This is Your First Step Towards Success.

Let's create work together! We LOVE working with new clients on exciting challenges. Please share your ideas in the form below, and we’ll respond within 48 hours of receiving the inquiry.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Prepare your website for the Consumer Privacy Protection Act

What the Overhaul to Canada’s Privacy Laws Might Mean for Your Website

How updates to Canada's privacy laws might affect your website

Is your website compliant with Canada’s privacy laws? Changes are coming with Canada’s Consumer Privacy Protection Act and companies could face hefty fines.

Canada’s Consumer Privacy Protection Act

On November 17th, 2020 Innovation, Science and Industry Minister Navdeep Bains introduced the Consumer Privacy Protection Act and Data Protection Tribunal Act (Bill C-11, the Digital Charter Implementation Act). This act threatens to impose fines that could run into the millions of dollars for private companies that violate Canadians’ privacy.

Under the new bill, companies could face a maximum penalty of up to 5% of global revenue for non-compliance. Penalties that could match or exceed those penalties in the European Union’s GDPR.

The new act will undergo significant review before being passed into law. Lawmakers must understand how the implications of the new rules will affect Canadian businesses and those it seeks to protect.  

Bains announced that they “have given the Privacy Commissioner Order-Making Powers”. This means that the Privacy Commissioner can “request companies to delete information withhold information and data if it is not properly obtained through meaningful consent.

The Consumer Privacy Protection Act covers consent in a lengthy section of the document. A few important highlights include:

  1. Required Consent: “Unless this Act provides otherwise, an organization must obtain an individual’s valid consent for the collection, use or disclosure of the individual’s personal information.”

  2. Timing of Consent: ”The individual’s consent must be obtained at or before the time of the collection of the personal information or, if the information is to be used or disclosed for a purpose other than a purpose determined and recorded under subsection 12(3), before any use or disclosure of the information for that other purpose.”

  3. Valid Consent: “The individual’s consent is valid only if, at or before the time that the organization seeks the individual’s consent, it provides the individual with the following information in plain language:
    1. the purposes for the collection, use or disclosure of the personal information determined by the organization and recorded under subsection 12(3) or (4);
    2. the way in which the personal information is to be collected, used or disclosed;
    3. any reasonably foreseeable consequences of the collection, use or disclosure of the personal information;
    4. the specific type of personal information that is to be collected, used or disclosed; and
    5. the names of any third parties or types of third parties to which the organization may disclose the personal information.”
  4. Form of Consent: “Consent must be expressly obtained, unless the organization establishes that it is appropriate to rely on an individual’s implied consent, taking into account the reasonable expectations of the individual and the sensitivity of the personal information that is to be collected, used or disclosed.”

  5. Withdrawal of Consent: “On giving reasonable notice to an organization, an individual may, at any time, subject to this Act, to federal or provincial law or to the reasonable terms of a contract, withdraw their consent in whole or in part.” 

There are some exceptions to the requirement for consent. This is a section of the act that we believe we will undergo many revisions.

Canada’s Privacy Laws Provide Greater Confidence and Trust

The Consumer Privacy Protection Act is not simply a means of punishing businesses. This is also an opportunity to build a greater relationship with your audience. Bains indicated that this legislation focuses on encouraging companies to comply with the law, which in turn builds confidence and trust with Canadian consumers. 

So What Does Canada’s Consumer Privacy Protection Act Mean for My Business?

At a minimum, you will have to update your privacy policy and have users opt-in to data collection. 

We speculate these changes will be similar to those outlined in the GDPR, which provides data protection and privacy in the European Union and the European Economic Area. These legal frameworks set guidelines for the collection and processing of personal information. Protections for online privacy are created by law. Simply, these rules provide your users with more control over their personal data. 

Keep Me in the Loop

We’re keeping an eye on Canada’s Privacy Laws for you! We will update this page as more information becomes available.

Follow us on LinkedIn, Facebook and Instagram to be alerted as soon as we post updates on this subject.

Subscribe to our Newsletter to receive the occasional update from the Hammerhead team.

Tags
Evan Holmgren
Evan Holmgren

I am a Co-founder and the Sales & Marketing Director at Hammerhead. We built a team of experienced digital marketers, web designers and programmers who specialize in audience-first experiences to drive conversions and help you succeed online. If you're looking for a strong dedicated digital team, look no further!

Articles: 58

Related Posts

Are You Ready to Start a Conversation?

We want to hear your ideas! Let's start a project together today!

Let's Work Together

Free Knowledge

Learn with Us

We are also here to help you learn! Check out our resources page to learn about digital marketing, design, digital strategy and eCommerce. Part of our growth is empowering you to grow digital as well!

Check Out Our Resources

Not Quite Ready?

That's okay! Feel free to browse around learn more.

  • How Many Loonies Do I Need For A Website in Canada
    Tips

    How Many Loonies Do I Need for a Website?

    April 4, 2025
    ​Creating a website is a crucial step for Canadian businesses aiming to establish a robust online presence. The cost of developing a website can vary significantly based on factors such as complexity, design preferences, functionality, and the expertise of the development team. Understanding these variables is essential for making informed decisions that align with your […]
    /
  • Hammerhead Named Among the Top WordPress Development Companies of 2023
    eCommerce

    Hammerhead Named Among the Top WordPress Development Companies of 2024 by Techreviewer.co

    January 18, 2024
    Hammerhead, one of the top WordPress development companies leading web development agencies, is proud to announce its recognition as one of the Top WordPress Developers in 2024 by Techreviewer.co, a highly reputed IT market research and analysis company. Hammerhead’s outstanding services have also earned the firm a spot in the list of top 100 companies. […]
    /
  • Top 5 CMS in 2022
    Content, Strategy

    The Top 5 CMS to Achieve Your Business Goals in 2024

    January 15, 2024
    Choosing a Content Management System (CMS) can be a daunting task. Each year we are greeted with more and more, but what CMS will help you achieve your business and marketing goals? This article will help you narrow it down. What are Business Goals? Business goals are targets that you set for your company. These […]
    /