Home arrow Identity Theft arrow In The News arrow Canadian Law May Impact Data Breach Notifications in the United States
User Login





Lost Password?
No account yet? Register
Guard My Credit Menu
Home
- - - THE ISSUES - - -
Videos
Fraud and Scams
Credit Issues
Identity Theft
Privacy Issues
Our Children
Politics & Politicians
- - ACTION CENTER - -
Guard My Credit Links
Helpful Pamphlets
- - - - - - - - - - - - - - -
About ACCESS
Contact Us
About Our Site
Join the Fight
ACCESS is a non-profit, tax exempt consumer advocacy group.

Donations are tax deductable.
Guard My Credit Hits
11082918 Visitors
Canadian Law May Impact Data Breach Notifications in the United States PDF Print E-mail

December 30, 2016 - Despite efforts in congress to weaken state data breach notification laws, because data breaches don't respect borders, changes in Canadian law are likely to help Americans. Legislation to update Canada's Personal Information Protection and Electronic Documents (PIPEDA) is moving through parliament and is likely to go into effect sometime in 2017. Changes to the law will mandate that companies experiencing a data breach will be required to notify the country's Privacy Commissioner in any data breach where there is "a real risk of significant harm." And any time there is a real risk of significant harm to individuals, those individuals will also need to be notified.

Image

The effect of this on American companies remains to be seen, but any American company with Canadian customers would be covered under the law. This means that regardless of anything that congress does to usurp state data breach notification laws, American companies doing business in Canada and Canadian and international  companies doing business in the United States would have difficulty hiding data breaches.

This is exactly the same situation that that occurred after California became the first state to mandate data breach notification to consumers. ChoicePoint was the first large data breach that occurred after the law went into effect. The company was forced to notify 35,000 California residents that their data had been breached but stated that residents of other states weren't impacted. Within a week, they were forced to change that position due to questions being asked in the media. The company then stated that 145,000 consumers in virtually every state were impacted.

Any company subject to PEPIDA would be well advised to continue making notifications of data breaches to American consumers even if American law doesn't require them to. Consumers have shown that they will vote with their feet if they don't trust the companies that they do business with. Any company that gets caught up in a situation similar to that of ChoicePoint would certainly lose customers and could actually find their entire business threatened if consumers decide to take their business elsewhere.  

byJim Malmberg

Note: When posting a comment, please sign-in first if you want a response. If you are not registered, click here. Registration is easy and free.

Follow me on Twitter:

Twitter Counter for @OldAbeWhipple

 

Follow ACCESS

 

Comments
Search
Only registered users can write comments!

3.25 Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."
 
Guard My Credit Polls
Poll #166 - Have you personnally been a victim of Identity Theft
 
#1 - Why did you visit our site today?
 
.•*´¯☼ ♥ ♥ Your Support of These Links Is GREATLY Appreciated ♥ ♥ ☼¯´*•.
Advertisement
 
Go to top of page
Home | Contact Us |About Us | Privacy Policy
eXTReMe Tracker
04/25/2024 06:46:05