The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.
For full contact information and a brief bio, please see David's profile.
Please note that I am only able to provide legal advice to clients. I am not able to provide free legal advice. Any unsolicited information sent to David Fraser cannot be considered to be solicitor-client privileged.
The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.
This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.
Monday, December 18, 2006
Bill C-25, An Act to amend the Proceeds of Crime (Money Laundering) and Terrorist Financing Act and the Income Tax Act and to make a consequential amendment to another Act, is now in force. For the purposes of attacking money laundering and the financing of terrorism, the statute expands the amount of personal financial information collected and the sources of that information. But this amendment also gives the Privacy Commissioner of Canada with a unique role. Under the statute, the Commissioner is to audit the personal information handling practices of FINTRAC every two years. We'll see how the first such audit goes ....
From the Commissioner's office:
New money laundering law requires Privacy Commissioner to review FINTRAC's compliance with Privacy ActOttawa, December 18, 2006 –The Privacy Commissioner of Canada, Jennifer Stoddart, has new oversight responsibilities under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (Bill C-25), which just received Royal Assent. Under this new legislation, the Commissioner's Office is now required to regularly review the Financial Transactions and Reports Analysis Centre (FINTRAC's) compliance with the Privacy Act, the federal public sector privacy law.
Under the Privacy Act, the Privacy Commissioner already has the power to audit the personal information-handling practices of federal departments and agencies. However, the Proceeds of Crime (Money Laundering) and Terrorist Financing Act specifically mandates the Office to review and report to Parliament on FINTRAC's activities every two years. The Commissioner's Office had already planned to conduct an audit of FINTRAC in 2007-08, pursuant to its authority under the Privacy Act.
"We understand the need to address suspected money laundering and terrorist financing activities, but we do have concerns about the potential impact on privacy rights resulting from an increase in the amount of personal information collected and disclosed by FINTRAC," said Ms. Stoddart. "In light of this, I am pleased to see that we will have increased oversight over these activities."
In the recent report of the Commission of Inquiry into the Actions of Canadian Officials in Relation to Maher Arar, Justice O'Connor also generally highlighted the need for increased oversight and review of activities that touch on national security. In Justice O'Connor's report, he recognized that the sharing and disclosure of personal information by government to foreign entities raises concerns.
Providing the Privacy Commissioner with mandated review of FINTRAC's activities is an important step because, as a result of the passage of Bill C-25, the number of organizations required to monitor and to collect information about their clients and customers will increase, the amount of personal information being collected will expand and more transactions will be subject to scrutiny and reporting. FINTRAC will be able to share more information with more organizations. FINTRAC is Canada's financial intelligence unit, a specialized agency created in July 2000 to collect, analyze and disclose financial information and intelligence on suspected money laundering and terrorist activities financing.
Last week, Ms. Stoddart appeared before the Standing Senate Committee on Banking, Trade and Commerce to discuss Bill C-25. Her statement and submission are available on the Office's Web site.
The Office of the Privacy Commissioner of Canada is mandated by Parliament to act as an ombudsman, advocate and guardian of privacy rights of Canada.
Labels: privacy, privacy act, public sector
The Canadian Privacy Law Blog is licensed under a
Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License.