Colin Bennett and Chat GPT: Did I just exercise my legal rights to correct my personal data?
In preparing this new website, I made some choices about what work to highlight, and what aspects of my career to emphasize in the future.
A Tribute to David Flaherty: Privacy Scholar, Regulator and Consultant
On October 11, 2022, David Flaherty passed away in Victoria BC at age 82. He was born on February 25, 1940, in Campbellton, NB and
Address to 44th Global Privacy Assembly, Istanbul: No, it is not a “matter of balance”
October 26th, 2022 I first attended an international meeting of the world’s privacy and data protection commissioners in 1987 in Quebec city – 35 years
Comments on Ontario White Paper: Modernizing Privacy in Ontario
Below are my comments on the Ontario White Paper on the modernization of Ontario’s privacy law. Overall, I am impressed with this white paper, and
Submission to Special Committee to Review the B.C. Personal Information Protection Act (PIPA)
Stronger protections for special categories of sensitive data. The risks to individuals are highest when particularly sensitive forms of data are processed, and contemporary privacy legislation
One Set of Privacy Rights for Europeans, a Lesser One for Canadians? Why the Canadian Consumer Privacy Protection Act and the EU’s General Data Protection Regulation Should Be in Alignment
The federal government’s new Consumer Privacy Protection Act (Bill C-11) implementing its Digital Charter is not consistent with the global standard for international privacy protection, the EU’s General
Canada’s New Consumer Privacy Protection Act (Bill C-11): Will It Be Adequate?
Previously published in Privacy Laws and Business International, February 2021 (Issue 169) On 17 November 2020, Canada’s then Industry Minister (Navdeep Bains) introduced a new Consumer
Submission on Reform of Canada’s Privacy Act: Modernizing Canada’s Privacy Act
I am Professor in the Political Science Department at the University of Victoria. For over 30 years, I have been researching and writing about the issue
The Schrems II decision: Implications and challenges for Canada
The world is processing the massive implications of today’s decision from the European Court of Justice in response to the complaints by Max Schrems of
Presentation to the Special Legislative Committee on Review of the B.C. Personal Information Protection Act (PIPA) June 9, 2020
Thank you for this opportunity to appear before you today. I listened to the testimony last week, and I do not want to repeat what
Unpacking the “Micro” in Political Micro-Targeting
I have often been troubled by the lack of a clear definition of political micro-targeting. There is a lot of discussion of the macro effects
More Traditional Methods of Surveillance Might Be More Valuable for Contact-tracing Than Smartphone Apps and Perhaps More Intrusive
There has been a vigorous global debate about the use of smartphone contact-tracing apps as valuable tools to monitor and curtail the spread of COVID-19. We
Stronger Privacy Enforcement Powers for Canada’s Privacy Commissioner and a Possible Rule for Canada’s Competition Bureau?
The Office of the Privacy Commissioner of Canada (OPC) is essentially an Ombudsman. The Commissioner investigates complaints, and makes recommendations. He has no order-making powers to enforce
Cambridge Analytica, Facebook, AIQ and the Data-Driven Election: Statement to House of Commons Committee on Access to Information, Privacy and Ethics (April 26, 2018)
The current controversy concerning Cambridge Analytica, Aggregate IQ and Facebook has raised to public and media attention a number of interrelated issues, that need to
How to Avoid Privacy Complaints Escalating to the Privacy Commissioner: Be Transparent, Receptive, Diligent, Polite and Truthful
Guest Post by Robin M. Bayley, Linden Consulting Inc. (Victoria BC). (A Version of This Article Appeared in Privacy Laws and Business International Report, April
So maybe ‘Big Data’ doesn’t work in elections? Maybe it’s time to stop using it?
It is tempting to conclude that what happened in the presidential election last Tuesday was not only a repudiation of the ‘Washington establishment’ and the
Is Canada Still ‘Adequate’ Under the New European General Data Protection Regulation?
In December 2001, Canada achieved adequacy status under the 1995 Data Protection Directive for transfers from the EU to Canada of personal information subject to
So Who is Actually “Shielded” by the Privacy Shield?
I have just co-authored a study with Priscilla Regan and Robin Bayley on the effectiveness of privacy redress mechanisms in Canada and the United States.
Bill C-51 and No Fly-lists: Still Too Dangerous to Fly Yet Too Innocent to Arrest
Part Two of the Government’s Anti-Terrorism legislation (C-51) comprises the Secure Air Travel Act (SATA), which formalizes the rules for the operation of Canada’s no-fly
Hospitals Without Patients, and Data Protection Without Data Subjects: My Address to CPDP2015
One of my favorite episodes of the BBC Series, Yes Minister, is called The Compassionate Society. The story revolves around a hospital in north London
The Role of a Privacy Commissioner and the Qualifications of Daniel Therrien: What Parliament Should Be Asking
The Prime Minister’s announcement last week that he has recommended Assistant Deputy Attorney General, Daniel Therrien, to be the next Federal Privacy Commissioner should give
If Industry Amendments to the Draft Regulation Are Adopted, Would the European Union Still Have an “Adequate Level of Data Protection”?
I followed the twists and turns of the passage of the original 1995 EU Data Protection Directive earlier in my career, and wrote about the
The Geo-politics of Personal Data and the New EU Data Protection Regulation
We understand that the EU Parliament’s review of the Regulation is on schedule to be completed by mid-2013. I have written an article for the Harvard International
Federal Political Parties and Privacy Protection
The recent controversies over potential vote suppression in key ridings through the practice of robocalling have shed light upon some of the previously opaque internal
Big Data and Small Agencies: Reflections on the 33rd International Conference of Data Protection and Privacy Commissioners
I first attended the annual meeting of the International Data Protection and Privacy Commissioners in 1987 in Quebec City. In those years, the global community