Government of Canada Proposes New Data Privacy Legislation

The federal government has proposed legislation that would overhaul Canada's data privacy laws, bringing them more in line with international standards.
Categories: Business Insurance
Nov 25th, 2020 | By: CapriCMW

The federal government has proposed legislation that would overhaul Canada's data privacy laws, bringing them more in line with international standards.

In addition to providing individuals more control over their data and increasing transparency on how organizations use this data, the proposed reforms broaden the authorities of the Privacy Commissioner and allow for significantly heavier penalties than what is currently available under the Personal Information Protection and Electronic Documents Act (PIPEDA).

If  Bill C-11: the Digital Charter Implementation Act is passed, the Consumer Privacy Protection Act (CPPA) would be enacted to replace PIPEDA.

Highlights of CPPA

  • The federal Privacy Commissioner would have the ability to investigate violations, impose orders against organizations and recommend penalties.
  • Maximum penalties for offences would be 5% of an organization’s global revenues or $25 million (whichever is higher).
  • Organizations must still obtain consent from individuals to collect and use their personal data as per PIPEDA. However, for consent to be valid, certain information must be provided to the individuals in "plain language" which include the type of data being collected; how data is being collected; purposes of data collection; any potential consequences for the data's collection, use or disclosure; as well as any third parties that will have access to the data.
  • Individuals would have the right to request that organizations transfer their personal data to other organizations, delete their data (subject to certain limitations), and withdraw consent for use of their data.
  • Individuals would have the right to request that organizations explain how an automated decision-making system made a prediction, recommendation or decision and how information was collected.
  • Organizations would be allowed to use personal information without consent if it is with the purpose of de-identifying information. Organizations would also be permitted to use de-identified data without consent under certain circumstances. 
  • Where the privacy commissioner finds that an organization has violated an individual's prviacy, the affected individual can sue for compensation.

Bill C-13 also proposes to enact the Personal Information and Data Protection Tribunal Actcreating an administrative tribunal that determines and imposes penalties, and hears appeals of the Privacy Commissioner’s decisions. 

For more information on the proposed legislation, you can see the federal government's official news release here and the bill in it's entirety here.

Recent Blog Posts

Business Insurance / Construction, Real Estate, mass timber, sustainable housing
BC Proposes Building Code Changes to Allow 18-Storey Mass Timber Buildings

The provincial government has proposed changes to the British Columbia Building and Fire Codes (BC…

Dec 27th, 2023 | By: CapriCMW
Business Insurance / Small Business, SME, commercial property
Applications Open for BC's Securing Small Business Rebate Program

As of November 22, 2023, small businesses in BC can apply for a new provincial rebate to help them…

Dec 12th, 2023 | By: CapriCMW
Employee Benefits / employment law, employee benefts, pay transparency, pay equity
New Pay Disclosure Requirements Now in Effect for BC Employers

As of November 1, 2023, employers are required to include wage or salary ranges in job postings open…

Nov 16th, 2023 | By: CapriCMW
Search the Blog
photo-10.jpg

Confidence and Freedom

At CapriCMW, we provide personalized insurance and custom risk solutions to give you the confidence and freedom to focus on what matters to you. Talk to an Advisor or get a quote today.

Get a Quote    Or call 1-800-670-1877

Can’t find what you are looking for? Ask us!