High Profile Data Breach previousThe amendments are based on recommendations made by the standing committee on access to information, privacy and ethics, following consultations with stakeholders, the government says. The committee's 2007 report was the result of the first review of PIPEDA, legislation that came into force in 2001 and must be reviewed by Parliament every five years. Lack of oversight: privacy advocateVincent Gogolek, executive director of the B.C. Freedom of Information and Privacy Association, said the data breach notification requirements are a positive change. But he added that the bill overall needs to be given a very careful look. He was particularly concerned about the clause that bars people from being notified that their personal information has been disclosed to police or the government if the latter object to that notification. "This particular amendment appears to create a provision similar to those in the U.S.A. Patriot Act," he said. The U.S. provisions restricting the circumstances in which people may be informed that the government has requested the disclosure of personal information were struck down in 2004. Gogolek added that the Canadian provision doesn't require the disclosure of personal information to be related to an authorized investigation, unlike the U.S. provision. "There seems to be an absence of judicial oversight here," he said. It's ironic, he added, that such a proposal was introduced during "Right to Know" week, a celebration the rights of Canadians to a transparent and open government, which runs Sept. 27 to Oct. 1. With respect to data breach notification, legislation in the U.S. already requires it, and sometimes Canadian consumers affected by the same breaches have been notified as a result. Following a high-profile data breach affecting more than 100 million customers of the Sony PlayStation Network and other Sony services this past spring, Privacy Commissioner Jennifer Stoddart said she was "very disappointed" that Sony did not proactively notify her office. At the time, she said that before the election, the government had been intending to introduce legislation requiring the data breaches to be reported. part 1 Our Certification  Other NewsValue Added ResellersCorporations are becoming increasingly concerned as to how to protect their confidential data from unauthorized and/or fraudulent access especially when it comes to disposing of their redundant computer equipment. read more Corporate Client ServicesThe risk of releasing confidential data to the public, or disposing of technology in a manner not environmentally sound is so great, that corporations find themselves in a legal dilemma. read more |
