Information & Ethics committee  The problem has many facets. We're saying that in many, perhaps most, cases, there's nothing the individual consumer could have done. In some cases, there was. In some cases, the problem occurred because the consumer fell victim to a phishing e-mail or a social engineering scheme

Information & Ethics committee  Could I make a quick comment on that? The Privacy Commissioner has decisively found that collecting social insurance numbers, except where required by banks and employers and so forth, violates PIPEDA. It's a violation of the law. So we come back to the problem I was talking abo

Information & Ethics committee  Information theft is often done by— insiders being bribed, so employees of organizations selling the information are handing it over to the thieves. A number of incidents have been traced to insider theft.

Information & Ethics committee  As I said earlier, there are only two sources of information in Canada on that. One is PhoneBusters, based on the relatively few complaints they get, and the second is some public opinion surveys. Some colleagues of mine, Dr. Norm Archer and Dr. Susan Sproule, who are part of th

Information & Ethics committee  I believe the banks are probably the best source of information on the extent of the problem, and that's why we're recommending they be required to report on it.

Information & Ethics committee  I will just add that the problem of authentication is a big part of this issue. It's being addressed by industry and the marketplace and government. I'm part of a working group that Industry Canada is chairing on principles for electronic authentication. It's a huge challenge. O

Information & Ethics committee  Yes, there are many. We published a report on the techniques of identity theft. It's posted on our website and it lists the many ways in which identity thieves gather personal information. I can go through more of them now if you wish, but as I said earlier, there's the whole

Information & Ethics committee  John referred to this, too. The PhoneBusters data suggests that is the case. I do not consider that data reliable. PhoneBusters is a partnership project by the RCMP, OPP, and the Competition Bureau. I suggest that you have someone from PhoneBusters come and testify about the st

Information & Ethics committee  We think an agency should be appointed to be responsible for that. It should be done, first of all, by requiring organizations that encounter ID theft in their operations—and I know this would be an added burden on business—to keep track of identity theft incidents that their cus

Information & Ethics committee  Well, someone needs to be responsible for it. As John pointed out, we have a problem. There is no consumer protection agency at the federal level. Industry Canada, with the Consumer Measures Committee, has some activity in this area, in particular with coordinating provincial a

Information & Ethics committee  I think it's a complicated problem. It would probably benefit from a task force, something like the task force on spam a couple of years ago. I was part of that. I was involved in a couple of working groups. I think it was a really beneficial, worthwhile process. It brought the v

Information & Ethics committee  Sure. Phishing refers to e-mail communications that are made by the identify thief masquerading as a trusted institution such as a bank or eBay or PayPal or some financial institution. They request the recipient of the e-mail message to provide their account information in order

Information & Ethics committee  Sure. Okay. The brief mentions a number of specific consumer protection measures that we think are needed to empower consumers. Our final recommendations are that all of the players in Canada, from law enforcement agencies to consumer protection agencies to financial institut

Information & Ethics committee  Thank you, Mr. Chair. Bonjour. Good morning, honourable members. Je vais parler en anglais ce matin. Thank you very much for the opportunity to speak today about a very serious problem that is directly affecting an increasing number of Canadians and indirectly affecting a

Information & Ethics committee  The term “identity theft” is somewhat misleading, insofar as the activity we're talking about covers not just the unauthorized collection or theft of information but the fraudulent use of it. You will find that many experts talk about identity fraud when they're talking about una