The crux of the matter for Canada (or any other country), is that the personal data stored on the U.S. database is
subject to American law. Basically, if you work for Oracle Canada , U.S. Homeland Security knows more about you than you should want them to know. And it seems to me that, where a Canadian Government Agency has legitimate need to access the data, a Canadian court order would be ineffective in forcing Oracle to release the data.
We need some sort of International Convention that makes personal information subject to the laws of the country where it originated, not the country where the database holding it resides.
I imagine Oracle could save even more if it moved the database to Russia – and if that doesn’t scare you, you’re dead.
Gee, Larry, so glad to hear you have Oracle’s best interests at heart, and not those of your clients. Now, tell me again how shutting down those Canadian operations eases our concerns about the Patriot Act?
David G. Smith
IT Procurement Group Manager
Re: Rail industry on track for XML transition (Dec. 1)
Recently, the MoU Management Group, responsible for coordinating standards in eBusiness for ISO, IEC, ITU, UN/ECE (EDIFACT), OASIS, OAG, CEN and many others, met in Boston.
Amongst the many technologies discussed were ebXML and UML. These may be helpful to railway businesses, and, if adopted, become the continuation of the EDIFACT series of standards that are already widely adopted and endorsed. UN/ECE has significant experience in producing international standards in this arena and could prove to be a very attractive route to achieving consensus messages, something that is vital to achieving the same degree of adoption that EDI has already provided to all the major industries in the world.
As you say in your article, EDI has stood the test of time. It is over 30 years old and has immense adoption and stability, characteristics that are vital to justify the levels of investment that are needed for major back-end systems.
I would be happy to provide contacts to ensure that this approach can be quickly and effectively evaluated.
Re: Unreasonable facsimile (Nov. 30)
I am a consultant with CGI, and am involved in doing privacy assessments.
I find it curious that the CIBC is trying to turn things around to blame Mr. Peer for violating PIPEDA. He is in the U.S. — he did not ask for this information, did not collect it, and has no relationship to the subjects. I am not sure under U.S. law what his obligation is to the subjects of personal information that he has received due to the mistake of another. I think he would be liable if he misused it, i.e. used it for identity theft. However, exposing the CIBC to public scrutiny when he has failed to get anyone’s attention for three years, and had to commence in fact a lawsuit, doesn’t mean he is going to be considered as acting unreasonably.
Nor do I consider his lawsuit to be unreasonable. As you know, a claim for damages is limited to what you ask for in your statement of claim — you can’t get more. So typically lawyers sue for $X million, when at trial they will ultimately get something less. It would be negligent to do otherwise, because you often don’t know at the beginning what your real damages are. Mr. Peer will have to prove his damages at trial. I don’t think it’s fair to characterize Mr. Peer at this point as someone who is manufacturing a lawsuit, because so far what we know is that the CIBC has for the past three years refused to do anything in response to his requests.
All of this is a distraction from the CIBC’s real issue, which is a failure of their accountability, policies and education. Keep in mind that as part of the banking community, CIBC has been subject to PIPEDA since January 2001. If they are not able to demonstrate compliance in the simple technology of facsimiles, how can they expect customers to be confident in other areas, such as online transactions?
A continued effort to redirect blame to others is not going to regain customer confidence.
Constantine Karbaliotis, LL.B
Re: Unreasonable facsimile (Nov. 30)
I remember watching this story on the CBC news. After hearing it did not involve a financial institution I deal with (at least) directly, I breathed a sigh of relief. The next day I was discussing it with some co-workers and I asked the question: Why is CIBC even faxing around customer data to start with? The answer I got was “”Yeah, but you would think that they would be using some kind of proprietary secure connection.””
I can understand that CIBC might use a fax machine (an incorrect fax number in some database) but to have them not know about the data going to the wrong place — answer it was obviously getting to the right place otherwise customers would be wondering what happened to their RRSPs and RRIFs.
The published explanation of this story will need to be good if we are to even have any hope of convincing the few remaining out there that would rather trust the good ol’ mattress for storage of valuables.
Look forward to reading more about this.
Re: It’s their Word against yours (Nov. 22)
Indeed, Shane, I agree with your assessment on Novell’s responsibility for mismanaging the WordPerfect franchise. I too used WordPerfect in the early days and much preferred it to Word, when the pressure to move over became unbearable in some environments.
You are right, WordPerfect is not yet completely dead. I wanted to let you know that I received a WordPerfect suite recently bundled as free OEM software when I purchased a new Dell computer for home. Probably would have used it too, given the steep price of Office, but we were able to access the student/teacher edition courtesy of my nine-year-old daughter.
Chief Information Officer
United Way of Canada
Letters to the editor must include the writer’s name and company name along with an e-mail address or other contact information. All letters become the property of ITBusiness.ca. Editors reserve the right to edit submissions for length and content.