Investigations into businesses
The Office of the Privacy Commissioner of Canada (OPC) conducts independent and impartial investigations into the personal information handling practices of businesses subject to the Personal Information Protection and Electronic Documents Act (PIPEDA).
The OPC publishes a selection of case summaries and findings from its investigations to provide concrete examples of how PIPEDA applies to the day-to-day management of personal information by businesses.
For each case, the Office indicates the outcome using a set of defined terms for findings and dispositions.
For more information about the complaint and investigation process, read How the OPC Enforces PIPEDA.
Note: Complainants are not named in the summaries or reports. The organizations are not identified unless the Privacy Commissioner of Canada has deemed it to be in the public interest to do so.
Disclaimer: Typographical errors have been corrected from the original version of the report of findings. They are indicated in [brackets].
PIPEDA Case Summary: Using SIN for identity verification cannot be a condition of service
PIPEDA Case Summary: Income tax preparation company mails personal information to wrong clients
PIPEDA Case Summary: Fax from debt collector contained debtor’s personal information
PIPEDA Case Summary: Identification requirements for cell phone services
Customer finds bank's collection, use and disclosure of personal information excessive in order to open a personal deposit account, considers bank's purposes vague
PIPEDA Case Summary: Customer finds bank's collection, use and disclosure of personal information excessive in order to open a personal deposit account, considers bank's purposes vague
PIPEDA Case Summary: Bank uses SINs for credit matching purposes without meaningful consent
PIPEDA Case Summary: Individual raises concerns about consent clauses on credit card application form
Showing items 1 through 10 of 30.
Report a problem or mistake on this page
- Date modified: