Freezenet4d ago

Privacy Commissioner Investigating Centurion Project. Strongly Worded Letter Could Follow

The lack of any real privacy laws could play a role in the Centurion Project scandal that exposed millions of Alberta voters.

https://www.freezenet.ca/privacy-commissioner-investigating-centurion-project-strongly-worded-letter-could-follow/

#News #Privacy #Security #Alberta #Canada #CanPol #CenturionProject #DataLeak #JasonKenney #politics #PrivacyCommissioner #PrivacyReform

Show threadStrypeyApr 24

So of course the NZ Privacy Commissioner will be pushing for third-party service providers to be subject to the OIA for every aspect of public service work they handle, just like the agencies commissioning them, right? Riiiight?

(2/2)

#PolicyNZ #PrivacyCommissioner #OIA #PublicService

CBC SaskatchewanApr 16
Marshals withhold details on misconduct investigation despite Sask. privacy commissioner's recommendation
The province's community safety minister says he supports the Saskatchewan Marshals Service after it declined to release all documents about a misconduct investigation into one of the police service's former members.
https://www.cbc.ca/news/canada/saskatchewan/marshals-misconduct-minister-weger-9.7165519?cmp=rss
Peter StoneApr 1

@biddy_sue @felix @kyhwana @ThisCJ @oseiler

Privacy Commissioner's response to ManageMyHealth breach: A masterclass in looking busy while doing nothing
Timeline:

29 Dec 2025: ManageMyHealth breach detected (108K-126K users affected)
21 Jan 2026: Privacy Commissioner announces inquiry
31 Mar 2026, 16:30: Privacy Commissioner sends email (effective 1 Apr - <24hrs notice)

What the email says:

Enquiries email address closing 1 April
All complaint actions PAUSED until inquiry completes (no timeline given)
To complain, you must FIRST:
• Contact ManageMyHealth (who didn't respond to my 3 emails)
• Contact Te Whatu Ora
• Contact your GP
• Provide documentary evidence of all attempts
• Prove you gave them "reasonable chance to respond"
Must demonstrate individual harm (not "general concerns about the breach")

The Catch-22:

Data not breached? = No individual harm = "general concerns" = not actionable
Data was breached? = Must exhaust remedies with organisations that failed to protect you first
Either way? = Complaint action paused indefinitely anyway

What this reveals:
The Privacy Commissioner is conducting an inquiry (looks like action) while making individual complaints nearly impossible (avoids making findings against government agencies/contractors).
Independent security analysis showed ManageMyHealth had:

DMARC set to monitoring only (anyone could spoof their domain)
Weak 1024-bit DKIM keys (not industry standard 2048-bit)
Zero DNSSEC protection across 19 subdomains
Misconfigured email transport security

These are basic infrastructure failures, known best practices for over a decade.
But apparently that's a "general concern" not worth the Privacy Commissioner's time.
Sent at 16:30 on 31 March, effective 1 April. You were meant to miss it.

#NZPol #Privacy #DataBreach #ManageMyHealth #PrivacyCommissioner #Accountability

Global NewsMar 25
Hacked N.S. power firm agrees to beef up security after customer data breached
Canada’s privacy commissioner says Nova Scotia’s largest power utility will strengthen its security following a cyberattack last year.
#Canada #NovaScotiaPower
https://globalnews.ca/news/11745761/nova-scotia-power-security-customer-data/
CBC Kitchener-WaterlooMar 25
Ford calls privacy commissioner's criticism of proposed FOI changes 'politically driven'
Ontario Premier Doug Ford said Tuesday he believes the information and privacy commissioner, who is speaking out about changes he is making to freedom-of-information laws, is "politically driven."
https://www.cbc.ca/news/canada/toronto/doug-ford-foi-changes-ontario-9.7140845?cmp=rss
CBC Thunder BayMar 25
Ford calls privacy commissioner's criticism of proposed FOI changes 'politically driven'
Ontario Premier Doug Ford said Tuesday he believes the information and privacy commissioner, who is speaking out about changes he is making to freedom-of-information laws, is "politically driven."
https://www.cbc.ca/news/canada/toronto/doug-ford-foi-changes-ontario-9.7140845?cmp=rss
CBC OttawaMar 24
Ford calls privacy commissioner's criticism of proposed FOI changes 'politically driven'
Ontario Premier Doug Ford said Tuesday he believes the information and privacy commissioner, who is speaking out about changes he is making to freedom-of-information laws, is "politically driven."
https://www.cbc.ca/news/canada/toronto/doug-ford-foi-changes-ontario-9.7140845?cmp=rss
Global NewsMar 21
Watchdog says transparency crackdown will make Ontario more secret and less secure
Ontario's privacy watchdog says a Ford government plan to shield the premier, cabinet ministers and their staff from FOI laws is out step with rules elsewhere in Canada.
#Politics #Fordgovernment #FreedomofInformation #InformationandPrivacyCommissioner
https://globalnews.ca/news/11740683/ipc-analysis-ontario-foi-changes/
CBC OttawaMar 14
Ontario wants to change its FOI rules to keep some records secret. Here's what you need to know
Ontario wants to exempt the premier, cabinet ministers and parliamentary assistants from being subject to the province’s freedom-of-information (FOI) rules, a move that’s sparked outrage from experts, opposition parties, and the province’s privacy commissioner.
https://www.cbc.ca/news/canada/toronto/ontario-ford-changing-foi-rules-9.7127884?cmp=rss