Annual Report to Parliament 2014 – Report on the
Personal Information Protection and Electronic Documents Act
Definitions of Complaint Types under PIPEDA
Complaints received by the OPC are categorized according to the principles and provisions of
PIPEDA that are alleged to have been contravened:
An individual has been denied access to his or her personal information by an
organization, or has not received all the personal information, either because some documents
or information are missing or because the organization has applied exemptions to withhold
An organization has failed to exercise responsibility for personal information
in its possession or custody, or has failed to identify an individual responsible for overseeing its
compliance with the
An organization has failed to ensure that the personal information it uses is accurate,
complete, and up-to-date.
An organization has failed to put procedures or policies in place
that allow an individual to challenge its compliance with the
, or has failed to follow its own
procedures and policies.
An organization has collected personal information that is not necessary, or has
collected it by unfair or unlawful means.
An organization has collected, used or disclosed personal information without
meaningful consent, or has made the provision of a good or service conditional on individuals
consenting to an unreasonable collection, use, or disclosure.