gazette logo
   A Memorial University of Newfoundland Publication

mun logo
January 8, 2004
 Top Stories

 


New privacy
legislation good for public

 

By Aimee Sheppard
Lyle Wetsch
Lyle Wetsch, an assistant professor at Memorial’s Faculty of Business Administration, thinks new privacy legislation is a good thing.
Its name is PIPEDA and it’s been dubbed the Silent Y2K. It’s the Personal Information Protection and Electronic Documents Act and as of Jan. 1, 2004, it’s the new standard Canadian organizations must follow when collecting and storing your personal information.

Under the act, personal identification is more than your name, phone number and address. The definition includes income, spending habits, education, race, ethnicity, marital status and more. The federal legislation comes in response to a growing public concern over advances in electronic databases and the ability for organizations to gather, match, share and transmit growing quantities of information about people. The act will have a significant impact on the way Canadian organizations collect and manage their data.

And while it’s bound to cause headaches for several businesspeople, Lyle Wetsch, an assistant professor at Memorial’s Faculty of Business Administration, thinks PIPEDA is a good thing.

“PIPEDA will provide guidelines for all businesses that will allow individuals to have more control and knowledge over their personal information,” said Mr. Wetsch. “Advances in technology have created an environment where data can be easily collected, stored and sorted and without a standardized set of policies such as those in PIPEDA, some organizations may abuse these capabilities.”

The final stage of the law that was enacted this month requires organizations to: obtain consent when they collect, use, or disclose your personal information; supply you with a product or service if you refuse consent for the collection, use or disclosure of your personal information, unless the information is essential to the transaction; collect information by fair and lawful means; and have personal information policies that are clear, understandable and readily available.

“Often when we purchase or return an item in a store, we are asked for our address and phone number “for the database”. Under PIPEDA, organizations will have to ensure that customers are informed explicitly what the information will be used for, obtain their consent to use it for that matter, and make sure that each piece of information collected is essential to its use. Organizations will need to have a clear system in place to ensure that the information is not retained once it is past its approved use, that it is kept appropriately secure, that its accuracy is checked frequently, and that they receive new consent if they plan on using the data for a new use.”

“For Canadian businesses, the short term headaches and work will lead to long term benefits,” he said. “There will no doubt be some difficulties as businesses adjust their systems and procedures to ensure that they are in compliance with the regulations; however, a well developed strategy that starts with PIPEDA compliance has the potential to have significant positive impact on the customer/
organization relationship.”

The law also entitles individuals to access all the personal information an organization has collected about them including performance evaluations and notations of disciplinary action and to request changes to the information if it is inaccurate. Organizations are obligated to provide the information requested within 30 days.

If you’re not satisfied with the response or you have concerns over how an organization is using your information, you can complain to the Privacy Commissioner of Canada.

To help people better understand PIPEDA and what it means to them, Mr. Wetsch has set up a Web site at www.newfoundland-privacy.org.

 


     Top Stories

Lyle Wetsch
Dr. Axel Meisen
Anne Marie Hynes (R) with a student
Andrew Draskoy
Dr. Tanis Adey
Next issue: January 22, 2003

Questions? Comments?
E-mail our editor.