Forgot your password?
typodupeerror
Privacy Your Rights Online

Canadian Privacy Act 398

Posted by michael
from the bless-canada dept.
Nos. writes "Yesterday, I happened upon an Act that came into effect in Canada on January 1, 2004. The Personal Information Protection and Electronic Documents Act protects almost every bit of personal information not publicly available. For example, your name, race, date of birth, income, etc. are protected where your address and telephone number are not (these are generally available in the telephone book). Some of the more interesting parts of the faq include such wonderful things as: '[businesses must] supply you with a product or a service even if you refuse consent for the collection, use or disclosure of your personal information unless the information is essential to the transaction'. Definitely a step in the right direction."
This discussion has been archived. No new comments can be posted.

Canadian Privacy Act

Comments Filter:
  • by cartzworth (709639) on Friday February 13, 2004 @05:36PM (#8274203) Journal
    ...this conincides with the Canadian recording industry going after users.
    • Re:So it happens... (Score:3, Informative)

      by Anonymous Coward
      Actually, this legislation was passed several years ago, but the date that non-government organizations were required to be compliant was Jan 2, 2004.
  • Fake data (Score:5, Interesting)

    by CaptBubba (696284) on Friday February 13, 2004 @05:36PM (#8274205)
    Am I the only one who just spits out a random string of numbers when they ask for phone number or zip code info at the checkout?
    • by Anonymous Coward on Friday February 13, 2004 @05:45PM (#8274329)
      Some cash registers actually check for that. But I never had a problem with giving them my address and phone number.

      1060 West Addison Ave.
      Chicago, IL 60613-4397
      773-404-2827

      Ok, one record store clerk and Blues Brothers fan almost died laughing.
    • by OverlordQ (264228) on Friday February 13, 2004 @05:46PM (#8274350) Journal
      What I use:

      Name: Zaphod Beeblebrox
      Address: (I live 2 states away now)
      Phone: 620-664-5522 (Modem Pool)
    • by NorthDude (560769) on Friday February 13, 2004 @05:56PM (#8274481)
      This may only be funny for french speakers... But any time they ask for my postal code in a web form (i'm in Montreal), I enter: G1Q 1Q9 hehe
    • Santos L. Halper
      732 Evengreen Ter.
      Springfield KY, 40069
      (859)764-8437 (I know, it's Moe's...)
    • Re:Fake data (Score:3, Interesting)

      by DR SoB (749180)
      Haha, that's what I was thinking. You wouldn't believe how many times "Homer Simpson" has said at the Howard Johnson in Toronto, and had huge parties! I think I've singled handledly destroyed any chances homer will ever have good credit again.

      BTW- I'm not so worried about MY gov't collecting info on me, as I'm worried about YOUR gov't (read - Carnivore) collecting information on me...
    • by DoorFrame (22108) on Friday February 13, 2004 @06:09PM (#8274658) Homepage
      I had a friend who used to give the name Ray Diosack (pronounce it) to Radioshack when they asked for his name. He would then procede to give the cashier the street address for the store he was in. Nobody ever commented on this fact. Anyway, he would laugh to himself about the bulk mailers that must show up at the store every month from Radio Shack to Ray Diosack.

      He then went to a local computer shop called MicroCenter. As he was waiting in line he realized that this would work great for his little name game: Mike Rocenter... it even sounds like a real name. So anyway, he gets to the cashier full of excitement and gives the name Mike Rocenter. The cashier enters the name into the computer and says, with a straight face, "727 Memorial Drive"? This was, of course, the location of the store. Somebody else had given them the same fake name and address. Oh well, my friend sheepishly said yes and paid for his purchase.
  • Not retroactive? (Score:5, Interesting)

    by Raindance (680694) * <(johnsonmx) (at) (gmail.com)> on Friday February 13, 2004 @05:36PM (#8274207) Homepage Journal
    This looks like a good thing. However, in a quick glance-through of the act, I didn't see anything dealing with information already collected.

    Or if governmental agencies' practices are also influenced by the act.

