On August 13, 2020, the Office of the Privacy Commissioner of Canada (OPC) released the new Privacy Guide for Businesses (the Guide). The Guide provides organizations with a summary of the Personal Information Protection and Electronic Documents Act (PIPEDA) and explains how it applies. The goal of the Guide is to make it easier for businesses to protect their customers’ privacy and comply with PIPEDA.
The Guide explains PIPEDA’s ten fair information principles: (1) accountability; (2) identifying purposes; (3) consent; (4) limiting collection; (5) limiting use, disclosure and retention; (6) accuracy; (7) safeguards; (8) openness; (9) individual access; and (10) challenging compliance. For each principle, the Guide sets out a business’s responsibilities, how to fulfill those responsibilities and practical tips, with links to further resources on these topics. In particular, the Guide goes into detail on steps for businesses to obtain proper consent to collect personal information and stresses that businesses generally should obtain express consent.
Another major topic addressed by the Guide is how business should deal with a breach of their customers’ personal information. It provides guidance on how businesses should determine when their customers are at real risk of significant harm and the content of their breach reporting records.
The Guide is a valuable resource that businesses should consult to ensure that they meet their obligations under PIPEDA.
Summary By: Matt Frontini
Disclaimer: This Newsletter is intended to provide readers with general information on legal developments in the areas of e-commerce, information technology and intellectual property. It is not intended to be a complete statement of the law, nor is it intended to provide legal advice. No person should act or rely upon the information contained in this newsletter without seeking legal advice.
E-TIPS is a registered trade-mark of Deeth Williams Wall LLP.