The 10 Privacy Principles of PIPEDA form a significant portion of Canadian privacy law and are the heart of Canada’s federal privacy law for the private sector, the Personal Information Protection and Electronic Documents Act (PIPEDA).
Listed as Schedule 1 of in PIPEDA, these 10 privacy principles outline responsibilities that all organizations subject to that legislation must follow. These principles are:
- Identifying Purposes
- Limiting Collection
- Limiting Use, Disclosure, and Retention
- Individual Access
- Challenging Compliance
The 10 Privacy Principles of PIPEDA, also known as the 10 Fair Information Principles, come from a national standard called the CSA Model Code for the Protection of Personal Information.
The CSA Model Code for the Protection of Personal Information was developed by the Canadian Standards Association in 1996 with a 45-member committee composed of representatives from government, businesses, academics, consumers, and information technology and security experts.