TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

Canada Dashboard Digest | Notes from the IAPP Canada Managing Director, Nov. 29, 2019 Related reading: Privacy inspection tool finds ad trackers on sensitive nonprofit websites


The long-awaited investigation into AggregateIQ culminated this week with the release of the joint report by both the Office of the Information and Privacy Commissioner for British Columbia and Office of the Privacy Commissioner of Canada.

The extent to which this Canadian organization played a role in manipulating election results around the world is disturbing. And they violated Canadian privacy laws by collecting and using extremely sensitive personal information without the requisite consent. “AIQ created a political customer relationship management tool for SCL called Ripon. This tool was used to collect and store vast amounts of voter data and to provide lists of voters to various campaigns for targeting. The personal information provided by SCL to AIQ included psychographic profiles, ethnicity and religion, political donation history, birth dates, email addresses, magazine subscriptions, association memberships, inferred incomes, home ownership information, and vehicle ownership details. AIQ confirmed that SCL was able to use the information to segment individuals into narrow groups for micro-targeted advertising campaigns on Facebook,” according to the news release.

At the end of the day, AIQ simply had to agree to the commissioners’ recommendation to do better in the future. But there is absolutely no other consequence to having violated the law. 

The commissioners also took this occasion to once again call for privacy law reform and the need to make political parties subject to some national rules. Aren’t they getting tired of having to send the same message over and over again to little effect?

Meanwhile, there was a pretty seismic shift in the U.S. this week when federal politicians introduced a comprehensive privacy bill. If it ever comes to fruition, this law will mean more to the privacy profession worldwide than the EU General Data Protection Regulation.

Maybe, with the rest of the world taking privacy seriously, our government will do the same. Hopefully, we will see something concrete on this in the mandate letters to the new Cabinet announced last week on Parliament Hill. Who is taking bets on that?


If you want to comment on this post, you need to login.