Language selection

OPC Logo Office of the Privacy Commissioner of Canada

Search

Investigations into businesses

The Office of the Privacy Commissioner of Canada (OPC) conducts independent and impartial investigations into the personal information handling practices of businesses subject to the Personal Information Protection and Electronic Documents Act (PIPEDA).

The OPC publishes a selection of case summaries and findings from its investigations to provide concrete examples of how PIPEDA applies to the day-to-day management of personal information by businesses.

For each case, the Office indicates the outcome using a set of defined terms for findings and dispositions.

For more information about the complaint and investigation process, read How the OPC Enforces PIPEDA.

Note: Complainants are not named in the summaries or reports. The organizations are not identified unless the Privacy Commissioner of Canada has deemed it to be in the public interest to do so.

Disclaimer: Typographical errors have been corrected from the original version of the report of findings. They are indicated in [brackets].

PIPEDA Report of Findings #2019-001

Investigation into Equifax Inc. and Equifax Canada Co.’s compliance with PIPEDA in light of the 2017 breach of personal information

Date of findings:
PIPEDA Case Summary #2017-006

Using SIN for identity verification cannot be a condition of service

PIPEDA Case Summary: Using SIN for identity verification cannot be a condition of service

Date of findings:
Early resolved case summary #2013-01:

Property management company alters its rental application form to make clear that Social Insurance Number is optional

Date of findings:
PIPEDA Case Summary #2006-337

Income tax preparation company mails personal information to wrong clients

PIPEDA Case Summary: Income tax preparation company mails personal information to wrong clients

Date of findings:
Settled case summary #19

SIN not required when signing apartment lease (February 3, 2006)

Date of findings:
PIPEDA Case Summary #2005-317

Fax from debt collector contained debtor's personal information

PIPEDA Case Summary: Fax from debt collector contained debtor’s personal information

Date of findings:
PIPEDA Case Summary #2005-288

Identification requirements for cell phone services

PIPEDA Case Summary: Identification requirements for cell phone services

Date of findings:
PIPEDA Case Summary #2003-256

Customer finds bank's collection, use and disclosure of personal information excessive in order to open a personal deposit account, considers bank's purposes vague

PIPEDA Case Summary: Customer finds bank's collection, use and disclosure of personal information excessive in order to open a personal deposit account, considers bank's purposes vague

Date of findings:
PIPEDA Case Summary #2003-142

Bank uses SINs for credit matching purposes without meaningful consent

PIPEDA Case Summary: Bank uses SINs for credit matching purposes without meaningful consent

Date of findings:
PIPEDA Case Summary #2003-203

Individual raises concerns about consent clauses on credit card application form

PIPEDA Case Summary: Individual raises concerns about consent clauses on credit card application form

Date of findings:

Showing items 1 through 10 of 30.

Filter these results

  • Active Topics Filters

    • Social Insurance Number (SIN)
Clear all

Search by key word or choose from the filter options below to narrow the results.

Dispositions

Complaint Types

Sectors

Topics

Principles

Date of Findings
Report a problem or mistake on this page
Error 1: No selection was made. You must choose at least 1 answer.
Please select all that apply (required):

Note

Date modified: