On this topic page, you can find the IAPP’s collection of coverage, analysis and resources related to privacy in Canada.

Subscribe to the IAPP Canada Dashboard Digest e-newsletter!
Keep up to date with the most important privacy and data protection news from Canada by subscribing to the Canada Dashboard Digest e-newsletter.

Featured Resources

Canadian Privacy, Fourth Edition

The fourth edition of Canadian Privacy: Data Protection Law and Policy for the Practitioner serves as the principle reference for CIPP/C candidates and Canadian privacy professionals.
Read More

A deep dive into Canadians’ concerns

This article offers a topic-by-topic breakdown of the “2020-21 Survey of Canadians on Privacy-Related Issues” survey.
Read More

Therrien keeps his eyes toward the future

During the virtual IAPP Canada Privacy Symposium, Therrien gave his annual keynote address in which he talked about the areas where Bill C-11 needs to be improved and what Canada stands to gain from modernizing its privacy legislation.
Read More


Latest News and Resources

PwC — Canadian Digital Trust Insights Survey

PwC’s 2022 Canadian Digital Trust Insights found 66% of Canadian organizations expect their cyber budgets to increase in 2022, compared to 56% last year. The survey explores simplifying business processes and operations to impact security and privacy, streamlining operations in complex organizations, whether organizations are securing against important risks now and in the future, and recognizing third-party cybersecurity and privacy risks. Read More

Quebec’s Bill 64: The first of many privacy modernization bills in Canada?

Privacy in Quebec is about to get a major makeover. Passed in September, Quebec’s Bill 64 revamps and modernizes much of the province’s current privacy laws, including the Private Sector Act, Quebec’s main statute that regulates the collection, use and disclosure of personal information by private organizations. IAPP Westin Research Fellow Samuel Adams analyzes the proposed changes to consent, data protection officers, notice, individuals’ rights and more, and the ripple effect this could cause ... Read More

'Canada's political parties regulate themselves' when it comes to data

In an op-ed for the Centre for International Governance Innovation, Colin Bennett discusses the impact of privacy and data laws not applying to political parties in "data-driven" Canadian elections. Organizational obligations regarding data under the Personal Information Protection and Electronic Documents Act do not apply to political parties, which Bennett points out has led to vast mishandling of personal data. "Essentially, Canada’s political parties regulate themselves," he writes. Full Sto... Read More

