publication date: Jan 31, 2012
author/source: Colin Thurston
Bill C-12, An Act to
Amend the Personal Information Protection and Electronic Documents Act
, was introduced in the House of Commons on September 29, 2011.
It proposes changes to federal privacy legislation regarding organizations'
collection, use and disclosure of individuals' personal information. Also
referred to as the Safeguarding
Canadians' Personal Information Act
, it was previously introduced as Bill
C-29 in May 2010 during the last session of Parliament, but died on the order paper
when Parliament was dissolved in March 2011.
The Bill includes amendments which will affect personal
information disclosure by charities and nonprofits. In particular, proposed
Catching up with
organizations to disclose personal information to another organization
without the knowledge or consent of the individual where the disclosure is
necessary to investigate a breach of an agreement, a contravention of the laws
of Canada, or in order to "prevent, detect or suppress fraud";
organizations to disclose personal information to an individual's next
of kin, authorized representative or to a government institution without the
knowledge or consent of the individual where the organization believes that the
individual has been the victim of financial abuse; and
Restrict organizations from informing
individuals that their personal information has been shared with enforcement
and security agencies where the government institution to whom the information
was disclosed objects. This includes situations involving government
institution requests for information under the national security, law
enforcement or policing services exemptions, including a request for disclosure
under the Proceeds of Crime (Money
Laundering) and Terrorist Financing Act.
Additionally, keeping pace with digital technologies is a
focus of the Bill. In this regard, Bill C-12 re-introduces amendments that will
clarify organizations' responsibilities under PIPEDA.
The Bill also introduces new responsibilities, such as
requiring organizations to report breaches of security safeguards involving
personal information. As charities and nonprofits continue to use rapidly evolving
technology to enhance the exchange of information in their operations,
legislative changes to personal information and privacy laws will require
continued compliance efforts and monitoring of information practices.
More detailed information about Bill C-12 can be found in
of the Library of Parliament, or view the entire
J. Thurston is
an associate in the Orangeville office of Carters
Professional Corporation practicing intellectual property, information
technology and privacy law, and can be reached by email.