Information & Ethics committee  The PIA guidelines?

Information & Ethics committee  If I may, I'll supplement Ms. Stoddart's answer. The Treasury Board has issued guidelines on information sharing agreements. The departments are therefore subject to the Treasury Board policy. It establishes guidelines and parameters in the event an information sharing agreement

Information & Ethics committee  The Treasury Board recognizes the need to review its data-matching policy, which dates back to 1989. A survey done by Treasury Board a few years ago demonstrated that there was very little understanding of that policy. That's the first problem. There's almost a kind of public ser

Information & Ethics committee  Dr. Flaherty co-authored the 1987 report, “Open and Shut: Enhancing the Right to Know and the Right to Privacy”. So we asked Dr. Flaherty, who is on our external advisory committee, besides being a scholar and an expert in this area, to take stock and write a “20 years later” typ

Information & Ethics committee  We have a rough draft report that we reviewed two weeks ago. I believe the deliverable date is the end of June.

Information & Ethics committee  I would defer to the commissioner.

Information & Ethics committee  There is a firm by the name of Symantec. It is one of the best firms that monitor cyber attacks. A few years ago, they put out a report referring to an international survey of 30 or 40 countries. The report had apparently shown that 25% of information used for identity theft and

Information & Ethics committee  We believe these changes would mean that the public sector legislation would provide for the same level of protection as what exists in the private sector. That is a very strong argument in their favour. Essentially, why should our rights, in terms of the relationship between cit

Information & Ethics committee  If you don't mind, I would like to tell you about the work carried out by the Treasury Board in that regard. It has established guidelines on information sharing in the context of agreements federal government departments have signed with public partners. We would like there to

Information & Ethics committee  Yes, or with other levels of government, private partners, and so on. We are wondering who is in charge and who has an oversight role in terms of all these information-sharing agreements. This is not a new issue. I just want to point out that in 1987, a standing committee looked

Information & Ethics committee  Yes, I think so. We need a framework for managing these agreements. At the present time, the Act is silent on this.

Information & Ethics committee  Yes.

Information & Ethics committee  For example, there need to be very specific standards with respect to information security, as well as restrictions on secondary uses of that information—in other words, so that it cannot be put together with information from other data banks for verification purposes. They have

Information & Ethics committee  Let me explain, Ms. Lavallée. In 2002, the Canadian government, through the Treasury Board, introduced a policy on privacy impact assessments. In English, it is called privacy impact assessment. All deputy heads…

Information & Ethics committee  Yes, exactly. We conducted an in-depth audit of the way that policy is being applied, and realized, first of all, that it is very uneven. Second, impact assessments are often conducted after a program has been introduced, which gives us very little opportunity to manage the risk