Canadian Security Magazine

Public advocacy centre skeptical of data breach reporting regulations

By The Canadian Press   

News Public Sector annex data breach federal regulations public advocacy centre regulations

OTTAWA — Companies would be required to notify people in the event of a serious data breach involving personal information under proposed new federal regulations.


But the regulations do provide some flexibility, depending on the circumstances.

Several businesses — including telecom provider Bell Canada and affair-seekers website Ashley Madison — have been stung by breaches in recent years.
 
The loss of data can be embarrassing for an organization and can cause headaches for customers whose personal or financial details are suddenly swirling in cyberspace.

Legislation passed two years ago laid the groundwork for mandatory reporting of private-sector breaches that pose a “real risk of significant harm” to individuals.

The Ottawa-based Public Interest Advocacy Centre says the proposed regulations don’t go far enough because they give companies discretion as to whether a breach is serious enough to report to those affected and the federal privacy commissioner.

Advertisement

News from © Canadian Press Enterprises Inc. 2017

Print this page
Stories continue below


Related
Equifax breach exposes 143 million people in U.S. to identity theft
Bell Canada alert prompts RCMP, privacy watchdog to investigate data breach
Nine out of 10 of Canadian companies suffered a cybersecurity breach in 2017
IBM survey finds deep consumer anxiety over data privacy and security

Leave a Reply

Your email address will not be published. Required fields are marked *

*