Why do we need to fix our privacy laws?
This is actually pretty straightforward: The Privacy Commissioner of Canada, who oversees our privacy laws, must have the power to enforce the laws and give penalties to those who violate them. It’s that simple. That way, when our privacy is violated, someone will be charged with and able to fix the problem.
Over the last year, our community has fought a number of violations of our privacy, including:
- Clearview AI making nearly every person in Canada a suspect in criminal investigations through their facial recognition technology.1,2
- The medical laboratory company, LifeLabs, breaching the personal information of 15 million Canadians.3
- Statistics Canada collecting the sensitive financial information of Canadians without their consent.4
Without meaningful independent enforcement powers for the Privacy Commissioner, our community is largely alone in this fight; citizens need to file personal or collective lawsuits against the companies themselves, and we don’t have to tell you who has the deep pockets to win those cases.
Okay, so there’s a privacy enforcement problem. But how big is it, and does it really affect me?
At the end of 2018, private sector organizations began having to report their data breaches to the Office of the Privacy Commissioner of Canada. At the end of 2019, after only one complete year of reporting, they learned that more than 28 million Canadians had their personal information breached in that time alone.5
That’s a snapshot of how bad the problem is in the private sector. We don’t even know what’s happening in the public sector. And we have no idea what happened prior to 2018.
Wondering if you’ve been impacted by a data breach? You can find out by entering your email address on the website linked in this footnote.6
So there’s a problem and it affects me. Now what?
Now we get as many as people as possible to sign this petition to demand that the federal government gives the Office of the Privacy Commissioner the enforcement powers it needs to protect our privacy!
This is what we’ve been promised and it’s not revolutionary. In the United States, the Federal Trade Commission has the power to impose fines on bad actors. In 2019, they imposed a $5 billion fine on Facebook.7
In the United Kingdom, the Information Commissioner’s Office can also impose fines for privacy violations. For example, in October of 2020, they levied a fine of £20 million against British Airways.8
And right here in Canada, British Columbia’s Privacy Commissioner has the ability to issue legally binding orders against public bodies. As of writing, in late October, they’ve issued 45 so far this year against entities like government ministries, public universities, and crown corporations.9
Our federal government shouldn’t be the last government to take our privacy seriously. By giving the Office of the Privacy Commissioner enforcement powers, we’ll make sure the private sector complies with our privacy laws, and demand more accountability and transparency from our public bodies.
Great! I’m onboard. What can I do?
Sign the petition, and share it with your networks! We need as many people as possible to speak out if we’re going to fix privacy in Canada.