Name of presenter(s) or subtitle
description
Transcript of Name of presenter(s) or subtitle
![Page 1: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/1.jpg)
Name of presenter(s) or subtitle
Privacy laws and their impact on research
David W. Stark
MRIA B.C. Chapter
November 2, 2005
![Page 2: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/2.jpg)
Privacy laws and theirimpact on research
![Page 3: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/3.jpg)
3©2005 TNS Canadian Facts
Agenda
Privacy legislation overview
• Canadian & U.S. laws
Compliance: is it working?
Industry implications
Helpful resources
Q&A
![Page 4: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/4.jpg)
4©2005 TNS Canadian Facts
Privacy legislation overview
Freedom of Information Access
Privacy and Protection of Personal Data
1980 1998 2001-2004
Privacy A
ct - Canada
Access to In
fo. Act -
Canada
1985 1994
Privacy Legislatio
n - Quebec
EU Privacy D
irectiv
e
PIPEDA -
Canada
PIPA -
AB & B
C
1966 1974
Freedom of Inform
ation A
ct – U
.S.
Privacy A
ct – U
.S.
2000
Safe Harb
or – U
.S.
![Page 5: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/5.jpg)
5©2005 TNS Canadian Facts
Canadian laws
Federal regulations
Competition Act (1985; rev. 1999 and 2001)
CRTC Telemarketing Rules (1994; rev. 2004)
PIPEDA (2001-2004)• Comprehensive law affecting all
industries in private sector
Bill C-37 (2005?)• Would establish a national do-
not-call registry
Anti-spam legislation (2006?)
![Page 6: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/6.jpg)
6©2005 TNS Canadian Facts
Canadian laws
Provincial regulations
Personal information protection acts
• Quebec (1995)
• Alberta (2004)
• British Columbia (2004)
Personal health information acts
• Alberta, Saskatchewan, Manitoba and Ontario
![Page 7: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/7.jpg)
7©2005 TNS Canadian Facts
U.S. laws
Federal Regulations
Telephone Consumer Protection Act (1991)
Telemarketing Sales Rule (1996)
Health Insurance Portability and Accountability Act (1996)
Financial Modernization Act (Graham-Leach-Bliley) (1999)
Children’s Online Privacy Protection Act (2000)
USA PATRIOT Act (2001)
CAN-SPAM Law (2003)
![Page 8: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/8.jpg)
8©2005 TNS Canadian Facts
U.S. laws
Federal Regulations
Federal Trade Commission Act (Section 5)
• Obligation to abide by one’s posted privacy policies
Eavesdropping and Taping Laws (FCC)
• Telephone interviewing, focus groups
![Page 9: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/9.jpg)
9©2005 TNS Canadian Facts
U.S. laws
State Regulations
Anti-spam laws
Do-not-call laws and lists
California’s Online Privacy Protection Act (CA OPPA)
• Must post privacy policy on website if collecting personally-identifiable information from CA residents.
California (Senate Bill 1386)• Must notify state residents of
actual or suspected breach of unencrypted data
![Page 10: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/10.jpg)
10©2005 TNS Canadian Facts
U.S. laws
State Regulations
Other states passing legislation similar to California’s privacy laws
28 pending bills in 17 states that would regulate offshoring of personal information
• Offshoring of state contracts
• Disclosure of location and name of call centre
• Prohibition against sending PII to non-U.S. recipients
![Page 11: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/11.jpg)
11©2005 TNS Canadian Facts
What’s driving consumer privacy laws?
Most privacy regulations enacted since early 1990s
Coincides with digital information age
• Databases of PII that can be manipulated and moved offshore at click of a button
Public opinion
Identity theft
• “fastest growing crime in the nation” - FTC
Outsourcing offshore
![Page 12: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/12.jpg)
Compliance: is it working?
![Page 13: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/13.jpg)
13©2005 TNS Canadian Facts
Compliance in Canada
Low awareness of PIPEDA and provincial privacy laws
Federal Privacy Commissioner has treated offending organizations with kid gloves
Commissioner’s Office understaffed
Still, in general, Canadian firms seem to be more privacy-conscious than their U.S. counterparts
![Page 14: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/14.jpg)
14©2005 TNS Canadian Facts
Compliance in the United States
Patchwork of privacy laws difficult for organizations
Multinationals would prefer a national privacy law (similar to PIPEDA)
FTC names offending organizations on its website
Private right of action in many U.S. laws gives rise to class action suits
EU study suggests several U.S. firms on Safe Harbor list are not in compliance
![Page 15: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/15.jpg)
Industry implications
![Page 16: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/16.jpg)
16©2005 TNS Canadian Facts
Industry implications
Third-party disclosures
• Clients’ customer lists
• Sharing respondents’ personally-identifiable information with clients
• List brokers / sample providers
• Qualitative research: recruiter, moderator, facility
Online research
• Explicit opt-in consent
• ISP shutdowns
customer
research client
research supplier
![Page 17: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/17.jpg)
17©2005 TNS Canadian Facts
Industry implications
Data security and retention
• Physical, electronic and organizational
• Minimum and maximum retention periods
International data flows
• U.S. state laws could impact Canadian call centres and data processing firms
• Main motive of these laws is protectionism (many U.S. jobs have been outsourced to low-wage countries)
![Page 18: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/18.jpg)
18©2005 TNS Canadian Facts
Industry implications
Contracts with clients that include indemnities and privacy protection clauses
Increasing number of clients require completion of comprehensive privacy assessment forms
Research is becoming more difficult to conduct
![Page 19: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/19.jpg)
Helpful resources
![Page 20: Name of presenter(s) or subtitle](https://reader035.fdocuments.in/reader035/viewer/2022062221/568146e0550346895db417e1/html5/thumbnails/20.jpg)
20©2005 TNS Canadian Facts
Helpful resources
Federal Privacy Commissioner’s website
• www.privcom.gc.ca
International Association of Privacy Professionals
• www.privacyassociation.org
Nymity (privacy consulting firm)
• www.nymity.com
MRIA Privacy Protection Handbook (formerly CAMRO)