Privacy Commissioner Daniel Therrien would like federal privacy laws and regulations for that private and public sectors amended and given a “rights-based foundation” that will confer legal rights and impose obligations, especially using the Private Information Protection and Electronic Documents Act (PIPEDA), not be considered “an industry code of conduct,” based on the annual report he tabled in Parliament on 12, 10.
“Currently, Canada’s federal privacy laws and regulations are narrowly presented as data-protection statutes,” he stated. “PIPEDA and also the Privacy Act codify some rules for the way organizations and authorities institutions are needed to deal with a person’s private information. … Neither law formally recognizes privacy as a right by itself. Privacy is broader than data protection, even though the latter seeks to have fun playing the protection from the former.”
Privacy Commissioner Daniel Therrien
“If our data protection laws and regulations will be to more meaningfully safeguard the broader to privacy, this goal must be reflected more clearly within the formulation in our data.
In a news conference following a discharge of his report, the commissioner stated that his office’s analysis of Statistics Canada’s much-publicized assortment of detailed credit information this past year, and it is proposed to collect detailed financial data from private sector companies on countless Canadians without their prior understanding or consent, not just motivated greater than 100 complaints, but additionally “served to focus on the inadequacy of existing legislation.”
In the 85-page report, Therrien also requires a bolstering from the commissioner’s role to “conduct positive inspections, make binding orders and impose consequential penalties for non-compliance using the law.”
“Such inspections are required to ensure ongoing compliance using the law, in comparison using the current system where violations have first to become identified (not always easy within this digital age), then investigated and, ultimately, under your own accord remedied by a company, for compliance using the law to finally be restored. Positive inspections, coupled with order-making and fines, would actually encourage ongoing compliance and therefore greatly enhance consumer trust,” he stated.
However, a leading Canadian privacy lawyer warns the privacy commissioner’s proposal to reform the Privacy Act and PIPEDA may be overreaching.
David Fraser, McInnes Cooper
“When my customers are investigated, we are usually collaborative and search for an answer, instead of worrying about penalties or orders,” stated David Fraser, someone with McInnes Cooper in Halifax.
“I think it’s a problem for those who have a privacy advocate who’s even the investigator, the judge, the jury, the executioner – which results in a conflict of great interest. Inches
To prevent this type of situation, Fraser stated the privacy commissioner’s role would need to be divided like the Canadian Human Legal rights Commission and also the Canadian Human Legal rights Tribunal, or even the federal Competition Bureau (headed with a commissioner) and also the Competition Tribunal, which may produce a privacy tribunal to adjudicate cases.
Therrien’s predecessors were “quite pleased with the model that PIPEDA is with regards to enforcement,” stated Fraser. “The way PIPEDA was created was to possess a commissioner, who’s a privacy advocate as well as an ombudsman who can’t issue orders or levy fines.”
He described the idea was to achieve the privacy commissioner conduct investigations and forward strategies for organizations to reply to complaints. The complainant may also seek an answer in the Federal Court.
Within the recent federal election campaign, the Liberals dedicated to continuing to move forward using the government’s Digital Charter that produces a “new group of online legal rights,” for example within the regions of data portability and security, to become supervised and enforced with a “more powerful” privacy commissioner.
Not one other detail was provided within the platform around the commissioner’s role, but Therrien shed some light on the news conference.
He described that underneath the suggested enhancement, his office might have “the authority to prevent all operations inside a company when we were sufficiently worried about the privacy risks.”
Broader order-making forces with fines could better encourage compliance, “ensure the security of rights” making “the whole process effective and efficient,” stated Therrien.
However, Fraser believes that certain potential obstacles could leave the home of Commons Standing Committee on the Use of Information, Privacy and Ethics, which “has not been responsive to the present commissioner’s demand order-making forces.”
Inside a scrum on Parliament Hill following a discharge of the privacy commissioner’s report, Innovation, Science and Industry Minister Navdeep Bains told reporters the Digital Charter is aligned with Therrien’s requires stricter enforcement of privacy laws and regulations, noting that PIPEDA was updated this past year to impose fines as high as $100,000 on companies when they neglect to inform a person and also the privacy commissioner in regards to a security breach.
Fraser also doesn’t believe the US government can use the commissioner’s legal rights-based privacy framework.
“Under our Metabolic rate, the provinces have exclusive jurisdiction over property and civil legal rights, and privacy is a civil right,” he described.
However, the US government could amend PIPEDA and also the Privacy Act to supply the commissioner with order-making forces or the opportunity to levy fines, the second which was handed towards the Canadian Radio-television and Telecommunications Commission underneath the federal anti-junk e-mail law.