(May 27, 2016) Last year at the IAPP Canada Privacy Symposium, we had the world’s self-proclaimed "first cyborg" give a keynote address. During that lecture, Steve Mann explained his concept of sousveillance. Basically, what it boils down to is turning the idea that we are always under surveillance by those in higher powers into the notion that everyone can surveil those in higher powers by continuously watching them for a change. And if that means everyone is always wearing body-worn cameras, well then so be... Read More

Canada Dashboard Digest

Officials examining ‘right-to-be-forgotten’ potential in Canadian law

(May 27, 2016) As Google and the CNIL continue their battle over Europe’s “right-to-be-forgotten” law in France, Canadian officials are mulling whether the law has a place in their own legal system, The Globe and Mail reports. A case involving Google and Datalink Technologies Gateways, Inc., has drawn parallels to the case in France, as the search engine is challenging an order in front of the Canadian Supreme Court to remove listings of Datalink, which is being accused of trademark violations across its world... Read More

Canada Dashboard Digest

Therrien to investigate CSIS data breach reporting

(May 27, 2016) Privacy Commissioner of Canada Daniel Therrien has confirmed that he will be contacting the Canadian Security Intelligence Service after the agency reported a breach in 2015, though "only after the spy agency was urged to do so by an independent review body,” reports. Therrien said the investigation would determine whether CSIS was following Canadian breach-reporting rules, and if there truly was just one breach. “It is certainly something to investigate with CSIS,” he said. Read More

Canada Dashboard Digest

Interim RCMP policy sets body cam guidelines

(May 27, 2016) A new RCMP policy will require Mounties wearing small video cameras to hit record when they believe force will be used against a suspect, The Canadian Press reports. The interim policy is being considered with two purposes in mind: To gather evidence for prosecution against criminal behavior, and to answer any questions surrounding the aftermath of an incident. "Police are making use of a relatively new technology to hold both police officers, and members of the public we interact with, accountable for any actions taken," the RCMP says. Other privacy concerns addressed in the interim policy include telling an individual when officers are wearing cameras, teaching RCMP members of best video policies and practices, and making sure recordings are uploaded securely. Read More

Canada Dashboard Digest

Privacy commissioner grants Nova Scotia man access to birth father’s name

(May 27, 2016) The Department of Community Services has agreed to give an 86-year-old man access to his birth father’s name, following the Novia Scotia privacy commissioner’s recommendation that it do so, CBC News reports. The disclosure was the culmination of the man and his family’s “lengthy battle” to discover the information, the report adds. However, the Department of Community Services said that the move won’t impact how adoption information requests are handled in the future. "Requests under the Adoption Information Act follow a separate and distinct process," said department spokeswoman Heather Fairbairn. “As a result, this decision has no bearing on the province's adoption disclosure services." Read More

Canada Dashboard Digest

NDP government’s carbon tax bill faces privacy concerns

(May 27, 2016) Premier Rachel Notley is pushing back against accusations the Alberta New Democratic Party government’s carbon tax contains invasive and arbitrary rules on search and seizure, Global News reports. Notley denies those claims, saying Bill 20 includes search warrant rules commonly seen in Canada. Bill 20 allows the government to increase taxes in order to fund a new carbon levy and officials to obtain a search warrant if they believe a breach of the levy may take place. Notley believes the opposing Wildrose Party is engaging in fearmongering. “The opposition is taking language that has appeared in government legislation provincially and federally for years and they’re suggesting that we invented it to create a new right that quite frankly doesn’t exist,” said Notley. Read More

Canada Dashboard Digest

Video: Talking de-identification with Khaled El Emam at IAPP Global Privacy Summit 2016

(May 26, 2016) On the show floor of the IAPP Global Privacy Summit 2016, IAPP Publications Director Sam Pfeifle interviews Privacy Analytics Co-Founder and CEO Khaled El Emam about the latest in de-identification technology and how companies can use it in their privacy operations. “First of all, there’s more demand internally to use the data that’s available within organizations,” El Emam said. “So, over time, as these organizations develop a data business model, and as that progresses, they hit the privacy wall, where they need to figure out how to anonymize this data. … This is where de-identification comes in.” Editor’s note: Khaled El Emam recently wrote a post on de-identification protocol for Privacy Tech. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Startup aims to ID data processing risks; anti-phishing tool in development

(May 25, 2016) Startup company BigID is developing a tool to help businesses navigate the risks they face while storing and processing personal data, TechCrunch reports. The tool aims to improve visibility of customer data, alerting businesses to who is accessing it, and where it’s being held. With EU’s General Data Protection Regulation on the horizon, BigID says companies will need to have a stronger grasp of data protection processes. “The most important assets a company has are the digital identity assets ... Read More

Canada Dashboard Digest, Daily Dashboard

What to do when ransomware holds your business hostage

(May 24, 2016) If you haven’t experienced ransomware yet, it’s probably just a matter of time. For cyber criminals, it’s an almost perfect crime. For organizations and individuals, it’s their worst nightmare, and it’s just getting started. In this series of articles for The Privacy Advisor, Doug Pollack, CIPP/US, looks at the epidemic of ransomware: What it is, how it gets into your systems, and what you can do about it. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard

Opinion: Post-breach, you should call a cyber lawyer

(May 24, 2016) With data breaches hitting organizations large and small, it “doesn’t matter whether the intrusion is attributable to malicious activity or simple employee or third-party negligence; the effect is the same,” writes Traub Lieberman Staus & Shrewsberry attorney Richard Bortnick. If a breach incident does hit, to “whom should you make your first call? A cyber lawyer.” In this post for Privacy Perspectives, Bortnick argues, “Although vendors and IT specialists can promote themselves as having the appropriate knowledge and training to teach and implement best practices, they do not possess the critical protections afforded by the attorney-client relationship.” Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard