Canada’s primary federal privacy law, the Personal Information Protection and Electronic Documents Act (PIPEDA) relates to personal information collected, used or disclosed while carrying out commercial activities. On November 17, 2020, the Canadian government proposed new legislation which would reform PIPEDA, most notably by enacting the Consumer Privacy Protection Act (CPPA). The CPPA aims to protect individuals’ personal information and further regulate how organizations collect, use, and disclose personal information. The bill would also introduce the Personal Information and Data Protection Tribunal Act (the Tribunal Act), establishing an administrative tribunal to hear appeals of decisions made by the Office of the Privacy Commissioner of Canada (OPC) and facilitate the issuing of penalties.
OneTrust can help your organization operationalize Canadian Privacy Law compliance with:
PIPEDA-specific assessments, including PIAs and cross-border data transfers
Valid consent collection, documentation, and withdrawal across all collection points
Pre-configured cookie banner and preference center templates
Consumer rights automation for data disposal, mobility, and more