LifeLabs data breach: We need action!

15 million people in Canada have just had their private information breached from LifeLabs, a medical testing company. The breach potentially includes names, passwords, health card numbers and lab test results.1

Excuses and apologies aren’t enough: we need our government to take action and create better protections for our private data. 

Sign our petition calling on Parliament’s Standing Committee on Access to Information, Privacy and Ethics (ETHI) to investigate LifeLabs, and put forward recommendations to ensure this doesn’t happen again.

This campaign has now concluded, and 9,457 us took action to demand a proper investigation and stronger privacy protections for our data. 
P
rivacy commissioners in Ontario and British Columbia concluded that LiveLabs violated the privacy of millions of people in Canada by creating the conditions that allowed for this data breach. 

This data breach, and the resulting investigation, have underlined how Canada's privacy laws remain woefully underequipped to provide modern-day protections of our digital data, and fail to give enough power to regulators. We're ramping up our campaigning to update Canada's privacy laws, so please sign up to our privacy campaign to get all the updates about actions you can take to protect privacy. 

This is not the first time the data of millions of people has been mishandled by big corporations. From Yahoo to Ashley Madison to Equifax, we have seen dozens of data breaches over the past decade.2-4

While these companies often end up paying millions in fines and settlements in the US and the EU, there is often little consequence for companies in Canada. 

Just a few years back, LifeLabs lost the information of 16,000 people in British Columbia with no repercussions to speak of.5

What’s worse, earlier this year, the privacy commissioners of Canada and BC found that AggregateIQ broke local privacy rules during its work on the Brexit campaign with Cambridge Analytica. Yet, the company did not pay any fines or face any consequence for breaking Canada’s privacy laws.6

In the wake of this data breach at Life Labs, we need the new parliament to take immediate action to strengthen our privacy laws and create better enforcement mechanisms. 

This starts with the parliamentary committee in charge of privacy launching an investigation into this breach and proposing ways to increase corporate accountability to stop these breaches for once and for all. 

Sign this petition today so we can deliver it to the new committee as soon as the members are appointed by Parliament.

Sources

  1. LifeLabs pays ransom after cyberattack exposes information of 15 million customers in B.C. and Ontario - CBC
  2. Yahoo! data breaches - Wikipedia
  3. Life after the Ashley Madison affair - The Guardian
  4. Equifax to pay up to $700M in U.S. to settle data breach, but Canada is not included - CBC
  5. Medical lab loses thousands of B.C. patient records - CBC
  6. AggregateIQ will not face financial penalties in Canada after investigation finds it broke privacy laws - The Globe and Mail

Press: Laura Tribe | Phone: +1 (888) 441-2640 ext. 0 | Office: +1 (844) 891-5136 | laura@openmedia.org