The increasing cyber security threat continues to raise a series of privacy risks for organizations. The Office of the Privacy Commissioner of Canada (OPC) has been regularly focusing on cyber security in letters of findings and guidance and, most recently, in a report, entitled “Privacy and Cyber Security: Emphasizing privacy protection in cyber security activities”.
The OPC’s report examines the interrelationships between cyber security and privacy, and discusses a number of common challenges for cyber security and privacy, including:
- The complexity of electronic, interconnected networks
- Increasingly sophisticated cyber threats and the “professionalization” of hacking
- Threats to mobile devices, which are closely tied to individual users
- The challenge in the Big Data context
- Ensuring breach preparedness is a greater priority
- Encouraging effective, dynamic risk management instead of “check the box” compliance
The report also considers recent policy developments, including the tension between privacy protection and national security, and the global nature of cyber governance. The report concludes with recommended policy directions in which privacy protection could in the future support and augment cyber security:
- Building privacy values into the development of cyber security policy
- Legislative approaches the incentivize cyber security preparedness
- Facilitating a broader dialogue on cyber security which acknowledges the importance of privacy, trust and responsible data stewardship
By Adam Kardash and Eric Morgan, Osler, Hoskin & Harcourt LLP
- What should charities do if they find out that a board member donated to the Freedom Convoy? - March 18, 2022
- Accepting cryptocurrency for donations or payments can be quite risky for Canadian charities unless you know what you are doing - February 23, 2022
- Being proactive with employee absences - January 26, 2022