Bill C-12 explained in plain English
An Act to amend the Personal Information Protection and Electronic Documents Act
Federal Parliament bill summary, status, timeline, sponsor, votes, and official sources.
At a glance
Official Parliament of Canada snapshot for 41st Parliament, 1st Session. MP vote breakdowns appear when the House of Commons publishes a recorded division export for that bill. Senate and House stage details include official debate/sitting links when LEGISinfo publishes them.
Our plain-language take, written for civic education.
Source: By PoliticalData.ca
Bill C-12 amends the Personal Information Protection and Electronic Documents Act to update rules on consent, disclosure, and breach reporting for personal information.
Bill C-12, also known as the Safeguarding Canadians’ Personal Information Act, proposes amendments to the Personal Information Protection and Electronic Documents Act (PIPEDA). The bill aims to update rules around the collection, use, and disclosure of personal information. Key changes include defining valid consent, allowing disclosures for specific purposes such as fraud prevention or identifying deceased individuals, and introducing mandatory reporting for significant breaches of security safeguards. It also clarifies the meaning of 'lawful authority' for disclosures to government institutions.
- Amends the Personal Information Protection and Electronic Documents Act.
- Excludes business contact information from certain provisions of Part 1 of the Act under specific circumstances.
- Specifies conditions for valid consent regarding the collection, use, or disclosure of personal information.
- Permits the disclosure of personal information without an individual's knowledge or consent for specific purposes, including identifying injured or deceased individuals, performing police services, preventing fraud, or protecting victims of financial abuse.
- Clarifies the definition of 'lawful authority' for disclosures of personal information to government institutions.
- Allows organizations to collect, use, and disclose personal information without an individual's knowledge or consent for purposes related to employment relationships within federal works, undertakings, and businesses.
- Permits the use and disclosure of personal information without an individual's knowledge or consent in the context of prospective or completed business transactions, under specific conditions.
- Establishes a framework requiring organizations to notify individuals about certain disclosures of their personal information to government institutions.
- Mandates organizations to report material breaches of security safeguards to the Privacy Commissioner.
- Requires organizations to notify individuals and other entities about breaches of security safeguards that pose a real risk of significant harm.
- Amends the definition of 'personal information' to mean 'information about an identifiable individual'.
- Adds new definitions for 'breach of security safeguards', 'business contact information', and 'business transaction'.
- Organizations that collect, use, or disclose personal information.
- Individuals whose personal information is collected, used, or disclosed.
- Federal works, undertakings, and businesses.
- Banks and authorized foreign banks.
- Government institutions.
- The Privacy Commissioner.
- Organizations must ensure consent for collecting, using, or disclosing personal information is valid.
- Organizations must report material breaches of security safeguards to the Privacy Commissioner.
- Organizations must notify individuals about breaches that pose a real risk of significant harm.
- Organizations must follow new rules for disclosing personal information without consent in specific circumstances.
- Individuals have the right to be notified of certain disclosures of their personal information to government institutions.
- Individuals can file complaints with the Privacy Commissioner regarding contraventions of the Act.
- The provisions of this Act come into force on a day or days to be fixed by order of the Governor in Council.
- Individuals can file complaints with the Privacy Commissioner.
- The Commissioner can conduct investigations.
- Individuals can apply to the Court for a hearing regarding matters in a complaint or the Commissioner's report.
- The Court may order an organization to correct its practices to comply with the Act.
- The bill does not specify the exact date when its provisions will come into force, as this will be determined by order of the Governor in Council.
- The specific 'prescribed information' and 'prescribed form and manner' for breach reports and notifications are not detailed in the bill text and will be established by regulation.
- The precise definition of 'significant harm' and the factors for determining a 'real risk of significant harm' are detailed, but their application in specific situations may require interpretation.
- The application of Part 1 of the Act to business contact information is limited to circumstances where the information is used 'solely for the purpose of communicating or facilitating communication with the individual in relation to their employment, business or profession'.
