The wave of legislative initiatives to protect private data has made its way to Canada. The country's Green Party has proposed a bill that would compel banks, credit agencies and other institutions to inform clients when their personal information had been compromised.
The law, presented to parliament by Green Party leader Jim Harris on Jan. 12, 2006, would also regulate the outsourcing of credit card bill processing to the United States — currently a common practice among Canadian-based credit companies, which exposes Canadians to fraud and even identity theft.
According to Jim Harris, banks and credit agencies are responsible for a huge number of leaks involving private and confidential information. Every year identity theft cost costs consumers and businesses some $2.5 billion, the politician pointed out. Yet, ordinary Canadians are never told when their information is compromised.
And it appears that no one is immune to the threat of leaks. Two of Canada's biggest law enforcement bodies fell victim to cyber thieves who “looted" the U.S.-based company that stored private and financial data for them.
But perhaps an even more graphic demonstration of just how vulnerable sensitive information is in Canada came when a journalist from a national magazine was able to purchase seemingly confidential phone and personal records of none other than Jennifer Stoddart, Canada's Privacy Commissioner.
The Green Party law echoes similar legislative changes that came into effect in California in 2003 that require credit card and other companies to disclose any breaches of security. Talk of any regulatory measures has not yet been broached, however.
“The problem of state control over the circulation of confidential data today is particularly pressing. In Russia a bill 'On personal data' is being debated, in the U.S. everyone is waiting for the adoption of the law on sensitive records, Europe has accepted a directive for the protection of private data. Now it is Canada's turn," says Denis Zenkin, marketing director at InfoWatch.
“I'm certain that every country in the world needs a law that requires a company to notify clients if their private data is compromised. Canada is a little further away from adopting such a bill than the U.S., but the prospects are still good. Meanwhile, the Russian law project 'On personal data' ambiguously interprets the actions of business in the case of confidential information leaks. I'm afraid that that problem will remain with us for some time to come, and the corresponding law will take a minimum of several years to mature," Denis Zenkin adds.
Source: CCNMatthews.com