Roundup: Egypt, Spain, Vietnam, US and more

(Oct 15, 2018) In this week's Privacy Tracker global legislative roundup, read about the Egyptian Parliament's newly proposed data protection law, Spain's soon-to-be-published law addressing digital legacies, and data protection implications of the newly formed trade agreement between the United States, Mexico and Canada. Vietnam has said it plans to move forward with enforcement of its new law, despite objections from industry. Also, learn about the new members of the U.S. Privacy and Civil Liberties Oversigh... Read More

Global News Roundup — Oct. 9–15, 2018

(Oct 15, 2018) In this week's Privacy Tracker global legislative roundup, read about the Egyptian Parliament's newly proposed data protection law, Spain's soon-to-be-published law addressing digital legacies, and data protection implications of the newly formed trade agreement between the United States, Mexico and Canada. Vietnam has said it plans to move forward with enforcement of its new law, despite objections from industry. Also, learn about the new members of the U.S. Privacy and Civil Liberties Oversigh... Read More

Perspective: How did Canada fare on privacy in the USMCA?

(Oct 12, 2018) Since Canada, Mexico and the U.S. updated their trade agreement, several Canadian commentators have raised concerns about some of its data localization and privacy provisions. But is the privacy sky falling? "Certainly, it would be wrong to dismiss the concerns of advocates for data localization," writes nNovation Partner Timothy Banks, CIPP/C, CIPM, CIPT. "There are very good reasons to require data about Canadians to remain in Canada." In this post for Privacy Perspectives, Banks takes a step ... Read More

Notes from the IAPP Canada Managing Director, Oct. 12, 2018

(Oct 12, 2018) There’s one thing I know for sure: The privacy industry is dynamic. It has changed dramatically over the past 20 years, and I’m sure it will continue to evolve in the future. This is one of the reasons I strongly believe in continuing education. Lord knows where I would be if I didn’t bother to learn about new laws, policies, best practices and technologies that are constantly changing. For me, one of the best ways to stay on top of things is by attending conferences. But I’m a discerning consu... Read More

How did Canada fare on privacy in the USMCA?

(Oct 12, 2018) Canadian commentators have raised alarm over provisions relating to data localization and privacy in the United States Mexico Canada Agreement on international trade. The Washington Post dramatically announced that “Experts say USMCA frees Canadian data – but with unknown risks,” while Prof. Teresa Scassa authored an opinion piece for MacLean’s Magazine titled, “The USMCA locks Canada in on digital trade – and at a worrying time.” Ensuring that Canada would not enact additional data localizatio... Read More

Federal agencies fail to meet PCI DSS standards

(Oct 12, 2018) CBC News reports several federal agencies failed to uphold the Payment Card Industry Data Security Standards. Of the 34 federal institutions authorized to accept credit card payment from citizens, 17 of them do not meet the PCI standards. Shared Services Canada maintains the data systems for 13 of the 17 noncompliant agencies, including the Royal Canadian Mounted Police, Transport Canada, Statistics Canada, and the Canada Revenue Agency. "Based on the latest information, all 13 departments which... Read More

EY releases Canadian highlights from information security survey

(Oct 12, 2018) EY has released the Canadian highlights from its 21st Global Information Security Survey 2018-2019. The EY survey found 70 percent of Canadian respondents increased their cybersecurity budget within the last 12 months, and 91 percent plan to increase their cybersecurity resources over the next year. Other findings include 64 percent of Canadian respondents who said they either do not have a data protection program or they have an informal one, and 52 percent revealed they do not have a data brea... Read More

OPC asks Federal Court to look into Google de-index case

(Oct 12, 2018) The Office of the Privacy Commissioner of Canada has asked the Federal Court to determine whether Google’s search engine must follow the Personal Information Protection and Electronic Documents Act when it presents the research results of a citizen’s name. A complainant claims Google has violated PIPEDA for continuing to index articles he claims are inaccurate. The complainant alleges Google has caused him harm through its refusal to de-index the articles. Google states PIPEDA does not apply in ... Read More

Health authority reaches $400K data breach settlement

(Oct 12, 2018) CBC News reports a settlement for approximately $400,000 has been reached after a former employee accessed patient health information. The Nova Scotia class-action lawsuit was levied against the former Capital District Health Authority. Between 2005 and 2011, a former employee accessed patient data of an estimated 105 friends and family without proper authorization. One of the lawyers representing the victims in the case said, "Having your private information accessed by somebody that you did no... Read More

Perspective: Why CBPR recognition in the USMCA is significant for privacy

(Oct 10, 2018) Late last month, trade representatives from the U.S., Mexico and Canada concluded negotiations and published a final text revising the North American Free Trade Agreement. Now known as the U.S., Mexico and Canada Agreement, the deal could have significant implications for the cross-border transfer of personal information. "While the USMCA still requires passage in the legislatures of the signatory nations, final implementation would mark significant developments for data privacy, the free flow o... Read More