Access to Information Act

    Access to Information Act refers to the Access to Information Act, RSC 1985, c A-1, federal legislation which gives Canadian citizens, permanent residents and any person or corporation in Canada a right to access records of government institutions that are subject to the legislation.

    APEC Privacy Framework

    APEC Privacy Framework refers to the principles and implementation guidelines established by the Asia-Pacific Economic Cooperation (APEC) to protect privacy and to enable regional transfers of personal information and electronic commerce throughout the Asia Pacific region.

    Canadian Charter of Rights and Freedoms

    Canadian Charter of Rights and Freedoms ­refers to the Canadian Charter of Rights and Freedoms, Part 1 of the Constitution Act, 1982, being Schedule B to the Canada Act 1982 (UK), 1982, c 11, which protects the fundamental rights and freedoms of Canadians.

    Consistent Use

    Consistent Use refers to the use of personal information for a purpose other than the original purpose for which the information was collected where that additional purpose is compatible with that original purpose.

    Convention 108

    Convention 108 refers to the Convention for the protection of individuals with regard to automatic processing of personal data (ETS No. 108), a legally binding, international instrument introduced by the Council of Europe in January 1981 for the protection of individuals regarding the automatic processing of personal data. In May 2018, the Council of Europe introduced the Modernised Convention for the Protection of Individuals with Regard to the Processing of Personal Data, which proposes certain updates to Convention 108.

    Data integration

    Data integration refers to the comparison, combination or consolidation of multiple data sets to facilitate the use of that data for public benefit.

    De-identified personal information

    De-identified personal information refers to personal information that has been modified so that it can no longer be attributed to a specific individual without the use of additional information.

    Elections Act

    Elections Act refers to the Canada Elections Act, SC 2000, c 9, federal legislation which regulates federal elections in Canada.

    ETHI Committee

    ETHI Committee refers to the Standing Committee on Access to Information, Privacy and Ethics which studies matters relating to the Office of the Information Commission of Canada, the Office of the Privacy Commissioner of Canada and the Office of the Commissioner of Lobbying of Canada, and certain issues related to the Office of the Conflict of Interest and Ethics Commissioner.

    General Data Protection Regulation

    General Data Protection Regulation refers to the General Data Protection Regulation, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, which regulates the processing of an individual’s personal information by another individual, company or organization within the European Union.

    Interoperability

    Interoperability of legislation refers to the ability of legislation from different jurisdictions to be as compatible as appropriate.

    OECD

    OECD refers to the Organization for Economic Co-operation and Development, an international organization, which establishes international standards and policies for a range of social, economic and environmental topics.

    Office of the Comptroller General

    Office of the Comptroller General refers to the office responsible for supporting the Comptroller General of Canada, an officer of Parliament appointed by the Governor in Council, in providing functional direction and assurance across the federal government for financial management, internal audit, investment planning, procurement, project management, and the management of real property and material.

    Personal Information Protection and Electronic Documents Act

    Personal Information Protection and Electronic Documents Act refers to Part 1 of the Personal Information Protection and Electronic Documents Act, SC 2000, c 5, federal legislation which governs the collection, use and disclosure of personal information by private-sector organizations across Canada in the course of commercial activity.

    Privacy-by-design

    Privacy-by-design refers to the concept of planning and implementing the protection of personal information at the design stage of an initiative, program or service.

    Privacy Act

    Privacy Act or the Act refers to the Privacy Act, RSC 1985, c P-21, which governs the collection, use and disclosure of personal information by federal public bodies in Canada. It also establishes the Office of the Privacy Commissioner.

    Privacy Commissioner or the Commissioner

    Privacy Commissioner or the Commissioner refers to Privacy Commissioner of Canada, the officer of Parliament appointed by the Governor in Council to oversee compliance with the Privacy Act and the Personal Information Protection and Electronic Documents Act

    Office of the Privacy Commissioner of Canada

    Office of the Privacy Commissioner of Canada refers to the office responsible for supporting the Privacy Commissioner of Canada, who is an officer of Parliament appointed by the Governor in Council to oversee compliance with the Privacy Act and the Personal Information Protection and Electronic Documents Act.

    OECD Guidelines

    OECD Guidelines – means the Organisation for Economic Co-operation and Development (OECD) Revised Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data (2013). Initially introduced in 1980, the OECD’s statement of core information privacy principles have served as the basis for national and international privacy instruments. The revised guidelines were published in 2013.

    Privacy Impact Assessment

    Privacy Impact Assessment or PIA refers to an formal analysis to identify and mitigate an organization’s privacy risks.

    Privacy Management Program

    Privacy Management Program refers to an individualized organizational plan for protecting personal information in compliance with legal requirements.

    Quasi-constitutional

    Quasi-constitutional refers to a legal principle which mandates that the rights provided by a piece of legislation are to be interpreted broadly, and any exceptions to those rights must be clearly stated by the legislation.

    Regulatory sandbox

    Regulatory sandbox refers to a controlled and supervised environment in which particularly novel business models, structures or processes can be tested for compatibility with legal requirements in cooperation with a regulator, outside of an adjudicative or coercive compliance environment.

    Targeted technical engagement

    Targeted technical engagement refers to Justice Canada’s June 2019 initial discussion with privacy, data and digital experts and certain government stakeholders on a number of technical and legal considerations for modernizing the Privacy Act.

    Treasury Board Secretariat

    Treasury Board Secretariat or TBS refers to Treasury Board Secretariat of Canada, the administrative arm of the Treasury Board, which is responsible for providing advice and recommendations on government management regarding accountability and ethics; financial, personnel and administrative management; comptrollership; and approving regulations and most Orders-in-Council.