My wish list for a few things we need in the privacy world
posted by:Kris Klein // 11:59 PM // October 23, 2007 // ID TRAIL MIX
Okay, okay… It’s still a few months away from the Holiday season and the New Year. Regardless, they’ve given me the pen for this spot and I’m making a list. I figure if I get my wish list in early this year, maybe I’ll get a few of the things I want!
So, here’s my wish list for a few things we need in the privacy world:
1. Laws that break through or work around the limitations imposed by our constitution (I mean, provincially regulated employees have no privacy protection in legislation unless their information is used as part of a commercial activity or unless they live in Alberta, B.C. or Quebec).
2. Speaking of commercial purposes… can we please have a better definition that doesn’t involve someone circling and circling and circling? I mean a commercial activity is something of a commercial nature. Gee, thanks for that clarification.
3. Less restriction on the publication of the federal Commissioner’s Reports
4. A version of PIPEDA where the French and English versions translate properly (some sections even have different paragraph numbering)
5. An Act that contemplates that if you go to court on a matter that involved a violation of an individual’s privacy, the Court would be given explicit power to put controls in place that would allow the protection of privacy during the Court process.
6. A recognized ability to get real compensation when your privacy is invaded. Getting a “well-founded and resolved” report is only going to motivate people for so long to stand up for their rights.
7. A recognition that we are in a surveillance state. Question is, are we going to let it get worse, tolerate it the way it is, or fight back?
8. A Privacy Act that is written based on our understanding of computing and database technology in 2007. Not 1977.
9. A recognition that the Privacy Commissioner cannot oversee ALL of government and that it’s high time the government itself takes some responsibility for privacy (yes, they should have Chief Privacy Officers in many departments).
10. Privacy Impact Assessments… oh wait, we do have those, sometimes! (But not nearly enough – and even when they’re done, nobody knows about them.)
11. One more very good conference and then an acknowledgement that we need to actually get the work done and not just talk about it.
Things we probably don’t need:
1. Another privacy lawyer… ooops, well don’t check out www.krisklein.com then.