Office of the Information and Privacy Commissioner, Ontario, Canada

Slides:



Advertisements
Similar presentations
Privacy by Design: Big Privacy for Big Data
Advertisements

EU Privacy Directive. What is a directive? A piece of European legislation, passed by bureaucrats, addressed to member states Member states must ensure.
1 NAESB Data Privacy Task Force February 16, 2011.
Tunis, Tunisia, June 2012 Privacy in Cloud Computing Vijay Mauree, Programme Coordinator, TSB, ITU ITU Workshop on Cloud Computing.
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.
The Legal Foundation TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.
The Equality and Human Rights Agenda and the Possible Implications for Regulation David Darton, Director of Foresight, Equality and Human Rights Commission.
Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.
CcTLD Meetings Rome 2004 WHOIS & Data Privacy Jean-Christophe Vignes Registry Liaison Manager.
PHIPA: The Year in Review Moderator: Debra Grant Panelists: Pam Slaughter Eric Holowaty Eric Holowaty Ron Heslegrave Ron Heslegrave PHIPA Summit: A Balancing.
PIPA PRESENTATION PERSONAL INFORMATION PROTECTION ACT.
Data Protection.
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.
Securing North America’s Power Grid Dr. Ann Cavoukian, Ontario information and privacy commissioner Mark Fabro CISSP, CISM, President and Chief Security.
The Internet industry’s privacy seal program Silicon Valley Web Guild.
Data Protection and Records Management
Ann Cavoukian, Ph.D. Information and Privacy Commissioner Ontario Ted Rogers School of Information Technology Management Ryerson University February 24,
Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.
Privacy in Ontario Brian Beamish Office of the Information and Privacy Commissioner/Ontario Presentation to Security Canada Central 2002 International.
The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.
1 Access to Information & Protection of Privacy Information and Privacy Commission, Ontario 2001.
Per Anders Eriksson
Getting to Privacy A Presentation to: Presented by: Mike Gurski.
IETF Plenary Monday 25 July 2011 Quebec City, Canada Privacy: A Regulator’s Perspective Fred Carter Senior Policy & Technology Advisor IPC/O.
Taking Steps to Protect Privacy A presentation to Hamilton-area Physiotherapy Managers by Bob Spence Communications Co-ordinator Office of the Ontario.
Class 13 Internet Privacy Law European Privacy.
Personal Data (Privacy) Ordinance Hong Kong Personal Data (Privacy) Ordinance Hong Kong by Stephen Lau Privacy Commissioner for Personal Data Hong Kong.
SmartPrivacy for the Smart Grid Catherine Thompson Office of the Information and Privacy Commissioner Ontario, Canada Practical Smart Grid Security (SG-11)
Outsourcing Louis P. Piergeti VP, IIROC March 29, 2011.
Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.
Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.
Privacy: Do We Need It? Mike Gurski Senior Policy & Technology Advisor Information & Privacy Commission, Ontario Canada JetNet September 25, 2001 Ottawa.
Privacy & Personal Information Prepared by the CBC Law Department CONFIDENTIAL – FALL 2011.
Part 6 – Special Legal Rights and Relationships Chapter 35 – Privacy Law Prepared by Michael Bozzo, Mohawk College © 2015 McGraw-Hill Ryerson Limited 34-1.
Getting to the Truth about Privacy & Security Ann Cavoukian Ph.D. Information and Privacy Commissioner/Ontario Privacy & Security: Totally Committed November.
A Perspective: Data Flow Governance in Asia Pacific & APEC Framework Martin Abrams October 21, 2008.
EU Data Protection IT Governance view Ger O’Mahony 12 th October 2011.
Initial reflections of the privacy commissioner on Ontario’s draft privacy bill Ann Cavoukian, Ph.D. Information and Privacy Commissioner/Ontario Toronto.
Ann Cavoukian, Ph.D. Information and Privacy Commissioner Ontario, Canada Privacy by Design: Integrating Technology into Global Privacy Practices Harvard.
Data Protection Act AS Module Heathcote Ch. 12.
IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.
Lesson Title: Privacy Overview Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This.
PricewaterhouseCoopers 1 Administrative Simplification: Privacy Audioconference April 14, 2003 William R. Braithwaite, MD, PhD “Doctor HIPAA” HIPAA Today.
Twelve Guiding Principles for the Regulation of Surveillance Camera Systems Presented by: Alastair Thomas Date: 23 rd October 2013.
Malcolm Crompton APEC Information Privacy Framework: review, impact, & progress APEC Symposium on Information Privacy Protection in E Government & E Commerce.
PRESENTED AT THE STAKEHOLDERS FORUM ON QUALITY OF SERVICE AND CONSUMER EXPERIENCE LAICO REGENCY HOTEL Creating Space for Consumer Rights in.
Fred Carter Senior Policy & Technology Advisor Information and Privacy Commissioner Ontario, Canada MISA Ontario Cloud Computing Transformation Workshop.
APEC Privacy Framework “The lack of consumer trust and confidence in the privacy and security of online transactions and information networks is one element.
Workshop on Privacy of Public Figures and Freedom of Information - Skopje, 9-10 October 2012.
Introduction to the Australian Privacy Principles & the OAIC’s regulatory approach Privacy Awareness Week 2016.
HIPAA THE PRIVACY RULE Reviewed December HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-
Business Challenges in the evolution of HOME AUTOMATION (IoT)
Understanding Privacy An Overview of our Responsibilities.
Privacy and Public Policy Implications of IoT
An Overview of our Responsibilities
Security Standard: “reasonable security”
Privacy principles Individual written policies
Kristyn Greenwood & Ryan Lacross
General Data Protection Regulation (GDPR
Data Protection Legislation
Privacy: A Regulator’s Perspective
GENERAL DATA PROTECTION REGULATION (GDPR)
State of the privacy union
Employee Privacy and Privacy of Employee Information
A New Technology for Video Surveillance Cameron Serles
Data Protection and Audit
By The Data Protection Commissioner
Ontario’s privacy protective Philadelphia model governance framework
Presentation transcript:

