E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Professional Accountants, home page.		 LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by:
Bennett Gold LLP, Chartered Professional Accountants


SPECIAL NOTE TO ALL VISITORS:
Effective December 31 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering notable e-commerce news articles from the period 1999 to 2012.


ROGERS DATA LEAK SHOWS NEED FOR MANDATORY CUSTOMER NOTIFICATION LAW, EXPERT SAYS

Source: Canada.com

Posted on April 15, 2007

      A security breach like the one that hit Rogers Cable this month in Toronto shows the need to make it mandatory for companies to notify clients when their private information has been compromised, a privacy expert says.

      Toronto media reported hundreds of Rogers' cable and Internet customer orders, containing personal information such as driver's licence numbers and social insurance numbers, were found abandoned in a downtown Toronto parking lot near Ryerson University.

      Rogers, which has said it is investigating the incident, has blamed an employee of a company it hired to sell its cable TV and Internet services. Rogers said no credit card information was included in the documents, some of which date back several years. A Rogers spokesperson did not return several phone calls Monday.

      "This clearly is just one more example in what's becoming a litany of examples of reasons why we need to have laws that require corporate notification of both authorities and individuals when personal information has been exposed in this manner," said Pippa Lawson, director of the University of Ottawa's Canadian Internet Policy and Public Interest Clinic, which monitors privacy issues.

      "The question is: how many more similar breaches are happening that we don't know about? Without a legal requirement ... there's no real incentive on organizations to disclose them. The incentive would be to keep it quiet," Lawson said.

      "As long as you think you can keep it under wraps ... then you're better off not having your corporate name tarnished in that manner," she said.

      Lawson said the issue is very timely since a House of Commons committee is in the process of preparing a report with suggested amendments to Canada's federal privacy law.

      Several privacy leaks which have made headlines recently include data breaches at CIBC's Talvest Mutual funds, which lost information on up to 500,000 customers. In 2004, it was revealed that the bank had been unknowingly sending faxes containing confidential information to scrap yards for about three years.

      TJX Cos., operator of Winners and HomeSense stores in Canada, as well as Club Monaco, have also disclosed breaches of private customer information.

      The federal Privacy Commissioner of Canada, Jennifer Stoddart, has also called for amendments to the private-sector privacy law to make it mandatory for organizations to notify people of data breaches involving their personal information.

      The suggested change to the Personal Information Protection and Electronic Documents Act would allow those customers to take action to prevent identity theft, like verifying their credit history and possibly cancelling credit cards. It would also force businesses to think twice about stockpiling, and not adequately guarding, potentially sensitive customer information, Lawson said.

      About 30 American states have introduced mandatory notification laws, Lawson said, triggered in part by a recent major breach in 2005 involving a data company which inadvertently sold personal information on thousands of U.S. residents to a criminal organization.

      Criminals posing as legitimate businesses got access to sensitive personal data stored by ChoicePoint Inc., a firm that maintains databases and sells background information on nearly every U.S. citizen. The data included consumer information, including names, addresses, Social Security numbers and credit reports.

      Privacy groups say Canadians should take an active role in protecting their own personal information by providing only the minimum amount of personal information necessary to organizations requesting it.



CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

ALERT
ARCHIVES
Final Entries
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999


LINK TO: Bennett Gold, Chartered Professional Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Against
Privacy Breaches.

Get WebTrust
Working For
Your Site.