Information & Ethics committee  No, I don't think so. That approach does not work. In the United States, the entire advertising industry has been talking about it for several years. They have never managed to come to an agreement on self-regulation. Self-regulation is fine, but I feel that it needs legislation

Information & Ethics committee  Thank you.

Information & Ethics committee  Thank you very much, Mr. Chair. My thanks also to the members of the committee. Thank you very much for being so interested in this issue. It is, I think, the most important parliamentary inquiry into privacy matters that we've seen for a long time. I'd just like to say how muc

Information & Ethics committee  We conduct annual surveys. One year, it's a survey of companies, the next year, it's a survey of citizens. Canadians are very concerned about their privacy; they think this is one of the major issues of the future. Unless I am mistaken, 40% of the people we have surveyed identify

Information & Ethics committee  I think it's unacceptable that, in 2012, Canada does not have any legislative protection against data leakage—with the exception of Alberta. About once a week, companies or the government itself voluntarily report to our office leakages that affect thousands of citizens and consu

Information & Ethics committee  Exactly.

Information & Ethics committee  I understand, honourable member—

Information & Ethics committee  Did you say three minutes?

Information & Ethics committee  Okay. Very quickly, then, in one minute: first, we have always tried to tailor the law to small and medium business. Some of the examples I'm talking about here are mega-megacorporations, not small and medium-sized businesses. Second, on stifling innovation, I don't believe in

Information & Ethics committee  I would think so, and I continue to be concerned that we don't have any data breach legislation at the present time, except in the province of Alberta.

Information & Ethics committee  Well, I can't speak to the provinces, which do what's in their jurisdiction, but as federal Privacy Commissioner I'm particularly concerned that the federal government jurisdiction over such entities as banks, for example, has no specific data breach provisions. We know that bank

Information & Ethics committee  Thank you for the question. I haven't looked at the size of data breach fines, which are for something different from simply not obeying the law on consent when sharing personal information. My remarks on the size of the EU fines were that they relate to whether you respect t

Information & Ethics committee  Right. Yes.

Information & Ethics committee  The culture of privacy.

Information & Ethics committee  On that I would say, yes, that's what we hear often—that they just want to see what site you visit—but from our own work on what you can find out by tracking, the problem is that you can aggregate all the sites that I have visited and then draw up a profile. In some cases you cou