Thursday, August 02, 2007

Privacy Commissioner of Canada Releases Privacy Breach Guidelines

This week, the Privacy Commissioner of Canada, Jennifer Stoddart, released guidelines to help organizations deal with privacy breaches, including notifying people at risk of harm after their information has been stolen, lost or mistakenly disclosed.

The guidelines are voluntary.

The Commissioner has called on the Canadian government to pass legislation making notification of data breaches mandatory.

Earlier Library Boy posts on the topic include:
  • Paper on Data Security Breach Notification (January 10, 2007): "The Canadian Internet Policy and Public Interest Clinic (CIPPIC) at the University of Ottawa released a white paper yesterday that calls on the federal government to enact a data security breach notification law (...) Such a law was proposed by a number of groups that appeared in 2006 in front of the House of Commons Standing Committee on Access to Information, Ethics and Privacy during the statutory review of PIPEDA (Personal Information Protection and Electronic Documents Act)."
  • Recent Rash of Data Security Breaches in Canada (January 19, 2007): "[quoting CBC Online:] The privacy commissioner of Canada on Thursday announced she is launching an investigation into a CIBC personal information breach involving nearly half a million people (...) The commissioner said she has reasonable grounds to investigate whether the bank violated the Personal Information Protection and Electronic Documents Act (PIPEDA). Stoddart's office also said Friday it is checking to see if TJX Cos., the U.S. parent firm of Canadian retailers Winners and HomeSense, was in compliance with private sector privacy laws after the company acknowledged Thursday that customer information has been stolen from its systems."
  • List of Identity Theft Laws in US and Canada (July 6, 2007): "The Congressional Research Service in the United States recently published a paper entitled 'Identity Theft Laws: State Penalties and Remedies and Pending Federal Bills' (...) This is a follow-up to the Library Boy post of April 2, 2007 entitled 'Working Papers on ID Theft'. That post referred to a series of papers prepared by the Canadian Internet Policy and Public Interest Clinic (CIPPIC) at the University of Ottawa, including ones on anti-ID theft legislation in Canada, the United Kingdom, France and Australia. "

Labels: ,

Bookmark and Share Subscribe
posted by Michel-Adrien at 8:28 pm


Post a Comment

<< Home