Chapter 1 Canadian Privacy Basics

Question 1

What is Information Privacy?

Answer 1

The claim of individuals, groups, or institutions to determine for themselves when, how, and to what information about them is communicated to others

Question 2

What is Privacy of the Person?

Answer 2

Protects bodily integrity and the freedom from physical contact that would reveal objects or matters a person wishes to conceal.

Question 3

What is Territorial Privacy?

Answer 3

Places limitations on the ability of an individual or organization to intrude into another individuals physical environment.

Question 4

Two Social Origins of Privacy?

Answer 4

Intertwined with religion and culture.
Arisen within the context of human rights

Question 5

3 Perspectives of Privacy in Canada

Answer 5

Privacy of the individual vis a vis the state
Privacy of the individual vis a vis other individuals
Privacy of the individual vis a vis organizations

Question 6

What are the Different World Models for Data Protection (5)

Answer 6

Comprehensive Laws
Sectoral Laws (US)
The Self-Regulatory Model (US, Japan, Singapore)
Seal Programs
The Technology-Based Model

Question 7

3 Levels of Canadian Government

Answer 7

Federal Government
Provincial/Territorial
Municipal

Question 8

What is the Technology-Based Data Protection Model?

Answer 8

Technological security measures can be undertaken to ensure the protection of individual’s personal data
Consumers may now select from a variety of technological means to ensure privacy and security are met
Trustworthiness of tech becomes a growing concern and needs to be tested

Question 9

What is a Seal Program Data Protection Model?

Answer 9

Certifications provided by third Parties
Requires its participants to abide by codes of information practices and adhere to some variation of monitoring to ensure compliance

Question 10

What is the Self-Regulated Data Protection Model?

Answer 10

Requires companies to abide by codes of practice as set by a company or group of companies as well as by industry and/or independent bodies to protect data

Question 11

Two major issues with Self Regulated Model?

Answer 11

Adequacy - Provides limited data protection
Enforcement - Weak mechanisms

Question 12

What is Sectoral Law Data Protection Model?

Answer 12

Protects PI through enactment of laws that specifically address particular sectors
Often used as a compliment to comprehensive for more specific protection

Question 13

Two Major Drawbacks of Sectoral law Model?

Answer 13

Technological relevance - legislation often lags the technology that needs to be regulated
Oversight - lacks a central agency and a federal privacy mandate to provide oversight of the myriad data protection laws

Question 14

What is the Comprehensive Law Data Protection Model?

Answer 14

Has an official or agency responsible for overseeing enforcement. Data Protection Authority DPA or Commissioner/ombudsman
Official ensure compliance with the law

Question 15

2 Critical Issues with Comprehensive Model?

Answer 15

Data protection officials granted varying degrees of power
Countries choose to allocate varying levels of resources to the enforcement of data protection laws, leaving some countries inadequately funded and protected

Question 16

What are the General Concepts of Generally Accepted Privacy Principles? (GAPP)

Answer 16

Jointly developed by the AICPA and CICA, meant to be used by any organization involved in handling of PI

Established to help businesses navigate competing interests of business, government and consumers

Question 17

What are the Ten Principles of GAPP?

Answer 17

1. Management
2. Notices
3. Choice and Consent
4. Collection
5. Use, Retention, and Disposal
6. Access
7. Disclosure to Third Parties
8. Security for Privacy
9. Quality
10. Monitoring and Enforcement

Question 18

10 Principles established by the CSA

Answer 18

1. Accountability
2. Identifying Purposes
3. Consent
4. Limiting Collection
5. Limiting Use, Disclosure, and Retention
6. Accuracy
7. Safeguards
8. Openness
9. Individual Access
10. Challenging Compliance

Question 19

What is the CSA?

Answer 19

Canadian Standards Association:
Broke OECD’s Code into 10 principles
The ‘model code for the protection of personal information”
Became a schedule of PIPEDA

Question 20

What is PI?

Answer 20

Any identifiable information about an individual

Question 21

Employee Information Definition

Answer 21

in respect of an individual who is an employee or a potential employee, PI is reasonably required by an organization that is collected, used, or disclosed solely for the purposes of establishing managing, or terminating an employment relationship between the organization and the individual but does not include PI about the individual that is unrelated to that relationship.

Question 22

Work-Product Information Definition

Answer 22

Related to that individual position, functions, and/or performance of their job
Note: Conflicts as to whether this is protected as PIPEDA does not distinguish these types of PI

Question 23

Two Branches of Power in Canada

Answer 23

Legislative Branch
Members of the House of Commons and Senate
Introduce, Debate, and pass bills and policy
Oversight of executive branch (appoint several officers of parliment
Judiciary Branch
Headed by Supreme Court of Canada
Network of Federal and Provincial courts

Question 24

What Areas are the Federal Government Responsible For?

Answer 24

Criminal Law
Banking
National Defense
Trade and Commerce

Question 25

What Areas are the Provincial Government Responsible For?

Answer 25

Hospitals
Education
Provincial Courts
Municipalities
Property and Civil Rights Matters

Question 26

Roles of Courts

Answer 26

Interpret Laws
Review laws and government actions to ensure rights and freedoms as enshrined in the Charter are upheld
General authority tor review most government decisions

Question 27

Roles of Administrative Tribunals

Answer 27

Interpret laws and occasionally enforce charter rights
Vehicles of the executive branch. Organized to administer specific programs with a certain degree of expertise

Question 28

Roles of Privacy Commissioner

Answer 28

Officer of Parliament, not a member of the executive branch of government
Accountable directly to the legislature
Required to table annual reports to parliament outlining work accomplished and conclusions of matters