Web Conference: Quebec Privacy Law Reform: What Businesses Need to Know
(IAPP, June 2021)
What you need to know about mandatory reporting of breaches of security safeguards (Canada)
(Privacy Commissioner of Canada, August 2021)
Facial recognition pilot caught millions of travelers at Toronto airport
(IAPP, July 2021)
OIPC publishes review of private liquor, cannabis retailers
(IAPP, June 2021)
OPC survey finds 87% of Canadians concerned about their privacy
(IAPP, June 2021)
OPC: Royal Canadian Mounted Police use of Clearview AI violates Privacy Act
(IAPP, June 2021)
Does the recent fine for a Canadian website without an EU representative signal a change in GDPR enforcement priorities?
(IAPP, May 2021)
Canada moves toward vaccine passport rollout
(IAPP, May 2021)
British Columbia’s RCMP breaks own facial recognition rules
(IAPP, April 2021)
Canadians grow wary of employee-monitoring tactics
(IAPP, April 2021)
OPC breaks down privacy-enhancing technologies
(IAPP, April 2021)
Potential hard line drawn on Canadian privacy class action
(IAPP, April 2021)
Op-ed: Remote learning brings privacy pitfalls for Canadian students
(IAPP, April 2021)
Algorithmic Awareness: Conversations with young Canadians about Artificial Intelligence and Privacy
(MediaSmarts, March 2021)
OIPC calls for ‘urgent reform’ of PIPA
(IAPP, February 2021)
What Canada can learn from California, EU regulations
(IAPP, February 2021)
Canadian authorities determine facial recognition firm violated privacy laws
(IAPP, February 2021)
Canadian data-mining, ransomware schemes revealed
(IAPP, January 2021)
What EDPB transfer guidance means for Canada
(IAPP, December 2020)
The rise of co-regulation, from GDPR to Canada’s Bill C-11
(IAPP, December 2020)
Web Conference: Federal Privacy Reform in Canada: The Consumer Privacy Protection Act
(IAPP, December 2020)
‘Schrems II’ déjà vu: What new EDPB guidance means for Canadian businesses
(IAPP, December 2020)
OPC — Privacy Guide for Businesses
(OPC, November 2020)
Federal privacy reform in Canada: The Consumer Privacy Protection Act
(IAPP, November 2020)
Big fines included in Canada’s newly proposed national privacy bill
(IAPP, November 2020)
OIPC — Securing personal information: A self-assessment tool for public bodies and organizations
(OIPC, October 2020)
In annual report, Therrien makes familiar call for legislative reform
(IAPP, October 2020)
OPC Privacy Guide for Businesses: What Canadian businesses need to know to comply with federal privacy law
(OPC, October 2020)
Privacy Commissioner of Canada – Annual Reports
(OPC, October 2020)
A Comparison of Canada’s Private-Sector Privacy Legislation
(FIPA, August 2020)
OPC — Breach video series for your business
(OPC, September 2020)
Privacy and Smart Cities: A Canadian Survey
(Office of the Privacy Commissioner of Canada, February 2020)
MediaSmarts — Young Canadians speak out: A qualitative research project on privacy and consent
(Media Smarts, August 2020)
OPC: Privacy guidance for manufacturers of Internet of Things devices
(OPC, August 2020)
CPPA/PIPEDA Comparison Chart
(University of Ottawa Canada, August 2020)
‘Schrems II’: Impact on Data Flows with Canada
(IAPP, August 2020)
2019-20 Survey of Canadian businesses on privacy-related issues
(OIPC, July 2020)
PIPEDA rights for consumers
(Termageddon, July 2020)
Canada’s Supreme Court upholds Genetic Non-Discrimination Act
(IAPP, July 2020)
A quick comparative survey of Quebec’s proposed privacy legislation
(IAPP, June 2020)
LinkedIn Live: The Inaugural Ian Kerr Memorial Lecture
(IAPP, May 2020)
How Facebook’s settlement with Canada’s Competition Bureau may impact OPC’s recommendations
(IAPP, May 2020)
Provincial laws that may apply instead of PIPEDA
(Office of the Privacy Commissioner of Canada, May 2020)
Canada: Mitigating Privacy Risks For Teleworkers
(Pallett Valo LLP, March 2020)
Canadian police agencies grapple with facial recognition use
(IAPP, February 2020)
Canadian Legal and Policy Analysis of Using, Developing, and Selling Smartphone Spyware and Stalkerware Applications
(The Citizen Lab, Munk School and University of Toronto, February 202)
Critical Cybersecurity Compliance Issues for Canadian and U.S. Companies Operating across the Border
(Business Law Today, July 2019)
Is Canada’s proposed consent requirement for cross-border transfers worth the risk?
(IAPP, June 2019)
Therrien speaks on Digital Charter, trans-border data flow consultation at CPS19
(IAPP, May 2019)
GDPR and Canadian organizations: Addressing key challenges
(Deloitte, May 2019)
GDPR Compliance for Canadian Organizations
(Miller Thomson, May 2019)
Privacy and cybersecurity during COVID-19 — Tips for Canadian organizations
(Miller Thomson, February 2019)
The Evolution of Canada’s Data Broker Industry
(IAPP, February 2020)
A ‘reasonable’ discussion about PIAs in Canada
(IAPP, December 2019)
OPC, OIPC find AIQ violated federal, provincial privacy laws
(IAPP, November 2019)
Working with Canadian regulators requires communications, transparency
(IAPP, June 2019)
Smart City Privacy in Canada
(CIPPIC and the Office of the Privacy Commissioner of Canada, August 2019)
OPC, OIPC find Facebook violated Canadian privacy laws
(IAPP, April 2019)
PwC Canada rolls out IAPP training
(IAPP, January 2019)
How to operate under Canada’s new breach notification landscape
(IAPP, May 2019)
Web Conference: Canada’s Data Breach Notification Law Update
(IAPP, December 2018)
White Paper – Getting Started with Privacy in Canada
(IAPP, June 2018)
Canadian Privacy Impact Assessment Template
(Government of Nova Scotia, March 2012)
IAPP Canada OPC Final Report
(IAPP, April 2010)
View More Resources

Canadian Privacy Law and Documents

Federal privacy reform in Canada: The Consumer Privacy Protection Act

The federal minority government released draft legislation to update and modernize Canada’s federal private sector privacy legislation. The present law, the Personal Information and Electronic Documents Act, was initially passed in 2001 and fully came into effect in 2004. We will not go into a detailed explanation of Canada’s federal division of powers or the application of PIPEDA but will instead focus on the proposed changes. It is important to remember that a key goal of PIPEDA was to allow ... Read More

Regional Resources

Click below to navigate to resources by region.

Alberta, British Columbia, Manitoba, New Brunswick, Newfoundland, Northwest Territories, Nova Scotia, Nunavut, Ontario, Quebec, Saskawatchen, Yukon

View More Resources

View More Resources

View More Resources

View More Resources

View More Resources