On September 28, 2017, the Privacy Commissioner of Canada created a draft guidance document providing clarification on inappropriate data practices, specifically focusing on subsection 5(3) of the Personal Information Protection and Electronic Documents Act (PIPEDA). This provision is entitled, “Appropriate purposes”, and states that, “an organization may collect, use or disclose personal information only for purposes that a reasonable person would consider are appropriate in the circumstances”.
In the recent decision of the Nova Scotia Supreme Court of Crouch v Snell, the Court struck the Cyber-Safety Act, finding it to be unconstitutional. Specifically, the Court held that the Cyber-Safety Act violated section 2(b) (freedom of expression) and section 7 (the guarantee of life, liberty and security of the person) of the Charter of Rights and Freedoms. What impact does the Crouch v Snell decision have on the Federal cyberbullying laws?
The recent loss of a Canadian government hard drive containing personal information of receivers of student loans and the ensuing class action lawsuit are a stark reminder of how easy it is to be exposed to the pitfalls of data security breaches. In this day and age, when company data is stored on small, mobile devices, all it takes is an absent-minded employee leaving their USB key or smarthpone on the subway.
Established in 1995, First Reference provides organizations with practical and authoritative resources to help ensure compliance with constantly changing Canadian legislation and best practice