Archive for the ‘Privacy Online’ Category

9 Sep 2014

From APP-laudable to dis-APP-ointing, global mobile app privacy sweep yields mixed results


Back in May, the Global Privacy Enforcement Network (GPEN) embarked upon its second annual Privacy Sweep, this time with a focus on mobile apps.

The Office of the Privacy Commissioner of Canada coordinated 25 other privacy enforcement authorities across the country and around the globe, in an assessment of the privacy communications of some 1,211 apps designed for both tablets and smartphones in a bid to find out which of them left our sweepers most at ease in terms of how their personal information was being collected and used.

By downloading and briefly interacting with the apps, this exercise was meant to recreate the consumer experience. Our sweepers ultimately sought to assess transparency based on five key indicators:

  1. Prior to installation, did the app explain how it would collect, use and disclose personal data via a privacy policy, app marketplace description or through some other communications tool?
  2. Which permissions did the app request access to and did the app explain why? For example, did it seek permission to access your identity/accounts, (which may include email address, Twitter handle and Facebook username, but not the information stored in those accounts); location, (based on nearby cell towers, GPS or nearby WiFi networks); photos/media/files, (which can include music, movies and other files stored on your device); camera/microphone, (which could allow the app to turn on and capture data from the phone’s camera and/or microphone, hopefully with the user’s knowledge and consent); device ID/call information (including phone number and an indication of when the user is on the phone and with whom, a request often made by games that wish to pause when the phone is engaged); and device/app history, (often used to perform diagnostics after a crash but that can include sensitive information like log data, web bookmarks and history, which apps are running on the device and other system information.)
  3. Did the sweeper feel that the permissions being sought went beyond what they expected based on the app’s functionality?
  4. Were the app’s privacy communications tailored to be read on a small screen?
  5. Overall, how satisfied was the sweeper with the privacy communications? How well did the app explain the permissions and how it collects, uses and discloses the associated personal information?

At the end of the day, users can only provide meaningful consent to the collection of their personal information if they are well informed as to how that information will be used.

In total, our Office examined 151 apps, for both Android and iOS platforms, that are popular among Canadians. About three-quarters of them were free, while the remaining ones were paid apps. Our assessment included a significant number of games, as well as health and fitness apps, news and magazine apps, and social networking apps.

We believe it’s important to share specific results from our Sweep, as we did last year, so Canadians can better understand our conclusions.

But before we start, let’s be clear: The Sweep was not intended to conclusively identify compliance issues or possible violations of privacy legislation. It was also not meant to be an assessment of the apps’ privacy practices in general, nor was it meant to provide an in-depth analysis of the design and development of the apps examined.

We haven’t conducted a formal investigation and we’ve chosen the following play on words to give you a general sense of how our sweepers felt about the apps during the experience.

With that, here are some examples of apps with the most APP-laudable, L-APP-luster and Dis-APP-ointing privacy features.

 

APP-LAUDABLE

On a scale of 0 to 3, our sweepers gave 28 per cent of apps top marks for providing timely, clear, concise explanations of their privacy practices.

In general, these apps made their privacy policies available on their website, their marketplace listing and within the apps themselves. The policies were, for the most part, consistent throughout and clearly explained how the apps would collect, use and disclose personal information.

Among the positive examples identified:

Shazam

This free app ranked 5th among music app downloads in Canada according to the popular Distimo Apple Store app chart the month of our sweep. Shazam will listen to a song or television show playing in the background and identify what it is you’re listening to or watching.

The app requests a number of permissions, including access to identity (accounts), location, photos/media/files, camera/microphone and device ID/call information.

Our sweepers were singing the praises of this app because its privacy communications provided clear explanations of individual permissions that left them with a generally positive feeling about how their personal information would be used.

For iOS, the app uses just-in-time notifications prior to accessing information, like in the example below which outlines why the app needs access to the microphone. On the Android marketplace listing, sweepers noted there’s a handy link that explains why the app needs to collect certain information. It’s appropriately dubbed: “Why does Shazam need these app permissions?”

Shazam on iOS

Shazam on Android permissions explained

Shazam on Android permissions breakdown

 

Fertility Friend: Ovulation Calendar

This free, made-in-Canada app was downloaded as many as 1 million times by Android users alone. It allows users to input cycle-related information to help track their fertility.

Sweepers were particularly pleased that this app explained not only what it would do with the information it collected, but also what it would NOT do.

For example, the app acknowledges that the type of information it collects is “extremely sensitive,” and promises not to “sell or transmit to others any personally identifiable data” entered on the site. A separate link explains that the site charges for premium services to avoid having to rely on advertisers for revenue.

