Membership is FREE!   Professional Designations for Business & Technology Professionals


A new privacy bill for our age

2 Mins read

Bill C-11 aims to give more meaningful information about the collection, use and disclosure of data, while giving organizations tools to be more competitive in the digital economy.

The federal government has introduced an ambitious new bill that aims to protect Canadians’ privacy while promoting data-driven innovation. It also marks the first meaningful attempt in Canada to regulate the use of data in artificial intelligence. 

 “[The government is] trying to facilitate a clear path to using data responsibly for Canadian competitiveness,” says Carole Piovesan, a partner and co-founder at INQ Data Law in Toronto.

It’s the first significant effort to update Canada’s privacy law in over 20 years. By introducing Bill C-11, Ottawa is signaling its intention to align its data privacy regime with the values promoted under the EU’s General Data Protection Regulation – or GDPR – in force since 2018. It also aims to implement the principles outlined in the Digital Charter unveiled last year. “The big difference is that the CPPA still maintains a principle-based approach, and it’s not as prescriptive as the GDPR,” says Piovesan. “So it is giving some flexibility in the interpretation of the legislation in a number of areas.”

If passed, Bill C-11 will give birth to a new Consumer Privacy Protection Act, hived off from the current federal private sector privacy law, PIPEDA. 

Another major development is that Bill C-11, on paper, gives the Privacy Commissioner of Canada teeth by granting it order-making powers to enforce compliance. But the OPC will have to share power with a new Personal Information and Data Protection Tribunal that can impose penalties for violations under the new law. “So you have in place an additional layer of accountability,” says Piovesan. Hopefully, separating order-making authority from the power to impose fines will serve as a meaningful check and balance on OPC findings.

For the more serious offenses, the tribunal can issue fines of up to 5% of an organization’s global revenue or $25M, whichever is greater. For lesser infringements, penalties can represent 3% of global revenue or $10 million. Under the GDPR, fines for breaches can reach up to 4% of a firm’s worldwide annual revenue in a worst-case scenario.

Those in contravention of the law face another risk. The bill sets out a private right of action for individuals—though triggered only in cases where there is a finding of a privacy violation by the OPC that is either not appealed or upheld by the tribunal. Similarly, the GDPR grants private citizens of the EU an active role in its enforcement.

What’s more, there are also whistleblower protections under the new bill against firing or imposing disciplinary measures against employees for reporting, in good faith, violations under the law.

A bill for the digital age

Among Bill C-11’s other features is…

Read The Full Article

Related posts
CybersecurityFancy That ConversationPrivacyWebinars

An early assessment of our proposed new Privacy Laws by Derek Lackey

1 Mins read
An early assessment of our proposed new Privacy Laws – a very informative discussion with Derek Lackey.  Derek Lackey has been on…

Privacy Pressure Points: A Closer Look at Ten Consumer Privacy Protection Act Concerns

3 Mins read
The Canadian government yesterday introduced the Consumer Privacy Protection Act (technically Bill C-11, the Digital Charter Implementation Act), which represents a dramatic change in…

An Early Assessment of our Proposed New Privacy Laws

1 Mins read
With an initial impression of Bill C-11:  it is a series of 1/2 measures designed to “sort of” protect citizen’s personal information,…

Yes, I have read and live by this Code of Ethics - We are BIZTEK, located in Mississauga, Ontario. Business Certification is an important part of doing business in Canada. Join us to set new standards and professionalism to the technology sector. We will email you regarding issues that affect business and technology professionals in Canada. Contact us at or call us at 647 499 2744. You can unsubscribe at any time.


Leave a Reply

Your email address will not be published. Required fields are marked *