Notes from the IAPP Canada Managing Director, July 12, 2019
We have just shy of 200 members in Quebec, and just over 50 of them are certified. We now have a viable KnowledgeNet Chapter in Montreal, and weâ€™ve started to look into holding privacy certification training classes there. Realizing that a major hurdle has always been the ability to provide materials in French, the IAPP is moving along that path now â€” not to mention in German, Dutch, Spanish, etcetera â€¦ Being a global organization, translating materials â€” and doing it well â€” is a big challenge.
I mention the inroads weâ€™re making in La Belle Province because of the news story this week that the Desjardins financial institution is being investigated due to a recent privacy breach. Whatâ€™s particularly newsworthy is that Iâ€™m pretty sure the investigation is the first joint investigation between the federal office and the Quebec Commission dâ€™accÃ¨s Ã lâ€™information.
Considering that the Quebec law predates PIPEDA, it is a little surprising that the two offices have not officially collaborated like this before. Time will tell what will become of the joint investigation, but I bet the impact on the company wonâ€™t be nearly as dire as the fine being proposed by the OIC in the U.K. against British Airways over its role in another data breach. There, the regulator is going after 1.5% of the airwayâ€™s 2018 turnover â€” which translates to 183 million GBP. In Canadian dollars, that converts to about $300 million.
So, while the folks in Quebec and at Desjardins, in particular, get themselves ready for the first-ever joint investigation, I bet they are glad they arenâ€™t subject to the GDPR in this country.