TORONTO — No means no, and not saying yes also means no, according to George Radwanski, and in January 2004 Canadians will have the means to fight back.
Canada’s Privacy Commissioner gave the eCustomerWorld 2001 kick-off speech in Toronto on Tuesday. In his 35-minute address he discussed the importance of online information and outlined the Personal Information Protection and Electronic Documents Act (PIPED Act) which is being phased in this year.
According to the legislation, no private sector organizations can collect, use or disclose personal information about someone without their consent. They can only collect, use or disclose that information for the purpose for which the individual gave consent. The information cannot be saved for use at a later date. (Companies in a province that have laws in place before January 2004 can be exempt from all or part the application of the Act.)
As an ombudsman, Radwanski said he has several means at his disposal for dealing with companies that break the law. The process is complaint-based. If a company is found to have violated someone’s rights, the office explains to the offender why it’s on the wrong side of the law and what it must do to comply. Should a company dismiss the investigators, Radwanski said he can go to the media with his findings and take the company to court.
“Personal information about customers and employees is critical in modern business. What business people have to realize is that when they’re collecting and handling that personal information they are holding people’s privacy in their hands,” said Ranwanski.
This is a trust not to be taken lightly. Radwanski said consent is the focal point of the PIPED Act and businesses must take it seriously. While implied consent is part of the Act, he warned businesses against relying on it. He also advises against “opt-out consent” arguing most privacy advocates consider it pretty poor privacy.
“Opt-out is basically a very weak form of consent — you are presumed to consent unless you indicate otherwise. This puts the responsibility on the wrong party,” he said.
“I would encourage organizations to look at the need to obtain consent as an opportunity to open a dialogue with customers so you know how you’re doing on privacy issues. It’ll make your relationship strong.”
Companies must also recognize relationship-building transactions. Ranwanski said he is not looking to build a relationship with a business he is buying a set of batteries from.
“They may want a relationship with me, but I don’t want one with them. So you have the right to make that determination of whether you want to be stored in database as part of a relationship, or you want to pay, get what you wanted and not have a relationship,” Radwanski said.
“If I meet you on a street corner and I say, ‘Do you have light?’ and you give me a light, it doesn’t mean we’ve become friends for life,” he added, drawing a social analogy.
EcustomerWorld 2001 continues in conjunction with B2Bpower and CRMPower at the Metro Toronto Convention Centre until Thursday.
