If you’re a Canadian startup or enterprise and find Canadian privacy laws challenging to comply with, you will soon find it miserable too!
Because the government of Canada is going to make many major and minor changes in Canadian privacy legislation.
Our in-house compliance consultants have been keeping a close eye on the activities and statements of the privacy commissioner of Canada.
The following are the 3 most important Canadian privacy acts’ recent developments that you should be aware of.
Canadian Privacy Laws Recent News
1. Minister of Innovation, Science and Industry introduced a bill set to increase privacy protections
Recently, Minster Navdeep Bains introduced a bill named the Consumer Privacy Protection Act.
The underlying purpose of the newly introduced bill is to upgrade the federal government’s framework responsible for the protection of personal information, especially in the private sector.
The bill proposes the highest level of individual’s data protection and enhanced control over data and personal information.
The bill hasn’t been passed yet, but if it will, companies would need to be more transparent and aggressive about the collection, storage and usage of data.
This bill would also offer more order-making powers to the privacy commissioner. As a result, he would easily handle privacy law violation cases without the influence of any others.
The bill also includes the fine for not being compliant with the new Customer Consumer Privacy Protection Act.
The fine would be up to five percent of global revenues or $25 million – whichever the higher!
Here, it is worth noting that this fine would be the highest among the G7 nations.
Bains emphasized again and again – even in tweets – that the new privacy law in Canada will give Canadians greater control, transparency and input into the way their data is being used by other companies.
You have a right to understand and feel in control of how your data is used. The new legislation we tabled yesterday will give Canadians more power over what companies can do with their personal information. https://t.co/vwoHdYgb36
— Navdeep Bains (@NavdeepSBains) November 18, 2020
However, like all compliance consultants and businesses, we expect a clear implementation guide from the government.
We strongly believe that this proposed act is just the first step toward a detailed restructuring of Canada’s privacy framework!
2. Artificial intelligence is about to be regulated in Canada
— OPC (@PrivacyPrivee) November 12, 2020
During the second week of November 2020, the Privacy Commissioner of Canada – Daniel Therrien – recommended steps to regulate artificial intelligence in Canada.
He has also called for legislation that would mix up with Canada’s major federal privacy law – PIPEDA.
In the statement, Daniel Therrien said that AI has great potential. But we have to make sure that AI should implement in a way that respects security policies and other human rights.
He further stated that a rights-based approach will guarantee the advanced innovation and responsible development of AI technologies.
Since AI majorly plays with data, it was already anticipated that it would soon be regulated.
The OPC highlighted a report which talked about the capabilities of AI.
AI finds the meaningful patterns out of historic data and makes predictions such as whether people qualify for the loan, get a job or pay a higher insurance premium.
Such information or data leaves a real impact on their lives. Thus, data that reveals the personal capabilities of the people should be regulated.
3. Canada’s privacy commissioner has already identified new privacy concerns around telemedicine and EdTech
Last month, Canada’s privacy commissioner published a report.
In that report, it is clearly stated that the new technologies that individuals and companies have been adopting during the pandemic raise many new privacy concerns.
The report specifically targets the technologies used in telemedicine and EdTech.
And since the current legislation does not protect Canadians against the privacy risks associated with telemedicine and EdTech, the commissioner suggested major changes in privacy legislation are on the way.
In both telemedicine and EdTech segments, video conferencing technology is the most prominent technology that interacts with users’ data in audio and video format.
And it is needless to say that data in audio and video format is more private and personal rather than the data in other formats.
The privacy commissioner highlighted the scenarios – e-learning platforms can capture important information about students’ learning and behavioural issues and telemedicine platforms can put doctor-patient confidentiality at risk.
A message from compliance consultant:
2020 has been the only year in recent history when so many changes in privacy laws have been suggested.
Since all of these proposed changes are purposeful, we will soon see them as the laws.
And when a proposed bill will become law, you need to comply with it.
With our dedicated team of privacy laws experts, we enable you to focus on your core business value and operations while we execute compliance audits and make you compliance-ready.
You will be stunned to know how we helped an app development company to fill 47 security gaps and be HIPAA compliant. (Read Full Case Study)