Office of the Information and Privacy Commissioner, Ontario, Canada Presentation Outline Panel on Privacy Centre for Information Integrity & Information Systems Assurance, U of Waterloo 7th Biennial Research Symposium October 21, 2010 Toronto, Ontario

Ann Cavoukian, PhD Ontario’s Information and Privacy Commissioner Ensures that government organizations (provincial and municipal) comply with freedom of information and privacy laws in Ontario Investigates privacy complaints and resolve appeals when the government refuses to grant access to government-held information Conducts research on access and privacy issues Educates the public and raise awareness about Ontario’s access and privacy laws

Privacy Defined Right of an individual to exercise a measure of control over the collection, use and disclosure of their personal information Definition of personally identifiable information (PII) - any information, recorded or otherwise, relating or linked to an identifiable individual Privacy is contextual / think of privacy as an aspect of CRM (Customer Relationship Management)

Security is, however, vital to privacy What privacy is not Privacy  Security Security is, however, vital to privacy

Fair Information Practices Why are you asking? Collection; purpose specification How will the information be used? Primary purpose; use limitation Any additional secondary uses? Notice and consent; prohibition against unauthorized disclosure Who will be able to see my information? Restricted access from unauthorized third parties

Why We Need Privacy by Design Most privacy breaches remain undetected – as regulators, we only see the tip of the iceberg Regulatory compliance alone, is unsustainable as the sole model for ensuring the future of privacy

Privacy by Design: The 7 Foundational Principles Proactive not Reactive: Preventative, not Remedial; Privacy as the Default setting; Privacy Embedded into Design; Full Functionality: Positive-Sum, not Zero-Sum; End-to-End Security: Full Lifecycle Protection; Visibility and Transparency: Keep it Open; Respect for User Privacy: Keep it User-Centric. www.ipc.on.ca/images/Resources/7foundationalprinciples.pdf

Privacy by Design: The Trilogy of Applications Information Technology Accountable Business Practices Physical Design & Infrastructure

Privacy by Design in 2010: Gathering Momentum May – As part of the European Commission’s new European Digital Agenda, Peter Hustinx, the European Data Protection Supervisor, recommended that Privacy by Design be included as a binding principle into data protection legal framework; www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Cons ultation/Opinions/2010/10-03-19_Trust_Information_Society_EN.pdf October – Regulators from around the world gathered at the annual assembly of International Data Protection and Privacy Commissioners in Jerusalem, Israel, and unanimously passed a landmark Resolution recognizing Privacy by Design as an essential component of fundamental privacy protection; www.privacylaws.com/templates/EnewsPage.aspx?id=1663 December – The U.S. Federal Trade Commission released a major report on protecting consumer privacy in which it recommended that companies adopt a Privacy by Design approach by building privacy protections into their everyday business practices. www.privacybydesign.ca/media-centre/in-the-news/

Embedding Privacy at the Design Stage: The Obvious Route Cost-effective Proactive User-centric It’s all about control – preserving personal control and freedom of choice over one’s data flows

Conclusions Lead with Privacy by Design; Change the paradigm from the dated “zero-sum” to the doubly-enabling “positive-sum;” Deliver both privacy AND security or any other functionality, in an empowering “win-win” paradigm; Embed privacy as a core functionality: the future of the Smart Grid may depend on it!

How to Contact Us Michelle Chibba Director of Policy and Special Projects Information & Privacy Commissioner of Ontario 2 Bloor Street East, Suite 1400 Toronto, Ontario, Canada M4W 1A8 Phone: (416) 326-3333 / 1-800-387-0073 Web: www.ipc.on.ca E-mail: info@ipc.on.ca 13

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.