As The Canadian Privacy Landscape Changes, Organizations Will Need To Be Accountable

• Jurisdiction: United States,Federal
• Law Firm: Lawson Lundell LLP
• Subject Matter: Privacy, Technology, Compliance, Data Protection, Privacy Protection, Security
• Author: Mr Ryan Berger
• Published date: 12 January 2023

Our use of technology continues to increase and the data created from that use is growing exponentially. Organizations collecting and using that data will be held accountable.

In the future e will be awash in data. As of 2020, one person using the internet creates roughly 1.7 megabytes of data every second.¹ All together, the global volume of existing data is currently 33 zeta-bytes, and it is predicted to increase to 175 zeta-bytes by 2025.² This is an incredible wealth of information. Approximately 90% of existing data has been created in the last two years alone.³

USING THE RIGHT DATA, IN THE RIGHT WAY

Using the right data in the right way can be extremely valuable to organizations. Some companies have already begun to harness the power of data. Walmart, for example, collects 2.5 petabytes of data from customers every hour.⁴ By leveraging data processing and analytics, Walmart has been able to increase efficiency, optimize their supply chain, and improve the customer experience.⁵ One example of Walmart's big data success comes from mining sales data. In 2013, Walmart data analysts found a 700% increase in strawberry pop-tart sales before a hurricane.⁶ If you see Walmart pushing strawberry pop-tarts in your area, its strategic - and you'll know to expect a significant weather event.

At the same time, the consequences for using data the wrong way or allowing it to be vulnerable to misuse, however, will only increase.

THE IMPORTANCE OF GOOD DATA GOVERNANCE

With so much available data and the massive potential it holds, individuals, stakeholders, and others will demand more accountability from organizations than ever before. Without proper safeguards, cyber-criminals may be able to access company databases, expose sensitive information, and make a profit in the process. The Hive, a cyber-crime group, has extorted over $100 million USD by holding organizations' computer systems hostage until they are paid a ransom.⁷ Good data governance, including diligent cybersecurity, is an important way that organizations can prepare for increasing amounts of data, and the responsibility that comes with it.

A CASE STUDY ON GOOD GOVERNANCE AND SECURITY

The Federal Privacy Commissioner ("OPC") launched an investigation into the Marriott Hotel chain's compliance with the Personal Information Protection and Electronic Documents Act, SC 2000, c 5 ("PIPEDA") after news broke about a data breach relating to Marriott's acquisition of Starwood Hotels.⁸ The findings provide a...