(Jul 3, 2015) I hope everyone had a great Canada Day. It’s always a great day to live in Ottawa—even if the weather wasn’t completely cooperative. I hope that the celebrations around where you live brought out your patriotism. I work with a lot of American clients, so I took the time send along this little video reminding them of what it means to be Canadian. (I’m sure you remember it from a few years ago but it’s still a feel-good rant.) And, with the mid-week holiday, I needed some temporal adjusting becau... Read More

Canada Dashboard Digest

UN To Appoint Special Rapporteur for Privacy Tomorrow

(Jul 2, 2015) The United Nation’s Human Rights Council (HRC) will tomorrow announce its appointment for a special rapporteur on the right to privacy. President of the Human Rights Council Joachim Ruecker announced yesterday that the HRC’s Consultative Group ranked first Katrin Nyman-Metcalf of Estonia, though “concerns were raised as to whether she was the best qualified candidate for this specific position.” As such, Ruecker recommends for the job the Consultative Group’s second-rank pick, Joseph Cannataci o... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard

OPC Issues Transparency Guidance

(Jul 2, 2015) The Office of the Privacy Commissioner (OPC) has issued new federal transparency reporting guidelines to help citizens better understand in what circumstances businesses provide customer data to law enforcement. “We expect the guidance will help organizations to provide Canadians with a much clearer picture of what happens to the personal information they entrust to businesses,” said Privacy Commissioner Daniel Therrien, adding, “The new transparency guidelines will help to close existing gaps in transparency reporting.” Read More

Canada Dashboard Digest

Is Security Vs. Privacy A Falsehood?

(Jul 2, 2015) In a piece for the Ottawa Citizen, Shannon Gormley writes about last week’s report that the government gave the Canadian Security Intelligence Service (CSIS) more surveillance powers than it needed. The government, she writes, “has given our national spy agency powers that no spy agency should have,” citing the recent reports that CSIS “knew that it didn’t need new information-sharing laws.” Gormley contends that Canadians have been told, wrongly, that they must pay for security with their privacy. “Once again, that claim turns out to be false. But then, the security-versus-privacy debate is based on a fiction taken as self-evident truth by both sides,” she writes.   Read More

Canada Dashboard Digest

Amidst Breach Reports, Is Privacy Training the Answer?

(Jul 2, 2015) Detour Gold is notifying current and former employees their personal information may have been accessed, The Globe and Mail reports. Potentially compromised data includes social insurance numbers, the report states. Meanwhile, Bob Buckingham, a St. John’s attorney, is offering to represent thousands of victims in the Eastern Health data breach, CBC reports. “The implications can be catastrophic for individuals and extremely damaging overall for various aspects of the economy,” he said. Buckingha... Read More

Canada Dashboard Digest

Data Access Concerns Persist

(Jul 2, 2015) The Canadian Press reports on Judge Luc Martineau’s order requiring “Public Safety Minister of Canada Steven Blaney and the RCMP to immediately turn over a hard drive containing a copy of all Quebec gun registry data,” calling it “just one step in a long legal wrangle between” Canada Information Commissioner Suzanne Legault and the government. The report describes a change to the Access to Information Act “buried in the budget bill,” and contends, “On learning the Mounties would face charges from the country's own privacy commissioner, it changed the law so that the data destruction couldn't be considered a crime.” Meanwhile, Alberta Information and Privacy Commissioner Jill Clayton is calling for “more proactive disclosure of government travel, meals and other expenses,” Edmonton Sun reports. Read More

Canada Dashboard Digest

Third-Party Vendor Management: A Checklist

(Jun 30, 2015) In the last post of this series on effective and efficient vendor management for The Privacy Advisor, K Royal, CIPP/E, CIPP/US, closes with an overview to help you do due diligence holistically. The checklist includes everything from risk assessment prior to hiring a third-party vendor to terminating a contract with one. “Take a look through this recap and mark where you're doing well and where you could use some improvements,” Royal writes. Miss any of the earlier chapters in this series? Find them here in the IAPP Resource Center. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Uniting Privacy and Customization

(Jun 30, 2015) “Computer scientists and legal experts from Trinity College Dublin and SFI's ADAPT centre are working to marry two of cyberspace's greatest desires” via “Privacy Paradigm,” an online privacy system that aims to both customize and protect data on popular sites and apps “so that users signing up would know exactly how private, or otherwise, their personal information would be,” reports. “It's a grand target we're setting ourselves and the research is ongoing,” said Trinity Prof. Owen Conlan, “but the big-picture vision is to make the way online services use our personal—and often privacy-sensitive—information as transparent and easy to understand and manipulate as possible for ordinary users.” Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Entrepreneurs, MIT Reveal “Un-Decryptable” Prototype

(Jun 30, 2015) Two Bitcoin entrepreneurs and the MIT Media Lab have revealed a prototype for a system called Enigma, which allows data to be encrypted in a way that it “can be shared with a third party and used in computations without it ever being decrypted,” Wired reports. Enigma would allow untrusted computers to “accurately run computations on sensitive data without putting the data at risk of hacker breaches or surveillance,” the report states. “The actual data is never revealed, neither to the outside nor to the computers running the computations inside,” said MIT Media Lab’s Guy Zyskind, one of Enigma’s co-creators. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Study Finds VPNs Exposing Personal Data

(Jun 30, 2015) V3 reports that 11 out of 14 virtual private network (VPN) providers are exposing personal information through a vulnerability linked to IPv6, according to a study by the UK’s Queen Mary University in London. Since the Snowden revelations, VPN providers have seen an increase in users, the report states, with those users often seeking to avoid mass surveillance or to circumvent censorship. "There are a variety of reasons why someone might want to hide their identity online, and it's worrying that they might be vulnerable despite using a service that is specifically designed to protect them," said Gareth Tyson, co-author of the study. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest