TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

Canada Dashboard Digest | Notes from the IAPP Canada Managing Director, Nov. 11, 2022 Related reading: IAPP Westin Scholar finds evolving privacy law 'exciting'

rss_feed

""

""

I work quite consistently with organizations that are international in scope and need to make sure their operations, policies and agreements all comply with Canadian privacy requirements.

Often they approach Canada as a secondary or tertiary market so what I’m dealing with are organizations that have built privacy management programs to deal with U.S. and European concerns first.

Now, for those organizations that have invested well in these efforts, once they come into Canada, there are usually only minor changes and tweaks that we need to recommend. But when organizations have cut corners, the lift can be substantially heavier and I’m reminded of an old adage: "a penny wise, a pound foolish."

I think cutting corners — or rather not doing so — was also one of the themes from our new Privacy Commissioner of Canada, Philippe Dufresne, said in his keynote address to the Canadian Bar Association event. Among his messages, he advocated against simply taking the quick route, and instead to think about privacy issues at the front end of everything your organization does.

Doing so, he argues, goes a long way to building trust — and trust is currently missing in Canada when it comes to the average person’s dealings with the private and public sector. The commissioner cited a good case, referring to the Royal Canadian Mounted Police not doing a privacy impact assessment at the front end of its implementation of a new technology. The tech allows use of on-device investigative tools that can access content as well as activate the camera and audio functions of smartphones without the users’ knowledge.

In such cases, if privacy issues were dealt with up front and in a transparent matter — with the help of expert advice — then there would be more trust amongst Canadians when we hear about these investigative techniques.

Without thinking of privacy first, as was the case I assume with the Tim Horton’s application that tracked geolocation without users’ knowledge or consent, organizations inevitably get into trouble. When they get into trouble, trust is again eroded. It’s a vicious cycle and one that needs to be broken.

Anyway, he actually covered a lot of ground in his speech and it was his first one, at that. So I encourage everyone to have a read, because it’s all about his vision for protecting privacy over the next few years. You can also catch another one in the not-so-distant future if you’re planning to go to the Public Interest Advocacy Centre Annual Dinner Nov. 25, which tends to be a nice gathering of privacy pros and one they haven’t held in a while.

Comments

If you want to comment on this post, you need to login.