Every year, privacy becomes an increasingly important issue not only for technology and large corporations but also for ordinary consumers, as well as for authorities that regulate the relationship between the user and the business.
Although, in general, all countries understand the direction in which privacy needs to be developed (most countries rely on GDPR), each country has its own set of laws that ensure and control consumer privacy.
As technology continues to evolve and permeate almost every aspect of modern life, regulators must grapple with how best to regulate it.
New ways of collecting and processing personal information require new rules to protect those whose information is collected, analyzed and sold, often when they visit a new website or sign up for a new application. The advancement of artificial intelligence (AI) is also a major concern for many regulators, creating unique risks and challenges that need to be addressed.
Bill C-27 represents an effort by Canadian regulators on several fronts.
In June 2022, the Liberal Party of Canada introduced Bill C-27 to the National Parliament to strengthen data protection and privacy laws:
The new bill aims to give Canadians more control over how companies use their personal data, impose fines on non-compliant businesses, and create new rules for the use of artificial intelligence (AI).
Bill C-27, if passed, will likely replace the Personal Information Protection and Electronic Documents Act, changing the Canadian Privacy and Data Protection Act (PIPEDA).
While the Canadian Constitution recognizes the right to privacy as fundamental, existing legislation governing personal data is weak in terms of how large tech corporations can use customers' personal data for services such as targeted advertising, among others. Bill C-27 is one of the "most restrictive" legislative frameworks for data governance among the G7 countries. Bill C-27 has been praised for making clear that protecting privacy rights is essential to preserving individual freedom and dignity. Canadian human rights organizations consider this bill a positive development.
"An Act to Support and Facilitate Electronic Commerce by Protecting Personal Information Collected, Used or Disclosed in the Course of Commerce," is how the first law under the 2022 Digital Charter is described.
The Act aims to create provisions for the protection of personal information in such a way as to strike a balance between the need for organizations to collect, use or disclose personal information for purposes that a reasonable person would consider appropriate in the circumstances and the right of individuals to privacy. As for the use of personal data by organizations for commercial purposes, this applies to all organizations.
Below is a list of all the key elements of the Consumer Privacy Protection Act:
1. Giving organizations greater authority and transparency when processing Canadians' private information.
2. Giving citizens the freedom to securely transfer their information from one organization to another.
3. Ensuring that Canadians can request that their data be deleted when it is no longer needed.
4. Establishing stronger safeguards for children, such as limiting organizations' access to and use of information about children and enforcing higher standards for the processing of such data.
5. Giving the Privacy Commissioner of Canada broad powers to issue orders, such as the power to order companies to stop collecting data or using personal information.
6. Establish severe penalties for non-compliant organizations, with the most egregious violations subject to fines of up to 5% of global revenue or $25 million, whichever is greater.
If you have questions about the legal aspects of AI regulation, please contact Avitar.
Subscribe to our channels on social networks:
Contact us:
business@avitar.legal
Serhii Floreskul
,
Violetta Loseva
,
