Privacy Commissioner Warns of Privacy Issues Within The Federal Government
The federal government’s use of handheld communications devices and its practices for disposing of unneeded paper documents and surplus computers could expose the personal information of Canadians to unauthorized disclosure, Privacy Commissioner of Canada Jennifer Stoddart has warned.
The findings, stemming from two separate privacy audits conducted by the Office of the Privacy Commissioner of Canada (OPC), were highlighted in the organization’s 2009-2010 annual report on the Privacy Act, tabled in Parliament today. The Act applies to federal departments, agencies and Crown corporations.
“Our audits turned up some disturbing gaps in the privacy policies and practices of government institutions,” Commissioner Stoddart said. “Whether they’re using a BlackBerry, shredding old papers or disposing of outdated computer equipment, public servants need to know that the security of people’s personal data is a top priority.”
The annual report examines how the government’s holdings of personal data are affected by technology and considers the impact of full-body airport scanners and other national security measures on the privacy rights of Canadians. The report also summarizes key investigations into privacy complaints and data breaches that the Office conducted under the Privacy Act in 2009-2010.
“Considering the vast amounts of personal information on Canadians that the government holds, problems are relatively rare,” the Commissioner acknowledged. But, she noted, the data that the government collects, for purposes such as taxation, income support, the correctional system and international travel, is highly sensitive. Any unauthorized collection, use or disclosure of such data could therefore have serious consequences.
“When it comes to safeguarding the personal information entrusted to it, the government of Canada must always be held to the very highest standards of account.”
Here are some highlights of today’s reports:
* Wireless audit: Of five federal entities examined, none had fully assessed the threats and risks inherent in wireless communications. Gaps in policies and/or practices resulted in weak password protection for smart phones and inadequate encryption for Wi-Fi networks and data stored on mobile devices. Shortcomings were also noted in the disposal of surplus handheld devices and the use of PIN-to-PIN messaging, a form of direct communication between two smart phones that is vulnerable to interception. Read the rest of this entry »
posted in Government, National News, Research Studies By: Tami | Print This Post