    RD
    • by nilstar (412094) on Friday February 13, 2004 @05:45PM (#8274334) Homepage
      I actually had to sign one of these statements at work & deal with this whenever I see the doctor/dentist/etc.

      It seems that information already collected must be dealt with according to the act. Just because you collected it last year, doesn't mean you don't need consent to use it this year. Actually, my Dentist made me sign a form for them to share/get information with outside labratories.
    • Re:Not retroactive? (Score:5, Informative)

      by vmacneil (689336) on Friday February 13, 2004 @05:46PM (#8274349)
      There is another act called the Privacy Act that circumscribes the behaviour of government. That act was passed in 1980. You can find it here... http://laws.justice.gc.ca/en/p-21/93543.html
    • Re:Government (Score:5, Interesting)

      by Baron_Yam (643147) on Friday February 13, 2004 @05:48PM (#8274367)

      I don't even have to review the legislation to know that no matter how it is written, CSIS, the RCMP, and your local cop shop will ignore it if they feel the need.

      Your SIN is private, right? HEH. Nope. Now it's linked in government databases to everything. As someone who once had complete and total access to several sensitive (welfare client info) government databases - and was challenged appropriately by only ONE of dozens of sysadmins - I don't trust the government to protect a pile of dog feces.

      • Re:Government (Score:3, Informative)

        by Anonymous Coward

        Now it's linked in government databases to everything.
        Canada's Social Insurance Numbers are basically an account number for each citizen. By law even the banks can't demand it although they can refuse service if you don't give it to them.
      • by Anonymous Coward on Friday February 13, 2004 @06:28PM (#8274856)
        Your SIN is private, right? HEH. Nope. Now it's linked in government databases to everything. As someone who once had complete and total access to several sensitive (welfare client info) government databases - and was challenged appropriately by only ONE of dozens of sysadmins - I don't trust the government to protect a pile of dog feces.

        The personal details of all Canadian residents (not just citizens) are automatically classified as "Protected" and any department or agency worth their salt actually do take this sort of stuff seriously.

        Any case of abuse (of people's personal data) does tend to result in being fired, period.

        The federal government (outside CCRA) does avoid using SIN as much as possible because any document with that on it, has to be classified "Protected".
        HRDC uses a fair bit, but as little as possible in what I've seen.

        I've seen federal government forms that ask for only the last digit of your year of birth, in an attempt to prevent age decriminitation (if they don't know your actual age, they can't be accused of decriminiating based upon it) in the hiring process.

        Honestly I have to say the Canadian federal government takes privacy seriously, it's an important Canadian value. Sure, some people see it as a hassle and more paperwork, but overall the vast majority do value the public's privacy and security.

        BTW, do you know if there was an auditing on that database? Not all privacy enforcement is pro-active, to prevent being overly burdensome, but can flag and catch abusers. That technique is heavily used in medical privacy, and the medical files of celeberties.

    • by Dukael_Mikakis (686324) <`moc.liamg' `ta' `retsreofwerdna'> on Friday February 13, 2004 @05:56PM (#8274482)
      It does seem like a step in the right direction. It's mind-boggling to me how America, being as "enlightened" as it is, seems hesitant to respect privacy rights. In Europe employee monitoring laws are being tightened while in America this report says the trend is increasing [sonic.net]. Even in California when a protective bill was passed it was vetoed [usatoday.com] by the (formed) Gov. Grey Davis. And I think that the argument is frivolous that if you have nothing to hide then it shouldn't be a problem. Then, surely, you wouldn't object to a full body search every morning coming into work?

      It just demonstrates how strongly America loves its businesses and corporations (and subsequently, its money). These corporate/business-friendly policies that put so much pressure on American employees are just like outsourcing in that they alienate the apparently "not-worthwhile" American employee. While America may keep their corporations and their corporate revenue, they might lose a comparable amount in salaries and income taxes. Perhaps.

      I like these progressive-non-Big-Brother (i.e. not China, Saudi Arabia, evidently) countries that respect the people and their lives rather than corporations.

      You do raise a good point about govenment monitoring and the like. It does seem like small consolation to have your privacy rights from your employer, but still allow the government to monitor every aspect of your existence.

      Still, this is a good thing.
    • It is in fact retro-active, so much so that my company has set up a service division to provide compliance guidance. We are in the Oil and Gas software and services business, meaning that we deal with a lot of databased info on a daily basis (both public and proprietary data). Some of this information (which for years has been distributed with little thought), is now regulated by the new law.

      Failure to comply is a serious issue and may result in (now stealing from our website):

      - Legal liability
      - In

  • by Anonymous Coward on Friday February 13, 2004 @05:36PM (#8274211)
    Sure, we laughingly call it "America Junior," but when it comes to privacy rights America Jr. has it all over Big Brother.
  • Thank God! (Score:5, Funny)

    by _ph1ux_ (216706) on Friday February 13, 2004 @05:36PM (#8274213)
    For me being an American! Where our rights to privacy are honored and upheld by the great - hey, wait a minute.....
    • Oz? (Score:3, Funny)

      by handy_vandal (606174)
      [Thank God!] For me being an American! Where our rights to privacy are honored and upheld by the great - hey, wait a minute.....

      You were going to say ... "the Great and Powerful Oz ..." ??

      -kgj
  • So hypothetically... (Score:5, Interesting)

    by Tuxedo Jack (648130) on Friday February 13, 2004 @05:37PM (#8274216) Homepage
    This could outlaw "drive-by" installs of spyware in Canada.
  • Privacy = Myth (Score:3, Interesting)

    by swordboy (472941) on Friday February 13, 2004 @05:37PM (#8274219) Journal
    Yeah... and we've got HIPAA [hipaa.org] for medical privacy here in the US yet, when I visited the doc's last, I found that he had installed a RF wireless keyboard that uses one of eight selectable encryption keys.

    Privacy is impossible if one is to interface with the digital world.
    • Re:Privacy = Myth (Score:5, Insightful)

      by cgranade (702534) <cgranade AT gmail DOT com> on Friday February 13, 2004 @05:42PM (#8274289) Homepage Journal
      Well, privacy, like encryption, should be based on the knowledge that a highly motivated individual can and will break the system, but that the goal is to make the cost (money, time, resources, personal risk...) involved is high enough that 1) it cannot be done en masse, and 2) the value obtained from such a violation is by far overshadowed by the expediture. This is the basic idea behind security, too, both information security and physical security.
    • Re:Privacy = Myth (Score:3, Insightful)

      by stoolpigeon (454276)
      I wouldn't say impossible but I'd go with unlikely. Especially with cases like you mention above- people using technology without really understanding how it works.

      I was reviewing my companies out going email the other day and apparently our CFO sends himself financial spreadsheets through email with no encryption, security, etc. Crazy.

      Some people will blow it on HIPAA but many others are running around like crazy trying to be in compliance- as they are afraid of getting slammed. (We work with hospital
    • Re:Privacy = Myth (Score:3, Interesting)

      by chadjg (615827)
      Ha! That's nothing. I found a computer at a charity drop off point that has an intact OS, programs & everything. I fired up its copy of Word and it said the programs registered to some financial institute. Futher poking around revealed names, SSNs draft wills, and other goodness. Morons! At least your doctor had "encryption."
  • by Amiga Trombone (592952) on Friday February 13, 2004 @05:39PM (#8274246)
    For example, your name, race, date of birth, income, etc. are protected where your address and telephone number are not

    What I want is not to be pestered salesmen and junk mail.

    I don't care if total strangers send me birthday cards.
  • Your name? (Score:4, Funny)

    by shawn(at)fsu (447153) on Friday February 13, 2004 @05:40PM (#8274253) Homepage
    "protects almost every bit of personal information not publicly available. For example, your name"...
    "where your address and telephone number are not (these are generally available in the telephone book)."

    So in Canada they dont put your name in a phone book?
    If this was real, it would make for some great jokes.
  • by he-sk (103163) on Friday February 13, 2004 @05:40PM (#8274258)
    are two different things. Ie, here in Germany we have very tough laws with regard to your personal information and how it must be handled by businesses and the government. It's called "Datenschutz" and the CCC (Chaos Computer Club, you know: Blinkenlights) is a big lobbiest for Datenschutz.

    Unfortunately the laws and procedures are broken every day, simply because it's so easy to do. It's very rare that somebody publicly complains when personal privacy is jeopardized and even when somebody cries foul, the public doesn't care.
    • here in Germany we have very tough laws with regard to your personal information and how it must be handled by businesses and the government

      This is actually a EU directive [eu.int]. Or actually, two different ones. One dealing with regular privacy (enforced since 1998), and one with online privacy (enforced since last year). Seemingly when you read the text of the directive, it has a lot of teeth, but in practice they make exceptions every time someone asks. Like when the US insisted on having every bit of availab
  • I wonder... (Score:5, Interesting)

    by Anonymous Coward on Friday February 13, 2004 @05:40PM (#8274259)
    For example, your name, race, date of birth, income, etc. are protected where your address and telephone number are not.

    How are they going to call you without your name?
    • You dont need to have your name listed in the phone book.

      You can have the listing read "flancrest enterprises" if you want, or "compuglobal hypermeganet"
    • It happens all the time.

      Dukael: Hello?
      Prerecorded Voice: Has your love life been slow recently? If so I have a great new product that can endow you one or two more inches.

      Dukael: Keep talking...
  • by Anonymous Coward on Friday February 13, 2004 @05:42PM (#8274278)
    Hi. I'm Troy McClure. You might remember me from such Canadian privacy films as "Bob McKenzie Owns 83 lbs of Back Bacon" and "Anne Murray: Lesbian or Not?"
  • Toothless? (Score:5, Interesting)

    by Dachannien (617929) on Friday February 13, 2004 @05:42PM (#8274292)
    [businesses must] supply you with a product or a service even if you refuse consent for the collection, use or disclosure of your personal information unless the information is essential to the transaction.

    This is likely more toothless than you would think - or at least, if this were U.S. law, it would be - because things like your SSN, date of birth, or mother's maiden name would be described by the service provider as "necessary" because they "need" to do a credit check on you.

    • by stratjakt (596332)
      Yeah, well at least the assholes at radio shack cant refuse to sell me a AA battery because I refuse to give them my full name, address, phone number, etc, etc..

    • Re:Toothless? (Score:5, Informative)

      by Dixie_Flatline (5077) <.vincent.jan.goh. .at. .gmail.com.> on Friday February 13, 2004 @05:48PM (#8274373) Homepage
      It's illegal to REQUIRE a SIN (Social Insurance Number) in Canada if you aren't the government, an employer, or are somehow related to taxation. My bank can ask me for a SIN because they need to report the amount of income I made on interest. A credit card company CAN NOT ask for my SIN. If I refuse to provide it, and they refuse their service, I can file a complaint against the company. The SIN number is not meant as a unique identifier for anyone other than the government.

      If someone asks for it, read the fine print. It's usually optional. If it's not optional, make sure you phone the company and ask why it's required, and make sure they know that you know that it's not necessary for them to have it. DON'T GIVE IT OUT. It's not necessary to have your SIN for companies to do a credit check on you here.

      • Re:Toothless? (Score:4, Insightful)

        by dAzED1 (33635) <brianlamere@NOspam.yahoo.com> on Friday February 13, 2004 @05:53PM (#8274448) Homepage Journal
        well, unless you want a credit rating. All the "down with the man!" in the world won't help when you're trying to buy a house...and your credit history is tracked with that number.
        • Re:Toothless? (Score:3, Interesting)

          by Dixie_Flatline (5077)
          Sorry, are you talking US or Canada? I realize that it's hopeless in the States, but I have a perfectly reasonable credit rating without giving out my SIN number to anybody that asks. When I fill out credit card applications in the past, I just put a big line through the SIN portion, and that was that. I wasn't turned down for those credit cards, either.
        • Re:Toothless? (Score:4, Insightful)

          by RedSynapse (90206) on Friday February 13, 2004 @06:47PM (#8275048)
          Nobody is required to buy anything on credit. You are free to save up your money in your piggy bank until you have enough to pay for your house in cash.

