IAPP-GDPR Web Banners-300x250-FINAL

(Nov 20, 2015) In a panel discussion at the IAPP Data Protection Intensive 2015, Promontory’s John Bowman, CIPP/E, Hunton & Williams’ Rosemary Jay, LEGO’s Max Sorensen, CIPP/E, and Privacy International’s Anna Fielder talk about the upcoming General Data Protection Regulation. “We’ll be looking ahead to see if there’s any key things which we can develop, maybe give a flavor of what the final text might look like, certainly looking into the crystal ball,” Bowman said. “The regulation is definitely coming,” he added. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Notes from the IAPP Canada Managing Director, November 20, 2015

(Nov 20, 2015) Forgive me for getting into the weeds a bit on a couple of quirky parts of our privacy laws; I hope some of you fellow privacy nerds might find this interesting and, like me, a bit odd.  First of all, did you know that the way the exemption orders are written to declare certain laws as substantially similar to PIPEDA actually creates the situation where organizations that are federal works and undertakings must comply with both PIPEDA and the substantially similar laws? It’s weird, but no matte... Read More

Canada Dashboard Digest

PEI’s Workers Compensation Board Had 47 Breaches in Four Years

(Nov 20, 2015) After a complaint sparked an investigation, Prince Edward Island Privacy Commissioner Karen Rose discovered the province’s Worker’s Compensation Board had a total of 47 data breaches in four years, “an average of one per month,” CBCNews reports. “While Rose found the board had taken steps to prevent privacy breaches, she concluded they didn't go far enough,” the report states, with Rose suggesting that the agency better educate its employees about privacy, that the board create a privacy breach advisory committee and that the organization report back to Rose for two years. The Worker’s Compensation Board said in a statement that “it's committed to the protection of privacy and will use the commissioner's recommendations to further enhance protection,” the report states. Read More

Canada Dashboard Digest

Clayton: Take Time With Sunshine Law

(Nov 20, 2015) As Alberta considers Bill 5, the so-called sunshine law that would require all government executives making more than $125,000 to have their salaries disclosed publicly, Privacy Commissioner Jill Clayton counsels caution, reports Edmonton Journal. Specifically, Clayton recommends that all public bodies complete privacy and access impact assessments to demonstrate what the bill’s requirements would look like if put into place. “It’s important to give careful thought to the process that needs to be put in place to publicly disclose personal information,” Clayton said in a statement. “My office would be pleased to consult with them on this topic.” The bill would require a first release of information in June of 2016. Read More

Canada Dashboard Digest

Denham Offers FoIA Update Suggestions

(Nov 20, 2015) British Columbian Privacy Commissioner Elizabeth Denham presented her suggestions for improving the province’s Freedom of Information Act to an MLA committee, such as “a legislated duty to document, and stiffer penalties for record destruction,” the Vancouver Sun reports. “There’s a lot of duty-to-document skeptics out there,” said Denham. “What I was trying to explain in the committee presentation today is that other jurisdictions have this duty and it’s working for them. In fact, it doesn’t result in the creation of more records, it just results in the creation of the right records.” She also argued that higher fines for incorrect document destruction would serve as an incentive for compliance. Read More

Canada Dashboard Digest

Op-Ed: TPP a Privacy Failure

(Nov 20, 2015) The controversial Trans-Pacific Partnership’s attitudes on privacy are a “failure,” Michael Geist argues in an op-ed for The Tyee. “As Canadians assess the 6,000-page agreement, the implications for digital policies such as copyright and privacy should command considerable attention,” Geist said. “On those fronts, the agreement appears to be a major failure. Canadian negotiators adopted a defensive strategy by seeking to maintain existing national laws and doing little to extend Canadian policie... Read More

Canada Dashboard Digest

Cyberbullying Proposal Submitted by BC’s Privacy Commissioner

(Nov 20, 2015) British Columbia Privacy Commissioner Elizabeth Denham and Children’s Representative Mary Ellen Turpel-Lafond submitted a proposal that would streamline cyberbullying legislation, one that would end “its current fragmented and underfunded approach” and instead encourage anti-bullying education, CTV News reports. "The provincial government's approach to cyberbullying has initiated some dialogue on these issues, but difficult and pressing questions remain to be addressed,” the proposal said. “The answer is not to take technology away, or to introduce invasive surveillance tools to monitor our children," Denham said. "Instead, we need to teach them how to behave online in a way that is respectful of others, and empower them to express themselves responsibly." Read More

Canada Dashboard Digest

One Solution to EU Data Laws? Geotagging

(Nov 19, 2015) With an invalidated Safe Harbor agreement, companies are moving to continue data flows while respecting European law, as may be evidenced by comments made by Intel Data Center Group General Manager Diane Bryant, PC World reports. She said service providers can connect different data centers in different regions through technology. “We’re better off solving these problems with technology than regulation,” she said, “I think that’s a much more logical approach to the problem.” Bryant added, “Geotagging is a great solution to that. We’ve been working with the industry on a way to create VMs and, through policy and cloud orchestration tools, to guarantee those VMs will only be executed within a certain geographic boundary.” Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

The Privacy-Surveillance Conversation Is Changing Post-Paris

(Nov 19, 2015) The fallout from the Paris attacks continues this week as several media outlets report on how the anti-surveillance momentum brought on by the Snowden disclosures is changing. The Washington Post reports “the momentum on Capitol Hill looks to be shifting back” in the pre-Snowden direction. Slate reports that the “GOP’s flirtation with ending the surveillance state is over,” and The Hill reports that Washington’s national security hawks are now emboldened after last week’s attacks. Plus, former B... Read More

Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Paper Certifications a Thing of the Past at the IAPP

(Nov 18, 2015) The IAPP Certification Program is teaming with Accredible to make the switch from paper certificates to digital copies, The Privacy Advisor reports. “I think it’s clear from our research that the IAPP certificates are kind of becoming an integral part of our certificants’ careers,” said Doug Forman, IAPP director of certification. “We wanted to offer a tool that was commensurate with that increasing stature of our certs in the marketplace.” The new online documents permit certifcants to personal... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest