Schedule 1 of PIPEDA sets out 10 principles
of fair information practices, which form
the ground rules for the collection, use and
disclosure of personal information, as well as
for providing access to personal information.
These principles give individuals control over
how their personal information is handled in
the private sector.
However, organizations should note that
in addition to the principles set out under
Schedule 1 of PIPEDA, the Act contains an
overriding obligation that any collection,
use or disclosure of personal information
must only be for purposes that a reasonable
person would consider are appropriate in the
circumstances. This overarching standard
of appropriateness of purposes continues to
apply, independent from the provisions of
Schedule 1 of the Act.
An organization is responsible for the
protection of personal information and the
fair handling of it at all times, throughout
the organization and in dealings with third
parties. Additionally, care in collecting,
using and disclosing personal information is
essential to continued consumer confidence
and good will.
This section sets out the responsibilities for
each of the 10 fair information principles
under Schedule 1. It outlines how to fulfill
these responsibilities and offers some tips.