          If however you would like to use someone else's money to buy your house then they are obviously going to want to know whether you are a good risk or not and are going to check your credit history to determine this.
    • Re:Toothless? (Score:3, Informative)

      by Anonymous Coward
      Sorry, canada is not the US so it is not useful to think of it in terms of the US and its privacy policy where companies can tell you to do whatever they want you to. Companies have a lot less power in canada and this legislation limits that power even further when it comes to private information.

      A credit report in canada can be produced with none of the above information you have mentioned. The core information for a credit report in canada is your name and date of birth and maybe a credit card or bank ac
  • 2 thoughts... (Score:2, Interesting)

    by John Seminal (698722)
    1) if this is really ture, and privacy will be protected, I recall MLK's words "free at last, free at last, thank God almighty we're free at last."

    2) if this is bullshit, then it is nothing but a pr stunt.

    i am feeling awfully cynical today. sardonic too, with a splash of "eat shit and die, big brother".

    btw, how will this be protected? what happens if a multinational corporation keeps information gathered in your country in a different country?

    • Re:2 thoughts... (Score:3, Informative)

      by thegrommit (13025)
      2) if this is bullshit, then it is nothing but a pr stunt.

      Interesting logic, care to explain? This isn't your usual local ordinance proclaiming some random date to be [insert local sports team] day.

      As to how it will be implemented, many companies ask up front where you're from. They then structure their conversation with you appropriately (or say they don't deal with Canadians).

      This article [infoworld.com] from last year goes into a few of these issues:
  • Great in theory... (Score:4, Insightful)

    by Stingr (701739) on Friday February 13, 2004 @05:47PM (#8274355)
    These laws are great in theory but considering the government's lack of enthusiasm to protect personal information (at least in the US) they are nearly impossible to enforce.

    The whole war on spam is the exact same thing. The government passes all of these laws to make it look like they're doing something but then can't/won't enforce said laws.

    They can pass all the laws they want but if the government is unwilling to enforce them then what's the point?
    • by shatteredpottery (320695) on Friday February 13, 2004 @06:01PM (#8274555)
      Some provisions make it relatively easy to sue companies for violating the strictures. It does look as though companies are taking it fairly seriously.

      For example, you know those "preferred customer" cards that most stores have? Well, the pharmacies at stores in Canada are refusing to take them, because of the possibility that the marketing info from the cards could be correlated with your prescription information. They have big signs up to this effect in the stores in my area, and they say this is to comply with the law.

      And Safeway (perhaps others as well) is hoping to develop a generic coupon system so you can get credit for the pharmacy purchases later. I suppose they'll hand you the coupon with your prescription, and you can present it at the cash register at a later date, so there's no way to correlate the pharmacy purchase with the money. They already do this with a couple of other things, so it wouldn't show as pharmacy purchases. Not really sure though.
  • Businesses MUST (Score:2, Insightful)

    by Anonymous Coward
    Hey, tech support/marketing, do you hear that. I'm so sick of having to cough up all my information every time I call some tech line. What's next, a blood sample?

    I already have your product and it doesn't seem to be working correctly. I DON'T WANT YOUR SURVEYS OR MARKETING CRAP. I want support and it seems that I call the wrong number every single time.
  • Circular reasoning.. (Score:2, Interesting)

    by ricochet81 (707864)
    wtf, infomation that is not publicly available bla bla...isn't the privacy problem, in part, determining what in fact is infomation that should be public? Or is the phonebook company up there publicly owned? What if any ol business decided to make your infomation public, then, according to the post, it is available for any other business to post.
  • Car Dealerships... (Score:5, Interesting)

    by MojoRilla (591502) on Friday February 13, 2004 @05:49PM (#8274388)
    I was at a Honda dealer trying to get service for my car, and when they asked for my address, I told them I didn't want any junk mail.

    They were flustered. They said there was no way to put me into the system without getting on a marketing list. Eventually I gave them a fake address.

    Go Canada. Stop this abuse.
  • by lukewarmfusion (726141) on Friday February 13, 2004 @05:51PM (#8274415) Homepage Journal
    One of our hosting providers dealt with this issue. They had to send physical mail to each person to have them sign a release opting-in to their mailing list. Not spam, mind you, but system messages that they were relying on.

