Canada Dashboard Digest

Are you sick of hearing about Heartbleed? If you are, you may want to skip some of the stories profiled in this week’s Dashboard Digest. If, however, you are like me, you might still be confused by the array of stories about the technical vulnerability, how it works and what damage it might have caused. I had to do a fair amount of self-study this week to prepare for an on-air interview with the CBC, and I must admit that the more I read about it, the more questions I had.

One thing is for sure: We work in an increasingly dynamic industry where things change faster than ever. What was once considered secure is actually not. Safeguards that you thought were good enough, aren't. I suppose that’s all the more reason the privacy professional needs tools like the Dashboard Digest—to try and stay on top of what’s going on.

With respect to the Heartbleed saga, we felt that you deserved even more opportunity to learn about it, so we have added a session to this year’s Symposium that promises to educate privacy professionals on exactly what they need to know about the vulnerability. I hope you can make it to Toronto if you're keen to learn more.

Somewhat overshadowed by Heartbleed were two rather significant decisions from Commissioners Denham and Cavoukian. Read on to learn more because these, too, are important events. 

Have a great weekend, and happy (Easter egg) hunting!

Kris Klein
Managing Director
IAPP Canada

Top Canadian Privacy News

DATA LOSS—CANADA

BC Commissioner Monitoring Breach Investigation (February 26, 2010)

The Office of the Privacy Commissioner of British Columbia is monitoring an investigation into how banking documents turned up at a recycling center, reports Nanaimo Daily News. A Nanaimo man discovered the documents earlier this month. They contained the names, debit card numbers and expiration dates of Coastal Community Credit Union customers, the report states. Credit union officials said they will notify more than 250 affected members by Saturday.
Full Story

PRIVACY LAW

Commissioners Call for Appeals of Newfoundland and Labrador Ruling (February 26, 2010)

Information Commissioner Suzanne Legault, like her Newfoundland and Labrador counterpart, is raising concerns about two recent court decisions that limit the provincial commissioner's powers. "We are definitely following this closely and we're certainly hoping that these decisions will be appealed," Legault told The Telegram in a recent interview. The Newfoundland and Labrador Supreme Court ruled that the information commissioner's office may not examine any information the government deems to be legal advice. Newfoundland and Labrador Information Commissioner Ed Ring said he plans to meet with key staff and legal advisors on the matter and "will consider all options for redress/solutions available and proceed from there."
Full Story

DATA LOSS

Procedures Tightened after Durham Data Breach (February 26, 2010)

Durham Region is tightening up its procedures and increasing staff training after the loss of a portable computer device holding personal information including names, addresses, phone numbers and dates of birth on 83,524 people immunized at an H1N1 clinic, DurhamRegion.com reports. The security improvements come in the wake of a four-part order issued by Ontario Privacy Commissioner Ann Cavoukian in January requiring Durham to encrypt data on mobile devices such as USB drives and laptops. All health department mobile devices are now encrypted, the report states, and corporate information systems staff will be undergoing mandatory security and privacy training in March.
Full Story

PRIVACY LAW

Court of Appeal Decision Expected to Have Significant Privacy Implications (February 26, 2010)

Information and Privacy Commissioner Frank Work has said that "likely hundreds of Albertans will lose the privacy remedies they thought they received in response to their complaints" as a result of a recent Alberta Court of Appeal's decision that found the IPC cannot extend investigation time limits imposed by the Personal Information Protection Act (PIPA). An analysis featured this week in ABlawg: The University of Calgary Faculty of Law Blog on Developments in Alberta Law offers a similar interpretation. "It seems patently unfair that complainants will not have their complaints adjudicated for reasons over which they have no control," the analysis states. Work is considering appealing the decision to the Supreme Court of Canada and has stated he will be asking the Alberta Legislature to amend PIPA to address the situation.
Full Story

PRIVACY

Commissioner Cutting Services Due to Funding Woes (February 26, 2010)

The Saskatchewan privacy commissioner's office will be cutting back on its services due to limited staffing, the Winnipeg Free Press reports. Privacy Commissioner Gary Dickson said increased demand for services has surpassed the current staffing levels, and with the Board of Internal Economy's denial of a request for $129,000 in funding, the result will be more "waits and delays" for Saskatchewan's residents. With the number of reviews and complaints now up 113 percent, Dickson said, "We just cannot possibly...respond to that demand in any kind of reasonable timeframe." The office's three investigators are currently managing a caseload of 376 files, and some residents have been waiting years for resolution.
Full Story

