, information sharing and The Digital Privacy Act.

Cyber threats, information sharing and The Digital Privacy ActCyber threats, information sharing and The Digital Privacy Act



Cyber security is top of mind these days in corporate boardrooms, governments, and with consumers. Last week was exemplary with more reports of hacks and governments moving forward with measures attempting to address the growing threats.

The New York Times reported that bank hackers stole millions using malware in a scam that allegedly involved an attack on more than 100 banks and other FIs in 30 nations. This followed a series of seemingly unending reports of attacks against other organizations.

Faced with massive loss of confidence in U.S.

Digital Privacy Act: Important work still to be done by the INDU CommitteeDigital Privacy Act: Important work still to be done by the INDU Committee



The Digital Privacy Act (Bill S-4) will make significant changes to Canadian privacy law when it is enacted. The amendments to PIPEDA have been in the making since 2007 following the statutory review of PIPEDA by the Standing Committee on Access to Information, Privacy and Ethics. The Bill has passed the Senate and was referred to the Standing Committee on Industry, Science and Technology. The INDU Committee will begin considering the Bill on November 25, 2014.

The Government of Canada Backgrounder says that “Canada’s Digital Privacy Act provides important improvements to Canada’s private sector privacy legislation, the Personal Information Protection and Electronic Documents Act (PIPEDA)” and that it “will ensure that Canadians are safer and more secure when they surf the web or shop online”.

Canada to amend PIPEDA with the Digital Privacy ActCanada to amend PIPEDA with the Digital Privacy Act



Bill S-4, the Digital Privacy Act (An Act to amend the Personal Information Protection and Electronic Documents Act and to make a consequential amendment to another Act,) was given First Reading in the Senate today.  The summary of the Bill describes the proposed amendments as follows:

This enactment amends the Personal Information Protection and Electronic Documents Act to, among other things,
(a) specify the elements of valid consent for the collection, use or disclosure of personal information;
(b) permit the disclosure of personal information without the knowledge or consent of an individual for the purposes of
(i) identifying an injured, ill or deceased individual and communicating with their next of kin,
(ii) preventing, detecting or suppressing fraud, or
(iii) protecting victims of financial abuse;
(c) permit organizations, for certain purposes, to collect, use and disclose, without the knowledge or consent of an individual, personal information
(i) contained in witness statements related to insurance claims, or
(ii) produced by the individual in the course of their employment, business or profession;
(d) permit organizations, for certain purposes, to use and disclose, without the knowledge or consent of an individual, personal information related to prospective or completed business transactions;
(e) permit federal works, undertakings and businesses to collect, use and disclose personal information, without the knowledge or consent of an individual, to establish, manage or terminate their employment relationships with the individual;
(f) require organizations to notify certain individuals and organizations of certain breaches of security safeguards that create a real risk of significant harm and to report them to the Privacy Commissioner;
(g) require organizations to keep and maintain a record of every breach of security safeguards involving personal information under their control;
(h) create offences in relation to the contravention of certain obligations respecting breaches of security safeguards;
(i) extend the period within which a complainant may apply to the Federal Court for a hearing on matters related to their complaint;
(j) provide that the Privacy Commissioner may, in certain circumstances, enter into a compliance agreement with an organization to ensure compliance with Part 1 of the Act; and
(k) modify the information that the Privacy Commissioner may make public if he or she considers that it is in the public interest to do so

A Government press release describing the Bill can be found here.