Sweepers also noted the app’s privacy policy was well formatted for the small screen.

Fertility Friend on Android

As you can see from this colour-coded screen that displays menstrual cycle, fertile days and intercourse, users are required to input some pretty intimate details. These excerpts from the privacy policy, however, are quite clear about what the app will not do with that information and why.

Fertility Friend on Android

Fertility Friend privacy policy

Trip Advisor: City Guides

This popular free travel app has been downloaded more than 1 million times by Android users alone. It creates travel itineraries and offers reviews of restaurants, attractions and hotels in various cities.

Sweepers noted that the app did not provide a link to its privacy policy on either platform’s app marketplace. The policy was, however, available prior to installation on Trip Advisor’s website and in-app on Android and iOS.

The app ultimately earned APP-lause from our sweep team for tailoring its privacy communications to the app and to the small screen. The privacy policy is in an easy-to-read font and is well-structured, with a table of contents comprised of a list of explanations that users can click on to obtain more information (see the Android screenshot below for a list of hyper-linked privacy policy topics). The policy also provides a separate explanation for information collected by Trip Advisor apps on a mobile device (see iOS screenshot below).

TripAdvisor on Android

TripAdvisor on iOS

Our sweepers also gave a shout out to Trip Advisor last year when they examined the company’s website, and found its privacy policy went the extra step by offering users a detailed explanation of its “Instant Personalization” feature. The feature uses information provided by Facebook to give the user a more customized experience. The company’s explanation not only detailed what information was collected and how it was being used, but also provided instructions on how to enable and disable the feature.

L-APP-LUSTER

A significant number of apps earned praise from our sweepers for some of their privacy communications, but missed the mark in other areas.

Among them:

Trials Frontier

This free app ranked 14th overall in Canada the month before our sweep, according to Distimo’s Apple Store app chart. It’s a motorcycle racing game that allows users to compete against friends and strangers around the world.

This app makes its privacy policy available on the Google Play marketplace but not on Apple’s App Store. Also, it’s tough to locate the privacy policy on the developer’s website for iOS. Initially, users are directed to a page of game ads.

For the most part, sweepers felt the app did explain how it would collect, use and disclose personal information. The policy is fairly detailed and organized under useful headings like “what personal information does (the company) collect,” “how will my personal information be used and by whom,” and “what safeguards does (the company) use to protect my personal information.”

But this racing app earned some unwanted demerit points for failing to tailor to the small screen. On the iOS platform shown below, the privacy policy strained sweepers’ eyes, and when they zoomed in, they were forced to scroll horizontally, as well as vertically, which is cumbersome and not particularly user friendly.

Ubisoft privacy policy on Android

Ubisoft privacy policy on iOS

Guess the Emoji

This free app reached No. 48 overall in Canada the month before our sweep, according to Distimo’s Apple Store app chart.  It’s a fill-in-the-blank word game.

According to sweepers, the app seeks permission to access identity (accounts), photos/media/files and device ID/call information, among other things. The app’s privacy policy expanded on this to say that the company “may gain access to some personal data through third-parties or affiliates,” including access to “financial information such as credit card or bank account numbers and “information related to your current living accommodations.” Sweepers wondered what exactly this could mean.

The policy also provided a laundry list of potential uses of personal information, but sweepers were still perplexed as to why the app needed all those details for such purposes.

Their discomfort was only exacerbated by the policy’s explanation of the wide-ranging circumstances pursuant to which such information might be disclosed. It said, for example, that the company “may sell or rent your personal information to third parties for marketing purposes without your explicit consent.”

While it is good that the company provided a detailed explanation of the information it may collect and how it may be disclosed, privacy practices need to be justified, not just stated.

Guess the Emoji screenshot 1

See for yourself what this app proposes to do with the personal information it collects in these two screen grabs of the developer’s privacy policy.

Guess the Emoji Screenshot 2

DIS-APP-OINTING

Approximately 26 per cent of apps left our sweepers with a real sense of discomfort in terms of how they conveyed their privacy practices and, in some cases, with respect to what they said they might do with the personal information collected.

Among them:

Super-Bright LED Flashlight

This free app made it to No. 17 overall in Canada on Distimo’s top Google Play Store app chart the very week of our sweep. It allows users to turn their mobile phone into a flashlight.

The app sought permission to access the user’s camera/microphone, device ID/ call information and even photos/media/files. Besides the camera flash function, it was not made clear to sweepers why the app would need all that information to operate a flashlight.

