Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

Canada Proposes Major Fines on Firms That Violate Privacy Laws

The government of Canadian Prime Minister Justin Trudeau on Tuesday presented a draft law that would impose major fines on companies that violate privacy law by misusing the personal data of their customers.

The government of Canadian Prime Minister Justin Trudeau on Tuesday presented a draft law that would impose major fines on companies that violate privacy law by misusing the personal data of their customers.

The fines would max out at five percent of the company’s revenue, or CAN$25 million (USD $19.1 million), whichever is higher, said Navdeep Bains, the minister of innovation, science and industry.

Trudeau said the new law would stipulate the highest fines imposed among Group of Seven nations for privacy violations.

He said the Digital Charter Implementation Act would give “more control to Canadians and more transparency about how companies handle their personal information.”

If the law is adopted, Canadians would henceforth be allowed to request the destruction of their personal data, the government said in a statement.

Data collection consent forms would have to be written in an easily understandable way, and not in a lengthy document laden with legalese, it said.

Canada’s privacy commissioner would be able to order a company to stop collecting data or using personal information.

In recent years, several cyberattacks targeting the data of millions of Canadians have occurred.

Advertisement. Scroll to continue reading.

This past summer, about 10,000 accounts belonging to those using online government services were hacked.

The data of about 15 million customers — just shy of half of Canada’s population of 38 million people — was stolen from medical lab LifeLabs in November 2019.

Also last year, Canadian bank Desjardins saw the personal data of about 4.2 million clients stolen by an employee and given to a third party.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Application Security

Open banking can be described as a perfect storm for cybersecurity. At one end, small startups with financial acumen but little or no security...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Government

The proposed UK Online Safety Bill is the enactment of two long held government desires: the removal of harmful internet content, and visibility into...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.