snIP/ITs Insights on Canadian Technology and Intellectual Property Law

Tag Archives: PIPEDA

Fintech Regulatory Developments: 2017 Year in Review

Posted in Fintech, Regulatory Compliance

As predicted in our 2016 year-end report, 2017 proved to be a busy year for Fintech in Canada, with a number of important regulatory developments. With the dawn of 2018, we look back to summarize some of 2017’s most notable Fintech regulatory developments in Canada, as well as developments to watch for in 2018.… Continue Reading

FIPA Report Calls For Unnecessary Regulation of Auto Sector Privacy: Are Other Sectors of the Economy Next?

Posted in Privacy

On March 24, the BC Freedom of Information and Privacy Association (FIPA) released a report titled, The Connected Car: Who Is In the Driver’s Seat (the “Report”). The 123-page Report describes the increasing use of digital features and services in today’s automobiles and, among other things, recommends that the federal government enact data protection regulations aimed specifically at the auto sector. The Report is authored principally by Phillippa Lawson, formerly the Executive Director of the Canadian Internet Policy and Public Interest Clinic.

There is more and more software being used in vehicles, and there are a growing number … Continue Reading

You can stay anonymous: SCC recognizes a privacy interest in protecting anonymity on the Internet

Posted in Privacy

On June 13, 2014, in a landmark privacy ruling, the Supreme Court of Canada (“SCC”) in R v Spencer[1] (“Spencer”) unanimously recognized that, in addition to confidentiality and control of the use of personal information, there may be a privacy interest in protecting anonymity in the context of internet usage. In this decision, the SCC decided that a person has a reasonable expectation of privacy associated with Internet activities and that the “lawful authority” exemption in PIPEDA does not create a basis to provide such information to the police unless the police actually demonstrate that … Continue Reading

The Digital Privacy Act: Proposed Amendments to PIPEDA

Posted in Privacy

On Tuesday April 2, 2014, the government gave first reading to proposed amendments to the Personal Information Protection and Electronic Documents Act (“PIPEDA”). These amendments have been tabled as Bill S-4 in the Senate (the “Bill”), which is entitled the Digital Privacy Act.

The Bill is broadly similar to the former Bill C-29 which was introduced in 2010 but never passed.  However there are some changes, particularly in introducing a new “compliance agreement” paradigm.

Broadly, the major changes proposed in the Bill can be summarized as follows.  The Bill would:

  • Require mandatory reporting of security breaches
Continue Reading

Canadian Federal Government Revives Amendments to PIPEDA – Part II: Other Changes to Canadian Private Sector Privacy Law

Posted in Privacy

In addition to the breach notification requirement discussed in Part I, Bill C-12 also proposes a number of other smaller amendments to PIPEDA which will be of interest to Canadian businesses. Many of those changes would serve to formalize or clarify existing duties and exceptions under PIPEDA.

Here is a quick summary of these other amendments to Bill C-12:

1.  New exemptions for prospective and completed business transactions

In addition to the existing exceptions that allow for use and disclosure of personal information without the consent of individuals to whom the information pertains, Bill C-12 will further allow use … Continue Reading

Do Not Track and Online Behavioural Advertising – Part II: Best Practices

Posted in Consumer Protection, E-Commerce, Privacy

With the push from users and legislators towards DNT and with most browsers providing users with the choice of a DNT setting, it is important for businesses to be ahead of the curve. In addition to an organization’s existing policies and safeguards under the Personal Information Protection and Electronic Documents Act (PIPEDA), businesses should have a clear DNT policy and should effectively communicate that policy to the user, explaining exactly what the business is doing with consumer data once a user has chosen not to be tracked.

Mozilla recently put out a useful DNT guide for developers and businesses … Continue Reading

Do Not Track and Online Behavioural Advertising – Part I: Coming to a Parliament Near You?

Posted in Consumer Protection, E-Commerce, Privacy

Privacy versus personalized content – it is the tension that underlies online behavioural advertising (OBA), and increasingly that tension is threatening to snap. OBA is the practice of tracking consumer’s online activities in order to deliver targeted marketing. Businesses stitch together information, like the websites a consumer visits, the content a consumer views and the searches a consumer runs, into a fingerprint of interests and tastes so that the consumer receives more resonant (and ideally more valuable) advertising.

OBA can be extremely valuable to your business. For example, if I purchase peanut butter online, the shopping website may recommend that … Continue Reading