Skip to content

Could PIPEDA be a ‘show-stopper’ for CETA?

The Ottawa Citizen reports, “A 52-page draft report by an influential European parliamentary committee (the committee on civil liberties, justice and home affairs) … calls on the European Commission to review whether the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA) adequately protects Europeans’ personal data exchanged under Canada-European Union commerce and trade.”

“The preliminary report of the parliamentary inquiry that has held extensive public hearings into the mass surveillance of EU citizens (says), ‘The national security agencies of New Zealand and Canada have been involved on a large scale in mass surveillance of electronic communications and may have actively co-operated with the U.S. (National Security Agency) under the so-called Five Eyes program, and may have exchanged with each other personal data of EU citizens transferred from the EU.’ …Documents leaked since June by Edward Snowden, a former NSA contractor, implicate Canada’s foreign electronic signals spy agency, the Communications Security Establishment Canada, in NSA and other communications and information intercept operations against foreigners and foreign states.”

“Depending on the findings of any EU review of PIPEDA, one option would be to ‘suspend or reverse’ the EU’s current formal endorsement of PIPEDA for the legal ‘adequacy’ of the protections it extends to EU citizens doing business with Canadian companies, says the report. …Loss of the adequacy determination will be a major blow to data-sharing between Canada and the EU and will lead to all companies having to negotiate individual contractual arrangements with their EU counterparts — for example IBM Europe and IBM Canada — to safeguard all personal information up to the EU standard before any data transfer can take place.”

“Murray Long, co-author of the Canadian Privacy Law Handbook and founding editor of the PrivacyScan electronic news journal, (is) confident any PIPEDA review will not affect Canada’s tentative Comprehensive Economic and Trade Agreement (CETA) with the EU, which isn’t expected to be ratified until the end of 2015. ‘In the event of the EU’s approval of the document calling for an adequacy review of PIPEDA by the end of 2014, this process could happen in tandem with other aspects of the CETA ratification. In other words, it need not be a show-stopper to CETA’.”

“The draft report calls on the European Commission to present by the end of the year an EU strategy for democratic governance of the Internet, and warns there is currently ‘no guarantee, either for EU public institutions or for citizens, that their IT security or privacy can be protected from intrusion by well-equipped third countries or EU intelligence agencies’ in Britain, France, Germany and Sweden. It also recommends the European Parliament, ‘if necessary, take appropriate measures to suspend or reverse’, its adequacy endorsement of PIPEDA as precursor to some Canada-EU commerce. …The PIPEDA-review recommendation (could be) approved by the committee later this month and by an EU parliamentary vote in late February…”

Further reading
Could Snowden leaks have CETA implications?
Canada-EU CETA