Refine by MP, party, committee, province, or result type.
Information & Ethics committee Thank you, Mr. Chair. I am here alone. Janet Lo, my co-counsel, sends her regrets. She's in a lock-up for CRTC on Bell-Astral. The Public Interest Advocacy Centre is a non-profit organization that provides legal and research services on behalf of consumer interests, and in part
October 18th, 2012Committee meeting
John Lawford
Information & Ethics committee We do, and the Nexopia complaint is a good illustration. But we could have chosen other social networking websites as well. The point is that we've gone through the process of identifying a site that seemed to not have made it clear to users what information would be used. The Pr
October 18th, 2012Committee meeting
John Lawford
Information & Ethics committee That's the core of our complaint. It was triggered by the fact that you can go on to Nexopia, and they even provide a handy-dandy database searching tool for outside users—or anyone—to search from the front page for age, gender, and the city where you live. And if you do that, yo
October 18th, 2012Committee meeting
John Lawford
Information & Ethics committee They were asked to change their privacy policy and some other information on June 30, and they missed that deadline. They were asked to change their default settings by September 30 so that when you become a new member you are defaulted into “friends only”, and that this not be s
October 18th, 2012Committee meeting
John Lawford
Information & Ethics committee No, I'm saying that when the Privacy Commissioner asked Nexopia to have a data retention policy and to provide users with a real delete key, if you will, they said no. And then the Privacy Commissioner thought it was important enough to go to Federal Court on her own to try to en
October 18th, 2012Committee meeting
John Lawford
Information & Ethics committee We think that users and people.... It's almost a human right. You should have a chance to ask a company to remove the information. It's clear in the act that you are supposed to delete it if it's no longer used, so we don't see why you shouldn't have the right to remove it. In E
October 18th, 2012Committee meeting
John Lawford
Information & Ethics committee The Privacy Commissioner did a pretty good job of saying that even with the present act, these are the rules. The trouble comes when the company says, “That's nice. Thank you for your finding. We'll continue to do business as we wish.” The problem is in the enforcement. The act
October 18th, 2012Committee meeting
John Lawford
Information & Ethics committee It's interesting to stay slightly on that one as well. We haven't heard much in the committee—I've been watching it—about de-identification of personal information. That's used as an equivalent in the act. You can either de-identify or delete. The research we've done in our pape
October 18th, 2012Committee meeting
John Lawford
Information & Ethics committee Yes, and it's a very attractive model for some commercial uses. You can aggregate or de-identify and then use the information for other purposes: monitoring who comes to your site, what they buy, telling advertisers and your customers, and tweaking your site so that it works righ
October 18th, 2012Committee meeting
John Lawford
Information & Ethics committee One of the things I mentioned in my presentation was that companies define personal information in terms of the uses they're going to put it to for their own company. While that might be fine, a standard statement of what personal information is, according to the law of the juris
October 18th, 2012Committee meeting
John Lawford
Information & Ethics committee Perhaps tweaking the act to say you have to state the act's own definition of personal information might be something you'd legislate. Otherwise, I think that would be something led by the Privacy Commissioner in a round table with stakeholders. It could be in the form of guideli
October 18th, 2012Committee meeting
John Lawford
Information & Ethics committee Let's take the example of data breaches. Now there's something that has shown that, although we have a good act, something can come along such as hacking or data-handling practices that can become a chronic problem. It's worth tuning up the act for that. Otherwise, the act itself
October 18th, 2012Committee meeting
John Lawford
Information & Ethics committee That's right.
October 18th, 2012Committee meeting
John Lawford
Information & Ethics committee They were all on retention issues.
October 18th, 2012Committee meeting
John Lawford
Information & Ethics committee I believe one of them was a refusal to set up a retention schedule for new users. So it would say that you had to keep it for three years after you stopped being a user. One was offering a true delete button. There were two more that I'm afraid I'd have to take a look at my phone
October 18th, 2012Committee meeting
John Lawford