New privacy rules designed to better safeguard the personal data of Canadians and let them know when it has been breached kick in Thursday, but even security experts say they are far from perfect.
The legislation, known as the Personal Information Protection and Electronic Documents Act (or PIPEDA) does a lot of things, but most importantly from a consumer’s perspective, it requires Canadian companies to alert their customers any time their personal information may have fallen into the wrong hands.
Much of the law is aimed at preventing breaches in the first place, but as of now, companies big and small are required to notify the office of the Privacy Commission of Canada any time there’s “a real risk of significant harm to an individual” from a security breach, even if the exact terminology of what constitutes a breach will still be open to interpretation.
Read full story here: New Privacy Rules Will Force Canadian Companies To Disclose Data Breaches | CBC News
