Federal (Canada) Privacy Decisions

Browse privacy decisions from Federal (Canada) — with AI-generated plain-language summaries for every ruling.

3 decisions matching

Jurisdiction

Federal (Canada)Ontario British Columbia Alberta Saskatchewan Manitoba Quebec Nova Scotia New Brunswick Prince Edward Island Newfoundland and Labrador

Federal (Canada)Personal Information Protection and Electronic Documents ActEarly-resolved

Aug 27, 2017Early resolved case summary #2017-002· Indexed Apr 12, 2026

Early resolved case summary #2017-002: Access to personal information held by insurance company facilitated through the early resolution process

An insurance company

An individual complained to the OPC after an insurance company denied access to parts of their insurance claim file, including case management notes and a video of an incident. The company claimed the notes were confidential commercial information and the video contained third-party images. Through the early resolution process, the company allowed the individual to view the video and provided a redacted version of the case management notes. The complaint was resolved early.

Official ↗

Federal (Canada)Personal Information Protection and Electronic Documents ActEarly-resolved

Jul 25, 2017Early resolved case summary #2017-001· Indexed Apr 12, 2026

Early resolved case summary #2017-001: Privacy obligations under PIPEDA apply to financial technology sector

A financial technology company

A complainant filed a complaint against a financial technology (FinTech) company after being required to provide personal information to access an investment account management agreement. The company initially cited regulatory requirements for collecting the data before an individual became a client. The OPC advised the company that prospective clients should be able to review agreements and understand privacy implications before providing personal information to ensure meaningful consent.

Official ↗

Federal (Canada)Personal Information Protection and Electronic Documents ActEarly-resolved

Jul 5, 2017Early resolved case summary #2017-003· Indexed Apr 12, 2026

Early resolved case summary #2017-003: Bank agrees to cease performing credit checks on individuals who are no longer clients

A bank

An individual complained that a bank performed multiple credit checks on her without her consent, even though she had not been a client for many years. The bank initially stated the inquiries were from its marketing group but later found they originated from an unactivated credit card application. While the bank’s policy suggested it could continue soft credit inquiries after a relationship ended, the OPC expressed concerns about this practice. The bank agreed to end the practice and update its privacy policy, leading to the complaint being early resolved. The OPC confirmed the practice has ceased and the policy has been updated.

Official ↗

Outcome Notes

Federal rulings come from two regulators with different statutory authority — outcome filters cover both.

OIC Order (ATIA s.36.1, binding) — Since June 2019 (Bill C-58) the Information Commissioner can issue binding orders requiring disclosure or reconsideration. Enforceable after 31/41 business days unless reviewed by the Federal Court (s.41).

Well-Founded — finding that the complaint is well-founded. For OIC: ATIA s.37(1)(a) finding (may be paired with a s.36.1 order). For OPC: Privacy Act s.35(1) / PIPEDA s.13(1) advisory finding — recommendations only, no binding order-making power.

Not Well-Founded — no contravention found.

s.6.1 Application— the OIC's response to a head's application for authorization to refuse a frivolous, vexatious, or bad-faith access request. Granted = institution may refuse; Denied = institution must respond.

Settled / Resolved / Early-resolved — OPC matter resolved during or before formal findings without a contravention finding.

Declined to investigate / No jurisdiction — Procedural close (Privacy Act s.34, PIPEDA discretion, or scope outside the Acts).

References: ATIA s.36.1 · OPC disposition definitions

About This Archive

Breach of Privacy archives Canadian privacy decisions from federal, provincial, and territorial commissioners. Each decision includes an AI-generated plain-language summary. Always verify against the official source document.

Federal (Canada) Privacy Decisions

Early resolved case summary #2017-002: Access to personal information held by insurance company facilitated through the early resolution process

Quick View

Early resolved case summary #2017-002: Access to personal information held by insurance company facilitated through the early resolution process

Early resolved case summary #2017-001: Privacy obligations under PIPEDA apply to financial technology sector

Quick View

Early resolved case summary #2017-001: Privacy obligations under PIPEDA apply to financial technology sector

Early resolved case summary #2017-003: Bank agrees to cease performing credit checks on individuals who are no longer clients

Quick View

Early resolved case summary #2017-003: Bank agrees to cease performing credit checks on individuals who are no longer clients

Filters