I’m reading this week’s news, and this quote really resonated with me: “We are still operating with an analogue version of democracy in our heads … We need to catch up with our imagination of what democracy is if we want to ensure that there are proper regulations in place.”
And then there’s this line: “Canadians are far from immune to data analytics for political manipulation.”
And then, sadly, there’s this headline: “Government not ready to apply privacy laws to political parties.” Apparently, more discussion, debate and consultation are needed, so says the minister responsible. Ugh.
And while the politicians were busy trying to avoid the ambit of concrete laws that would apply to them and provide rules by which the democratic process can unfold, they were simultaneously ready to put more obligations on private industry. To this end, the government finally released the date by which organizations will have to abide by the data-breach-reporting regime in the Personal Information Protection and Electronic Documents Act. I won’t keep you in suspense … it's Nov. 1.
Will your organization be ready by then? Does having mandatory breach notification in our law resonate with the senior executives of your organization, or is it only the privacy pros who are concerned? I ask because I know the EU General Data Protection Regulation has gotten the attention of very senior executives (especially if you work at Facebook). I just don’t know if this relatively big step in the Canadian privacy regime is as well understood (or feared).
Tons of other news this week, too. Pour that coffee, and read on.
If you want to comment on this post, you need to login.