Are changes to Canada’s Privacy Law landscape on the horizon?

It looks like 2020 might be the year where Canada catches up in the realm of privacy and data protection laws. These will likely have a ripple effect throughout the workplace.

Mandates letters

In December 2019, PM Trudeau sent mandate letters to the Minister of Innovation, Science and Industry, the Minister of Justice and the Minister of Canadian Heritage asking them to get to work on enhancing the protection of Canadians’ personal information. 

The mandate letters focused on asking the various Ministers to work towards advancing Canada’s May 2019, Digital Charter (“the Charter”). The Charter sets out ten principles intended to address and respond to the impact of the digital revolution on Canadians and the Canadian economy. The government’s website sets out these principles and various action items in an accessible way on their website. Here are a few highlights:

• Universal Access 
• Control and Consent 
• Safety and Security 
• Transparency, Portability and Interoperability 
• Strong Enforcement and Real Accountability 

Enacting these principles will require some legal teeth, which is where the mandate letters come in. 

Warnings from the Privacy Commissioner

The Office of the Privacy Commissioner of Canada warned in his 2018-2019 Annual Report to Parliament on the Privacy Act and the Personal Information Protection and Electronic Documents Act that “the world is now passing us by” when it comes to privacy protections.

Rapid change has never been a forte of governments and it has evidently been difficult for governments the world over to keep pace with the changes the digital age has brought. We are reminded of the bizarre questions asked by some members of the US congress during the Facebook hearings over Cambridge Analytica. Some members were still clearly in the stage of digital infancy, learning to use their email…

What to expect

So what can we expect to come from Trudeau’s mandate letters? Much of Canada’s patchwork privacy law speaks to best practices – these could be replaced with enforceable rights and real obligations. Changes could include the right for privacy commissioners to conduct privacy inspections, issue orders and more easily enforce financial penalties.

While no definite timeline has been set for re-vamping Canada’s privacy legislation, doing so has been called “a top priority.” Public consultations are expected and “targeted stakeholder engagement”  has begun.

Data breaches are becoming more and more common. While complying with changing privacy laws will remain essential, organizations may also want to think beyond legal compliance and be proactive when it comes to privacy and data protection.

• About
• Latest Posts

Follow me

Lisa Stam, Spring Law

Founder of Spring Law, Employment and Labour Lawyer at Spring Law

Lisa Stam is founder of Spring Law, a virtual law firm advising exclusively on workplace legal issues for employers and executives. She practices all aspects of employment, labour, privacy, and human rights law, with a particular interest in legal issues arising from technology in the workplace. Lisa’s practice includes a wide range of entrepreneurs in the tech space, as well as global companies with smaller operations in Canada. In addition to the day to day workplace issues from hiring to firing, Lisa frequently blogs and speaks on both the impact, risks and opportunities of social media and technology issues in (and out of) the workplace, as well as the novel ways in which changing expectations of privacy continues to evolve employment law. Read more here.

Follow me

Latest posts by Lisa Stam, Spring Law (see all)

• Considerations for employers as we return to work - May 13, 2020
• Working safely from home - April 8, 2020
• Surveillance in the workplace - March 11, 2020