Sweepers found no link to a privacy policy in the app’s Google Play marketplace listing so they followed a link to the “developer’s website,” which led them to a “domain parking” service. The website contained no content, except for two links, one of which was for individuals who may be interested in buying that website’s domain name – i.e. the point of domain parking. The other link took users to the privacy policy of the domain parking company, which contained nothing about the flashlight app’s collection, use and disclosure of personal information.

Without a clear and accessible policy outlining how their personal information would be used, this flashlight app left our sweepers in the dark!

 

Super-Bright LED Flashlight on Android

This image taken from an Android device shows the large number of permissions sought by this flashlight app.

Pixel Gun 3D

This free app reached No. 18 among game downloads in Canada on Distimo’s top Apple Store chart the month before our sweep. It is a multiplayer, pixel cartoon shooting game that allows users to create and customize their own characters.

This app seeks permission to access device ID/call information, device/app history and photos/media/files, among other things, but there is no privacy policy available on this app’s marketplace listing, on its website or within the app itself.

While there is no privacy policy, a “terms of use” policy available in-app, speaks to granting the developer full control over user content. This includes the ability to “sublicense and assign to third parties and a right to copy, reproduce, fix, adapt, modify, improve, translate, reformat, create derivative works from, manufacture, introduce into circulation, commercialize, publish, distribute, sell, license, sublicense, transfer, rent, lease . . . your user content . . . in connection with our provision of the game, including marketing and promotions . . .” It adds that the license granting the company this unlimited access to user content will only end once the user deletes their content or uninstalls the game, unless it’s been shared with a third party that has not deleted the information. Furthermore, the policy notes that the content “may persist in back-up copies for a reasonable period of time.”

Not only did sweepers find the terms of use policy long and legalistic, an oft-cited complaint during last year’s sweep that’s particularly challenging on the small-screen, they also found it very difficult to read as it was written in a tiny white font over a colourful, moving, animated background and required significant scrolling.

Sweepers ultimately felt the app’s privacy communications left much to be desired and, given the potentially personal nature of the permissions, they were uncomfortable using the app.

 Pixel Gun 3D on iOS

It’s best to think of our sweep as a snapshot in time. Apps are constantly evolving. While our sweepers assessed and reassessed each app over these last few months in the interest of quality control, each examination either raised new questions or answered old ones.

At the end of this experiment, one thing is clear to our sweepers: privacy communications are fluid and the level of accessibility will depend on user know-how, the platform being used (e.g. Android, iOS or BlackBerry) and the type of device, whether it’s a Lenovo tablet, an iPad or a Samsung Galaxy smartphone.

Nevertheless, we wanted to provide you with some concrete examples of what we found during our sweep.

Once we’ve finished sorting through our results, in conjunction with our provincial and international partners who are doing the same, we will determine any appropriate follow-up action.

As with last year’s sweep, our follow-up activities will include reaching out to organizations to inform them of our findings and making suggestions for improvements. We also have the option to pursue enforcement action.

Full disclosure: we wrote to the companies mentioned in the blog a week before posting to share our concerns. So far Random Logic Games/Conversion LLC, the maker of Guess the Emoji, has committed to making positive changes.

 


5 Sep 2014

It’s back to school!


Looking for ways to kick the school year off right?

Start with a reminder to kids that privacy matters! Canadian kids are digitally savvy and they value their privacy, but they can sometimes be unsuspecting about the potential privacy risks of new digital communications technologies.

Our office has created a graphic novel, Social Smarts: Privacy, the Internet and You, to help young Canadians better understand and navigate privacy issues in the online world.

Social Smarts

Parents and educators can also take advantage of our new discussion guide and privacy activity sheets to generate more in-depth discussions on the privacy risks related to social networking, mobile devices and texting, and online gaming. These tools also provide ample opportunities to raise real-life situations in which privacy can be impacted.

Because kids go online earlier in life than ever before, the privacy activity sheets vary in difficulty, from very simple (a colouring page) to more difficult (a simple cryptography activity).

You can find these and more on the Youth Privacy section of our site!


20 Sep 2013

An update on our Internet privacy sweep


Last month, we released the initial results of our Internet privacy sweep. You can read the original blog post to see what we observed. (We should note here that the screenshots and references in that blog post reflect what we saw online during the sweep and were still in place when we originally blogged about the sweep results on August 13.)

As part of our efforts on the sweep, our Office advised the companies that were mentioned in the blog, inviting them to contact the OPC if they wished to discuss the Sweep and our observations.

Since that original post, we are very pleased to see that some of the organizations we highlighted have made changes to enhance their online privacy policies.

A&W changed its privacy policy shortly after we issued the results of our Privacy Sweep. Their original 110-word privacy policy has now been expanded to just under 1600 words and covers the collection, use, disclosure and retention of customers’ personal information collected through customer feedback, events, gift card purchases and contests.

