Privacy and Access Council of Canada

The voice for privacy and access

Data Protection

Worldwide Associations United in Supporting Encryption

Encryption is crucial to the global digital economy. If online services cannot use strong technical protection mechanisms like encryption, users of those services would not be able to trust that their sensitive data, including financial and health information, is safe from bad actors. If organizations cannot rely on effective data protection mechanisms like encryption, data … [Read more...] about Worldwide Associations United in Supporting Encryption

Transparency Performance Indicators

After years of work, the Kantara Initiative Anchored Notice and Consent Work Group has published as Kantara Recommendation "Transparency Performance Indicators". The indicators — TPIs — measure the transparency of PII Controllers (as required by the Council of Europe 108+, GDPR, Quebec Law 25, and others) and map them to open international standards including the ISO/IEC 29100 … [Read more...] about Transparency Performance Indicators

Canada’s Children’s Privacy Code

The Privacy and Access Council of Canada (PACC) is pleased to have contributed to the Joint Submission to Canada's Office of the Privacy Commissioner (OPC) in response to its Exploratory Consultation regarding the development of a Children’s Privacy Code. We welcome the OPC’s leadership in developing a children’s privacy code that extends online protections to all children … [Read more...] about Canada’s Children’s Privacy Code

PACC Endorses Joint Letter on UK Government’s Use of the Investigatory Powers Act to attack End-to-End Encryption

The Privacy and Access Council of Canada and more than 100 companies, cybersecurity experts, civil society organizations have submitted a letter to British Home Secretary Yvette Cooper calling on the UK Home Office to rescind its demand that Apple create a backdoor into its end-to-end encrypted services. The UK demand is the latest effort by democratic governments around the … [Read more...] about PACC Endorses Joint Letter on UK Government’s Use of the Investigatory Powers Act to attack End-to-End Encryption

Revised National Standard for Data-Centric Security

The Digital Governance Standards Institute (DGSI) has published the revised CAN/DGSI 100-1 standard, Data Governance – Part 1: Data-Centric Security. In an era of unprecedented digital transformation, the imperative for data sharing has become paramount for organizations seeking to optimize operational efficiencies and drive informed decision-making processes.  However, … [Read more...] about Revised National Standard for Data-Centric Security

Administrative Monetary Penalties available in Ontario

As of January 1, 2024, the Information and Privacy Commissioner of Ontario has the discretion to issue administrative monetary penalties (AMPs) as part of its enforcement powers for violations of the Personal Health Information Protection Act (PHIPA). Penalties are up to a maximum of $50,000 for individuals and $500,000 for organizations. AMPs may be issued for the … [Read more...] about Administrative Monetary Penalties available in Ontario