|
||
Research and retrieval of news articles by: SPECIAL NOTE TO ALL VISITORS: |
NEW PRIVACY LAW SPROUTS FOREST OF COMPLAINTSSource: Toronto StarPosted on April 14, 2004 Canada's privacy watchdog says a "communications gap" forming between businesses and consumers may be partly to blame for an increase in complaints since new federal privacy legislation went into full force on Jan. 1. The law requires businesses, large and small, to put systems in place that will make sure customer information is secure, accurate, gathered with consent and not used beyond a stated purpose. Heather Black, assistant federal privacy commissioner, said Canadians are taking advantage of their newfound privacy rights but many businesses, when asked to explain how and why they collect and use customer information, aren't providing adequate answers. "When people ask why they're being asked for this information, they're not getting very satisfactory responses," said Black. "So it really is a communications gap." The commission began noticing this trend in January, specifically in the retail sector. Black said a number of people have filed complaints against certain retail outlets that require customers to provide their names, phone numbers and addresses when goods are returned for refund or exchange. Some customers want to know why this is necessary. "These are people asking legitimate questions," said Black. After a meeting with the Retail Council of Canada, the commission found that the information being requested is required to crack down on widespread fraud ‹ goods going out the back door and coming back as returns. But Black said retailers are failing to explain this to their customers and aren't adequately communicating the policy from head office to front-line staff. Making matters worse are poorly written privacy policies. Customers, asked to sign forms to show they have read and understand a company's privacy policy, are routinely told by staff that the policy is meant to protect customer privacy when in fact the aim is to outline the many ways an organization uses, rather than protects, customer data. "Very often language on forms that are plunked down in front of consumers use a certain amount of jargon ‹ they communicate in code sometimes," said Black. "Part of the problem is lawyers trying to protect their clients from liability, so forms tend to get longer and longer and more legalistic, and this is not a good trend." The commission, in the middle of changing to a new reporting system for tracking complaints, would not disclose any new statistics since Jan. 1, but said the figures are clearly higher and reveal a number of trends. For example, there is a much higher number of denial of access complaints, meaning some businesses are refusing to let customers review, update and make changes to information collected. The Personal Information Protection and Electronic Documents Act gives this right to consumers. "Possibly these are smaller organizations that are really not aware of their obligations," said Black. Michael Geist, an Internet law professor at the University of Ottawa who follows privacy law closely, said some complaints may be frivolous but the fact consumers are asking questions and challenging policies is encouraging. "People are aware that they have some privacy rights," he said. Some of the complaints are clearly well founded, though the commission has yet to identity companies that infringe the law. In one case, a bank opened up an account and issued a credit card to someone without that person's knowledge or consent, supposedly as part of a promotion. The bank said the practice was industry-wide but did agree to stop. The commission went further, signalling to the financial industry that such promotional techniques are not good privacy practices. But not all decisions favour the individual. In another case, involving an employer who intentionally read an employee's personal fax message, the complainant was told they should have taken additional measures to protect their own privacy. Geist said he worries the commission will shift too much of the burden to consumers when the law was meant to rein in the practices of business. Black said privacy is a two-way street. "There's really a limit to how far we can go to protect people from their own ignorance. The law is intended to strike a balance between a legitimate business need and privacy rights."
E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes. |
ALERT WebTrust Is Your Best Defense Against Privacy Breaches. Get WebTrust Working For Your Site. |