• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
OPC: Social Media Risks to Enterprises

OPC: Social Media Risks to Enterprises



Also posted at: http://www.priv.gc.ca/speech/2009/sp-d_090430_lg_e.cfm

Also posted at: http://www.priv.gc.ca/speech/2009/sp-d_090430_lg_e.cfm



Total Views
Views on SlideShare
Embed Views



2 Embeds 2

http://www.linkedin.com 1
https://www.linkedin.com 1



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    OPC: Social Media Risks to Enterprises OPC: Social Media Risks to Enterprises Presentation Transcript

    • Understanding Social Media Privacy Risks to Enterprises Louisa Garib Legal Services, Policy and Parliamentary Affairs
    • “ Social Media is a conversation”
      • Online content generated by users
      • Uses accessible technologies
      • Not organized
      • Not controlled
      • Many voices
      • Social dynamic
      • Mainstream – here to stay
      It is a social dynamic It is a social dynamic
    • Features of Social Media that can give rise to Privacy Risks
      • Users misunderstand privacy risks
      • Intimacy and immediacy– promotes disclosures
      • Users underestimate scope of disclosures
      • Used for Work and for Fun – blurs line
      • Control once information is posted
    • How serious are the Risks to Enterprises?
      • Don’t know full extent of risk
      • Just beginning to understand technology, use by people, impact on privacy
      • Rapidly changing
      • Beginning to construct appropriate rules of engagement to understand and mitigate risks
    • What are the Risks of SM?
      • Illegal/unauthorized/inappropriate disclosure of personal or confidential information
      • The employment relationship – internal/discl.
      • Lack of policies, protocols, training, errors
      • Customer Relationship – external/collection
      • Malware, hacking - external/ breach
      • Consequences:
      • Liability under PIPEDA and other laws
      • Harm to corporate reputation
    • PIPEDA and Social Media
      • Collection, use and disclosure of personal information
      • Course of commercial activity
      • Employment relationship if FWUB
      • Notice, Consent, Reasonable purpose
      • BUT – other private or confidential information and situations not caught by privacy legislation
      • Still risks to enterprise – Best practices
      • PIPEDA minimum standard - guidance
    • Disclosures by Employees using SM
      • Personal or corporate SM
      • On or off duty – lines blurred
      • PI about other employees – examples
      • Unionized workplace – neg’n, elections
      • Human rights, harassment, defamation
      • Obscene materials, copyright
      • Clients / customers
      • Business partners
      • Confidential corporate information
      • Reputation and publicity
    • Collection, Use and Disclosure of Personal Information using SM
      • Recruitment and staffing
      • Monitoring
      • Investigations
      • Change day to day management of the employment relationship
      • Customers – service delivery, managing relationship, marketing information
      • Requests from law enforcement; litigation
    • How to manage risks?
      • Understand technology – aware of privacy implications for enterprise
      • Aware of information flows – in and out
      • Express policy guidelines on SM and handling PI; understandable; consequences of violation; disseminate widely - OPC Fact sheet
      • Use allowed in the workplace? Will it reduce risks? Create other issues?
      • Education – avoid privacy misunderstandings