On October 29th, the Federal Privacy Commissioner issued her annual Report to Parliament. The Report makes for some interesting reading. She reports a record number of complaints by Canadians about the use of personal information by government departments, agencies and corporations subject to the Privacy Act. As well there were a record number of reported data breaches by these same federal organizations.
Of particular concern to Canadians will be the numerous reports she details of privacy breaches involving employees of the Canada Revenue Agency inappropriately accessing taxpayer information.
From April of 2012 to march 31, 2013, the period covered by the Report, her Office received 2,273 complaints regarding the privacy practices of these federal organizations. The complaints relate to failure to provide access to personal information as required by the Privacy Act, but also include number of complaints related to data breaches, particularly the data breach involving Employment and Social Development Canada. Generally, the number of data breaches reported to her Office was up from 80 in 2011-12 to 109 in 20123-13. With all the publicity regarding the need for security etc. one would have expected data breaches to be in the decline – obviously this is not the case. Indeed, as the Commissioner points out, there is no mandatory obligation on federal government organizations to report breaches. This suggests, that the actual number may even be higher.
All of which is to suggest that privacy issues are growing within the federal government and there is reason to be concerned about the security of the vast trove of personal information that the government holds.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
