I'll begin.
Good morning, Mr. Chair and committee members.
Thank you for this invitation to come before the committee today to discuss the Personal Information Protection and Electronic Documents Act.
My name is Gary Rogers. I'm vice-president, financial policy, with Credit Union Central of Canada, commonly known as Canadian Central. My co-presenter today is Charlene Loui-Ying, general counsel and government relations officer at Credit Union Central of British Columbia, commonly known as B.C. Central, which is our largest shareholder and member institution.
Canadian Central is a federally regulated financial institution that operates as the national trade association and financial facility for our shareholders, which are the provincial credit union centrals and through them the 501 affiliated credit unions across Canada.
I mentioned that Canadian Central is federally regulated. Provincial centrals are provincially regulated, although some of them are also federal regulated through OSFI. And credit unions, of course, are provincially regulated.
A statistic that surprises many is that our credit unions employ more than 24,000 Canadians coast to coast, many or most of whom require knowledge of and training regarding privacy issues. Those employees serve our members, who number over 4.9 million Canadians.
At the end of the third quarter of 2006, our credit unions held close to $93 billion in assets, which grew by 10% over the previous year.
The evolution of PIPEDA is of great interest to the credit union system, because the activities of some parts of our system, including Canadian Central, fall directly under that act. Credit unions are also directly regulated by PIPEDA in those provinces that have not introduced substantially similar privacy legislation. Further, the evolution of PIPEDA will undoubtedly have a strong impact on provincial privacy legislation, which in turn will directly impact credit unions.
Like all Canadians, credit union members set a high priority on the protection of their personal information, and credit unions have a long-standing commitment to protect the privacy of our members. In fact, Canadian Central was a contributing member of the Canadian Standards Association technical committee on privacy that worked on drafting the model code for the protection of personal information. That model code eventually formed the basis for PIPEDA.
Credit unions work to prevent their members' personal information from being used in a manner that's not been consented to and they endeavour to prevent such information from being used in any kind of financial crime, be it identity theft, deceptive telemarketing, debit and credit card theft, or money laundering.
This commitment to member privacy is enhanced through employee training programs, strong internal policies and procedures, member awareness programs, and continuing cooperation with provincial and federal governments and law enforcement agencies.
In general, the credit union system believes that PIPEDA serves Canadians well in protecting personal information. The act, and similar provincial legislation, has provided business organizations, including credit unions, with that practical framework for formalizing our policies and procedures aimed at protecting the privacy of member customers.
We recommend that the federal government proceed cautiously with changes to PIPEDA, especially in light of the fact that Canada is only two years into the full application of the act. It may be too early to properly judge the real impact of the existing legislation.
If amendments to PIPEDA are to be recommended, Canadian Central suggests aiming for a couple of principles: that there be greater harmonization between federal and provincial privacy legislation, and that consideration be given to selecting the easiest and most cost-effective approach to achieving the objectives of each change.
In the following comments, my colleague, Ms. Charlene Loui-Ying, will outline six specific recommendations in regard to PIPEDA, although three more are included in our submission. These recommendations are the result of consultation within our credit union system among representatives who have experience in the area of privacy protection, as well as with our national legislative affairs committee, which has representation from across Canada.