During the past 6 years it has been beyond frustrating to watch little to nothing happen with our Canadian privacy laws, despite the constant and very public cry of our leading privacy experts such as Daniel Therrien, our Privacy Commissioner.
Technology has certainly not stood still. PIPEDA was passed 20+ years ago (with little to no enforcement capabilities by the Office of the Privacy Commissioner, or anyone else for that matter). The Apps, browsers and websites who constantly capture our personal data and use it in ways beyond our imagination, selling it to third parties for their use as well, is staggering yet commonplace.
So much so, the EU implemented the General Data Protection Regulations (GDPR) in May of 2018 and are aggressively trying to protect EU citizens rights across the board. And California has passed 2 laws (CPPA and CPRA) in the last 4 years in an attempt to do the same for California citizens whose privacy rights are being constantly abused. Just about every region in the world are developing their data protection laws, even China! Meanwhile back in Canada; crickets.
Well, not complete crickets. In May of 2019, the then Minster of Innovation, Science and Economic Development, Navdeep Bains with photo opportunities and a little fanfare within the privacy community introduced Canada’s Digital Charter. These 10 principles were meant to guide us while “building trust in a digital world”.
In November 2020, almost a year and a half later, ISED introduced Bill C-11, billed as “An Act to enact the Consumer Privacy Protection Act and the Personal Information and Data Protection Tribunal Act and to make consequential and related amendments to other Acts”. and “proposals to modernize the Personal Information Protection and Electronic Documents Act (PIPEDA). They called it a “balanced approach”, but let’s unpack that statement.
On the one hand, collectively, business has been doing whatever they please with individuals personal data for about 20 years now. With an eye to what technology allowed them to do and very few asking “should we do that”, we (the collective business community lead by social media platforms) developed some very questionable practices around what we used that Personal Information for. We all accepted these practices as a “part of the digital world”.
Meanwhile…
