Welcome to this session dealing with Privacy Concerns and Your Mobile We will focus this presentation the Canadian private sector privacy legislation which requires organizations to build privacy policies, how they collect, use and disclose their customers’ personal information. These guidelines have relevance to your mobile data collection and retention Most countries have similar privacy legislation similar to PIPEDA
Personal Information Protection and Electronic Documents Act (PIPEDA) PIPEDA sets out ground rules for how private sector organizations can collect, use or disclose personal information in the course of commercial activities. It balances an individual's right to privacy with the need of organizations to collect, use or disclose personal information for legitimate business purposes. If your business wants to collect, use or disclose personal information about people, you need their consent, except in a few specific and limited circumstances. You can use or disclose people's personal information only for the purpose for which they gave consent. Even with consent, you have to limit collection, use and disclosure to purposes that a reasonable person would consider appropriate under the circumstances. Individuals have a right to see the personal information that your business holds about them, and to correct any inaccuracies. There's oversight, through the Privacy Commissioner of Canada, to ensure that the law is respected, and redress if people's rights are violated.
# 1 Keep it simple. Your policy should be clear, concise and written in plain language so it is easy to understand. It should provide enough details to help your customers understand how you manage their information.
# 3 You can collect only information that is needed for your business purposes—for example, to manage a commercial relationship and provide ongoing service, to bill and collect for products or services, to market to individuals, and to meet legal and regulatory requirements.
# 4 Be open about when personal information may be disclosed. You must indicate in your policy if you intend to disclose customer information to an affiliate or partner organization, or any other third party. You needn’t necessarily name each organization, but provide a general idea of the types of companies in question. And you must give your customers the opportunity to consent.
# 5 Tell customers when information will be stored outside of Canada. The use of a third-party information processor, such as a company that provides payroll services, increases the likelihood that information under your control will be stored outside Canada. You must be open with your customers about this possibility.
# 6 Be open about how you safeguard information. The risk of identity theft and other unauthorized uses of personal information is always present and ever changing. It’s critical to keep the personal information in your care safe and secure. Customers and employees will appreciate your candour about how you intend to protect their information from such abuses.
# 9 Make yourself available for questions. Let individuals know how to contact your organization for privacy information, either through email or through a toll-free number. Also, tell customers they can contact the Office of the Privacy Commissioner at 1 800 282-1376 if they are unsatisfied with your response to their privacy concern.
Thank you for listening I hope you found it rewarding. Please review the subsequent sessions to this series called Death of the Internet Long Live Mobile and Keep your Phone Secure
Mobile and PIPEDA Privacy Act
Privacy Concerns & Your MobilePresentation by Glenn McKnight
Personal Information Protection and Electronic Documents Act (PIPEDA)