On December 14, 2020, the Privacy Commissioner of Canada, Daniel Therrien, issued a statement regarding the recent data breach at Desjardins. The statement involved the investigation conducted under the Personal Information Protection and Electronic Documents Act (PIPEDA) concerning the largest ever data breach in Canada’s financial services sector. Plainly put, the investigation revealed that Desjardins did not demonstrate the appropriate level of attention required to protect the sensitive personal information entrusted to its care.
The Office of the Information and Privacy Commissioner of Ontario (IPC) has recently invited stakeholders and the public to provide feedback regarding strategic priorities that it should focus on in order to respond to issues that Ontarians care most about in respect of access to information and privacy.
On November 17, 2020, Bill C-11, An Act to enact the Consumer Privacy Protection Act and the Personal Information and Data Protection Tribunal Act and to make consequential and related amendments to other Acts (Bill C-11), received first reading in the House of Commons. Part 1 of Bill C-11 repeals Part 1 of the Personal Information Protection and Electronic Documents Act (PIPEDA) and enacts the Consumer Privacy Protection Act (CPPA) to protect the personal information of individuals while recognizing the need of organizations to collect, use or disclose personal information in the course of commercial activities.