Canada lags on privacy breach disclosure Date: Tuesday, July 05 2005 Topic: Canadian News Canada lags on privacy breach disclosure MICHAEL GEIST Jul. 4, 2005. 01:00 AM At one time, public disclosures of privacy and security breaches were a rare occurrence. Companies were careful to keep such breaches quiet, content to compensate breach victims rather than face the inevitable negative publicity. No longer. Over the past 12 months, there has been a staggering number of reported privacy and security breaches — with some experts estimating that more than 50 million people have been put at risk since the start of this year alone. The number of breaches may not have changed — few doubt that privacy breaches have been occurring for years. But news of yet another privacy or security breach — whether it is the 40 million credit card holders whose personal information was recently placed at risk or the several dozen CIBC banking customers whose data was inadvertently faxed to a West Virginia junkyard — has become a staple of the daily news cycle. The change in practice is due in large measure to the State of California's SB1386, a two-year old law, which mandates that companies and agencies that do business in the state or possess personal information of state residents must report breaches in the security of personal information in their possession. Companies are required to act quickly, notifying customers in writing, electronically, or by prominently posting the information on their website. The California law has spawned nearly a dozen imitators throughout the United States as other states seek to provide their residents with similar protections. Moreover, pressure has begun to build on the U.S. Congress to adopt a national reporting law to provide all residents with equal treatment and to ensure that all companies face a single nationwide standard. Unfortunately, no similar law exists in Canada. In fact, until Ontario Privacy Commissioner Ann Cavoukian publicly called for the adoption of such a law late last month, no Canadian privacy commissioner at either the federal or the provincial level had used their position to pressure for such reforms. Michael Geist holds the Canada Research Chair in Internet and E-commerce Law at the University of Ottawa, Faculty of Law. He can reached at mgeist@uottawa.ca or online at http://www.michaelgeist.ca. http://www.thestar.com/NASApp/cs/ContentServer?pagename=thestar/Layout/Article_Type1&c=Article&cid=1120429209287&call_page=TS_@Biz&call_pageid=971794782442&call_pagepath=Business/@Biz&pubid=968163964505&StarSource=email http://www.michaelgeist.ca http://www.thestar.com/... This article comes from Vive Le Canada http://www.vivelecanada.ca The URL for this story is: http://www.vivelecanada.ca/article/62718660-canada-lags-on-privacy-breach-disclosure