i-SIGMA Reacting to Regulatory Issues Heating Up in Canada
There is a lot happening on the regulatory front in Canada right now.
In June, Quebec’s Bill 64 proposed dramatic data protection and privacy rights along the lines of the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
Then, in July, British Columbia announced a formal review of the province’s Personal Information Protection Act (PIPA). i-SIGMA submitted its official comment on the review last week.
At the same time, Ontario announced it is considering a provincial privacy and data protection law that will supersede the country’s Personal Information and Electronic Document Act (PIPEDA).
More recently, likely as a reaction to these provincial initiatives, i-SIGMA learned the Canadian federal government is considering legislation to reform PIPEDA. According to sources, they are hoping the national initiative will halt the provincial attempts, which it is feared will create significant confusion and potentially differing standards on privacy.
Under PIPEDA, Canadian provinces are subject to the national law unless they establish their own regulation of equal or higher strength. This flurry of activity is thought to be indicative of the continuing global movement to regulations requiring much higher transparency of Data Controllers while affording citizens more control over their personal information.