The Act establishes the Data Protection Commissioner of Canada as the ombudsman responsible for dealing with complaints against organizations. The Commissioner strives to resolve issues through voluntary compliance, not crude enforcement. The Commissioner investigates complaints, conducts audits, raises awareness of data protection issues and conducts research on data protection issues. [25] Since the nature of the Internet means that websites can be accessed and used by people anywhere in the world, privacy policies must comply with the highest standards required in Europe and the United States. In 1995, the European Union (EU) introduced the Data Protection Directive[5] for its Member States. As a result, many organisations operating within the EU have started drafting guidelines to comply with this directive. In the same year, the U.S. Federal Trade Commission (FTC) published the Fair Information Principles[6], which contain a set of non-binding rules for the commercial use of personal data. While these principles do not prescribe guidelines, they do provide guidance on evolving concerns about creating privacy policies. A privacy policy is a legal statement or document (in data protection law) that discloses some or all of the ways in which a party collects, uses, discloses and manages a customer`s or client`s data. Personal information may be anything that can be used to identify an individual, but not limited to, name, address, date of birth, marital status, contact information, identity issue and expiration date, financial records, credit information, medical history of where to travel, and intent to purchase goods and services.

[1] In the case of a business, this is often a statement that explains a party`s policies on how it collects, stores and shares the personal information it collects. It informs the customer of the specific information collected and whether it is treated confidentially, shared with partners or sold to other companies or companies. [2] Privacy policies tend to be broader and more general treatment, as opposed to data usage statements, which tend to be more detailed and specific. Except as otherwise provided in this Agreement, all Employee Records will in any event be subject to the confidentiality provisions of the Separation Agreement and any data protection agreement or other applicable agreements and applicable laws. In many cases, the FTC enforces the terms of the Privacy Policy as a promise to consumers using the authority granted by Section 5 of the FTC Act, which prohibits unfair or misleading marketing practices. [10] The FTC`s powers are in some cases limited by law; For example, airlines are subject to the authority of the Federal Aviation Administration (FAA)[11] and mobile operators are subject to the authority of the Federal Communications Commission (FCC). [12] We are still concerned that this military equipment will be used in a civilian context, at least they should use arrest warrants and a strict confidentiality policy that is written. .