Today I had the opportunity to listen in on “A Conversation on the NIST Privacy Framework” hosted by CSIS. The full video has been uploaded to youtube, here for your viewing. Not only do businesses need to be aware of the risks surrounding personal data, as the individuals of concern, we need to be more aware of the conditions under which our personal data is being used, and take the time to ensure that organizations who are asking for our consent, have in place appropriate risk management processes to protect our data from misuse or theft. In Canada, the Privacy Act has regulations for government protection of personal information, and PIPEDA has regulations for Canadian businesses’ protection of personal data. Just last fall, on November 1, 2018, PIPEDA put new provisions in place related to breach of security safeguards and their associated breach of security safeguards regulations. However, most of our personal data applications are based, not in...