Mr. Speaker, I am pleased to rise today to speak to Bill S-4, the digital privacy act.
The purpose of the digital privacy act would be to strengthen our private sector privacy laws and to increase protection for Canadians when they surf the web and shop online.
The digital privacy act would provide a foundation on which the government would hold businesses to account on behalf of consumers. It would establish a new framework and new rules for how private businesses handle, use, and collect the personal information of Canadians.
This past April, the Minister of Industry launched Digital Canada 150, a comprehensive plan for Canada to take full advantage of the digital economy. It is a plan that has clear goals for Canada to be a competitively connected country by the time we celebrate our 150th anniversary in 2017.
Our government understands that when Canadians shop online or make purchases with their credit cards, they want their information to be safe. That is why we introduced the digital privacy act which would improve Canada's private sector privacy laws.
It is the unfortunate reality, in today's digital age, that we need to be more and more wary of hackers and electronic data theft.
Just this past year, businesses like Target, Home Depot and Kmart in the United States, had the credit card information of millions of people lost to hackers.
It is surprising, but under our current rules, it is not mandatory for companies to disclose the theft of this information to their clients.
Under the digital privacy act, companies would now be required to tell their clients when their personal information has been lost or stolen.
In addition, businesses would now need to report these harmful breaches to the Privacy Commissioner. Further to this, companies would need to keep a record of all privacy breaches that have occurred within their organization and the Privacy Commissioner would now have the ability to request information on any of these breaches.
The digital privacy act would also set out hefty penalties for companies that deliberately break the rules and try to cover up a data breach. Organizations would face fines of up to $100,000 per client they fail to notify that the data breach has occurred.
Let me now outline a few more ways the bill would help protect Canadians.
The digital privacy act would introduce stronger rules to protect vulnerable Canadians, like children and seniors, when they surf the web.
Many websites are focused on children, like educational online playgrounds or learning websites. Many times these websites, for marketing purposes, ask to collect personal information from the person using the website.
Under the digital privacy act, we would establish stronger rules and clarify that the wording that these companies use to request personal information needs to be simple enough that a child, or any target audience, could understand.
This means that if the consent required is too difficult for a child to understand, the consent would not be valid.
In addition, the digital privacy act would introduce limited and targeted exceptions where personal information could be shared without an individual's consent.
An unfortunate factor in our society is financial abuse. Currently, banks and financial institutions do not have the ability to alert the appropriate authorities when they suspect a senior is a victim of financial abuse.
The digital privacy act would now give an exception to banks and financial institutions to be able to alert law enforcement when they suspect someone is a victim of financial abuse.
Finally, the digital privacy act would give the Privacy Commissioner new powers to help enforce the law and make companies accountable when the rules are broken.
The Privacy Commissioner would now be able to negotiate compliance agreements with organizations that break the law. This would keep organizations accountable to their commitments to correct privacy issues.
In addition, the commissioner would now have one year, instead of 45 days, to take organizations to court if they do not play by the rules.
The digital privacy act would also give the commissioner a new ability to name and shame organizations that are not co-operating either with an investigation or with their commitments to fix their privacy issues. This would also allow Canadians to become more knowledgeable about issues that affect their privacy.
As technology and the marketplace evolve, we need to be more and more aware of how we can protect ourselves and our information.
The digital privacy act is common sense legislation that would help update our private sector privacy laws and would hold organizations to account when they lose personal information.
The Privacy Commissioner would now have increased power to help enforce the law and would also hold companies to account when they do not play by the rules.
I look forward to the continued debate in this House and to when the bill is referred to the Standing Committee on Industry, Science and Technology where we will hear from expert witnesses as we continue to discuss how to best protect Canadians in our digital world.
I hope all hon. members will join me in supporting Bill S-4.