Understanding Personal Information: Managing Privacy Risks

Researched and written by Eloïse Gratton, a leading expert in information technology law, new media and privacy issues, this volume provides a thorough investigation of the concept of personal information.

Publication Language: English

Published: March 31, 2013

Publisher: LexisNexis Canada

Product Format Details Qty
Book
$260.00
In Stock ISBN: 9780433474074
Hardcover | 552 pages

From user profiles and location information to IP addresses and RFID, the world of information technology has evolved at a rapid pace, exposing both individuals and organizations to new levels of risk - and responsibility. Yet, data protection and privacy laws are still applying a definition of "personal information" that was developed in the 1970s. It's time to take a fresh look at the definition and develop a new legal framework for assessing which data should be classified as personal information. And that's precisely what this new publication, Understanding Personal Information: Managing Privacy Risks, aims to do.


Highlights of this Book


Researched and written by Eloïse Gratton, a leading expert in information technology law, new media and privacy issues, this volume provides a thorough investigation of the concept of personal information, including:

  • A full examination of the definition and interpretation of "personal information" found in Canadian data protection laws (PIPEDA and provincial private sector laws from B.C., Alberta and Quebec), as well as European data protection directives
  • A summary of the historical context leading to the adoption of data protection laws and the elaboration of the definition of personal information
  • A review of emerging technologies and the challenges they trigger for the protection of personal information in an information age
  • A useful assessment tool to assist organizations handling information of their clients, employees or website users in determining whether the information handled qualifies as personal information and the kind of potential privacy risks or harm involved
  • An analysis of the types of privacy harm which may result from personal information being collected, used and disclosed, and a guide on how to mitigate privacy risks
  • A helpful examination of the interpretation of the notion of "identifiable" (as opposed to anonymous) information
  • A review of Canadian case law addressing the issue of when personal information is considered "accurate" and "relevant" for its intended use in accordance with applicable Canadian data protection laws
  • A practical framework for Canadian data protection laws in light of modern technologies

An Important Resource


This guide is a valuable reference book for organizations that handle personal information as well as their legal counsel as it will help them assess:

  • Whether the information they manage is or should be covered under the definition of personal information
  • The sensitivity of the information they handle, the type of security measures they should be implementing and the type of consent they should be obtaining from their employees, clients and users
  • The situations in which a security breach will trigger a significant risk of harm for individuals affected
  • Whether individuals have a right to damages resulting from a confirmed breach under PIPEDA or any similar provincial law

In addition, Understanding Personal Information: Managing Privacy Risks may be of interest to Canadian lawyers, lawmakers, policymakers, privacy commissioners, courts, consumer groups, and governmental authorities and agencies.

Introduction

1. Background Leading to the Definition of Personal Information

1.1. Historical Background Leading to Laws Protecting Personal Information

1.1.1. Evolution of the Notion of Privacy

1.1.2. Control over Personal Information and Fair Information Practices

1.1.3. Definition of Personal Information: Origin and Background

1.2. Technological Background Affecting Personal Information

1.2.1. Increase in Volume of Information

1.2.2 New Types of Information and Collection Tools

1.2.3. New Identifying Methods

1.2.4. New Uses of Information

1.2.5. Increased Availability of Data

2. Constructing the Definition of Personal Information

2.1. Deconstructing the Definition of Personal Information

2.1.1. Deconstructing the Concept of Privacy as Control

2.1.2. Deconstructing the Efficiency of the Definition of Personal Information

2.2. Reconstruction Taking into Account Underlying Risk of Harm

3. Implementation the Risk of Harm Approach to the Definition of Personal Information

3.1. Subjective Harm Associated with Definition of Personal Information

3.1.1. Subjective Harm Resulting from the Collection of Information

3.1.2. Subjective Harm Resulting from the Disclosure of Information

3.2. Objective Harm Associated with the Definition of Personal Information

3.2.1. Objective Harm Resulting from the Use of Information

Featured Authors