• Our People
  • Global Presence
  • Regions
    • Asia
    • Europe
    • Americas
  • Offices
    • Canada
      • Ottawa
      • Toronto
    • China
      • Beijing
      • Hong Kong
    • Luxembourg
    • Malaysia
    • Singapore
    • UK
      • Aberdeen
      • Birmingham
      • Cambridge
      • Edinburgh
      • Glasgow
      • London
      • Manchester
      • Oxford
  • Client liaison
    • Japan
    • Korea
  • Expertise
  • Services
    • Patents
    • Brands & Trade Marks
    • Designs
    • Litigation & Dispute Resolution
    • Commercial IP & Contracts
    • Due Diligence
    • Freedom to Operate
    • EPO Patent Oppositions
    • European Patent Validations
    • Anti-counterfeiting
    • Open Source & Third Party Code
  • Sectors
    • Digital Transformation
      • 3D Printing
      • Artificial Intelligence
      • Blockchain
      • Data & Connectivity
      • Extended Reality
      • Industry 4.0
    • Energy & Environment
    • Life Sciences
    • Agritech
    • Medical Technologies
    • Chemistry
    • Transport
    • Entertainment & Creative Industries
    • Food & Drink
    • Fashion & Retail
    • Universities & Research Bodies
    • Start-ups & Spin-outs
      • Creating value for start-ups
      • The IP driven start-up
    • Financial Services
  • About Us
    • Working with us
    • Awards
    • Corporate & Social Responsibility
    • Diversity & Inclusion
    • Careers
  • Insights
    • Articles
    • News
    • Events
    • Resources
    • Unified Patent Court hub
    • Beyond Brexit: European trade mark hub
    • M&C Reacts
  • Contact Us
Marks & Clerk logo
Marks & Clerk logo
Contact Us
Language
English
Our People
Global Presence
Regions
  • Asia
  • Europe
  • Americas
Offices
  • Canada
    • Ottawa
    • Toronto
  • China
    • Beijing
    • Hong Kong
  • Luxembourg
  • Malaysia
  • Singapore
  • UK
    • Aberdeen
    • Birmingham
    • Cambridge
    • Edinburgh
    • Glasgow
    • London
    • Manchester
    • Oxford
Client liaison
  • Japan
  • Korea
Expertise
Services
  • Patents
  • Brands & Trade Marks
  • Designs
  • Litigation & Dispute Resolution
  • Commercial IP & Contracts
  • Due Diligence
  • Freedom to Operate
  • EPO Patent Oppositions
  • European Patent Validations
  • Anti-counterfeiting
  • Open Source & Third Party Code
Sectors
  • Digital Transformation
    • 3D Printing
    • Artificial Intelligence
    • Blockchain
    • Data & Connectivity
    • Extended Reality
    • Industry 4.0
  • Energy & Environment
  • Life Sciences
  • Agritech
  • Medical Technologies
  • Chemistry
  • Transport
  • Entertainment & Creative Industries
  • Food & Drink
  • Fashion & Retail
  • Universities & Research Bodies
  • Start-ups & Spin-outs
    • Creating value for start-ups
    • The IP driven start-up
  • Financial Services
About Us
  • Working with us
  • Awards
  • Corporate & Social Responsibility
  • Diversity & Inclusion
  • Careers
Insights
  • Articles
  • News
  • Events
  • Resources
  • Unified Patent Court hub
  • Beyond Brexit: European trade mark hub
  • M&C Reacts

Ontario announces major privacy consultation - privacy laws in Canada’s two largest provinces may soon change

26 August 2020
Catherine Lovrics
Print
Share

Canada’s two largest provinces are focusing on strengthening privacy protections, signalling material changes to Canada’s privacy landscape may be afoot.

On August 13, 2020, the Ontario government launched consultations aimed at strengthening the province’s privacy protection laws. The province is using an online survey, has called for written submissions, and will be conducting web conferences to seek input on this new legislative framework.

The province’s call for consultations signals an entirely new legislative regime for the private sector in Ontario may be on the horizon. If Ontario legislates, it could mean new statutory privacy protections for private sector employees and regulation of non-commercial organizations in the province. In Ontario, private sector employees do not benefit from statutory privacy protections. Likewise, not-for-profits, charities, professional associations, trade unions and political parties, for example, are currently not subject to statutory privacy laws in Ontario. Privacy in the private sector in Ontario is currently governed by the Personal Information Protection and Electronic Documents Act (PIPEDA), federal legislation which regulates how private sector organisations collect, use, and disclose personal information while conducting business in Canada. This legislation governs both federally regulated organisations and organisations which are not subject to provincial privacy laws that are substantively similar to PIPEDA. The provinces of Alberta, British Columbia, and Quebec are the only provinces with such laws at this time.

