Time of 'self-regulation' is over, privacy czar says in push for stronger laws

Posted
September 28, 2018
Article Source
CTV News

In his most pointed plea to date for federal action, Canada's privacy watchdog says there is an urgent need for stronger laws to protect personal information -- and for more money to help his office enforce them.

Canadians cannot afford to wait several years until well-known shortcomings in the laws are fixed, privacy commissioner Daniel Therrien said in his annual report, tabled in Parliament on Thursday.

Therrien cited headline-grabbing privacy lapses involving Facebook and Equifax over the last year to highlight his disappointment with the government's "slow to non-existent" response to rapidly emerging threats.

Canada's privacy legislation "is quite permissive" and gives companies wide latitude to use personal information for their own benefit, he said, adding "the time of self-regulation is over."

"To be clear, it is not enough to ask companies to live up to their responsibilities. Canadians need stronger privacy laws that will protect them when organizations fail to do so," Therrien's report says.

"Respect for those laws must be enforced by a regulator, independent from industry and the government, with sufficient powers to ensure compliance."

Therrien, who currently makes non-binding recommendations to organizations in the public and private sectors, is looking for order-making powers, the ability to levy fines and authority to conduct inspections to ensure compliance with privacy laws.

Treasury Board President Scott Brison said Thursday he shares "the objectives of strengthening the privacy regime, which is why we are introducing an action plan in the coming weeks to do exactly that."

Brison offered no details, but said Therrien's views would be important.

Read more: Time of 'self-regulation' is over, privacy czar says in push for stronger laws