The Privacy Commissioner of Canada has received responses from all of the organizations that were found to be leaking users’ personal information, the office tells ITBusiness.ca.
At the end of September, the commissioner reported that after studying 25 popular Canadian Web sites, it found six that “raised significant privacy concerns” and five sites that “raised questions about Web site practices.” Without naming the Web sites that had privacy problems, Jennifer Stoddart gave the organizations three weeks to respond to her letter with plans on how to fix the issue. If they didn’t respond, they risked being named publicly.
Now it appears the organizations have responded in a timely manner and the commissioner is satisfied with those responses.
“We have been contacted by all of the organizations and we’re pleased that they appear to be taking this issue very seriously,” an office spokesperson says. “We’re analyzing the organization’s responses and will continue our discussions with the goal of addressing privacy risks to Canadians as quickly as possible.”
The personal details exposed to third parties – usually advertisers – without user knowledge or consent included e-mail address, name, username, postal code, city location, and search strings. Web sites in the media, retail, shopping, and online classifieds categories were found to have privacy violations under Canada’s privacy law governing private companies.
Some privacy law experts have urged the commissioner to name the offending Web sites, whether they cooperate with the office or not.