The online survey asks Ontarians whether it is important for Ontario to create its own laws. The focus of the survey is generally on whether privacy laws need to be updated to deal with new technologies. It seeks to gather general information related to how Ontarians interact online and in the digital world, and how Ontarians approach and to what extent Ontarians are concerned with their privacy. For example, questions include whether Ontarians read privacy statements, whether they change default privacy settings, whether they are concerned with ancillary uses of their information, and whether they believe they have a right to be informed and consent before an organization buys or sells personal information. It also inquires about whether there should be stricter rules for genetic and biometric data, and whether there should be different treatment of de-identified information. The questions give a good idea of issues, policies and options being considered. It also generally appears aimed at inquiring about the impact privacy laws have on businesses and innovation in Ontario. The survey asks, for example, whether privacy laws make it more difficult for businesses to innovate, whether organizations should be able to share de-identified and aggregate data through a public data trust to encourage innovation, and if it is important that businesses face fines for not complying with privacy laws.

Generally, the government is asking for advice on ways to:

  • Increase transparency for individuals, providing Ontarians with more detail about how their information is being used by businesses and organizations.
  • Enhance consent provisions allowing individuals to revoke consent at any time, and adopting an "opt-in" model for secondary uses of their information.
  • Introduce a right for individuals to request information related to them be deleted, subject to limitations (this is otherwise known as "right to erasure" or "the right to be forgotten").
  • Introduce a right for individuals to obtain their data in a standard and portable digital format, giving them greater freedom to change service providers without losing their data (this is known as "data portability").
  • Increase enforcement powers for the Information and Privacy Commissioner to ensure businesses comply with the law, including giving the commissioner the ability to impose penalties.
  • Introduce requirements for data that has been de-identified and derived from personal information to provide clarity of applicability of privacy protections.
  • Expand the scope and application of the law to include non-commercial organizations, including not-for-profits, charities, trade unions and political parties.
  • Create a legislative framework to enable the establishment of data trusts for privacy protective data sharing.[1]

This initiative comes on the heels of the introduction of new legislation by the government of Quebec which would strengthen the existing privacy laws in that province. Bill 64, An Act to modernize legislative provisions as regards the protection of personal information, has been introduced to modernise “the framework applicable to the protection of personal information” in various provincial acts.

The proposed legislation appears to be influenced by the European Union’s General Data Protection Regulation (GDPR) and includes new requirements for companies to have data protection officers, mandatory reporting of data security breaches, more robust consent requirements, and a right to be forgotten, similar to some of the stated objectives of the Ontario government. It also creates a private right of action which would permit individuals to bring a claim for damages for an unlawful infringement of a right conferred by the Act or the Civil Code of Quebec.

If passed, the legislation in Quebec will contain some of the most punitive privacy laws in the country, with fines ranging from $15,000 to $25,000,000 CAD or 4% of worldwide turnover from the preceding fiscal year, whichever is greater. Fines will be doubled in the case of subsequent offences. This is significantly higher than the current maximum of $50,000 CAD and is greater than the maximum penalties which can be levied under Canada’s Anti-Spam Legislation.

The Covid-19 pandemic has highlighted our reliance on information technology platforms and it remains to be seen what will transpire in Ontario and Quebec, and whether other provinces will also take steps to enhance the privacy protections for Canadians.

 

[1] https://www.ontario.ca/page/consultation-strengthening-privacy-protections-ontario

Next Story
  • How Kristina Milbourn is breaking the mould and making a difference
  • What is the patentability of Quantum Algorithms?
  • US court decision rules that use of “MetaBirkin” in relation to NFTs infringes trade mark rights in “Birkin” - Hermès v Mason Rothschild
  • New series of articles to focus on Cambridge-led innovations throughout 2023
  • Tech startups must not underestimate the power of IP in 2023
More insights

Latest Insights

Chemistry
Article
- 24 March 2023

Preliminary position on priority published

As we reported in early 2022, the Enlarged Board of Appeal of the EPO are considering two pending referrals (G1/22 and G2/22) regarding the question of entitlement to priority. A hearing has now been set for 26 May 2023, and the Enlarged Board have now issued a preliminary opinion setting out the points to be discussed.
Read more
Quantum computing
Article
- 22 March 2023

International patent insights on quantum computing

The latest patent insight report from the European Patent Office (EPO) looks at the trends in patent filings for quantum computing, and has uncovered some interesting findings.
Read more
Article
- 22 March 2023

InterDigital v Lenovo: The latest FRAND judgment

On 16 March 2023, Mr Justice Mellor handed down the latest FRAND judgment: InterDigital v Lenovo. The case concerned a dispute between InterDigital and Lenovo as to the terms on which Lenovo should take a licence to InterDigital’s portfolio of patents which had been declared essential to the European Telecommunications Standard Institute (ETSI) Standards.
Read more
Marks & Clerk logo (white)
  • Terms & Conditions
  • Privacy Notice
  • Cookies
  • Legal Notices
  • Press Enquiries
  • Lexology
  • Mondaq