Want to stay current on e–commerce law? Sign up for Email Newsletter.
Privacy Commissioner Releases Annual Reports on Canadas Federal Privacy Statutes
The Privacy Commissioner of Canada has tabled in Parliament two Annual Reports on each of Canada’s public-sector and private-sector privacy statutes, the Privacy Act and the Personal Information Protection and Electronic Documents Act (“PIPEDA”).
The 2004-2005 Annual Report on the Privacy Act focuses on key current issues and priorities of the federal Commissioner, including cross-border information sharing and surveillance in the post-9/11 environment, outsourcing of data operations across borders by government entities, including the impact of the USA PATRIOT Act, and integration of information systems by government entities within Canada and abroad. The Report also emphasizes the long overdue need to modernize the Privacy Act, which has not been substantially amended since its inception in 1983. The Commissioner observes, for example, that many government institutions, including the Office of the Privacy Commissioner (“OPC”), are not subject to the Act, that only individuals physically present in Canada have the right to seek access to their personal information, and that the Act is silent on the increasingly relevant practice of data matching and linking between data housed by different government departments or programs. The Commissioner also calls for improvements in the management of privacy in the federal government, including through the development of a comprehensive privacy management framework.
The Commissioner’s 2004 Annual Report on PIPEDA similarly discusses significant issues arising last year, including advances in surveillance and data-handling technologies, global competition in business which drives companies to collect and use more personal information, national security concerns affecting the private sector, the transborder flow of personal information and foreign outsourcing. In light of the pending 2006 legislative review of PIPEDA, the Commissioner makes recommendations on reform to clarify the scope of the Act (for example, with respect to employee information, business contact information, and “commercial activities”), and to clarify consent requirements, including in business mergers and acquisitions. The report also undertakes a summary review of interesting findings and complaints through the year, and highlights the OPC’s new emphasis on settling complaints through mediation and early resolution, without the need to complete a formal investigation. The report also notes the OPC’s co-operation with provincial counterparts to develop fair, consistent and clear rules of enforcement of potentially overlapping federal and provincial privacy statutes.
In both reports, the Commissioner highlights her intention to increase the OPC’s use of its statutory audit powers to ensure compliance with the statutes. In addition, the Commissioner recommends that Parliament review the merits of retaining the OPC’s more limited “ombudsman” role, and consider whether the OPC should be given more inherent powers of enforcement.
For a copy of the Annual Report on the Privacy Act, visit:
http://www.shorl.com/gebostosefymi
For a copy of the Annual Report on PIPEDA, visit: