Posts tagged legislation
2011: The decade of Privacy by Design starts now
Jan 15th
The Future of Privacy Forum, a Washington-based think tank that promotes responsible data practices, recently posted its First Annual List of Privacy Ins and Outs. It’s a playful – but insightful – look at what’s hot and what’s not in the world of privacy for the year ahead.
Ann Cavoukian
I was delighted (and gratified) to see Privacy by Design (PbD) make the list of what’s “in.” 2010 was a great year for Privacy by Design – the made-in-Ontario framework for embedding privacy into the architecture of technologies and practices, right from the outset. Around the world, PbD continued to gather momentum and gain increasingly widespread support. We’re clearly at a tipping point.
So what can look forward to for PbD in 2011? I’m anticipating this year as the launch of the Privacy by Design decade – one that will assure the future of privacy. Here is my “Top 5” list: Read the rest of this entry »
A challenge to health IT professionals – patient privacy is in your hands
Oct 22nd
Earlier this year, a health care professional did something seemingly well-intentioned: she placed a USB key into her purse as she left the office, planning to do some further work at home. As it happened, the files in question were the personal health information records of 763 patients.
Ann Cavoukian
Her purse was stolen. And regrettably, all of the records – unencrypted and easily read by anyone – were lost. Lost, too, was any sense of privacy for those 763 patients.
Scenarios such as this have been played out countless times all across Ontario and around the world. Indeed, a U.S. database has documented 121 incidents of mobile computing and storage devices being lost or stolen since September 2009, impacting over five million patients. It’s a privacy problem of epic proportions, compromising the most sensitive and personal types of information possible. And it must stop – now. Read the rest of this entry »
Canada’s new privacy bill lacks teeth
Aug 31st
A new bill known as the Safeguarding Canadians’ Personal Information Act, currently passing through Parliamentary approvals, is set to extend Canada’s existing privacy legislation. The bill will force organizations to both report any data breach to the Privacy Commissioner and to notify individuals affected by the breach, “if the organization believes that the breach creates a real risk of significant harm to the individual.”
Michael Collins
But while the sentiment behind this bill – increased transparency when data breaches occur – is sound, the bill lacks teeth.
Individuals will only be notified if the organization believes there is a need – the risk is that businesses simply won’t want to come clean and face losing not just one angry customer, but potentially hundreds should the news spread through social and traditional media channels.
In addition, the threat of financial penalties is notably absent from the bill, so where is the business incentive to comply?
Not yet too late for Ontario, BC SMBs to become HST compliant
Jul 14th
Despite a long government campaign to get taxpayers onboard with the HST which came into effect this July 1st, a majority of small businesses in Ontario and British Columbia are opposed to and unprepared for the new tax regime.
Nestor Arellano
More that 54 per cent of respondents in Ontario and 47 per cent in B.C. won’t be ready to comply with the changes, according to recent survey by poll body Angus Reid Public Opinion for Intuit Canada, a tax software developer.
No less than 35 per cent of respondents in both provinces also admitted they don’t understand the need for the new measures. Read the rest of this entry »
Facebook Strengthens User Privacy Controls
Jun 18th
In recent times, social networking giant Facebook has found itself in the spotlight again, and under the gun regarding its complex privacy settings. Last month Facebook responded to growing user discontent with the introduction of new privacy controls that are more straightforward, easier to use and most importantly, that give users greater control over their personal information. As a Privacy Commissioner and someone deeply interested in privacy, I think that Facebook has taken a firm step in the right direction.
As I keep saying – privacy is all about personal control and freedom of choice. Privacy, at its base, relates to an individual’s control over their own personal information and data flows, and the freedom to choose if and when it should be collected and used. The German concept of “informational self-determination” captures this notice of control very well.
Earlier this year, I wrote an op-ed for the Globe and Mail to correct the mistaken attribution to Mark Zuckerberg saying, “privacy is no longer a social norm.” What he actually said was, “People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people. That social norm is just something that has evolved over time.” Read the rest of this entry »
The Toronto G8/G20 Summits:
Jun 16th
How Simple Security Communication Blunders Can Negatively Impact Public Opinion
Apparently Toronto drew the short straw. It’s our turn to host the distinguished G8 and G20 summits this year and Canada is certainly stepping up to the plate. All our reluctant tax-paying citizens are financially responsible for ensuring the comfort and safety of a select few heads of state and their entourage on this august occasion in June.
Claudiu Popa
And a respectable event it is, with such noble and specific goals as the opportunity to discuss major international issues and develop personal relations between heads of state. Unfortunately, every year and despite their best intentions, the host countries have to endure any number of protests and criticism over the way things are handled and naturally the futility of the entire exercise in light of continued global misery. Past protests have been marred by injuries and even death, thus undermining the point of the exercise.
G8 and G20 must address online privacy
Jun 14th
-It’s the least we can expect for our billion-dollar investment
It’s hard to imagine governments acting in citizens’ social media privacy best interests when they themselves often seem so inept in terms of integrating social media within their own respective environments. For every example of a government department success story using social media tools and principles, there always seems to be a counter-example that illustrates just how many elected leaders and civil servants still have their heads in the sand when it comes to Web 2.0 and beyond. All-staff Twitter bans and continued sequestering of data that could help the public in hierarchical and disconnected silos, anyone?
Despite our leaders’ difficulties in making social media the new normal for government-citizen interaction, the need for our elected officials to help facilitate the transition to a Web 2.0-based economy has never been greater.
Yahoo! demonstrates new transparency centre
May 3rd
While attending the Privacy Commissioner of Canada’s Toronto privacy consultation last week, I caught up with Anne Toth, the head of privacy at Yahoo! Anne was one of the only representatives from online services companies that took part in the event, sitting on a panel about behavioural advertising. Companies such as Google and Facebook were nowhere to be seen, despite the attention those companies have attracted from privacy authorities lately.
Privacy remains a social norm
Apr 12th
Recently, a considerable amount of controversy ensued when Mark Zuckerberg, head of the world’s most popular online social network, Facebook, was misquoted as saying, “privacy is no longer a social norm.” What he actually said was: “People have really gotten comfortable, not only with sharing more information and different kinds, but more openly and with more people. That social norm is just something that has evolved over time.”
But few appear to recall his exact words – the take-away (erroneous though it may be), was that Mr. Zuckerberg no longer considered privacy to be a social norm (reflected in the many calls I received, asking me to respond to that statement). While I would not presume to speak for Mr. Zuckerberg, having spoken with his staff, they confirmed that his words were taken out of context.
Onus on tech firms to build responsible privacy controls: a guest blog from MaRS
Feb 22nd
In my last blog entry, I wrote about Privacy by Design: The Gold Standard – my annual event that focuses on the implementation of new technologies and business practices that can deliver tangible results with regard to ensuring the future of privacy. This year, the theme was “We did it…so can you” and I was delighted to see so many practical examples of products, services and solutions that are designed with a view to making privacy the default mode of operation.
Toronto-based innovation incubator MaRS was on hand to showcase leading edge technology, with privacy solutions embedded, from a number of its Ontario-based companies. I have invited Earl Miller of MaRS as a guest blogger for this entry – to share his thoughts on why young tech companies should treaty privacy as a key business issue: Read the rest of this entry »
