Skip Navigation

NAID-Canada urges legislators to support bill S-4

8 May 2014

NAID-Canada will soon publish a position statement, lamenting the country’s lagging response to shortcomings in its data protection regulations and enforcement regime compared to advancements in other developed nations.

The statement is meant to prompt support for a new bill (S-4), mandating a national data breach notification requirement. Currently, only Alberta’s Personal Information Protection Act (PIPA) has a breach notification requirement, which was added by an amendment in 2010. In other provinces, and at the national level, breach notification is only recommended.

“In 2007, a recommendation to voluntarily report breaches to the commissioner resulted in an average of 58 such reports per year across the entire country,” said NAID CEO Bob Johnson. “But since it’s become mandatory in Alberta, there have been three times that number per year in a single province.”

Canada’s national data protection law, the Personal Information Protection and Electronic Document Act (PIPEDA) enacted in 2000, has not been updated and legislators have ignored recommendations for dramatic changes to the law stemming from a 2007 review.

“After starting out in a leadership role, Canada is in real danger of having the weakest data protection regulations in the developed world,” added Johnson.

A version of NAID’s position statement to Canadian legislators will appear in the upcoming spring edition of NAIDnews.