The increasing cyber security threat continues to raise a series of privacy risks for organizations. The Office of the Privacy Commissioner of Canada (OPC) has been regularly focusing on cyber security in letters of findings and guidance and, most recently, in a report, entitled “Privacy and Cyber Security: Emphasizing privacy protection in cyber security activities”.

The OPC’s report examines the interrelationships between cyber security and privacy, and discusses a number of common challenges for cyber security and privacy, including:

  • The complexity of electronic, interconnected networks
  • Increasingly sophisticated cyber threats and the “professionalization” of hacking
  • Threats to mobile devices, which are closely tied to individual users
  • The challenge in the Big Data context
  • Ensuring breach preparedness is a greater priority
  • Encouraging effective, dynamic risk management instead of “check the box” compliance

The report also considers recent policy developments, including the tension between privacy protection and national security, and the global nature of cyber governance. The report concludes with recommended policy directions in which privacy protection could in the future support and augment cyber security:

  • Building privacy values into the development of cyber security policy
  • Legislative approaches the incentivize cyber security preparedness
  • Facilitating a broader dialogue on cyber security which acknowledges the importance of privacy, trust and responsible data stewardship