Last month's revision was the first major update to the 1980
OECD Privacy Guidelines, which have been influential in the
development of private sector data protection legislation
worldwide. Canadians should be justifiably proud that the Canadian
Privacy Commissioner, Jennifer Stoddart, was the chair of the
expert group that was convened to develop the 2013 amendments.
So far, the Government of Canada has not commented on this
important work. Time will tell whether the Government intends to
respond with legislation to amend the ageing Personal Information
Protection and Electronic Documents Act to implement some of the
recommendations from the 2013 OECD Privacy Guidelines. Potential
amendments should include:
Enhancing the accountability requirements to require privacy
management programs that must be available on demand to the Office
of the Privacy Commissioner of Canada ("OPC").
Notification to the OPC and, in some cases, law enforcement of
a breach affecting personal data.
Notice to individuals who may be adversely affected by a breach
involving personal data.
Enhanced powers for the OPC to ensure that there are adequate
sanctions and remedies in case of failures to comply with laws
But it isn't just the Government of Canada that has work to
do. The Governments of British Columbia and Nova Scotia should
consider the renewed emphasis on free transborder data flows among
OECD members. In particular, Part IV states:
17. A Member country should refrain from restricting transborder
flows of personal data between itself and another country
where (a) the other country substantially observes these
Guidelines or (b) sufficient safeguards exist, including
effective enforcement mechanisms and appropriate measures
put in place by the data controller, to ensure a continuing
level of protection consistent with these Guidelines.
18. Any restrictions to transborder flows of personal data
should be proportionate to the risks presented, taking into
account the sensitivity of the data, and the purpose and
context of the processing.
Currently, the public sector data protection legislation of
British Columbia and Nova Scotia precludes (in most circumstances)
the transmission of personal information controlled by public
sector entities outside of Canada. Because this proscription
applies to entities such as universities, colleges and hospitals,
it can apply even when the public sector agency is essentially
operating a commercial activity as a means to generate revenue for
its core programs. Serious consideration should be given to whether
this "Canadian gating" requirement comports with the 2013
OECD Privacy Guidelines.
Dentons is a global firm driven to provide you with the
competitive edge in an increasingly complex and interconnected
marketplace. We were formed by the March 2013 combination of
international law firm Salans LLP, Canadian law firm Fraser Milner
Casgrain LLP (FMC) and international law firm SNR Denton.
Dentons is built on the solid foundations of three highly
regarded law firms. Each built its outstanding reputation and
valued clientele by responding to the local, regional and national
needs of a broad spectrum of clients of all sizes –
individuals; entrepreneurs; small businesses and start-ups; local,
regional and national governments and government agencies; and
mid-sized and larger private and public corporations, including
international and global entities.
Now clients benefit from more than 2,500 lawyers and
professionals in 79 locations in 52 countries across Africa, Asia
Pacific, Canada, Central Asia, Europe, the Middle East, Russia and
the CIS, the UK and the US who are committed to challenging the
status quo to offer creative, actionable business and legal
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances. Specific Questions relating to
this article should be addressed directly to the author.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
On Thursday, September 22, 2016, Dentons hosted a panel discussion about the management of liabilities and risks associated with environmental crises, including potential liabilities for directors and officers and provided insight into risk and liability techniques associated with environmental crisis management.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).