• Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar
  • Skip to footer
  • About
    • Leadership
    • Code of Ethics
    • Privacy Commitment
    • PACC Fellows
    • Speaking Invitations & Media Requests
  • Get Involved
    • Join the PACC
      • Advancing the Profession
      • Member Benefits
      • Why Join the PACC
        • Sponsors and Partners
      • Member Contact Update
    • Subscribe
    • Donate
      • Donor Bill of Rights
    • Speak Out
    • Volunteer
  • Certification
    • Guiding the Profession
    • Why Pursue Certification?
    • Benefits of Certification
    • Certificate or Certification?
    • Recertification
      • Recertification Reporting Form
    • Certification FAQ
    • Accreditation
  • Careers
    • Current Opportunities
  • Resources
    • Strategic Privacy and Access Resource Center
      • Parents & Teachers
      • Standards
      • International Data Flows
      • SPARC Contribution Guidelines
      • Commissioners & Legislation
    • Reports
    • Recommended Reading
    • Professional Development
    • Media
    • Reports
  • News & Views
    • Guest Post Guidelines
  • EVENTS
    • Privacy & Data Governance Congress 2026
    • Congress 2025 Presentation Resources
    • Data Privacy Day
    • Past Events
    • Speaker Roster
  • Login

Privacy and Access Council of Canada

The voice for privacy and access

Canada’s new Consumer Privacy Protection Act

17/Nov/2020

In a long-awaited move, Navdeep Bains, Canada’s Minister of Innovation, Science and Industry, introduced Bill C-11 — the Consumer Privacy Protection Act. The Minister described the new law as a significant update of PIPEDA, and acknowledged that the last time Canada’s privacy laws were updated was 20 years ago, when PIPEDA was first introduced — before social media and the Internet of Things.

The new CPPA provides a range of remedies that have long been recommended by the Privacy and Access Council of Canada, privacy advocates, Commissioners, and civil society groups.

Features of the new legislation include a requirement that consent be in plain language, “not a 30-page legal document.” Companies will have to provide better transparency, to enable Canadians to understand how their information is collected and used. 

With the increase in ‘artificial intelligence’ systems determining everything from criminality and creditworthiness to eligibility to rent an apartment, it is important to note that CPPA also provides algorithmic transparency — the right to have businesses explain how decisions about them are made by automated decision-making systems.

Under the new law Canadians consumers who withdraw consent will have a right to demand their information be destroyed, and may complain to the Office of the Privacy Commissioner of Canada if their request is not fulfilled. 

The CPPA will also provide the Privacy Commissioner of Canada with order-making power, the power to conduct inspections, and the ability to recommend Administrative Monetary Penalties of up to 5% of global revenue for non-compliance. The OPC’s recommendations will be given to a new tribunal, which will help keep complaints out of the Courts.

In his introduction of the CPPA, MP Bains characterized it as providing the strongest privacy protections of any G7 country, including GDPR and the CCPA . The Minister also indicted that  the OPC’s budget will receive “the appropriate resources” to make sure that they are able to execute their powers to protect Canadians. 

Filed Under: Access/FOI/ATIP, Data Protection, GDPR, Legislation, Privacy

Reader Interactions

Comments

  1. Robin Toupin says

    24/Nov/2020 at 8:09 AM

    While this new CPPA appeared at first glance to be a good start, digging deep, it appears to be little more than PIPEDA with fines. The key differentiator of the GDPR, which the Privy Council stated would be the “starting point” of Canada’s new privacy law, is that it treats personal information and data subjects from a Human Rights perspective. Canada’s federal government has authority over human rights (c.f.. The Human Rights Act). There are a number of areas where this new act must be improved if it is to be a meaningful upgrade to Canada’s archaic and impotent privacy frameworks. (a) The basis of the Act must be that data privacy is a fundamental human right worthy of strong protections, (b) types of data should be segregated, as with the GDPR, and robust protections added for vulnerable data subjects, (c) the Privacy Commissioner must be given the ability to penalize those who do not comply with CPPA, (d) and finally, the framework details of the GDPR should be a baseline starting point. I strongly encourage the federal government to sit down with their provincial counterparts and work out a national data privacy set of standards, similar to GDPR, encompassing all data subjects in Canada, merging public, private, corporate, non-profit and individual use of personal data into one, comprehensive and robust set of standards that protects all Canadians at all times, regardless of where they are located in the world. This current act is little more than PIPEDA with muscle, and passing it would not significantly improve data protection rights in Canada.

Primary Sidebar

Secondary Sidebar

Footer

PACC is the voice for privacy and access.

PACC is Independent  •  Non-profit  •  Non-partisan  •  Non-government

PACC is dedicated to the development and promotion of the access-to-information, information privacy, and data governance profession across the private, non-profit and public sectors.

PACC is the certifying body for access and privacy professionals, and engages in outreach efforts to advance awareness about access, privacy, and data protection.

Recent Posts

  • EU Court Rules Commission in Violation of Transparency Law Over von der Leyen–Pfizer Texts
  • Latest assault on E2EE
  • Report: Surveillance & Algorithmic Management at Work
  • Porn battle comes to Ohio 
  • Report: Central Bank Digital Currency: What it is and how it could impact privacy, security, and anonymity
  • European Parliament approves EU–Canada air passenger data agreement

ABOUT

MEMBERSHIP

CERTIFICATION

CAREERS

RESOURCES

BLOG

CONTACT

PRIVACY

 

Thanks to QuestionPro’s wide range of free survey templates designed by industry experts. We now know exactly where to improve
…………

© 2025 · Privacy and Access Council of Canada · Maintained by SLIcore Design.

We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.OkNoPrivacy policy