Public advocacy centre skeptical of data breach reporting regulations

The Canadian Press
Tuesday September 05, 2017
Written by The Canadian Press
OTTAWA — Companies would be required to notify people in the event of a serious data breach involving personal information under proposed new federal regulations.

But the regulations do provide some flexibility, depending on the circumstances.

Several businesses — including telecom provider Bell Canada and affair-seekers website Ashley Madison — have been stung by breaches in recent years.
 
The loss of data can be embarrassing for an organization and can cause headaches for customers whose personal or financial details are suddenly swirling in cyberspace.

Legislation passed two years ago laid the groundwork for mandatory reporting of private-sector breaches that pose a “real risk of significant harm” to individuals.

The Ottawa-based Public Interest Advocacy Centre says the proposed regulations don't go far enough because they give companies discretion as to whether a breach is serious enough to report to those affected and the federal privacy commissioner.

News from © Canadian Press Enterprises Inc. 2017

Add comment


Security code
Refresh

Subscription Centre

 
New Subscription
 
Already a Subscriber
 
Customer Service
 
View Digital Magazine Renew

Latest Events

(ISC)2 Security Congress
September 25-27, 2017
Focus On Drones
October 4, 2017
Anixter Showcase
October 12, 2017
Security Canada Central
October 18-19, 2017
CPTED Basic (Level 1)
October 23-25, 2017