PRIVACY LAW

Op-Ed: BC Database Poses Privacy Risk (February 26, 2010)

The provincial government's plans for a new database linking information gathered for income assistance, employment services, child welfare, family development, child mental health, youth justice and other purposes will put British Columbia residents' privacy at risk, a Times Colonist editorial asserts. Pointing to the project's objective of providing a "holistic view of each citizen," the editorial voices concern about giving government employees wider access to citizens' private information. "The dangers are obvious," the report states. "At a minimum, combining huge caches of personal information in one location invites theft...But there is a far more serious objection to this project. Whose interest is the government serving, when it sets out to develop a 'holistic view of each citizen?' It cannot be ours."
Full Story

ONLINE PRIVACY—ITALY

Reaction Rages on Google Convictions (February 25, 2010)

"Stunning," "chilling," and "shear madness" are some of the words being used to describe yesterday's conviction of three Google executives in an Italian court. In nearly 1,000 media stories on the decision so far, politicians, advocates, academia and numerous others have reacted to news that the company's global privacy counsel and two other executives were found guilty of privacy violations for the posting of a disparaging video to the company's video platform site. U.S. Senator John Kerry (D-MA) expressed deep disappointment, saying, "To hold Google employees criminally responsible for the actions of its users is unjust." The American ambassador to Italy said, "We disagree that Internet service providers are responsible prior to the posting for the content uploaded by users." Those convicted will appeal the decision.
Full Story

EMPLOYEE PRIVACY—CANADA

Employer Ordered Not to Conduct Credit Checks (February 25, 2010)

Alberta's Office of the Information and Privacy Commissioner (OIPC) has ordered a retailer to stop performing credit information checks on job candidates, determining the practice is not "reasonably required" to assess job performance ability for sales associates, reports the Canadian HR Reporter. The decision followed the investigation of a complaint by a job applicant alleging the practice contravened the Personal Information Protection Act (PIPA). The company had responded by explaining it used credit checks to help assess such factors as whether applicants are financially responsible or pose theft or fraud risks, but the OIPC disagreed. The retailer has agreed to cease the practice.
Full Story

PERSONAL PRIVACY—CANADA

Stores Cited for Recording Tobacco Users’ Info (February 24, 2010)

Privacy Commissioner Jennifer Stoddart is asking the Federal Court of Canada to order a national grocery chain to stop collecting personal information from tobacco purchasers, the Ottawa Citizen reports. The court filing comes on the heels of an Office of the Privacy Commissioner (OPC) investigation that found Sobeys breached the Personal Information Protection and Electronic Documents Act (PIPEDA) by requiring clerks to enter the birth dates of customers who purchase tobacco products into their cash registers. Although customer names are not recorded, the OPC contends the birth dates can be linked to purchase data. An OPC spokeswoman said retailers should "take the least privacy-intrusive approaches possible, even when there's a requirement by law."
Full Story

PRIVACY—CANADA

Commissioner Cutting Services Due to Funding Woes (February 23, 2010)

The Saskatchewan privacy commissioner's office will be cutting back on its services due to limited staffing, the Winnipeg Free Press reports. Privacy Commissioner Gary Dickson said increased demand for services has surpassed the current staffing levels, and with the Board of Internal Economy's denial of a request for $129,000 in funding, the result will be more "waits and delays" for Saskatchewan's residents. With the number of reviews and complaints now up 113 percent, Dickson said, "We just cannot possibly...respond to that demand in any kind of reasonable timeframe." The office's three investigators are currently managing a caseload of 376 files, and some residents have been waiting years for resolution.
Full Story

HEALTHCARE PRIVACY—CANADA

Officials Look into Records Storage Complaint (February 23, 2010)

Saskatchewan Privacy Commissioner Gary Dickson is investigating a complaint by a Regina woman alleging she has been told she must pay to access her health records, CBC News reports. The woman's records were shipped to a private Ontario document storage company when her doctor's medical practice closed down, and she has since been told she must pay $150 for access to the file. While a storage company spokesperson told CBC News that its practices comply with the province's privacy laws, Dickson has raised concerns regarding how the information is protected. He notes contract "language that suggests the information can be de-identified without defining how or whether that would be true de-identification...That raises all kinds of red flags, all kinds of concern."
Full Story

PERSONAL PRIVACY

Be Smart about Smart Grid Privacy (February 19, 2010)

