International Initiatives

Increasingly, individuals throughout the world rely on common information and communication technologies; they share information, videos and photos using a few highly popular social networking platforms; they play online games using the same platforms and they conduct searches using the same search engines. We know that the data involved in these online activities can travel throughout the world, including countries that do not have adequate privacy regimes. We also know that when a global organization changes its privacy practices, or worse, when it experiences a privacy breach, millions of people worldwide can be affected.

Data knows no borders, and our Office recognizes that we, too, must reach out beyond ours to work with global partners and organizations to develop a global privacy framework. This is an established priority for our Office, and, as such, our Office participates in a number of key international privacy protection initiatives.

Cooperation Arrangements

As a result of amendments to PIPEDA that came into force in 2011, our Office has the clear authority to cooperate with our foreign counterparts on issues that affect individuals in other jurisdictions.

We can collaborate and share information with persons or bodies in a foreign state that have similar legislated functions and duties or with persons or bodies who have legislated responsibilities relating to conduct that would be a contravention of PIPEDA. By sharing our expertise and the information we obtain during our investigations, we can use our resources more effectively and conduct more thorough and efficient investigations.

Our ability to share information is subject to certain conditions, most notably a requirement for a written arrangement with the other party, which must contain confidentiality provisions limiting the use of any information we share or receive. We have signed written arrangements with the Dutch, Irish, British, Romanian, Uruguayan and German (federal) data protection authorities.

Global Privacy Enforcement Network (GPEN)

GPEN is an informal network of privacy enforcement authorities that is intended to promote enforcement cooperation by sharing information about privacy enforcement issues and facilitating effective cross-border privacy enforcement in specific matters.

GPEN is an outcome of a 2007 recommendation of the Organisation for Economic Cooperation and Development (OECD) Council that called for the creation of a network of enforcement authorities. The recommendation was developed with the assistance of a volunteer group chaired by previous Commissioner Jennifer Stoddart, and currently has more than 50 members.

Our Office is a member of the GPEN Management Committee and we coordinated the GPEN Privacy Sweeps in 2013 and 2014. In 2013, 19 privacy enforcement authorities participated, looking at the privacy policies of more than 2,000 websites and apps. In 2014, 27 authorities from around the world examined the collection and use of personal information on mobile apps.

Asia-Pacific Economic Cooperation (APEC) Cross-border Privacy Enforcement Arrangement (CPEA)

The APEC Cross-border Privacy Enforcement Arrangement (CPEA) became operational in July 2010.  Our Office helped develop the multilateral cooperation Arrangement. The OPC is a member of the CPEA along with the U.S. Federal Trade Commission and approximately 20 privacy enforcement authorities from other Asia-Pacific economies. The APEC Arrangement is intended to encourage information sharing and facilitate enforcement cooperation. Under this arrangement, the OPC has shared information with, and received information from, other APEC CPEA members that has assisted us in several investigations. Like the bilateral arrangements discussed above, our participation in the APEC CPEA is based on our authority under PIPEDA to cooperate and share information with our foreign counterparts.

Asia Pacific Privacy Authorities (APPA)

Our Office is a member of the APPA forum, made up of privacy authorities in the Asia Pacific region. APPA holds two meetings annually where we exchange ideas and best practices about privacy regulation, new technologies and ways to raise awareness of privacy issues.

Organisation for Economic Co-Operation and Development (OECD)

The OECD’s Guidelines on the Protection of Privacy and Transborder Data Flows were developed more than 30 years ago. Although the guidelines have proven remarkably resilient, the world has changed dramatically since then.

Recognizing this, the OECD launched a review of the guidelines in 2011, to coincide with the 30th anniversary of the Guidelines, to assess whether they are still relevant considering the “changing technologies, markets and user behaviour and the growing importance of digital identities.” The review was conducted by the OECD’s Working Party on Information Security and Privacy (WPISP), now the Working Party on Security and Privacy in the Digital Economy, and was advised and supported by a multi-stakeholder volunteer group chaired by former Commissioner Jennifer Stoddart.

The volunteer group, together with the Working Party Secretariat, considered a wide range of proposals to update the Guidelines. In July 2013, following extensive debate and discussion, the OECD Council adopted revised Guidelines. As well, a “Supplementary Explanatory Memorandum” was prepared to provide context and the rationale for the revisions.

The OPC is providing input to the OECD’s current examination of privacy-related issues raised by large-scale data use and analytics. The OPC participated in an expert roundtable on this issue in March 2014.

Association francophone des autorités de protection des données personelles (AFAPDP)

Our Office was instrumental in the creation in 2007 of the organization representing francophone data protection authorities around the world, the AFAPDP. This is a unique forum to reach developing countries in the Francophonie, which are in the process of establishing data protection regimes to protect the privacy rights of their citizens and for the purposes of international trade. Because French is one of Canada’s official languages, and because we have  a well-developed privacy protection regime, our Office is well-suited to play a key capacity-building role in AFAPDP. By participating in annual meetings and workshops organized by the AFAPDP, the OPC can offer our knowledge and expertise and affirm privacy as a fundamental right and economic benefit.

Commission for the Control of INTERPOL’s Files

A senior member of the OPC participates in meetings of the Commission for the Control of INTERPOL’s Files (CCF). The CCF serves as an independent watchdog on how INTERPOL lives up to its established standards on the processing of personal information. The CCF has three main functions:

  • Providing advice on issues that involve the processing of personal data;
  • Carrying out inspections of INTERPOL’s data processing operations; and
  • Processing requests for access to INTERPOL's files and dealing with complaints from individuals who assert that their rights have been infringed by INTERPOL.

Participating in the CCF offers our Office an invaluable opportunity to learn about international law enforcement issues and it also allows us to contribute to ensuring that INTERPOL respects privacy protection principles around the world.

Memoranda of Understanding