|
Canada
Since January 1, 2004, Canadians' personal information is protected by a new law—the Personal Information Protection and Electronic Documents Act (PIPEDA)—a law that lays ground rules for the collection, use, and disclosure of personal information in the course of commercial activities. It balances an individual's right to privacy with an organization's needs for personal information for legitimate business purposes.
The PIPEDA Act has been coming into effect in stages. Beginning on January 1, 2001, the Act applied to personal information about customers and employees in the federally-regulated sector in the course of commercial activities—organizations and sectors such as airlines, banking, broadcasting, telecommunications, and transportation. It has also applied to information sold across provincial and territorial boundaries.
Beginning on January 1, 2002, the Act has also applied to personal health information collected, used, and disclosed by the organizations covered in the first phase. Starting January 1, 2004, the PIPEDA Act applies to all personal information collected, used, or disclosed in the course of commercial activities by all private sector organizations except in provinces that have enacted legislation that is deemed to be substantially similar to the federal law.
Across Canada, the PIPEDA Act continues to apply to federally-regulated organizations, as well as to personal information collected, used, and disclosed across borders. It continues to apply to employee information covered in the first phase, but does not extend to employee information in the rest of the commercial sector.
|