Like the toaster and blender, smart meters are expected to become household items within the next several years. Already, there are more than a million in Ontario, and in Boulder, Colorado, every home has one. Smart meters will record household electricity consumption--down to the appliance level--offering new information that is expected to help consumers manage their energy consumption. But advocates are warning that privacy safeguards must be incorporated into their design. In a CBC News report, Ontario Information and Privacy Commissioner Ann Cavoukian, who recently co-authored a whitepaper on the topic, says, "If privacy is to live well into the future, we can no longer rely on regulatory compliance."  
Full Story

ONLINE PRIVACY

OPC: Cloud Computing Conversation to Commence (February 19, 2010)

Despite its increasing popularity, cloud computing continues to raise data privacy concerns, reports CityNews. Earlier this month, the Office of the Privacy Commissioner (OPC) announced that it will hold public consultations on cloud computing and its impact on personal information. Colin McKay, the director of research at the OPC, says that although there are many benefits to moving to the cloud, there are also many questions that need to be answered. "The conversation has been growing louder and louder from a number of viewpoints when we're talking about cloud computing," McKay said.  
Full Story

SURVEILLANCE

Post-Game Privacy Concerns Aired (February 19, 2010)

The Olympic Games are underway and the conversation about the impact on citizens' privacy persists. In a VUE Weekly report, Laura Collison explores what civil libertarians have warned could be an unwelcome lingering effect--a city under surveillance. She asks, "What happens to the infrastructure when the Games conclude?" The privacy commissioner of Canada said recently, "Experience has shown that Olympic Games and other mega-events can leave a troubling legacy--large-scale security surveillance systems installed for mega-events often remain long after the event is over. Though Canadians have been assured many of these measures are temporary, no guarantees have been made..."
Full Story

SOCIAL NETWORKING

OPC Questions Buzz on Privacy Concerns (February 19, 2010)

The Office of the Privacy Commissioner (OPC) is looking into concerns that Google's Buzz social networking service may violate Canada's privacy laws, the Ottawa Citizen reports. The OPC has asked Google, which has made several changes to the new service, to explain how it is addressing privacy concerns. "We have seen a storm of protest and outrage over alleged privacy violations," said Privacy Commissioner Jennifer Stoddart, referencing the new service's "clear and significant privacy implications." During a conference call with Google officials earlier this week, Stoddart stressed that companies must comply with Canadian privacy laws when launching a new product or service in the country, the report states. Within the past week, a U.S. law firm filed a class-action suit in federal court alleging Buzz violated privacy rights, while the Electronic Privacy Information Center (EPIC) has asked the U.S. Federal Trade Commission to investigate the new service.
Full Story

INFORMATION ACCESS

Supreme Court Says Legal Advice Exempt from Review (February 19, 2010)

The Supreme Court of Newfoundland and Labrador ruled this week that the provincial information and privacy commissioner was not entitled to access certain legal information in the course of investigations due to attorney-client privilege considerations, reports The Telegram. The ruling follows a suit filed by the Williams administration to block the commissioner's access to documents it held on a former government employee. In a letter to the attorney general last year, Commissioner Ed Ring warned that such a ruling would "undermine the confidence of the public in my office and in the principles of openness, transparency and accountability."
Full Story

DATA PROTECTION

Revised PCI DSS Coming (February 19, 2010)

The Payment Card Industry Security Standards Council (PCI SSC) says it's on track to issue a revised standard, NetworkWorld reports. The council will have a draft revision as soon as May and will summarize the changes in early summer, according to PCI SSC General Manager Bob Russo. The council received nearly 3,000 comments during the public consultation period on the revised standard. Russo says the council will also issue a revised payment-card standard in October.
Full Story

GEO PRIVACY

Lights on, Nobody Home (February 19, 2010)

The creators of a new Web site called PleaseRobMe.com say they are not trying to encourage burglary, rather, they want to raise awareness about locational privacy, reports InformationWeek. The site aggregates social media data to create a clearinghouse of who's home and who's not home. "The danger is publicly telling people where you are," site co-founder Frank Groeneveld wrote on his blog. "This is because it leaves one place you're definitely not...home."
Full Story

DATA PROTECTION—CANADA

Privacy Concerns Persist over Data-Sharing Plan (February 17, 2010)

