Bill C-11 is a proposed cybersecurity law in Canada that mandates stricter customer data collection consent requirements.
Under C-11 businesses will be required to clearly detail how customer data will be used when collected.
The primary objective of C-11 is to offer Canadian Citizens greater ownership of their private data.
There are two primary implications of this reformed hierarchy:
- Customers must be capable of retracting prior data collection consent within a reasonable time frame.
- All instances of customer record storage must be permanently deleted when requested by a customer.
- Organizations must inform customers when they store their personal data.