Privacy Law for Network Administrators Steven Penney Faculty
- Slides: 31
Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick
Overview • Criminal Code • Public sector privacy legislation • Private sector privacy legislation • Sector-specific legislation
Criminal Code
Interception and seizure of private communications • Prohibitions – Wire-to-wire communications – Wireless (radio-based) communications – Systems manager exception (quality control, unauthorized use, mischief) • Interception (wiretap) warrants – Content – Routing (“envelope”) data • Search and seizure warrants • 3 d party production orders
Public sector privacy legislation • Privacy Act – “Personal information” under control of a “government institution” • Provincial legislation
Private sector privacy legislation
PIPEDA Personal Information Protection and Electronic Documents Act
History • EU Directive (1995) – “adequate level of protection” • CSA Model Code (1996) • Phased implementation – Full effect January 1, 2004
Jurisdiction • Commercial activities (federal & provincial) • Employee information (federal only) • Exemptions – Privacy Act – Personal or domestic purposes – “substantially similar” provincial statutes (intraprovincial information only)
Overview • Personal information • Privacy principles • Oversight and enforcement
Personal Information • Definition – “information about an identifiable individual. . . [except] the name, title or business address or telephone number of an employee of an organization” • Intimacy not required • Collection v. generation irrelevant • Anonymity and aggregation
Privacy Principles
Interpretive tools • Schedule (“shall” v. “should”) (s. 5(2)) • Reasonableness (s. 5(3)) – “An organization may collect, use or disclose personal information only for purposes that a reasonable person would consider are appropriate in the circumstances. ”
The Schedule
Accountability • Designated person • 3 d party transfers – Mere processing (contractual protections) – Disclosure (must comply with Act)
Notice of purposes • New purposes
Informed consent • No conditions for non-essential information – e. g. “no SIN, no connection” • Form of consent – Sensitivity of information – Express v. implied – “Opt-in” v. “opt-out” • Withdrawal of consent – Subject to legal and contractual restrictions
Exceptions to consent • Collection – – Interests of person and consent can’t be obtained Investigation of breach of contract or law Journalistic, artistic, or literary purpose Publicly available and in regulations • Use – – – Investigation of breach of law Health or security emergency Statistical or scholarly research (restrictions) Publicly available and in regulations Collected under ss. 7(1)(a) or (b)
Exceptions to consent con’t • Disclosure – – – Organization’s lawyer Debt collection Court order Law enforcement and national security (where legal entitlement) Investigation of breach of contract or law (to or by investigative body) Health or security emergency Statistical or scholarly research (restrictions) Archives 100 years or 20 years after death Publicly available and in regulations Compliance with law
Limiting collection • Only for identified purposes
Limiting use, disclosure and retention • No additional purposes without consent • Retain only for as long as necessary to fulfill purpose for which information collected • Retain long enough to enable access to information used for decision • Guidelines and procedures encouraged, including minimum and maximum retention periods
Accuracy • Accurate, complete, and up-to-date
Safeguards • Loss or theft, unauthorized access, etc. • Measures vary with sensitivity of information • Technological measures (e. g. encryption) • Employee training
Openness • Policies in readily accessible form • Contact information • Means for access to information • General description of types of information held
Access • Confirmation of existence • Right of review • Disclosure of information to third parties (list) • Minimal or no cost • Due diligence and time limits • Amendment and corrections
Exceptions to Access • 3 d party information • Solicitor-client privilege • Confidential commercial information • Health or security of 3 d party • Compromise legal investigation • Information generated from formal dispute resolution process • Notification of access request to government for law enforcement (government veto)
Challenging compliance • Procedures and notification • Duty to investigate • Appropriate remedies
Oversight and Enforcement
Privacy Commissioner • Complaints • PC’s power to initiate • Investigative powers and mediation • Reports (confidentiality and shaming) • Audits • Education, research, and compliance assistance
Federal Court • Complainant • Privacy Commissioner • Remedies
Provincial Legislation • Non-commercial • Employees in provincial sector • Commissioners’ order-making powers • Jurisdictional issues
- Steven penney
- Nearly free electron model ppt
- Privacy awareness and hipaa privacy training cvs answers
- Malaysia data privacy law
- Faculty of law maastricht
- International laws maastricht
- Faculty of law of the university of zagreb
- University of montenegro faculty of law
- Faculty of law iustinianus primus
- Newton's first law and second law and third law
- Si unit of newton's first law
- V=k/p
- Boyle's law charles law avogadro's law
- In the restroom tishena was brushing her hair
- Oregon state testing portal
- Michigan association of administrators of special education
- Iste standards for administrators
- Hbcu title iii administrators
- Smart goals for special education administrators
- California association of school administrators
- He was treated like a ____ and cast out from his community.
- First nations education administrators association
- Crown healthshare administrators inc
- Akari curtin
- Missouri association of court administrators
- Institute of chartered secretaries and administrators
- Black public administrators
- National association of financial aid administrators
- Michigan association of special education administrators
- Crown healthshare administrators inc
- International global assistance
- National association of financial aid administrators