Privacy concerns are again being raised around British Columbia's Integrated Case Management computer system aimed at allowing housing and children's ministries staff to share information on more than 200,000 residents, the Times Colonist reports. Citing a 2008 recommendation by former Information and Privacy Commissioner David Loukidelis that such data-sharing plans not go forward without a public consultation, privacy advocates have asked Premier Gordon Campbell to review the project. "If you think about the kind of information government has about you, it's everything--your sexual history, drugs, health, family history and education," says BC Freedom of Information and Privacy Association Executive Director Darrell Evans. "To put this together on an individual is like a massive dossier."
Full Story

PERSONAL PRIVACY

How Much Does Openness Cost? (February 17, 2010)

Researchers, activists and celebrities have different ideas about the potential risks and benefits associated with being a "non-private person," the Toronto Star reports. Social media researcher Danah Boyd argues that there are "huge social costs" in choosing to live life in the public sphere. "Privacy is about having control of a situation," she says. Andrea James, a writer and activist, points to the financial aspects of "privacy as a commodity vs. privacy as a right" in an era where private individuals have shared their children, marriages and fertility treatments with millions via television and Internet programs for monetary gain. The report also examines the fallout that can occur between "non-private" people and their more private counterparts.
Full Story

FINANCIAL PRIVACY—EU & U.S.

European Parliament Votes No on U.S. Bank Data Access (February 12, 2010)

The European Parliament voted 378 to 196 on Thursday to reject a deal that would have allowed U.S. authorities to have access to European bank transfers, voicing concerns about the need for additional privacy safeguards. Canadian Business reports that lawmakers had been concerned about the proposal to allow the U.S. continued access to Society for Worldwide Interbank Financial Transactions (SWIFT) information, warning such a move could breach European privacy rules. U.S. authorities, meanwhile, pledged that the information collected through SWIFT was properly protected and used only in efforts to fight terrorism. Parliament's decision means the U.S. must now rely on agreements with individual EU nations to access financial data, the report states.
Full Story

PERSONAL PRIVACY

Changing World Means Challenges and Opportunities for Privacy Protection (February 12, 2010)

Privacy Commissioner Jennifer Stoddart believes "personal information requires more protection than ever before." That was one of the themes in Stoddart's remarks Thursday at the 11th Annual Privacy and Security Conference. When Stoddart became Canada's privacy commissioner seven years ago, "Facebook didn't exist. Neither did Twitter, Flickr, YouTube, Google Street View, Foursquare, iPods and all the many novel ways in which people now routinely connect with the rest of the world," she said, and with new technology and expectations have come new challenges. The commissioner explained that "the regulatory framework we have in place now for the protection of privacy and personal information is already being sorely tested," and the future includes finding the best route to improve current Canadian laws while continuing to work with the international community. As Stoddart put it, "A robust and coherent set of principles and guidelines, adopted around the world, will do much to preserve and promote the privacy rights of Canadians."
Full Story

PRIVACY

Following Breach Scandal, BC May Create CPO Post (February 12, 2010)

British Columbia's provincial government will explore creating a new chief privacy officer position following a recent privacy breach scandal involving the personal information of 1,400 government clients, the Times Colonist reports. "It's one of the things we are considering," says Citizens' Services Minister Ben Stewart. The announcement comes on the heels of a report  this week from Acting Privacy Commissioner Paul Fraser calling for the creation of a new executive-level post to help educate government employees on what to do in the case of privacy breaches. Stewart has said he will spend the next 90 days assessing what changes are needed based on Fraser's report and an internal review released earlier this month.
Full Story

SOCIAL NETWORKING

Student Prank Teaches Privacy Lesson (February 12, 2010)

While Canada's privacy commissioner has been examining how the world's most popular social networking site handles personal information, a group of University of Lethbridge students have conducted their own experiment and learned a privacy lesson in the process, the Calgary Herald reports. The group created an imaginary Facebook profile and began sending online friend requests to classmates to see how they would react. The experiment quickly grew out of control, the report states, prompting the group to delete the account two days later. Noting the presence of fake profiles on social networking sites to gather personal information, Professor Mary Dyck, an expert in the inappropriate use of online communities, notes that the more information they post online, the more vulnerable users are to "bullying, targeted marketing, predators, unwanted harassment and intrusions and feelings of discomfort."
Full Story

ONLINE PRIVACY

Commissioner Launches Public Consultation on Cloud Computing (February 12, 2010)

Privacy Commissioner Jennifer Stoddart announced Thursday that she is seeking public input through a consultation process on privacy issues related to cloud computing. "Businesses and individual Canadians are increasingly likely to make use of cloud computing technologies," Stoddart says. "And yet, they are often unaware that their activities could be affecting their own privacy. Our goal is to learn more about these issues, so that Canadians, in turn, can also become better informed." Written submissions will be accepted until April 15 and a formal discussion panel will be held in Calgary in June. This is the second public consultation aimed at exploring the privacy implications of technological trends, following last month's announcement of consultations focused on the online tracking, profiling and targeting of consumers.
Full Story

