Canadian privacy law & CIBC
Businesses can avoid potential public relations and legal nightmares by developing privacy policies, authentication processes and using cutting-edge technology. The Canadian Imperial Bank of Commerce learned this the hard way last week when U.S. scrapyard operator Wade Peer went public with his story about how one of Canada’s largest banks was flooding his fax machine with highly confidential information about its clients for the past three years.
The faxes, he said, contained social insurance numbers, bank accounts and client signatures, and despite repeated calls from him they just kept piling up. Finally he sued CIBC to make them stop. The problem appears to stem from the fact Mr. Peer’s toll-free number for his autoparts business, which he was forced to close, is similar to that of one of the bank’s processing centres.
writes [link to http://www.canada.com/technology/story.html?id=abe9da66-e9cf-4f5e-9828-d97611c5a234 no longer works] Jim Middlemiss for the Financial Post.
(David Akin also reports.)
I’d argue that the problem stems from a privacy commissioner who fails to take cases to court to see fines imposed. In fact, I’ve argued exactly that [link to http://www.emergentchaos.com/archives/000475.html no longer works] in the past.
[Update: David Akin has a blog, and further details are here.]
CIBC bans faxes; privacy commissioner investigates; more leaks
The Canadian Imperial Bank of Commerce has taken the remarkable step of banning the use of fax machines for any transmission of customer information in the wake of revelations that confidential data for hundreds of its…