Daily Dashboard

Advocates: Stronger Law, Fining Powers Needed


January 11, 2012

A public interest advocacy group says proposed changes to the Personal Information Protection and Electronic Documents Act (PIPEDA) don't go far enough in requiring organizations to report breaches, reports the Financial Post. The Public Interest Advocacy Centre says PIPEDA--even with the proposed changes--gives organizations the ability to unilaterally deem a breach not harmful to consumers, adding, "The result is likely to be a vast underreporting of serious data breaches." The group is calling for all breaches to be reported to the "relevant privacy commissioner," who would then decide whether the public should be notified. Echoing Privacy Commissioner Jennifer Stoddart's calls, the group would also like to see fines assessed to organizations that don't report breaches.
Full Story