In 2010, the Office of the Privacy Commissioner of Canada conducted consultations on current privacy issues, including online tracking, profiling, targeting and cloud computing. The office released its report on the consultations earlier this year, and it’s available online. (I recommend the PDF version. It’s got illustrations!)
The report is valuable enough for its descriptions of the issues and how they affect individuals and businesses. One of the major concerns is whether Canada’s existing privacy law framework is sufficiently robust to protect citizens from online threats. Some experts believe it is; others do not. At any rate, the office of the privacy commissioner has proposed several actions to reduce the risks associated with online tracking, profiling, targeting and cloud computing:
- Monitoring and funding research developments on the implications of changing perceptions of public and private spaces (as well as the challenges of maintaining a professional and personal presence online)
- Conducting public opinion research on Canadians’ perceptions of the public-private divide
- Conducting outreach activities, including developing best practices for organizations to support people’s capacity to be as private or as public as they want
- Continuing public education efforts
- Working with Industry Canada to consider how best to integrate privacy by design principles and privacy impact assessments into private sector practices
- Monitoring and drawing on the work of international privacy organizations that are working on similar issues
- Focusing online privacy activities on adult Canadians who may be newer users in the online environment
- Continuing dialogue with the technical community on how to build the principles contained in PIPEDA into both user interfaces and underlying technologies
- Continuing to reach out to youth and seeking innovative and creative ways of doing so
And much more besides.
If you are concerned about expanding your operations to include more online activity, if you’re looking for information about privacy law and how your current practices stand up, or if you’re just looking for a primer on these pertinent issues, read the privacy commissioner’s report. It’s short and written for you.
When you’re done, consider the First Reference best practice guide, Protecting employee and customer privacy, which contains the most crucial information Canadian companies in the private sector must have to understand the “why”, “what” and “how” of Canadian privacy legislation. The guide is aimed primarily at providing information on privacy issues related to the employment relationship, however, it also helps organizations deal with customer privacy. In addition, there is information about common privacy issues such as record keeping, access to information, video surveillance, breach of privacy, medical information, social networking, etc.
Adam Gorley
First Reference Internal Controls, Human Resources and Compliance Editor
