An ambitious overhaul of Quebec’s privacy law would introduce new privacy rights, new accountability and governance requirements, new obligations, and hefty monetary penalties.
Privacy commissioner launches consultation on artificial intelligence.
The majority of European and American firms are not yet ready to comply with the European Union’s General Data Protection Regulation (GDPR), reveals a recent report.
You can still download the application if you want. But if you believe what Kyle Zak has to say about it, it’s not something you would do. Not unless you don’t mind the trade-off between ease-of-use and the reams of information you will allegedly provide to the popular audio maker Bose Corp.
The lawsuit filed by Zak against Bose is the latest to allege companies of surreptitiously tracking consumers, without their consent, to collect data and then to either solicit more business or sell it to third parties.
Early this year Ottawa-based sex toy maker We-Vibe settled a privacy lawsuit for $5 million after a line of its vibrators were found to have secretly collected and transmitted “highly sensitive information” about consumers without their knowledge or consent.
A month after the parent company of the controversial adult dating website Ashley Madison settled a complaint with the U.S. Federal Trade Commission and state charges over the 2015 data breach that exposed the personal data of more than 36 million users and highlighted the site’s unfair and deceptive practices, the firm is now trying to thwart 20 class actions against it by invoking online arbitration agreements the plaintiffs signed when they subscribed to its matchmaking services.
Just before the Christmas holidays, Toronto-based Avid Life Media Inc. (ALM) agreed to pay US$1.6 million and implement a comprehensive data-security program, including third-party assessments, to settle claims by the FTC who worked in collaboration with 13 U.S. states. According to the FTC complaint, until August 2014, operators of the site “lured” customers, including 19 million Americans, with fake profiles of women designed to convert them into paid members.
Quebec, once a pioneer that lead the movement towards greater government transparency, is now among the least transparent provinces in Canada after successive provincial governments introduced more than 150 legislative exemptions that undermined the province’s access to information legislation, according to a recently published comprehensive report by Quebec’s Commission d’accès à l’information.
With Quebec ranking 10th out of 14 jurisdictions in Canada, and 57th in the world, behind Honduras and Romania, the Quebec government should overhaul the provincial access to information legislation to compel all public bodies, even those partially financed by the provincial government, to be subjected to the access to information law, noted the 214-page, five-year report that issued 67 recommendations.
The consent model, the cornerstone behind the federal legislation that governs how private sector organizations may collect, use or disclose personal information in the course of commercial activities, is under the microscope after the Office of the Privacy Commissioner of Canada (OPC) published a consultation paper that examines its viability in today’s digital information ecosystem.
But privacy experts are skeptical that the consultation will lead to any tangible actions in the future. They point to the Digital Privacy Act, which received royal assent more than a year ago, yet is still not in force because the federal government has yet to complete the drafting of data breach notification and reporting regulations.
A call by Canada’s privacy watchdog to the life and health insurance industry to voluntarily refrain from requesting clients for access to existing genetic test results is going to be ignored, setting the stage for a divisive debate over access and the use of such personal information.
After consulting stakeholders, commissioning research papers, and holding roundtables in the area of genomics and privacy, the Office of the Privacy Commissioner of Canada issued an eight-page policy statement asking the health and life insurance industry to extend their decade-long voluntary ban against asking applicants or existing policy holders to undergo genetic testing. More controversially, the OPC is also asking the industry to extend the moratorium to applicants who have already taken genetic tests. But the OPC’s policy statement is not definitive. Recognizing that the state of medical technology is changing rapidly, it admits that its position should be reviewed periodically.
“The thing that really jumped at me is that the OPC’s finding is preliminary, qualified, and based on its own research,” noted privacy lawyer Daniel Michaluk.
Workplace privacy, an issue few seriously thought about even a decade ago, has become a conundrum for employers.
Canada’s privacy watchdog is openly calling into question the effectiveness of the ombudsman model to regulate private-sector practices for the protection of personal information in light of the recent spate of high-profile data breaches.