Personal Information Protection Act
Personal Privacy Protection in Canada
Canada adopted the Personal Information Protection Act (PIPEDA or PIPED Act) on the 13th of April, 2000. That means they're about a decade ahead of us in terms of privacy legislation. The purpose of the PIPEDA was as much to protect Canadians (and European citizens within Canadian borders) from privacy violations as it was to help promote and foster electronic commerce (e-commerce).
The Model Code for the Protection of Personal Information
In 1995, the CSA (Canadian Standard's Association), developed the Model Code for the Protection of Personal Information. The Personal Information and Protection Act makes many of the provisions outlined in the Model Code mandatory.
What is the Definition of Personal Information?
The definition of personal information, according to PIPEDA, is "information about an identifiable individual, but does not include the name, title or business address or telephone number of an employee of an organization."
What Does the Personal Information Protection Act Do?
The law enforced by PIPEDA gives individuals the right to:
- Know why an organization collects, uses or discloses their personal information;
- Expect an organization to collect, use or disclose their personal information reasonably and appropriately, and not use the information for any purpose other than that to which they have consented;
- Know who in the organization is responsible for protecting their personal information;
- Expect an organization to protect their personal information by taking appropriate security measures;
- Expect the personal information an organization holds about them to be accurate, complete and up-to-date;
- Obtain access to their personal information and ask for corrections if necessary; and
- Complain about how an organization handles their personal information if they feel their privacy rights have not been respected.
The law requires organizations to:
- Obtain consent when they collect, use or disclose their personal information;
- Supply an individual with a product or a service even if they refuse consent for the collection, use or disclosure of your personal information unless that information is essential to the transaction;
- Collect information by fair and lawful means; and
- Have personal information policies that are clear, understandable and readily available.
Is a Personal Information Protection Act Coming to the U.S.?
The United States does not currently have a Personal Information Protection Act, but similar legislation exists and new privacy laws are in the works. Specifically, we currently have:
- Privacy Act of 1974 - designed to protect individuals personal information stored by federal agencies.
- Electronic Communications Privacy Act of 1986 (ECPA) - this act was created to ultimately protect consumers data while in transit. Be that via signs, signals, writing, images, sounds, data or intelligence. However, it has received criticism for failing to adequately protect communications and consumer records.
- Children's Online Privacy Protection Act of 1998 (COPPA) - the primary purpose of this act is to give parents control over what information is collected from their children online and how this is used. Website operators are required to post a privacy policy, notice of data collection, give parents a choice as to third party data disclosure, and maintain data integrity and protection, among other things.
- Children's Internet Protection Act of 2001 (CIPA) - enacted to protect children from offensive online content, particularly if accessed from school or library computers. If schools adhere to the safety policy requirements, they receive funding benefits and discounts.
- Fair and Accurate Credit Transactions Act (FACTA) of 2003 - an amendment of the Fair Credit Reporting Act - FACTA gives consumers access to their credit reports and provides provisions to help prevent identity theft. Consumers are able to place alerts on credit histories. Finally, FACTA requires secure disposal of personal information. Unfortunately, financial institutions and other companies are turning this opportunity into a profitable venture by charging for credit and privacy protection measures.
While all of these acts take steps in the right direction, their implementation and enforceability is lacking when compared to the rapid pace at which technological advances are making individual's personal information accessible to unauthorized eyes.
Want to see privacy reform catch up and be enacted before your personal data is put at risk? Make yourself heard! Comment below with your own privacy/ personal information/ identity theft experiences and fears and help us spread the word on the importance of personal information protection!
Print 
PDF
Email
View Comments
Post a CommentCanada really seems nice sometimes.
Well, you have to give it to the Canadians. They often seem ahead of us in many things when it comes to socialization and creature comforts. Like sometimes, I hear some news story or something that mentions the free healthcare in Canada and I feel a pang of longing. It would be awesome to stop worrying about health insurance costs. Of course, I would not be interested in living in a communist society (which is what most people say when I mention Canada‘s cool sounding-ness), but a set up like they have in Canada truly does sound nice in many ways.
It also seems odd that the United States has not come up with something equivalent. It almost sounds like they want to be able to keep up with our information for some reason. I guess that is understandable to some extent when you consider homeland security concerns. I just worry about the misuse of power, you know. But they have to ensure our safety, so I guess I am a little divided on the matter.
Question regarding Church/Nonprofit Organizations and Privacy
Does a lack of a personal privacy act in the US mean that if I request a copy of any records that may have been compiled about me (I was raised as a Jehovah's Witness and didn't get out until the age of 21), that they will not be obligated to honor my request? Can anyone steer me in the right direction? Thanks.
US Privacy Act
That's a good question. I would think that most records that exist about you that contain personal or sensitive information you would have a right to see. The more sensitive the information the more rigorous the steps to prove your identity to them may be. If you know who to contact, it can't hurt to ask, right?
Google and privacy legislation
Personal Data = $$
Key legislation
Personal Information Protection Act in the U.S.
I find it hard to believe that the U.S. doesn't have its own Personal Privacy Act. Oh wait, no I don't - because my credit card numbers keep getting scammed, and so does my phone, and my email, and everyone in my family gets hit by scammers and spammers...so - nope, can't say I'm surprised one bit that the U.S. doesn't have a personal info protection act.
Do we need one? Hmmm, see above. Please, United States of Non-Privacy, get your act together and help protect your citizens (and consumers). If you want us to be patriotic and spend, you're going to have to set up the system so we can actually do that without being defrauded and losing our identity, house, money, etc. etc. !!!
 |
 |
 |
FrontPoint Security is the winner of our 2011 best home alarm system award, now two years in a row. Congratulations!
- I will second the Sig Sauer
3 days 10 hours ago - Video cameras
5 days 3 hours ago - Power Home Security?
6 days 23 hours ago - Broken in
1 week 2 days ago - Blizzard fraud
1 week 4 days ago