Findings under the Personal Information Protection and Electronic Documents Act (PIPEDA)

2007

• PIPEDA Case summary #2007-388: Personal relationship between two employees triggers covert video surveillance by employer and raises consent issues (Updated)
• PIPEDA Case Summary #2007-387: Television station improperly recorded employee telephone conversation (Please note that this case summary is included under 2007 to ensure continuous numbering of summaries, although the finding was made in 2006)
• PIPEDA Case Summary #2007-386: Credit card information printed on paper airline tickets not a proper safeguard; transfer of personal information to travel wholesaler questioned
• PIPEDA Case Summary #2007-385: Insurance broker asked to amend privacy language
• PIPEDA Case Summary #2007-384: Telecommunications company agrees to seek consent to the recording of outgoing marketing calls
• PIPEDA Case Summary #2007-383: Benefits administrator takes steps to ensure appropriate consent is obtained before disclosing medical information
• PIPEDA Case Summary #2007-382: Former employer discloses drug testing information
• PIPEDA Case Summary #2007-381: Bank improves safeguards after individual’s personal information used fraudulently to open credit card account
• PIPEDA Case Summary #2007-380: Bank’s record-keeping practices considered inadequate safeguard
• PIPEDA Case Summary #2007-379: Condition of washrooms prompts management to monitor facilities
• PIPEDA Case Summary #2007-378: Bank teller gives customer’s credit card account statements to wife
• PIPEDA Case Summary #2007-377: Law firm’s shoddy privacy practices result in missing personal information; request for access denied
• PIPEDA Case Summary #2007-376: Condo security company did not misuse security camera system, but improved personal information safeguards
• PIPEDA Case Summary #2007-375: Parking lot owner collects debtors’ personal information from provincial vehicle registry
• PIPEDA Case Summary #2007-374: Bank faxes credit card account statement to fraudster
• PIPEDA Case Summary #2007-373: Individual’s misinterpretation of contest wording leads to invitation to ex-wife
• Report of an Investigation into the
  Security, Collection and Retention of Personal Information: TJX Companies Inc. /Winners Merchant International L.P.
• PIPEDA Case Summary #2007-372: Disclosures to data brokers expose weaknesses in telecoms’ safeguards
• PIPEDA Case Summary #2007-371: Building supplier reveals customers personal information to contractor
• PIPEDA Case Summary #2007-370: Airline broadens interpretation of personal information and improves handling of personal information access requests
• PIPEDA Case Summary #2007-369: The importance of explaining the reasons for collecting personal information
• PIPEDA Case Summary #2007-368: Insurance adjusters consent form considered overly broad (updated)
• PIPEDA Case Summary #2007-367: Need to establish procedures for handling access to personal information requests stressed
• PIPEDA Case Summary #2007-366: Auto body shop implements privacy policy and undertakes changes to privacy practices
• PIPEDA Case Summary #2007-365: Responsibility of Canadian financial institutions in SWIFT’s disclosure of personal information to US authorities considered
  • Executive Summary
  • Report of Findings

Definitions under the Personal Information Protection and Electronic Documents Act