Twitter Facebook

Privacy Law



Get your Smart Phone App:  Privacy Act

Extension of the Law to all Organizations in Canada Effective January 1, 2004

On January 1, 2004, the law was extended to every organization that collects, uses or discloses personal information in the course of a commercial activity within a province, whether or not the organization is a federally-regulated business.

The federal government has the right to exempt organizations and/or activities in provinces that have adopted privacy legislation that is substantially similar to the federal law.

The following private sector privacy laws exist within the provinces:

  • The Quebec Act Respecting the Protection of Personal Information in the Private Sector (Industry Canada has already announced that this law is substantially similar to PIPEDA);

  • The Alberta Health Information Act

  • The Saskatchewan Health Information Protection Act

  • The Manitoba Personal Health Information Act

  • B.C. and Alberta intend to introduce their own broad private sector privacy legislation in response to PIPEDA.

Personal Information Protection and Electronic Documents Act

The Personal Information Protection and Electronic Documents Act (PIPEDA), a Federal Act, came into force on January 1, 2001.

The 10 Principles for the Protection of Personal Information

PIPEDA is based on 10 principles for the protection of personal information summarize as follows:

  • Principle 1 - Accountability

    An organization is responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organization's compliance with the principles.
  • Principle 2 - Identifying Purposes

    The purposes for which personal information is collected shall be identified by the organization at or before the time the information is collected.
  • Principle 3 - Consent
The knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate.
Note: In certain circumstances personal information can be collected, used, or disclosed without the knowledge and consent of the individual. For example, legal, medical, or security reasons may make it impossible or impractical to seek consent. When information is being collected for the detection and prevention of fraud or for law enforcement, seeking the consent of the individual might defeat the purpose of collecting the information. Seeking consent may be impossible or inappropriate when the individual is a minor, seriously ill, or mentally incapacitated. In addition, organizations that do not have a direct relationship with the individual may not always be able to seek consent. For example, seeking consent may be impractical for a charity or a direct-marketing firm that wishes to acquire a mailing list from another organization. In such cases, the organization providing the list would be expected to obtain consent before disclosing personal information.
  • Principle 4 - Limiting Collection
The collection of personal information shall be limited to that which is necessary for the purposes identified by the organization. Information shall be collected by fair and lawful means.
  • Principle 5 - Limiting Use, Disclosure, and Retention
Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information shall be retained only as long as necessary for the fulfillment of those purposes.
  • Principle 6 - Accuracy
Personal information shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.
  • Principle 7 - Safeguards
Personal information shall be protected by security safeguards appropriate to the sensitivity of the information.
  • Principle 8 - Openness
An organization shall make readily available to individuals specific information about its policies and practices relating to the management of personal information.
  • Principle 9 - Individual Access
Upon request, an individual shall be informed of the existence, use, and disclosure of his or her personal information and shall be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
Note: In certain situations, an organization may not be able to provide access to all the personal information it holds about an individual. Exceptions to the access requirement should be limited and specific. The reasons for denying access should be provided to the individual upon request. Exceptions may include information that is prohibitively costly to provide, information that contains references to other individuals, information that cannot be disclosed for legal, security, or commercial proprietary reasons, and information that is subject to solicitor-client or litigation privilege.
  • Principle 10 - Challenging Compliance

An individual shall be able to address a challenge concerning compliance with the above principles to the designated individual or individuals accountable for the organization's compliance.

To Whom The Law Applies

The law currently applies to federally regulated companies, such as:

  • airlines,
  • banking,
  • broadcasting,
  • interprovincial transportation and telecommunications.
  • The law also applies to all organizations that disclose personal information for consideration outside a province or the country.

Access to Information Laws

The federal government and provinces and territories have access to information laws or are in the process of enacting them.

Federal Access to Information Act
The purpose of the Federal Access to Information Act is to extend the present laws of Canada to provide a right of access to information in records under the control of a government institution in accordance with the principles that government information should be available to the public, that necessary exceptions to the right of access should be limited and specific and that decisions on the disclosure of government information should be reviewed independently of government.

Access and Privacy Laws and Commissions Canadian Provinces and Territories
More information can be found at: Access and Privacy Laws and Commissions Canadian Provinces and Territories

Find us at Google +



Canadian Law News

Lawyer Locator

Twitter Facebook Google +

Free Lawyer Listing

logoModern Law:

Law Overview









Appellate Practice

Dispute Resolution



Banking Access


Bankruptcy History

Clarity Act




Consumer Protection




Dating Violence

Dealing with Lawyers

Debt Collection


Elder Law

Employment & Labour



Family Violence




Good Samaritan Laws


Gun Laws

Hate Laws

Health & Medical

Human/Civil Rights

Information Technology


Impaired Driving


Intellectual Property


International Trade


Jury Duty

Legal Malpractice

Libel & Slander

Medical Malpractice




Personal Injury

Poverty Law

Privacy & Access to Information

Products Liability

Professional Liability

Real Estate

Sharia Law



Starting a Business

Steps in a Lawsuit



Trusts & Estates



Wills And Probate


Workers Compensation

Young Offenders

Canadian Law Apps

logoAncient Law to the Present:

Hammurabi's Code

10 Commandments

Ancient Greece

Ancient Rome

Christian Influence

Justinian's Code

Magna Carta

Royal Proclamation 1763

Code Napoleon

British North America Act

Constitution Act, 1982

logoLegal Organizations:

Bar Associations



Law Schools

Law Societies

Legal Aid


Business Lawyers

Criminal Lawyers

Employment / Wrongful Dismissal Lawyers

Family / Divorce Lawyers

Immigration Lawyers

Impaired Driving Lawyers

Insolvency Lawyers

Personal Injury Lawyers

Real Estate Lawyers

Wills Estate Lawyers

List your Law Firm

Publish your Articles


Send to a Friend

Privacy Policy

About us