This bill amends the Personal Information Protection and Electronic Documents Act to update rules regarding consent, disclosure, and breach reporting for personal information.
Source: Bill C-12, Summary
Certain business contact information will be excluded from the application of Part 1 of this Act under specific circumstances.
Source: Bill C-12, Section 4.01
Introduces requirements for organizations to report material breaches of security safeguards to the Privacy Commissioner.
Source: Bill C-12, Sections 10.1, 10.2, 10.3
Clarifies the meaning of 'lawful authority' for disclosures of personal information to government institutions.
Source: Bill C-12, Section 7(3.1)
Amends the definition of 'federal work, undertaking or business' in the Personal Information Protection and Electronic Documents Act to include banks and authorized foreign banks as defined in the Bank Act.
Source: Bill C-12, Section 2(2)
Generated using AI from official bill text. Not legal advice. It is written by PoliticalData.ca for civic education, automatically checked and spot-reviewed before publishing.
Official textThe official summary published alongside the bill, shown exactly as written.
Source: Parliament of Canada (LEGISinfo)
A legislative summary is currently being prepared for this bill by the Parliamentary Information and Research Service of the Library of Parliament. Meanwhile, the following executive summary is available. On 29 September 2011, the Minister Industry and Minister of State (Agriculture) introduced Bill C-12, An Act to amend the Personal Information Protection and Electronic Documents Act (Safeguarding Canadians’ Personal Information Act), in the House of Commons and it was given first reading. The bill amends the Personal Information Protection and Electronic Documents Act. Among other things, it • outlines what constitutes valid consent for the collection, use or disclosure of personal information; • proposes additional exceptions permitting the disclosure of personal information without the knowledge or consent of the individual in order to allow for the release of personal information to help protect victims of financial abuse, to help locate missing persons and to identify injured, ill or deceased individuals; • clarifies the meaning of lawful authority for the purpose of disclosures to government institutions of personal information without the knowledge or consent of the individual; • permits organizations, for certain purposes, to collect, use and disclose, without the knowledge or consent of the individual, personal information contained in witness statements related to insurance claims, or produced by the individual in the course of their employment, business or profession; • permits organizations, for certain purposes, to use and disclose, without the knowledge or consent of the individual, personal information related to prospective or completed business transactions; • permits federal works, undertakings and businesses to collect, use and disclose personal information without the knowledge or consent of the individual to establish, manage or terminate employment relationships; • provides a framework for organizations to notify individuals proactively about disclosures of their personal information made in certain circumstances to government institutions; and • requires organizations to report material breaches of security safeguards to the Privacy Commissioner and to notify certain individuals and organizations of breaches that create a real risk of significant harm.
This is the official summary published by the Parliament of Canada, shown verbatim. Not legal advice. PoliticalData.ca did not write or edit this text.
View on LEGISinfoParliamentary Process
We don't have a plain-language summary for First reading yet. The official source linked below is the full record.
We don't have a plain-language summary for Second reading yet. The official source linked below is the full record.
We don't have a plain-language summary for Third reading yet. The official source linked below is the full record.
We don't have a plain-language summary for First reading yet. The official source linked below is the full record.
We don't have a plain-language summary for Introduction and first reading yet. The official source linked below is the full record.
We don't have a plain-language summary for Second reading yet. The official source linked below is the full record.
We don't have a plain-language summary for Consideration in committee yet. The official source linked below is the full record.
We don't have a plain-language summary for Report stage yet. The official source linked below is the full record.
We don't have a plain-language summary for Third reading yet. The official source linked below is the full record.
Debate and sitting links point to official parliamentary sources when LEGISinfo publishes them. Any plain-language discussion summaries should be generated from those official texts and reviewed before public display.
Vote Summary
This bill is still active. We only show vote counts after the legislature publishes a recorded division.
No published representative vote breakdown
This bill is still moving through the process. When a recorded division is published, representative positions can be listed here.
Official sources
Status, sponsor, votes, and timeline on this page are drawn from these official legislative sources and public records. Each summary above is attributed to its own source.
How this data is sourced