OTTAWA, Oct. 17 /CNW Telbec/ - Canadians overwhelmingly feel their
personal information is less well protected than it was a decade ago, and they
are right to be worried, says the Privacy Commissioner of Canada, Jennifer
Commissioner Stoddart's 2006-2007 Annual Report on the Privacy Act was
tabled today in Parliament. At the same time, the Privacy Commissioner's
Office released new research confirming that Canadians are unsure of how their
personal information is protected, and by whom.
Increasingly, Canadians' personal information is being exchanged with law
enforcement and security agencies in other countries. The government has
claimed that this transborder flow of information will improve transportation
safety and enhance our national security.
"We are particularly concerned about the number of travel-related
security programs that have been put in place," says Commissioner Stoddart.
"Parliament may not be sufficiently informed about how these programs work and
their individual and collective impact on the privacy rights of Canadians."
The increased collection of personal information under these programs
increases the risk that Canadians will be the victims of inappropriate data
matching, intrusive data mining, or the unintended consequences of the
disclosure of personal information. This increases the risk of surveillance,
rendition and unwarranted attention from law and security enforcement both at
home and abroad.
These concerns could be addressed, in part, by a review and modernization
of the Privacy Act. As the Annual Report notes, "Parliament passed Canada's
public sector privacy law back in 1982 - the same year the Commodore 64
computer hit the market. At the time, both were considered pioneering."
The Privacy Act, unfortunately, is not equipped to deal with the
pressures imposed by tremendous technological change. In fact, Canada's
private sector privacy law, the Personal Information Protection and Electronic
Documents Act, provides more protection for Canadians.
As the results of an audit of the government's Privacy Impact Assessment
(PIA) Policy confirm, government departments are not doing enough to protect
Canadians' personal information as they plan new programs or redesign existing
"While we did not identify cases of pervasive non-compliance, many
institutions are not fully meeting their commitments under the policy and, by
extension, the intent or spirit of the Privacy Act," says Commissioner
Under the PIA policy, federal institutions are required to assess the
potential privacy risks of programs before they are implemented. These
institutions must also identify the measures in place to protect personal
information as it is collected, stored, used, disclosed and ultimately
The Office of the Privacy Commissioner audit found that some institutions
made serious efforts to apply the PIA policy but many are lagging behind. PIAs
are sometimes completed well after the program has been implemented and, in
some cases, not done even when potential privacy issues are evident.
"Privacy protection should be a key consideration in the initial framing
of a program or service," says Commissioner Stoddart. "Current PIA reports
offer little assurance to Canadians who want to understand how a government
service or program will affect their privacy."
Canadians not only want to be reassured that their personal information
is being protected; they also want to be informed when it is disclosed
Research conducted for the OPC shows that a majority of Canadians (seven
in ten) expect to be informed if a security breach leads to the disclosure of
information - whether that information is sensitive or not.
That research, a survey of 2,001 Canadians conducted by EKOS Research
Associates earlier this year but released for the first time today, also found
- Seven in ten Canadians feel their personal information is less
protected than it was ten years ago.
- A bare majority of Canadians agree that they have enough information to
know how new technologies might affect their personal privacy.
- About seven in ten Canadians believe that they are doing a relatively
good job of protecting their own personal information.
- Despite this, almost half of Canadians (46 per cent) carry a Social
Insurance Number (SIN) card in their wallet, although this number is a
key piece of information used by identity thieves.
"These survey results underline that we - my Office, privacy advocates,
regulators and consumer protection authorities - have to work harder to
reassure Canadians that their privacy rights are protected," says Commissioner
Stoddart. "We also have to give them the information and tools so they can
better protect their own information."
The Privacy Commissioner of Canada is mandated by Parliament to act as an
ombudsman, advocate and guardian of the privacy and protection of personal
information rights of Canadians.
To view the reports, visit our Web site at: www.privcom.gc.ca.
Findings of a 2007 poll commissioned by the Office of the Privacy
Commissioner of Canada
Ottawa, October 17, 2007 - The Office of the Privacy Commissioner
commissioned EKOS Research Associates to survey Canadians on a number of
Some of the key findings of the poll, conducted in March, are:
- Privacy continues to mean very different things to Canadians, who
increasingly think first of the protection of their personal
- It is difficult to make broad-based assumptions for all Canadians about
particular uses of personal information. What is acceptable to one
Canadian may be entirely unacceptable to another.
- Seven in ten Canadians feel they have less protection of their personal
information than they did ten years ago.
- Canadians continue to agree (60%) that health information is one of the
most important types of personal information that needs protection
through privacy laws.
- Only a small proportion of Canadians believe the government (17%) and
businesses (13%) take protecting personal information very seriously.
- 77% of Canadians believe that government agencies and affected
individuals should be notified if sensitive personal information is
compromised as a result of a breach. 66% believe government agencies
and affected individuals should be notified if non-sensitive
information is compromised.
- Four in five Canadians place great importance on having strong privacy
laws. Despite this, more than half report they are not aware of any
privacy laws currently in place.
- Nevertheless, 69% believe that they are doing a very good or good job
at protecting their own personal information.
- While a large number of Canadians (65%) have memorized their Social
Insurance Number, 46% continue to carry their SIN card with them.
- Half of Canadians (48%) are unaware that warranty cards are not
necessary to ensure a legal warranty. A significant proportion of
Canadians (40%) are not aware that companies use warranty cards to
collect personal information for marketing purposes.
- 72% of Canadians believe unsolicited junk email (spam) is a significant
The EKOS poll involved a 15-minute telephone survey with a random sample
of 2,001 Canadians from March 13th to March 26th 2007. The poll is considered
accurate to within plus or minus 2.2 percentage points, 19 times out of 20.
For further information:
For further information: and/or media interview requests: Colin McKay,
Office of the Privacy Commissioner of Canada, (613) 995-0103,