A couple of things done by our regulators are worth mentioning this week.

If you’ve been curious to know the Office of the Privacy Commissioner of Canada's position on Bill C-27, now is your chance. They tabled their submission to the House of Commons Standing Committee on Industry, Science and Technology, the Parliamentary committee studying the Bill. It contains 15 recommendations, a handful of which I’ve highlighted below:

  • Recognize privacy as a fundamental right.  
  • Protect children’s privacy and the best interests of the child. 
  • Expand the list of violations qualifying for financial penalties to include, at a minimum, appropriate purposes violations.  
  • Create a culture of privacy by requiring organizations to build privacy into the design of products and services and to conduct privacy impact assessments for high-risk initiatives.  
  • Strengthen the framework for deidentified and anonymized information. 
  • Require organizations to explain, on request, all predictions, recommendations, decisions and profiling made using automated decision systems.  
  • Limit the government’s ability to make exceptions to the law by way of regulations.  
  • Provide that the exception for disclosure of personal information without consent for research purposes only applies to scholarly research.  
  • Make the complaints process more expeditious and economical by streamlining the review of the commissioner’s decisions. 

You’ll recall, with the previous iteration, the OPC made more than 50 recommendations in a rather lengthy submission, so it is interesting to see what the OPC has focused on for this one. I suggest you read the 25-page document, where they explain the reasoning behind each item on their wish list.

ADVERTISEMENT

Syrenis ad, a privacy professional's AI checkilist

The other regulator making some news this week is from Ontario. Information and Privacy Commissioner of Ontario Patricia Kosseim unveiled a neat showcase where she highlights positive examples of openness and transparency in government. It’s like walking through a virtual art gallery, with lots of great, illustrative examples of how being open and transparent with data can actually improve our day-to-day lives and democracy in general. It’s worth checking out. I think regulators have to use all the different tools in their regulatory toolbox to bring about change and I like the idea of encouraging compliance by illustrating best practices in a creative way. I’m hoping she will share a little bit more about this unique approach onstage at the IAPP Canada Privacy Symposium — we’ll see!

And with that, it’s getting close — less than two weeks away. Our numbers are looking great, the program looks stellar and I look forward to seeing everyone soon!