    I like the idea, but this creates a lot of work too. For the unemployed, though, I guess that doesn't always sound like a bad thing. :)
  • by Anonymous Coward on Friday February 13, 2004 @05:55PM (#8274472)
    Why is everyone asking if this is real? Do you think there are no laws in canada?
    My employer has been spending a few weeks getting all ouf our information complaint with this act, and pulled me off the phones for an information session.
    And tech support centers don't do things like that unless they are required to by law.
  • Finally! (Score:4, Funny)

    by barryfandango (627554) on Friday February 13, 2004 @05:57PM (#8274488)

    I can see it now...

    "No, mister clever Radio Shack employee, I don't want to give you my mother's maiden name, i just want to buy these double-a batteries! And now the law is on my side!"

    I can hardly wait!

  • by basil montreal (714771) on Friday February 13, 2004 @05:58PM (#8274504) Homepage
    I love this place. Our drinking age is lower, our technology is cheaper, our women are cuter...

    Seriously though, I have done allot of thinking about the difference between Americans and Canadians lately and I believe that the best way of explaining it is by looking at American idol and comparing it to CBC's Monday Report. Americans like to laugh at themselves and Canadians like to laugh at their politicians.
  • Inaccurate Blub (Score:3, Insightful)

    by Jason1729 (561790) on Friday February 13, 2004 @06:00PM (#8274540)
    Just because the person who wrote the blurb only heard about PIPEDA this week doesn't mean it's newly enacted.

    When I took an IT law course in 1999 we talked about PIPEDA and it came into effect in stages starting in 2000, first affecting government, then banks, then large companies, and so on until it applies to all companies.

    Jason
    ProfQuotes [profquotes.com]
  • Being a Canadian, and being an advocate for privacy, I've always been fighting Banks and other companies about how they collect and 'store' my information without impacting my service. X Bank recently sent me a letter stating that if I didn't approve of their using my personal information, it could impact their ability to provide me services. (x = big non-customer focused bank).

    I promptly forward this to the Privacy office who responded back in just a week to both me and the X Privacy Department that:
    a) The Privacy Commission's opinion was that letter X sent to me implies that if I don't agree to let them collect information, I loose services. It then scolded X for forcing clients to agree to the new policy. Fork 1, X 0.
    b) X was warned to revise the letter to adhere to the new policy. Fork 2, X 0.
    c) X was to clarify their communications to the customers on what they mean by 'reduced services.' Fork 3, X 0
    d) X was to inform their clients of this new policy ASAP and apologize to me. Fork 4, X 0.

    X Bank has not contacted me to date (it's been four weeks). I closed my account with them today and informed the PC of the fact. When X bank asked why I was closing:
    "Sir, before I close this account may I ask why you're closing it?"

    "You don't know how to play the customer service game. The score is 4 to nothing."

    "Excuse me sir? I don't understand the answer and I need to put in something"

    "Fork 4, X 0 - put that in there"

    • by Kwil (53679) on Friday February 13, 2004 @07:40PM (#8275471)
      Thanks a lot.. ..by just leaving the Bank, you've basically given up your right to complain further on the matter. Had you stayed with them and made repeated requests to the Privacy Commissioner for your deserved apology, the bank would have continued to be letter slapped until it turned into government imposed fines.. which would have gotten their attention and possibly improved customer service for everyone.

      I know, not your responsibility, but it would have been nice for other folks having to deal with these guys.
    • by Beryllium Sphere(tm) (193358) on Friday February 13, 2004 @11:05PM (#8276874) Homepage Journal
      I just got back (to the US) from a security and privacy conference in Canada where one large ISP/telco talked about the impact of privacy legislation on their business.

      What they report is that the office of the Privacy Commissioner is strongly committed to protecting individual rights, and that if one customer complains then the company can be plunged into an expensive investigation.

      Even nutcases get a careful hearing, apparently. Normal and semi-normal customers get responsive answers because the company is afraid of formal complaints.

      The ISP will not turn over customer records, even to the tax authorities, without a court order or search warrant.

