Decisions

Canadian Privacy Decisions

The comprehensive archive of Canadian privacy decisions from federal, provincial, and territorial commissioners — with AI-summarized plain-language summaries for every decision.

1 decision matching

Jurisdiction

Federal (Canada)Ontario British Columbia Alberta Saskatchewan Manitoba QuebecIn Progress Nova Scotia New Brunswick Prince Edward Island Newfoundland and Labrador

Governing law

Outcome

OIC Order (ATIA s.36.1, binding)Well-founded Well-founded & resolved Well-founded & conditionally resolved Well-founded & unresolved Not well-founded Action warranted s.6.1 Application Granted (refusal authorized)s.6.1 Application Denied (must respond)Settled Resolved Early-resolved Discontinued Withdrawn Declined to investigate No jurisdiction

Decision Type

Orders Final Reports Systemic Investigations

Sort

Default: publication date

Index date

Browse by Year

2026 2025 2024 2023 2022 2021 2020 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007 2006 2005 2004 2003 2002 2001 2000 1999 1998 1997 1996 1995 1994 1993 1992

Federal (Canada)Personal Information Protection and Electronic Documents ActWell-founded & conditionally resolved

Dec 15, 2015PIPEDA Case Summary #2015-014· Indexed Apr 12, 2026

PIPEDA Case Summary #2015-014: Pension and benefit provider agrees to revamp authentication and address-change procedures after misdirected mailings

A pension and benefit provider

An employee complained that her pension and benefit provider improperly disclosed her unique identifier, failed to keep her address accurate, and did not implement adequate safeguards. An individual with the same name was mistakenly given the complainant's ID number, leading to her address being changed. Consequently, five mailings containing sensitive information were sent to the wrong address, and the complainant lost her life insurance coverage due to missed forms. The provider corrected the error and reinstated coverage.

Official ↗

Outcome Notes

Federal rulings come from two regulators with different statutory authority — outcome filters cover both.

OIC Order (ATIA s.36.1, binding) — Since June 2019 (Bill C-58) the Information Commissioner can issue binding orders requiring disclosure or reconsideration. Enforceable after 31/41 business days unless reviewed by the Federal Court (s.41).

Well-Founded — finding that the complaint is well-founded. For OIC: ATIA s.37(1)(a) finding (may be paired with a s.36.1 order). For OPC: Privacy Act s.35(1) / PIPEDA s.13(1) advisory finding — recommendations only, no binding order-making power. Includes well-founded, well-founded & resolved, well-founded & conditionally resolved, well-founded & unresolved.

Not Well-Founded — no contravention found.

s.6.1 Application— the OIC's response to a head's application for authorization to refuse a frivolous, vexatious, or bad-faith access request. Granted = institution may refuse; Denied = institution must respond.

Settled / Resolved / Early-resolved — OPC matter resolved during or before formal findings without a contravention finding.

Declined to investigate / No jurisdiction — Procedural close (Privacy Act s.34, PIPEDA discretion, or scope outside the Acts).

References: ATIA s.36.1 · OPC disposition definitions

About This Archive

Breach of Privacy is the one-stop archive for Canadian privacy decisions from federal, provincial, and territorial commissioners. Each decision includes an AI-generated plain-language summary. Always verify against the official source document.

Canadian Privacy Decisions

PIPEDA Case Summary #2015-014: Pension and benefit provider agrees to revamp authentication and address-change procedures after misdirected mailings

Quick View

PIPEDA Case Summary #2015-014: Pension and benefit provider agrees to revamp authentication and address-change procedures after misdirected mailings

Filters