Search here...
SUBSCRIBE
PrivacySecurity

Sidebar: PIPEDA’s ‘No-go’ zones for businesses

Share post:

Howard Solomon
Howard Solomon
1 min.

The federal Personal Information Protection and Electronic Documents Act (PIPEDA) applies to all businesses in Canada except those in B.C., Alberta, and Quebec.

The Office of the Privacy Commissioner of Canada (OPC) notes that PIPEDA states that any collection, use, or disclosure of personal information must only be for purposes that a reasonable person would consider appropriate in the circumstances.

PIPEDA is based on 10 fair principles for the collection and use of personal data of employees, customers and partners. Three of these are, arguably, the most important:

— the knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate;

— the collection of personal information must be limited to what is needed for the purposes identified by the organization. Information must be collected by fair and lawful means;

— unless the individual consents otherwise or it is required by law, personal information can only be used or disclosed for the purposes for which it was collected. Personal information must only be kept as long as required to serve those purposes.

To make it clearer, the OPC says the following purposes would generally be considered inappropriate — or, what it calls no-go zones — by a reasonable person:

  • collecting, using, or disclosing personal information in ways that are otherwise unlawful;
  • profiling or categorizing individuals in a way that leads to unfair, unethical, or discriminatory treatment contrary to human rights law;
  • collecting, using, or disclosing personal information for purposes that are known to, or likely to, cause significant harm to the individual;
  • publishing personal information with the intent of charging people for its removal;
  • requiring employees to provide passwords to their social media accounts to employers for the purpose of employee screening; and
  • conducting surveillance on an individual using their own device’s audio or video functions.

The post Sidebar: PIPEDA’s ‘No-go’ zones for businesses first appeared on IT World Canada.

Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

Security

North Korean hacker infiltrates US security vendor, loads malware

KnowBe4, a US-based security vendor, unknowingly hired a North Korean hacker who attempted to introduce malware into the...
hashtag trending

CrowdStrike releases an update from initial Post Incident Review: Hashtag Trending Special Edition for Thursday July 25, 2024

Security vendor CrowdStrike released an update on from their initial Post Incident Review today. The first, and most surprising...
Security

Security vendor CrowdStrike issues an update from their initial Post Incident Review

Security vendor CrowdStrike released an update from their initial Post Incident Review (PIR) today. The company's CEO has...
Security

CrowdStrike CEO summoned by Homeland Security committee over software disaster

CrowdStrike CEO George Kurtz has been called to testify before the U.S. House Committee on Homeland Security following...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways

Subscribe Now

Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Most Popular Categories
Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals - executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways

Subscribe