      Sign at the conference: "If you don't need it, don't collect it!"

      "To announce that there must be no criticism of the President, or that we are to stand by the President, right or wrong, is not only unpatriotic and servile, but is morally treasonable to the American public." --Theodore Roosevelt (1918)
  • by DR SoB (749180) on Friday February 13, 2004 @06:06PM (#8274612) Journal
    Police Information Systems,
    Information Practices and
    Individual Privacy.

    If your really interested in Ontario's laws regarding information storage, read the following article:

    http://qed.econ.queensu.ca/pub/cpp/March97/Schel l. pdf

  • The easiest way ... (Score:5, Interesting)

    by stratjakt (596332) on Friday February 13, 2004 @06:09PM (#8274654) Journal
    Is to vote with your wallet.

    I'm talking mainly about the retailers who ask for name, address, phone number, email etc, when you try to buy something.

    I went to Circuit City to buy a TV, took out enough cash to pay for it, walked in, told the guy which I wanted, and we walked to the little sales terminal. He asked "can I have your name and address?" And I said, "no, you can have $499 plus tax". He started telling me how the computer "requires" it.. Gimme a break.

    What you need to do is know when to walk away. I grabbed a sales circular by the door on my way out (because Best Buy would match the price)..

    In the states, I've noticed that Best Buy stopped asking, they must have got the message, for instance.

    It wastes the clerks time, annoys customers, and the marketing value of the collected data would come nowhere close to the amount of cold, hard, stinky cash walking out the door.

    It's just the tip of the privacy iceburg, sure, but it annoying, and a good place to start sending a message.
  • by t_allardyce (48447) on Friday February 13, 2004 @06:15PM (#8274712) Journal
    In the uk we have the Data Protection Act (of 1984 and redone in '98 AFAIK) which lays down rules about how your data is handled. Companies etc that collect data on you must be registered [dpr.gov.uk] and must keep your data secure from others. Also you have the right to view all the data that anyone holds on you and ensure its accurate (except in a few situations such as police investigation), you can even see emails/memos about you and cctv tapes (again AFIAK). Even my old school is registered. There are afew other things which i forget but you can read about here [hmso.gov.uk]
  • the us and canada (Score:5, Interesting)

    by circletimessquare (444983) <<circletimessquare> <at> <gmail.com>> on Friday February 13, 2004 @06:33PM (#8274900) Homepage Journal
    someone smarter than me said it better than me... the border between canada and the us is a one way mirror: americans look north and see themselves, canadians look south and see everything they are not

    americans think of canadians as cute little fuzzy americans who got lost in an ice box... they tend to think of canadians patronizingly, paternalistically, if they even think of canadians at all

    canadians think of americans as scary warmongering orwellian pseudofascists a half heart beat away from doing something really scary that canada has to worry about... they tend to emphasize their differences with americans as much as humanly possible, and they tend to think about their relationship with america alot

    as an american, all i can say is the maple leaf state sure is a cold lonely place (chuckle)
  • by Hawat (266650) on Friday February 13, 2004 @06:36PM (#8274925)
    There are other issues that you might consider before moving to Canada. These have to do with Free Speech. There is no room for it north of 49.

    Canada has an "Official Languages Commissioner" currently looking into Don Cherry's
    http://www.opinionjournal.com/taste/?id= 110004688
    remarks about "French Guys" being "wimps" since more of them in the NHL wear face shields. Basically, that's the whole story.

    The "Minister of State for Multiculturalism" is also involved: "the government will not tolerate statements that create dissonance in our society and disrespect for others."

    All this proves is that Candians need a Bill of Rights stronger than their wimpy... oops - Charter of Rights and Freedoms. Well, it doesn't seem to protect any speech outside of these Ministers of Silly Walks combined tut-tutting (which would be a fine way to just keep these political hacks busy if their mere opinions did not have the force of law).

  • PIPEDA (Score:5, Interesting)

    by Necrotica (241109) <cspencer.lanlord@ca> on Friday February 13, 2004 @06:36PM (#8274935)
    I'm from Canada and two weeks ago my employer held a seminar regarding PIPEDA and what it means.

