Upload File

mobile and pipeda privacy act

Download Mobile and PIPEDA Privacy Act

If you can't read please download the document

Upload: glenn-mcknight

Post on 16-Apr-2017

671 views

Category:

Education


0 download

Report

TRANSCRIPT

Privacy Concerns&Your Mobile

Presentation by Glenn McKnight

Welcome to this session dealing with Privacy Concerns and Your Mobile

We will focus this presentation the Canadian private sector privacy legislation which requires organizations to build privacy policies, how they collect, use and disclose their customers personal information. These guidelines have relevance to your mobile data collection and retention Most countries have similar privacy legislation similar to PIPEDA


Personal Information Protection and Electronic Documents Act (PIPEDA)

Personal Information Protection and Electronic Documents Act (PIPEDA) PIPEDA sets out ground rules for how private sector organizations can collect, use or disclose personal information in the course of commercial activities. It balances an individual's right to privacy with the need of organizations to collect, use or disclose personal information for legitimate business purposes. If your business wants to collect, use or disclose personal information about people, you need their consent, except in a few specific and limited circumstances. You can use or disclose people's personal information only for the purpose for which they gave consent. Even with consent, you have to limit collection, use and disclosure to purposes that a reasonable person would consider appropriate under the circumstances. Individuals have a right to see the personal information that your business holds about them, and to correct any inaccuracies. There's oversight, through the Privacy Commissioner of Canada, to ensure that the law is respected, and redress if people's rights are violated.

. This process need not be difficult.

A checklist of actions that represent some of the key elements for compliance with the federal law. While the list is not exhaustive, it will help build the essential elements of your new privacy policy.

# 1 Keep it simple. Your policy should be clear, concise and written in plain language so it is easy to understand. It should provide enough details to help your customers understand how you manage their information.

# 2 Review your Privacy Policy Take the time and visit the PIPEDA online website and look up policies of organizations, noteworthy are financial services sector and telecommunications companies which have mature policies worth emulating. Gain more insight into the requirements of your privacy policy visiting online at priv.gc.ca.

# 3 You can collect only information that is needed for your business purposesfor example, to manage a commercial relationship and provide ongoing service, to bill and collect for products or services, to market to individuals, and to meet legal and regulatory requirements.

# 4 Be open about when personal information may be disclosed.

You must indicate in your policy if you intend to disclose customer information to an affiliate or partner organization, or any other third party. You neednt necessarily name each organization, but provide a general idea of the types of companies in question. And you must give your customers the opportunity to consent.

# 5Tell customers when information will be stored outside of Canada.

The use of a third-party information processor, such as a company that provides payroll services, increases the likelihood that information under your control will be stored outside Canada. You must be open with your customers about this possibility.

Be open about how you safeguard information.

# 6 Be open about how you safeguard information.

The risk of identity theft and other unauthorized uses of personal information is always present and ever changing. Its critical to keep the personal information in your care safe and secure. Customers and employees will appreciate your candour about how you intend to protect their information from such abuses.

Let customers know how long you will keep information.

# 7 Let customers know how long you will keep information.

PIPEDA requires that you must keep personal information only for as long as it is needed to fulfill your purposes. If legislation such as the Income Tax Act authorizes you to store personal information over a long period, consider disclosing that in your privacy policy.

.

# 8 Consider employees separately Typically, organizations purposes for collecting, using and disclosing employee information are to administer payroll, pension, benefit and departure provisions; to provide employee programs; to manage company property; and to hire and retain a highly skilled workforce. Because these purposes are different than those for collecting customers information, they warrant a separate section in your privacy policy.

Make yourself available for questions

# 9 Make yourself available for questions.

Let individuals know how to contact your organization for privacy information, either through email or through a toll-free number. Also, tell customers they can contact the Office of the Privacy Commissioner at 1 800 282-1376 if they are unsatisfied with your response to their privacy concern.

Thank you for listening I hope you found it rewarding. Please review the subsequent sessions to this series called Death of the Internet Long Live Mobile and Keep your Phone Secure


Employee Privacy in the Mobile World

Section Eight, Pipeda, and the Problem of Shifting Norms

Mobile Killing Privacy 2[1]

Privacy and the Workplace · Are you a FWUB? • Defined in PIPEDA: "federal work, undertaking or business" means any work, undertaking or business that is within the legislative

Evaluating the privacy of Android mobile applications ...cgi.di.uoa.gr/~xenakis/Published/53-COSE-2014/Mobile-forensics.pdf · Evaluating the privacy of Android mobile applications

Social Media and Privacy at Work: Five Things You - IAPP · PDF file1. Legal Framework •Legislation –Federal – PIPEDA •provides privacy protections for federally regulated

Data protection Privacy in mobile apps

Mobile Privacy & Personal Health Information

Privacy, Security, and Machine Learning for Mobile … Privacy, Security...Privacy, Security, and Machine Learning for Mobile Health Applications ... depicts a Body Area Network (BAN),

Mobile Privacy

Mobile App Evidence, Security and Privacy

Mobile App Privacy and Policy Issues

Privacy and local Mobile Apps

Understanding ITIL. The Legislation Minefield Privacy & Security Personal Information Protection Electronic Document Act (PIPEDA) US Patriot Act

Mobile Networks - Module H2 Privacy in Mobile Networks

Securing Compliance, Protecting Privacy The PIPEDA Enforcement

Cyber & Privacy Liability for Canadian Companies –The ... · Prepared by Aon Risk Solutions. 2 Agenda §PIPEDA Overview –Your responsibilities under PIPEDA ... uses or discloses

Privacy Distilation for Mobile Applications

Mobile User Privacy Colombia

Mobile Privacy And Security

Privacy Preservation over Untrusted Mobile Networks

PRIVACY-AWARE Personalization FOR Mobile Advertising

Murali K. Pasupulati, CIPP/US, CIPP/IT Privacy/Technology ......Europe’s comprehensive Data Protection Directive Canada – PIPEDA Intellectual Property, i.e., patents, trademarks,

Mobile APP privacy guidelines - global view

Portable Privacy-Mobile Device Adoption

Making OpenID mobile and privacy-friendly

FTC Mobile Privacy Report

Mobile Networks - Module H2 Privacy in Mobile Networks Privacy notions and metrics Location privacy Privacy preserving routing in ad hoc networks Slides

4ws and 1h of Mobile Privacy

PIPEDA Self-Assessment Tool

Personal Information Protection and Electronic Documents Act (PIPEDA)

Privacy Information for Advisors. Agenda PIPEDA Advisor Required Privacy Program Our MGA Privacy Program Recommendations for Advisors

Mobile User Privacy Brazil

Mobile Forensics: The Perception of Privacy

PRIVACY CRITERIA. Roadmap Privacy in Data mining Mobile privacy (k-e) – anonymity (c-k) – safety Privacy skyline