The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.

On Twitter

About this page and the author

The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.

For full contact information and a brief bio, please see David's profile.

Please note that I am only able to provide legal advice to clients. I am not able to provide free legal advice. Any unsolicited information sent to David Fraser cannot be considered to be solicitor-client privileged.

Privacy Calendar

Links

RSS FEED for this site

Blogs I Follow

Small Print

The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.

This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.

Tuesday, September 02, 2008

Mass surrender of online privacy

One of the most interesting phenomena (at least to me) is that privacy is not only being taken away on a number of fronts, the wider front is the mass surrender of privacy by the millions of people who put loads of personal data online.

Some people may think it's ironic that I'm on Facebook or Flickr, but I'm pretty mindful of what I put online and who is my "friend". When I was young and foolish, I posted stuff that's still to be found on the internet. Nothing scaldalous: stuff like a travelogue of a visit to Romania and contributions to listservs about academic freedom. But kids these days, armed with digital cameras, are posting vast quantities of personal information that will hang around for years. And is there for those who may not be their friends.

I happened upon an interesting illustration of this on MetaFilter today (It's not dead, it's just resting MetaFilter). Check out these two videos in which private investigator Steve Ramblan discusses his tradecraft:

Hope2604 – Privacy Is Dead – Get Over It In 2006, privacy expert Steven Rambam’s two hour panel was disrupted by federal authorities who arrested him at the conference just prior to its commencement. In the end, he was completely vindicated and went on to finally give his talk several months later to a packed house at a local university. This year, Steven will be on for three hours, in part to make up for what you may have missed last time, but mostly because what he says about the state of privacy in our society will captivate you. Since 1980, Pallorium's investigators have successfully closed more than 9,500 cases, ranging from homicide investigations to missing persons cases to the investigation of various types of sophisticated financial and insurance frauds. Steven Rambam has coordinated investigations in more than fifty (50) countries, and in nearly every U.S. State and Canadian province. Steven specializes in international and multi-jurisdictional investigations, and within the past few years he has conducted investigations in Israel, South Africa, Holland, France, England, India, Mexico, Guatemala, Spain, Portugal, Bulgaria, Germany, Abu Dhabi, China, Mongolia, the Philippines, Thailand, Laos, Jordan, Vietnam and Brazil, among other locations. For More Information Visit www.pallorium.com

Labels: facebook, privacy, social networking, surveillance

9/02/2008 09:17:00 PM :: (1 comments) :: Backlinks

Comments:

On June 10, 2008 the state of Connecticut passed a law concerning the confidentiality of Social Security Number, a driver's license number, a state identification card number, an account number, a credit or debit card number, a passport number, an alien registration number or a health insurance identification number. It states any person in possession of such information must protect the confidentiality of such numbers, prohibit unlawful disclosure of such numbers and to limit access to such numbers.
The violation of the above could result in a civil penalty in the amount of 500.00 for each violation. The penalty can not exceed five hundred thousand dollars. I have included a copy of the entire Public Act
Substitute House Bill No. 5658
Public Act No. 08-167
AN ACT CONCERNING THE CONFIDENTIALITY OF SOCIAL SECURITY NUMBERS.
Be it enacted by the Senate and House of Representatives in General Assembly convened:
Section 1. (NEW) (Effective October 1, 2008) (a) Any person in possession of personal information of another person shall safeguard the data, computer files and documents containing the information from misuse by third parties, and shall destroy, erase or make unreadable such data, computer files and documents prior to disposal.
(b) Any person who collects Social Security numbers in the course of business shall create a privacy protection policy which shall be published or publicly displayed. For purposes of this subsection, "publicly displayed" includes, but is not limited to, posting on an Internet web page. Such policy shall: (1) Protect the confidentiality of Social Security numbers, (2) prohibit unlawful disclosure of Social Security numbers, and (3) limit access to Social Security numbers.
(c) As used in this section, "personal information" means information capable of being associated with a particular individual through one or more identifiers, including, but not limited to, a Social Security number, a driver's license number, a state identification card number, an account number, a credit or debit card number, a passport number, an alien registration number or a health insurance identification number, and does not include publicly available information that is lawfully made available to the general public from federal, state or local government records or widely distributed media.
(d) For persons who hold a license, registration or certificate issued by a state agency other than the Department of Consumer Protection, this section shall be enforceable only by such other state agency pursuant to such other state agency's existing statutory and regulatory authority.
(e) Any person or entity that violates the provisions of this section shall be subject to a civil penalty of five hundred dollars for each violation, provided such civil penalty shall not exceed five hundred thousand dollars for any single event. It shall not be a violation of this section if such violation was unintentional.
(f) The provisions of this section shall not apply to any agency or political subdivision of the state.
(g) Any civil penalties received pursuant to this section shall be deposited into the privacy protection guaranty and enforcement account established pursuant to section 19 of substitute senate bill 30 of the current session.
Approved June 10, 2008
www.infidelitypolice.com

# posted by

chris : September 03, 2008 5:13 PM

Recent Posts