Last week, I mentioned the Desjardins breach and the fact that it was being investigated jointly by the commission in Quebec, and the federal Privacy Commissioner’s office. The story broke last week, but it continued to make headlines into this week. Notably, an emergency Parliamentary meeting took place in order for a select few MPs to show that they are interested in what happened.
To me, it’s a little surprising that the breach was being examined by the House of Commons Public Safety and National Security Committee as opposed to the ETHI Committee. The ETHI Committee is responsible for examining and making recommendations to such laws as PIPEDA and the Privacy Act, so they seemed like a more natural fit to me.
I guess the fact that Public Safety and National Security was examining the breach is a good thing. It helps spread the word to Members of Parliament that in today’s day and age we need better laws, strategies and policies to deal with the data driven world we live in.
It’s clear that the Desjardins breach was the result of a rogue employee and time will tell if anything criminal has been done. In the meantime, I’m looking forward to seeing what the privacy commissioners have to say about it. Did Desjardins have sufficient safeguards in place notwithstanding that this was the act of an ill-intentioned employee? Could they have had better ways of catching the wrongdoer prior to harm that befell approximately 2.6 million Canadians?
I know that the financial institution’s reaction to the breach has been somewhat encouraging in the sense that they are offering credit monitoring for life to those affected. That’s got to be a fair amount of monetary outlay. Is that enough? If you were affected, what else would you like to see — apart from a new bunch of politicians vying for some much needed pre-election media attention?