One thing that was relatively consistent in the submissions at PIPEDA's five year review was to follow in the footsteps of more than half the US states to require notification of security and privacy breaches. Canwest is reporting on leaked draft legislation which will surely disappoint many in the privacy community. In effect, there is no mandatory reporting. Businesses get to determine whether there is a "high risk of significant harm" and only then do they need to report the breach to consumers. Not reporting has no consequences. See: Feds to leave disclosure of data security breaches to businesses: legislative plan.
Feds to leave disclosure of data security breaches to businesses: legislative plan
Labels:
breach notification,
pipeda review,
privacy
Spread The Love, Share Our Article
Subscribe to:
Post Comments (Atom)
Popular entries
-
Incident: Sick Kids physician loses portable hard-drive with unencrypted personal health informationA physician from Sick Kids hospital who decided to travel with a portable hard-drive containing unencrypted health information on 3,300 pat...
-
The Information and Privacy Commissioner of Alberta released a very interesting order today, considering whether the right to freedom of exp...
-
The Securities and Exchange Commission has voted unanimously to introduce amendments designed to strengthen the regulatory framework govern...
-
USA: Restoring American Financial Stability - discussion draft published by Senate Banking CommitteeThe United States Senate Committee on Banking, Housing and Urban Affairs has published a discussion draft titled Restoring American Financ...
-
In case you were wondering, you really shouldn't expect that anything you post on your MySpace page will be kept private. If you are in ...
-
According to an article in USA Today, Facebook is following in the footsteps of Google and others by using targeted ads. I'm not at all ...
-
I was interviewed some time ago for a Globe & Mail article on workplace surveillance, which appeared yesterday. The piece discusses keys...
-
Like many people I suspect, I was concerned to read the recent BBC report about glass ceilings which, the report said, means that "to...
-
Earlier this year, in Hawkes v Cuddy [2009] EWCA Civ 261 , the Court of Appeal declined to follow the position, adopted in Re Guidezone [2...
-
In Gregson v HAE Trustees Ltd & Ors [2008] EWHC 1006 (Ch) a so-called "dog-leg" claim was brought against the directors of a ...
Comments
Post a comment on: Feds to leave disclosure of data security breaches to businesses: legislative plan