Information & Ethics committee  Control over big data.... For a lot of this stuff, when I say it's being collected covertly, it's a situation like your thermostat at home collecting a lot of different data points of information about how you run your household. They're now talking about the fact that refrigerat

Information & Ethics committee  I pointed out in my brief that there is a danger in the inconsistency between federal laws and provincial laws that a lot of national companies would certainly get caught up in. If you are going to look at the success or failure of order-making capabilities, I think you'd probab

Information & Ethics committee  First of all, one thing that I pointed out in my brief was that it's authentication that's the issue, and that's going to become an increasing issue, not only for people who are underage, but for all of us. How do you authenticate that you are the actual person who's providing co

Information & Ethics committee  I have a simple question. Is Fitbit information health information? It's covered under the sensitive categories that require explicit consent. It's as simple as that. For that information to be used by another party would require explicit consent. If it pertained to a minor, it w

Information & Ethics committee  I think of somebody who is charged with a crime, for example, but basically is found innocent. Ten years later, the news reports are still out there, and they show up when a search is made. That is the sort of information that probably needs to be forgotten in some way, shape, or

Information & Ethics committee  In the day of big data, and even before big data, the issue is basically that organizations should set a time limit on what is a reasonable retention period for information. Even in a big data environment, there are tools that can be implemented to tag data and set a time limit o

Information & Ethics committee  I don't think it's a case of better treatment. PIPEDA is very explicit when it comes to issues of sensitive information. Quite frankly, I'd have to think about what other things and areas might need to be added. Certainly, there are some people who consider their address a piece

Information & Ethics committee  I'd like to take that away and think about it, but I'd pleased to do that.

Information & Ethics committee  I agree that nobody is reading these privacy policies. They've gotten too complex, too legalistic. That's why I think there should be a third-party assessment of some sort made of organizational privacy policies so that consumers can be warned if there are terms and conditions an

Information & Ethics committee  I agree that it's very difficult in this day and age to track down information once it's put in. I think we're placing too much emphasis here on kids who abuse the Internet. There's more at stake than that: things such as personal health information, things that are put into dat

Information & Ethics committee  When you refer to all acts, which acts do you mean?

Information & Ethics committee  Order-making powers are going to be essential to achieve compliance. As I said in my testimony, the problem is that organizations aren't stepping up, because they see minimal risk in non-compliance. If they have to spend $50,000 to comply versus taking the risk of non-compliance

Information & Ethics committee  I have actually seen that in practice.

Information & Ethics committee  I'm not saying it wouldn't be burdensome. I'm saying we should make a comparison of the key points in the GDPR versus PIPEDA to make sure that we maintain compliance to the extent possible. I'm not saying that we wholesale implement the GDPR for Canada. I think some of the main

Information & Ethics committee  Certainly as you get into an environment where more and more stuff gets pumped into these databases, they're not going to stay within a single organization. They are going to cross organizational boundaries and you'll lose track of the information. That's why I'm basically saying