PERSONAL PRIVACY

Concerns Prompt New Fees for Internet Court Records (February 12, 2010)

In a move aimed at allaying privacy concerns, officials are charging fees for Internet access to British Columbia's public court records, the Times Colonist reports. In January, the provincial government began charging $6 per file for searches of criminal and traffic cases through the court's Web site. Critics believe the move limits public access while proponents point to concerns about use of the searches to "fish" for personal information. Shawn Robins, a spokesman for the BC Ministry of Attorney General, says the point of the fees is to "discourage casual use of the system...This benefits the system and responds to privacy concerns."
Full Story

PERSONAL PRIVACY

New Brunswick Minister Resigns over Privacy Allegations (February 12, 2010)

New Brunswick Minister of Justice and Consumer Affairs Bernard LeBlanc has resigned from his post following allegations that an e-mail sent in his name violated the privacy rights of a woman connected to an animal neglect case, CBC News reports. LeBlanc said that although he was not previously aware of the e-mail, he was taking responsibility for it because it had been sent from his office. "As a minister, I am of the view that this breach falls within the principle of ministerial responsibility," he told the legislature on Thursday. "This is a question of accountability, responsibility and honour. For me this is a matter of principle. For that reason, I have submitted my resignation as a member of cabinet."
Full Story

ONLINE PRIVACY

Study Finds Link Between Privacy and Successful Advertising (February 12, 2010)

A new study by researchers at the University of Toronto and Massachusetts Institute of Technology suggests companies need to consider consumers' sense of privacy in advertising campaigns, the Financial Post reports. Based on surveys of more than two million users of nearly 3,000 online ad campaigns, the study has found that while ads complementing Web site content and those that are highly visible are the most effective, that is not the case when the two forms are combined. The survey indicates negative reactions to such ads are linked to privacy issues, as those participants who refused to divulge certain personal information also tended to react adversely to highly visible ads related to Web site content.
Full Story

PRIVACY LAW

Case Linked to Illegal Juror Background Checks Ends with Guilty Verdict (February 12, 2010)

A murder case that brought privacy concerns about juror background checks into the public eye has resulted in a first-degree murder conviction for an Ontario man, CBC News reports. Shane Huard, who was found guilty of the shooting death of Troy Hutchinson on Thursday, originally faced trial with co-defendant Richard Zoldi in 2009, but the judge declared a mistrial two months into proceedings when it was revealed police had conducted extensive background checks on potential jurors, the report states. Following a four-month investigation, Ontario Privacy Commissioner Ann Cavoukian determined the background checks had violated privacy legislation and ordered an end to the practice. Cavoukian also asked the attorney general to create a centralized juror-screening process to minimize unnecessary background checks.
Full Story

ONLINE PRIVACY

Eyes on Saskatchewan (February 12, 2010)

Up-close and personal views of several Saskatchewan communities are just a click away via the Internet, but such easy visual access is causing privacy concerns, the Global Saskatoon reports. Google's Street View mapping service now features Regina, Moose Jaw, Saskatoon and Prince Albert among the many towns and cities where people can visit neighborhoods, businesses or favorite destinations online. Saskatchewan Privacy Commissioner Gary Dickson says steps have been taken to protect privacy. "The obvious things would be if a woman is coming out of a centre for abused spouses or a woman's shelter. She could be recognized," he says, giving an example of one area of concern.
Full Story

GEO PRIVACY

New Program Lets You Show What You Are Thinking—and Where (February 12, 2010)

A new social networking service that combines many of the features already used in some popular sites with location-mapping technology could pose new privacy challenges, the Washington Post reports. When used on mobile devices, Google's new "Buzz" social-networking feature has many attributes similar to popular services such as MySpace, Twitter and Facebook; however, when used on a mobile device, it ties into the capabilities of sites such as Google Maps to place users at their exact locations, the report states. Google representatives plan to make Buzz "standards-compliant" and "protocol-obeying" when it comes to sharing data; however, the report points out that Buzz's location-awareness options could present significant issues when it comes to protecting personal privacy. (Registration may be required to access this story.)
Full Story

ONLINE PRIVACY

Remembering Who, What, Where and When—Digitally (February 12, 2010)

