An Act to amend the Personal Information Protection and Electronic Documents Act (compliance with obligations)

This bill was last introduced in the 42nd Parliament, 1st Session, which ended in September 2019.


Nathaniel Erskine-Smith  Liberal

Introduced as a private member’s bill. (These don’t often become law.)


Introduced, as of June 20, 2018
(This bill did not become law.)


This is from the published bill. The Library of Parliament often publishes better independent summaries.

This enactment amends the Personal Information Protection and Electronic Documents Act to expand the grounds on which the Privacy Commissioner may decide not to investigate a complaint. It also authorizes the Privacy Commissioner to make orders directing an organization to take any action that, in the Commissioner’s opinion, is reasonable to ensure compliance with the organization’s obligations under the Act. Finally, this enactment provides that an organization that is found to have failed to comply with certain obligations under the Act is liable to a fine.


All sorts of information on this bill is available at LEGISinfo, provided by the Library of Parliament. You can also read the full text of the bill.

Personal Information Protection and Electronic Documents ActRoutine Proceedings

June 20th, 2018 / 3:55 p.m.
See context


Nathaniel Erskine-Smith Liberal Beaches—East York, ON

moved for leave to introduce a bill entitled Bill C-413, an act to amend the Personal Information Protection and Electronic Documents Act (compliance with obligations).

Mr. Speaker, I rise today to introduce an act to amend PIPEDA, our privacy laws for the commercial sector.

The bill aims to implement our parliamentary privacy committee's unanimous recommendations to strengthen the enforcement powers of the Privacy Commissioner of Canada, including the power to make orders, and broader discretion to audit organizations for compliance with our laws. What we have is an ombudsman. What we need is a regulator. The bill also provides for significant financial sanctions where organizations intentionally or recklessly breach our privacy rights. Where organizations obtain a financial benefit from using our personal information, they should suffer a financial loss when they misuse our personal information. If we take privacy seriously, we need both strong rules and a strong privacy regulator.

(Motions deemed adopted, bill read the first time and printed)