    The ramifications of it are quite enormous though as someone pointed out, it isn't retroactive. Canadian lawyers will make a killing as contracts are established/renewed will need to ensure that privacy is taken into account.

    There are a few interesting twists to it, though. For example, my company is planning on implementing a very strict policy regarding PIPEDA. But I am currently outsourced working at a client's site. The policy that I will have to follow will be the one that my client implements.
    I was also told that there are looser stipulations for international business. So if I'm doing business with an American resident, and the United States doesn't have a similar law, then I am not required BY LAW to follow my company's privacy policy.

    It'll be interesting to see how the government tweaks this in the future. I am very happy that something like this is finally in place.
  • by Casper Foord (749485) on Friday February 13, 2004 @06:44PM (#8275020)
    Did you just attend the Security and Privacy conference in Victoria yesterday? I hope you didn't just horribly mislead the Slashdot hordes by citing the dates off the top of your uninformed head instead of basic research. (This conference had discussion about various privacy legislation.)

    Specifically, the federal Privacy Act came into effect July 1, 1983, the federal PIPEDA (Personal Information Protection and Electronic Documents Act) came into effect January 1, 2001, and the BC provincial PIPA (Personal Information Privacy Act) came into effect January 1, 2004. What it is important is that "[a]s of January 1, 2004, the [Personal Information Protection and Electronic Documents] Act will cover the collection, use or disclosure of personal information in the course of any commercial activity within a province, including provincially regulated organizations. The federal government may exempt organizations or activities in provinces that have their own privacy laws if they are substantially similar to the federal law." PIPEDA has been in place for a few years now, it just got extended to corporatations; BC now has their own overriding legislation as well.

    See here for more details:
    http://www.privcom.gc.ca/fs-fi/02_05_d_1 5_e.asp

    I also thought your post was a horrible summary of the various pieces of legislation and their consequences, but that's just my opinion. I'd suggest next time using the official government propoganda. Even your first sentence managed to probably be incorrect--PIPA (and probably PIPEDA, I'm not sure) does protect your personal information that is public as well, in terms of reasonable use (i.e. I believe telemarketers aren't allowed to go through the telephone directory).

    Regards,

    Casper
  • by RedSynapse (90206) on Friday February 13, 2004 @07:01PM (#8275177)
    Here's an interesting example of how this law is already having unforseen effects.

    Guy calls the bank to activate his new credit card. At the beginning of the call he gets the obligatory "This call may be mointored for quality assurance purposes" message. The guy complains that he doesn't want to have his call monitored. The bank says well if you don't like it you can jam your card where the sun don't shine. Guy complains to the privacy commissioner. The privacy comissioner rules in favour of the guy and decrees that banks cannot monitor calls without consent as it violates our fabulous new privacy laws.

    The upshot? It's now much easier for theives and fraudsters to steal credit cards from mailboxes and activate and use them. The bank is no longer allowed to record what phone number is used to register the card, and if the fraudster has obtained other personal information about you (or fraudently applied for the card in your name) you and the bank are screwed. Go privacy!

    • Negligent (Score:3, Insightful)

      by nuggz (69912)
      And how does taping prevent this?

      Steal the card, call from any phone, activate it.
      They don't authenticate in ANY way that I'm aware of.
  • by Txiasaeia (581598) on Friday February 13, 2004 @07:03PM (#8275198)
    I've registered my name in the phone book as my first initial of first two names and then my last name. I.e. H. J. Simpson. Since nobody actually calls me H. J., but prefers to use my real name (Homer), every time I get a call for my "telephone name," I know it's a telemarketer. Same thing goes for addressed mail. Haven't opened a piece of junk mail in years.
  • Here's an example (Score:4, Informative)

    by Vip (11172) on Friday February 13, 2004 @07:29PM (#8275374)
    Here's what they are trying to stop.

    Parking lot [canoe.ca] complaints [canoe.ca]

    825 complaints in 18 months in one city against one company. The data was sold by the government to the parking company.

    Vip

The reason why worry kills more people than work is that more people worry than work.

Working...