Slashdot Mirror
Canadian Privacy Act
Nos. writes "Yesterday, I happened upon an Act that came into effect in Canada on January 1, 2004. The Personal Information Protection and Electronic Documents Act protects almost every bit of personal information not publicly available. For example, your name, race, date of birth, income, etc. are protected where your address and telephone number are not (these are generally available in the telephone book). Some of the more interesting parts of the faq include such wonderful things as: '[businesses must] supply you with a product or a service even if you refuse consent for the collection, use or disclosure of your personal information unless the information is essential to the transaction'. Definitely a step in the right direction."
are two different things. Ie, here in Germany we have very tough laws with regard to your personal information and how it must be handled by businesses and the government. It's called "Datenschutz" and the CCC (Chaos Computer Club, you know: Blinkenlights) is a big lobbiest for Datenschutz.
Unfortunately the laws and procedures are broken every day, simply because it's so easy to do. It's very rare that somebody publicly complains when personal privacy is jeopardized and even when somebody cries foul, the public doesn't care.
Free Manning, jail Obama.
I actually had to sign one of these statements at work & deal with this whenever I see the doctor/dentist/etc.
It seems that information already collected must be dealt with according to the act. Just because you collected it last year, doesn't mean you don't need consent to use it this year. Actually, my Dentist made me sign a form for them to share/get information with outside labratories.
===> An eye for an eye makes everyone blind - MG
There is another act called the Privacy Act that circumscribes the behaviour of government. That act was passed in 1980. You can find it here... http://laws.justice.gc.ca/en/p-21/93543.html
G1Q 1Q9
translation: (I have) (an) (ass(, (a) (new) (ass)
note that in French, the adjective (new) comes after the noun (ass), and I switched them for non-French slashdotters
Your SIN is private, right? HEH. Nope. Now it's linked in government databases to everything. As someone who once had complete and total access to several sensitive (welfare client info) government databases - and was challenged appropriately by only ONE of dozens of sysadmins - I don't trust the government to protect a pile of dog feces.
The personal details of all Canadian residents (not just citizens) are automatically classified as "Protected" and any department or agency worth their salt actually do take this sort of stuff seriously.
Any case of abuse (of people's personal data) does tend to result in being fired, period.
The federal government (outside CCRA) does avoid using SIN as much as possible because any document with that on it, has to be classified "Protected".
HRDC uses a fair bit, but as little as possible in what I've seen.
I've seen federal government forms that ask for only the last digit of your year of birth, in an attempt to prevent age decriminitation (if they don't know your actual age, they can't be accused of decriminiating based upon it) in the hiring process.
Honestly I have to say the Canadian federal government takes privacy seriously, it's an important Canadian value. Sure, some people see it as a hassle and more paperwork, but overall the vast majority do value the public's privacy and security.
BTW, do you know if there was an auditing on that database? Not all privacy enforcement is pro-active, to prevent being overly burdensome, but can flag and catch abusers. That technique is heavily used in medical privacy, and the medical files of celeberties.