Privacy laws

Privacy laws are laws and regulations from the federal, provincial or territorial governments that determine the rules for how your business must treat personal information.

Handling personal and sensitive information properly is important and business owners need to understand their responsibilities under the law.

The primary federal law all Canadians should obey is the Personal Information Protection and Electronic Documents Act (PIPEDA). Some key changes to PIPEDA were made by the Digital Privacy Act.

Compliance with PIPEDA is enforced by the Office of the Privacy Commissioner to protect Canadians as the internet develops. 

Some provinces have privacy laws that are similar to PIPEDA. In these provinces, the provincial laws will be enforced.

Compliance with Canada's anti-spam legislation (CASL) is also relevant to meeting privacy obligations. CASL amended PIPEDA to include regulations on collecting email addresses for marketing purposes.

Care should be taken to ensure all recipients of marketing material have consented to receiving them.

  • How to write a privacy policy
    Discover your legal obligations when establishing policies that seek to protect your customers’ private information.
Date modified: