[Ecommerce] Canadian Internet privacy law
James Love
love@cptech.org
Wed Dec 27 13:07:01 2000
http://www.nytimes.com/2000/12/23/technology/23PRIV.html
December 23, 2000
Canada Strengthens Internet Privacy
By TIMOTHY PRITCHARD
TORONTO, Dec. 22 — A
new law to protect personal
information disclosed through
electronic transactions will take
effect in Canada on Jan. 1, and it
will eventually affect all domestic
companies and those in the United
States that have Canadian
subsidiaries.
Initially, the new law, the Personal
Information Protection and
Electronic Documents Act, will
cover only companies that are
federally regulated — mainly
banks and airlines. But by 2004,
anyone doing business in Canada
must comply.
Under the law, the consent of
consumers would be required if
their personal information was
used commercially — and it would
be illegal to use data gathered in
the past without that consent.
Consumers will also have the right
to review any information about
them that is on file.
A privacy commission is being set up to investigate
violations, while protecting whistle-blowers, and to take law-breakers
to court if necessary.
[snip]
According to a survey by Michael Geist, a law professor at the
University of Ottawa, half of the commercial World Wide Web sites in
Canada do not have a privacy policy, and many of the existing policies
are weak. Of 259 sites surveyed this summer, 40 percent did not indicate
whether personal information could be given to a third party.
[snip]
Companies must not only set up procedures for disclosure and
consent, but also name someone responsible for privacy matters.
Mr. Keith of Borden Ladner said he did not think foreign
subsidiaries would find it difficult to meet the new standards, although
it could be a big undertaking for, say, a financial company.
[snip]
--
James Love <love@cptech.org> http://www.cptech.org
Consumer Project on Technology, P.O. Box 19367, Washington, DC 200036
voice 1.202.387.8030 fax 1.202.234.5176