Two computing pioneers are recording every aspect of their lives digitally, prompting questions about the potential dangers these "lifelogs" pose to personal privacy, The Times reports. Gordon Bell and Jim Gemmell, both Microsoft researchers, suggest the biological ability to retain memories can be augmented with an electronic memory they call "Total Recall." Proponents tout the ability of storing away mundane information and making interesting facts and experiences easily accessible. Others question whether using Total Recall could lead to a "life without privacy," where authorities could demand access to such memory storage banks. Bell, who has spent years compiling an electronic memory that comprises everything from letters and photographs to biometric data, says, "We need to adapt to reap the benefits."
Full Story

ONLINE PRIVACY—CANADA

Who’s Watching, Tracking and Profiling You? (February 9, 2010)
Privacy Commissioner Jennifer Stoddart is seeking the public's input on the online tracking, profiling and targeting of consumers, Canoe.ca reports, where information from social networking, tracking cookies and global positioning systems (GPS) can be pieced together to create personal profiles.

BEHAVIORAL TARGETING

“Everybody Can Be Tracked, Everybody Will Be Tracked” (February 8, 2010)
The San Francisco Chronicle reports on marketers' growing use of technologies to discern more about customers and prospective customers. Cameras within grocery store monitors, radio frequency identification (RFID) on shopping carts and billboards that target ads using publicly available data, among other methods, have arrived.

HEALTHCARE PRIVACY—CANADA

Privacy Commissioner, Security Expert Disagree over Durham Health Report (February 8, 2010)
Ontario Privacy Commissioner Ann Cavoukian has denounced criticism of her report on Durham Health Region's recent loss of a memory stick containing data on thousands of patients, itWorldCanada reports.

BIOMETRICS

Welcome back, Mr. Smith. Your Favorite Cereal is on Sale (February 5, 2010)
The Globe and Mail reports on the emerging use of facial-recognition technology in retail stores. Supermarkets could be going the "sci-fi" route, writes Dianne Nice, employing digital display ads that scan shoppers' faces to help advertisers understand more about them.

DATA LOSS

Brock Student Data Posted on Web (February 5, 2010)
Brock University officials were alerted to a breach involving personal data from its approximately 17,000 students after one student was able to access his own information through an Internet search, The Standard reports.

DATA THEFT

OIPC: Theft of Laptops Points to Need for Encryption (February 5, 2010)
Privacy officials are citing the recent theft of three laptops containing personal data on 8,600 Toronto teachers as an example of the need to encrypt sensitive material on all portable computers, the Toronto Star reports.

SURVEILLANCE

Privacy Concerns Endure as Olympics Near (February 5, 2010)
Privacy advocates are voicing concerns as camera networks are installed for the upcoming Olympic Games in Vancouver and Whistler. More than 900 cameras have been installed at Olympic venues and an additional 100 cameras have been installed on Vancouver streets, the Winnipeg Free Press reports.

TRAVELERS’ PRIVACY

Body Scanners Installed at the Vancouver Airport (February 5, 2010)
Two full-body scanners have been installed at Vancouver's airport, and a third is scheduled for installment soon, the Vancouver Sun reports.

SURVEILLANCE

Encryption (and Decryption) on Command (February 5, 2010)
When the Toronto Transit Commission implements video surveillance at its subway stations in the near future, it will likely employ a new technology aimed at addressing privacy rights, IT Business reports.

SOCIAL NETWORKING—CANADA

IIROC Considers Rules Governing Social Media Use (February 3, 2010)
The Investment Industry Regulatory Organization of Canada (IIROC) is considering new rules that would allow broker-dealer firms to monitor employee activities on social networking sites, the Wall Street Journal reports.

SOCIAL NETWORKING

Companies Rank Riskiest Social Networking Sites (February 3, 2010)
A survey of 500 companies worldwide by the security firm Sophos has found that 60 percent consider Facebook to be the riskiest social-networking site, USA TODAY reports.

ONLINE PRIVACY

Job Applicants’ “Online Reputations” Can Help or Hurt Hiring Chances (February 1, 2010)
Posting indiscreet information online can prevent Internet users from getting jobs, while positive "online reputations" can have the opposite effect, InformationWeek reports.

DATA BREACH—CANADA

Review Finds BC Government’s Response to Breach Inadequate (February 1, 2010)
A government review has found the response by British Columbia government officials and supervisors to a privacy breach involving the personal information of 1,400 income-assisted residents was inadequate, the Times Colonist reports.