Last year Canadians witnessed too many data breaches of their data and the federal government is reacting. Large Canadian corporations didn’t do enough to protect their databases against attackers and as a result personal data of Canadians is now in the hands of criminals. Canada will now follow the lead of Europe and other jurisdictions by holding corporations financially responsible for any future breaches. This should help force companies to respect their customers.
“It will be significant and meaningful to make it very clear that privacy is important. Compensation, of course, is one aspect of it,” said Bains, adding that the government also wants “to demonstrate to businesses very clearly that there are going to be significant penalties for non-compliance with the law. That’s really my primary goal.”
Statistics Canada says that about 57 per cent of Canadians online reported experiencing a cyber security incident in 2018.
Ryan Berger, a privacy lawyer with Lawson Lundell in Vancouver, said legislating compensation could get private companies to start taking privacy more seriously.
“It will incentivize organizations … to take steps to protect that information and ensure that, for instance, health information is encrypted,” he said.
“So right now, there aren’t the sorts of financial implications for them if they fail to do that.”