Refine by MP, party, committee, province, or result type.
Information & Ethics committee The PIA guidelines?
April 29th, 2008Committee meeting
Raymond D'Aoust
Information & Ethics committee If I may, I'll supplement Ms. Stoddart's answer. The Treasury Board has issued guidelines on information sharing agreements. The departments are therefore subject to the Treasury Board policy. It establishes guidelines and parameters in the event an information sharing agreement
April 29th, 2008Committee meeting
Raymond D'Aoust
Information & Ethics committee The Treasury Board recognizes the need to review its data-matching policy, which dates back to 1989. A survey done by Treasury Board a few years ago demonstrated that there was very little understanding of that policy. That's the first problem. There's almost a kind of public ser
April 17th, 2008Committee meeting
Raymond D'Aoust
Information & Ethics committee Dr. Flaherty co-authored the 1987 report, “Open and Shut: Enhancing the Right to Know and the Right to Privacy”. So we asked Dr. Flaherty, who is on our external advisory committee, besides being a scholar and an expert in this area, to take stock and write a “20 years later” typ
April 17th, 2008Committee meeting
Raymond D'Aoust
Information & Ethics committee We have a rough draft report that we reviewed two weeks ago. I believe the deliverable date is the end of June.
April 17th, 2008Committee meeting
Raymond D'Aoust
Information & Ethics committee I would defer to the commissioner.
April 17th, 2008Committee meeting
Raymond D'Aoust
Information & Ethics committee There is a firm by the name of Symantec. It is one of the best firms that monitor cyber attacks. A few years ago, they put out a report referring to an international survey of 30 or 40 countries. The report had apparently shown that 25% of information used for identity theft and
April 17th, 2008Committee meeting
Raymond D'Aoust
Information & Ethics committee We believe these changes would mean that the public sector legislation would provide for the same level of protection as what exists in the private sector. That is a very strong argument in their favour. Essentially, why should our rights, in terms of the relationship between cit
April 17th, 2008Committee meeting
Raymond D'Aoust
Information & Ethics committee If you don't mind, I would like to tell you about the work carried out by the Treasury Board in that regard. It has established guidelines on information sharing in the context of agreements federal government departments have signed with public partners. We would like there to
April 17th, 2008Committee meeting
Raymond D'Aoust
Information & Ethics committee Yes, or with other levels of government, private partners, and so on. We are wondering who is in charge and who has an oversight role in terms of all these information-sharing agreements. This is not a new issue. I just want to point out that in 1987, a standing committee looked
April 17th, 2008Committee meeting
Raymond D'Aoust
Information & Ethics committee Yes, I think so. We need a framework for managing these agreements. At the present time, the Act is silent on this.
April 17th, 2008Committee meeting
Raymond D'Aoust
April 17th, 2008Committee meeting
Raymond D'Aoust
Information & Ethics committee For example, there need to be very specific standards with respect to information security, as well as restrictions on secondary uses of that information—in other words, so that it cannot be put together with information from other data banks for verification purposes. They have
April 17th, 2008Committee meeting
Raymond D'Aoust
Information & Ethics committee Let me explain, Ms. Lavallée. In 2002, the Canadian government, through the Treasury Board, introduced a policy on privacy impact assessments. In English, it is called privacy impact assessment. All deputy heads…
April 17th, 2008Committee meeting
Raymond D'Aoust
Information & Ethics committee Yes, exactly. We conducted an in-depth audit of the way that policy is being applied, and realized, first of all, that it is very uneven. Second, impact assessments are often conducted after a program has been introduced, which gives us very little opportunity to manage the risk
April 17th, 2008Committee meeting
Raymond D'Aoust