It’s been nearly two years since the government introduced Bill C-12, its proposed legislation featuring security breach disclosure notification and it looks legislators are nowhere near coming up with a meaningful reform of the country’s online privacy law, according to an Ottawa-based Internet law expert.
“The opposition to meaningful privacy reform is particularly discouraging given the thousands of breaches that have occurred in recent years from within the government itself and its claim to be concerned with the privacy of Canadians,” he wrote in a blog this week.
Both Borg’s Bill C-475 and the Conservative’s Bill C-12 include notification requirements to the Privacy Commissioner of Canada in the even organizations suffer certain security breaches.
Geist also labeled as “simply false” the contentions of Conservative MP Parm Gill wrongly characterized Bill C-475 as being costly and “burdensome” since it requires organizations to report every breach, regardless of context and that the bill creates uncertainties with regards to the form of notification needed.
RELATED CONTENT
Bill calls for mandatory data breach reporting
Enshrine data breach guidelines in law: Stoddart
Social media firms rapped on knuckles on privacy
Bill C-475 actually follows the same approach as Bill C-12.
Bill C-12 was introduced in September 2011 as a reintroduction of Bill C-29 which was introduced in 2010. Since its first reading, Bill C-12 has languished in Parliament. It was this delay that prompted Borg to introduce her private members bill in February.
View a more in depth comparison of both bills and other links on the topic of security breach disclosure legislation in Geist’s blog site.