The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.

Search this blog

Recent Posts

On Twitter

About this page and the author

The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.

For full contact information and a brief bio, please see David's profile.

Please note that I am only able to provide legal advice to clients. I am not able to provide free legal advice. Any unsolicited information sent to David Fraser cannot be considered to be solicitor-client privileged.

David Fraser's Facebook profile

Privacy Calendar

Archives

Links

Subscribe with Bloglines

RSS Atom Feed

RSS FEED for this site

Subscribe to this Blog as a Yahoo! Group/Mailing List
Powered by groups.yahoo.com

Subscribe with Bloglines
Add to Technorati Favorites!

Blogs I Follow

Small Print

The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.

This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.

Wednesday, June 07, 2006

Privacy Commissioner tables report calling for urgent reform of Canada's Privacy Act 

The Federal Privacy Commissioner appeared before the House Standing Committee on Access to Information, Privacy and Ethics to call for reform of the federal Privacy Act, which governs the collection, use and disclosure of personal information by federal government institutions.

News Release: Privacy Commissioner tables report calling for urgent reform of Canada's Privacy Act (June 5, 2006):

Ottawa, June 5, 2006 –The Privacy Act is an outdated law that leaves the Office of the Privacy Commissioner of Canada virtually powerless to protect the privacy rights of Canadians relating to information collected, used and disclosed by the federal government, said Privacy Commissioner Jennifer Stoddart in a document tabled today with the House of Commons Standing Committee on Access to Information, Privacy and Ethics.

The Privacy Act, which came into force in 1983, has never been amended or updated despite repeated calls for review by successive Privacy Commissioners.

“The world has profoundly changed since the Privacy Act was drafted,” said Ms. Stoddart. “Globalization has increased, national security concerns have become heightened, and Canadians have higher expectations that the federal government will respect fundamental privacy rights. The Privacy Act is outdated and it must be amended.”

Two separate federal laws protect Canadians’ privacy rights: the Personal Information Protection and Electronic Documents Act, or PIPEDA, and the Privacy Act. PIPEDA limits the private-sector’s collection, use or disclosure of an individual’s personal information. The Privacy Act governs how the public sector must handle personal information.

In her report, the Commissioner calls for the scope of the Privacy Act—which the Supreme Court has said has quasi-constitutional status—to be expanded in a number of specific ways:

  • Since 1982, the government has created many entities that are not subject to either the Privacy Act or PIPEDA. All public-sector bodies or offices should be subject to the Privacy Act unless Parliament specifically excludes them.
  • The Federal Court should be able to review not only claims of denial of access to personal information held by government, but also improper collection, use and disclosure of personal information. The Court should also be empowered to assess damages against offending institutions.
  • The definition of personal information should be expanded to include both recorded and unrecorded information, such as DNA samples, about identifiable individuals.
  • All individuals about whom the government holds personal information—and not just those present in Canada—should have the right to access, correct and be informed of that information. For example, airline passengers, immigration applicants and foreign student applicants have no right to access their information in Canadian government files.

The Commissioner has noted that the Privacy Act could be substantially remedied by adopting many of the provisions of PIPEDA, which came into force in stages starting in 2001. Ms. Stoddart identified specific fair information principles contained in PIPEDA that should be applied to the Privacy Act, such as:

  • Government institutions should only collect personal information that is reasonable and necessary for a particular purpose. They should specify the authority under which information is being collected, the uses to which it will be put, whether and with whom it may be shared, the consequences of not providing the information, and the right to make a complaint.
  • Where possible, when information is disclosed without consent, there should be a corresponding duty on the government to inform the individual about the disclosure.

The Office of the Privacy Commissioner of Canada is mandated by Parliament to act as an ombudsman, advocate and guardian of privacy rights in Canada.

To view the report: Government Accountability for Personal Information: Reforming the Privacy Act

Labels: ,

Links to this post:

Create a Link

This page is powered by Blogger. Isn't yours? Creative Commons License
The Canadian Privacy Law Blog is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License. lawyer blogs