Many companies who have presence both online and physically cross-border are dealing with the fact that the US Patriot Act infringes upon privacy of their data and their customers data. Many of these companies who have Canadian customers are forced to relocate their data into Canadian digital territories to avoid infringing upon Canadian privacy laws. Companies globally are now seeking data centers located in Canada to assist in combating the highly controversial Patriot Act which emerged post 911. Below is an article from ComputerWorld which puts some perspective to this growing concern.
If you are in need of a Toronto data center, colocation or managed service provider - we can help direct you to the right source. E-mail; torontodatacenter@gmail.com
...........................................
Canadians watch for Patriot Act abuse
By: Mari-Len De Guzman - ComputerWorld Canada (17 Aug 2007)
In 2004, British Columbia has passed amendments to its privacy legislation prohibiting B.C. companies that collect information on behalf of any B.C. government bodies from disclosing or transferring that information to other jurisdictions where it may be subject to lawful disclosures.
Nova Scotia has enacted similar legislation, while the federal Treasury Board has issued guidelines to federal government agencies that outsource the management and/or storage of sensitive information. The guidelines restrict outsourcing to companies that might be subject to foreign intelligence warrants, Young said.
Notwithstanding the U.S. Patriot Act, however, personal information are already being subject to cross-border transfers particularly with the increasing use of the Internet for commercial transactions and for international collaboration among law enforcement bodies, according to security expert Mary Kirwan, founder and CEO of Headfry Inc.
“We may be a bit unrealistic in imagining that we can somehow just keep all the data at home, just the nature of the Web is that data is going to flow across border,” Kirwan said.
While concerns around the Patriot Act are well-founded, especially when dealing with financial institutions and healthcare providers, Kirwan stressed multinational subsidiaries are also mandated to comply with local laws, which provide citizens a mechanism for protection.
Canada, for one, has a strong expectation of privacy as evidenced by the existence of federal privacy legislation, the Personal Information Protection and Electronic Documents Act (PIPEDA), said Kirwan.
Kirwan also stressed it’s important for Canadian companies to make their privacy policies as transparent as possible so that “there are no ugly surprises for the customer.”
“There are consequences if you are served with a subpoena for the data — as an exception to PIPEDA — but make it clear in your privacy policy and to people reading it that there are circumstances where data might be released and some of them include situations that are set out in PIPEDA, such as national security concern or court order,” explained Kirwan.
It’s a tougher issue, however, for Canadian companies that are dealing or have relations with a U.S. organization, Kirwan said, but stressed that in those situations companies should try and ensure that the privacy of the data is at least comparable to Canada. “I think that would be a reasonable expectation (from customers).”
Young agreed with Kirwan, adding that Canadian companies are getting around the Patriot Act implications by being more transparent to the customer.
No comments:
Post a Comment