While we’re still reeling from Tim Hortons’ app scandal, unsure if we can ever trust a mobile fast food ordering platform again, the federal government has introduced new laws to crack down on the sort of privacy invasions and data mishandling that landed Tims in hot water.
What happened: The Digital Charter Implementation Act (aka Bill C-27) would require companies to use plain language that someone "would reasonably be expected to understand" when asking for access to information. If an individual decides they no longer want the company to have their data, they must be able to safely transfer it to another organization or the company must delete it.
Even more important than the new rules is the ability to enforce them.
Companies like Tim Hortons would no longer get away with a slap on the wrist for breaking privacy laws, as the bill establishes a Data Protection Tribunal that could levy fines of up to $25 million or 5% of the company’s global revenue (whichever is greater).
- In case you’re wondering, 5% of Tim’s 2021 global revenue would be $325 million. That’s a lot of Timbiebs!
- In addition to privacy protections, the bill also includes measures for the ethical development of artificial intelligence, making it illegal for companies to knowingly release AI systems that could cause substantial physical or psychological harm.
Why it matters: The last time Canada passed a new act focused on digital privacy was in 2000 when MSN Messenger was the bleeding edge of online communications. These new laws, which have been generally championed by potentially affected businesses, would bring us closer to the present.