Privacy commissioner raises concerns about Bank Act changes

The Liberal government’s proposed changes to the Bank Act that would allow financial institutions to share more customer information with fintechs is raising concerns from Canada’s privacy commissioner.

Daniel Therrien told the Senate banking committee Tuesday that the government had not consulted his office about the changes contained in the budget implementation bill, C-74.

“At this point, with the information in hand, I would say government’s efforts have been directed toward innovation without ensuring that privacy is adequately covered,” Therrien told the committee. “Privacy by design has not been applied in this case.”

Read: How big data can make insurance better

The changes are intended to allow financial institutions and their customers to benefit from new technologies offered by fintech companies, which are most often not covered by federal financial regulation.

The government’s omnibus budget implementation bill would amend legislation governing financial institutions to “extend the scope of activities related to financial services in which federal financial institutions may engage, including activities related to financial technology, as well as modernize certain provisions applicable to information processing and information technology activities.”

Read: Where Canada is a regulatory leader

By broadening the types of organizations that can receive personal information from financial institutions, Therrien says the bill raises privacy concerns. Customers should be given the opportunity to demonstrate “express consent” about how their data is being used, he said.

Under the current legislation, Therrien said he has no authority to require financial institutions to apply “reasonable measures” around collecting and disclosing customer information. He said the legislation should give his office the authority to order the financial sector to “obtain explicit and truly informed consent” from customers.

The committee has already heard from a number of stakeholders including the Canadian Bankers Association, the Canadian Association of Mutual Fund Assurance Companies and the Canadian Credit Union Association.

On Thursday, executives from BMO, CIBC, RBC, Scotiabank and TD will appear before the committee.

Read: Feds release privacy rules dealing with data breaches

Staff

The staff of Advisor.ca have been covering news for financial advisors since 1998.