Today, the Office of the Privacy Commissioner (OPC) announced
its report of findings against Compu-Finder, a Quebec-based company
that offers face-to-face professional training courses.
The OPC alleges Compu-Finder used address harvesting programs to
search and collect e-mails on the internet. This marks the first
investigation by the OPC involving its address harvesting
provisions under the Personal Information and Electronic
Documents Act (PIPEDA). The OPC concluded that Compu-Finder
did use e-mail addresses of individuals to send e-mails promoting
its business activities, without the consent of the individuals
concerned. Compu-Finder was unable to demonstrate it had the
appropriate consent for the collection and use for many of the
e-mail addresses. Further, the OPC found Compu-Finder lacked basic
privacy knowledge of its obligations and failed in demonstrating
accountability and openness of its privacy practices.
This investigation also debuts the OPC's compliance
agreement power since the tool was added by the Digital Privacy
Act on June 18, 2015. The compliance agreement between the
Privacy Commissioner of Canada and Compu-Finder lists over ten
remedial measures imposed on Compu-Finder. Some of the following
measures that Compu-Finder has agreed to implement, include:
collect and use only e-mail addresses
with proper consent;
destroy all e-mail addresses in its
possessions which were collected without obtaining consent;
refrain from collecting any
electronic addresses of individuals through the use of a harvesting
develop and implement a privacy
obtain a third-party audit of its
Compu-Finder is also under investigation by the Canadian
Radio-television and Telecommunications Commission (CRTC). The CRTC
issued a Notice of Violation against Compu-Finder pursuant to
Canada's Anti-Spam Legislation (CASL) on March 5,
2016. The OPC acknowledged the CRTC shared investigative
information with the OPC pursuant to CASL and a Memorandum of
Understanding between the two agencies.
The CRTC's proceedings against Compu-Finder are still on
You can read the full report of findings and compliance
agreement online here.
Dentons is the world's first polycentric global law firm. A
top 20 firm on the Acritas 2015 Global Elite Brand Index, the Firm
is committed to challenging the status quo in delivering consistent
and uncompromising quality and value in new and inventive ways.
Driven to provide clients a competitive edge, and connected to the
communities where its clients want to do business, Dentons knows
that understanding local cultures is crucial to successfully
completing a deal, resolving a dispute or solving a business
challenge. Now the world's largest law firm, Dentons'
global team builds agile, tailored solutions to meet the local,
national and global needs of private and public clients of any size
in more than 125 locations serving 50-plus countries.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances. Specific Questions relating to
this article should be addressed directly to the author.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Join our partners Karen Martin and Ryan Chalmers at the Pacific Business & Law Institute’s program, where they will be presenting a session titled "Procurement: Compliance with AIT, NWPTA, TILMA, NAFTA, TPP, CETA and the Statutes." This forum assembles leading government advisors to provide insights on key issues in local government today.
Employee turnover is an unavoidable reality for nearly all businesses. In addition to creating a number of financial and logistical difficulties, employee turnover also raises a number data security issues.
The Office of the Privacy Commissioner of Canada has ruled that the collection and use of a plaintiff's personal information for the purpose of defending against a civil lawsuit is not a "commercial activity" and, ...
While corporate executives are increasingly becoming aware of their obligation to be informed of cybersecurity threats and the steps being taken by their company to prevent data breaches, it is equally important for executives to ensure that the employees are educated with respect to cyber threats.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).