1 minute read

Today a couple of changes to Canada’s privacy landscape were introduced under the infamous banner of “safety and security”. This will create significant changes to PIPEDA and FISA, Canada’s legislation around private sector privacy and spam respectively. I’ve been asked what this means, so I will try to summarize: The changes introduced today to PIPEDA propose: - if your organization is breached, you will notify the federal privacy commissioner as well as individuals where there is a risk of harm. - a requirement that organizations to consider the ability of their target audience to comprehend the consequences of sharing their personal information. (It mentions children and the vulnerable, but no technical details on how this requirement would be implemented) - exceptions to allow for the release of personal information to help protect victims of financial abuse, to help locate missing persons and to identify injured, ill or deceased individuals (again, no details on technical implementation). - exceptions to consent for the collection, use and disclosure of information needed for, among others, managing the employment relationship, information produced for work purposes (“work product”), and information used for due diligence in business transactions. - organizations will also be able to share and use business contact information that is required to conduct day-to-day business. - a new provision allowing the **disclosure of personal information without consent for private sector investigations and fraud prevention** will replace a regulatory process that has been burdensome for small and medium-size organizations. - amendments would make it clear that **organizations may collaborate with government institutions**, such as law enforcement and security agencies that have requested personal information, **in the absence of a warrant, subpoena, or order**. - new provisions would **prohibit organizations from notifying an individual about the disclosure of their personal information to law enforcement and security agencies** where the government institution to whom the information was disclosed objects. Today the Fighting Internet and Wireless Spam Act (FISA) was also reintroduced, which is anti-spam legislation. For more information, see the [Marketwire press release](https://www.marketwire.com/press-release/Government-of-Canada-Moves-to-Enhance-Safety-and-Security-in-the-Online-Marketplace-1265966.htm)

You may also enjoy

Password Managers For 2024

1 minute read

The top two questions we’ve received for the last 15 years are which browser should I use for privacy?, but more common is “Which password manager should I u...

Web Browsing With Privacy

1 minute read

I’ve been updating this blog for well over a decade on privacy centric browser options, so I thought I’d start with my recommendations as we dive into 2024. ...

Sharing Links

less than 1 minute read

When sharing links, there are a handful of issues that may occur. The original news site or blog may have taken the article the down, or they may in the futu...

You May Have 5 Minutes To Patch Your Systems

4 minute read

We’ve all been working on something on our device when we get a pop-up that a new patch or update is available, and we probably dismiss it as we want to stay...