Bell Media also updated their privacy policy shortly thereafter, fixing the broken link to their Privacy Officer’s email address:

 New Bell Media privacy policy

We think customers will be pleased as well to see that the companies they choose to do business with are more open and straightforward about how they use customer information.

Hopefully other companies we looked at, as well as those that didn’t, will take note.


10 Jun 2013

Fixing leaky faucets: Raising the bar of privacy protection


“Web leakage” research and follow-up work by the Office of the Privacy Commissioner of Canada has resulted in improvements to the privacy practices of some popular Canadian websites.

You may recall that our Office’s technologists tested 25 sites last year and found a significant number were “leaking” registered users’ personal information – including names and email addresses– to third-party sites such as advertising companies.

The research project prompted extensive discussions with the operators of 11 sites where concerns or questions were identified.

Positive changes

In the end, we’re happy to say that the initiative has resulted in a number of positive changes for Canadians:

  • Several organizations have taken measures to stop unintentional or unnecessary disclosures of personal information.
  • Many also agreed to take steps to ensure they provide consumers with clear, accessible information about their privacy practices.

All of the organizations cooperated with our Office and we were able to resolve our concerns in each and every case.  Here is a summary of the results of our work with the 11 sites:

  • In three cases, the site operators had been previously unaware that personal information was being disclosed to third parties, but took steps to ensure the disclosures stopped.
  •  In a further three cases, websites that had been intentionally sharing information such as email addresses to third parties, but agreed to stop after we questioned the practice.  Another organization was looking at whether its site could be re-designed to prevent sharing with two of its online service providers.
  • One organization acknowledged that personal information was being shared with  third-party service providers in order to manage its website – even though its privacy policy states personal information is not made available to third parties.  The organization is in the midst of making changes to its privacy policy to provide greater clarity.
  •  In other cases, our discussions with organizations confirmed that no information was being disclosed to third parties beyond that found in our research – for instance, postal codes.  As a result, we determined the disclosed information was not personal information.

Of course, our initiative involved a very small sample of sites and “web leakage” concerns are not confined to the organizations identified in our research.  All web site operators and third parties should review the personal information they share and test own sites to check whether data is unintentionally leaking.

Issues beyond “web leakage”

During our work, it became apparent that organizations’ privacy practices, such as the legitimate sharing of information with third parties, were not always disclosed in a meaningful way to consumers.

Commissioner Stoddart has expressed concern about privacy policies that are too long, too convoluted, and, as a result, tend to be largely ignored by users.

Organizations should have clear, descriptive privacy policies.  Our Office has also started looking at other practices that could also be adopted to help inform people about how their personal information will be handled.  For example, we like just-in-time notifications – providing explanations of privacy practices when data is collected.

To that end, we were pleased that several organizations committed to improve the way in which they tell consumers about their personal information handling practices.  For example, some are reviewing their privacy policies and exploring more innovative ways – such as just-in-time notices – to provide privacy information.

All of these steps will go a long ways to help ensure these organizations have obtained informed consent for the collection, use and disclosure of personal information online – as required under Canadian privacy law.

And since the issues we identified have been addressed, the Privacy Commissioner has decided not to exercise her power to name these organizations.

Given our study has revealed systemic issues in this area, our Office is developing a guidance document on best practices with respect to how organizations obtain informed consent from Canadians for the collection, use and disclosure of personal information in the online world. We expect to publish the guidance document later this year.


29 Apr 2013

Grappling with the impact technology is having on privacy


This week is Privacy Awareness Week (PAW) – a global effort, coordinated by members of the Asia Pacific Privacy Authorities (APPA), to raise awareness about the value of privacy and the importance of protecting it.

For PAW 2013, APPA created an infographic that illustrates how technology has changed the way we communicate, do business and store information, and how this has introduced new privacy risks as a result.

It is an issue that many are thinking about. According to OPC’s recent survey, Canadians are increasingly anxious about their privacy in the face of new technology, and 70 per cent of them feel they have less protection of their personal information than they did 10 years ago. The research also indicates that Canadians avoid downloading apps or using certain websites and services due to privacy concerns.

What can we do?

It is true that consumers expect protections when they use products and services, but it is important to also realize that consumers have an important role to play and need to take an active approach when it comes to protecting their personal information. The best thing anyone can do, when using technology to collect or store personal information, is to understand the privacy risks that come with that technology. And here are some resources to help with that task:

Mobile App: We use our mobile devices to store a goldmine of personal information. To learn more about how to protect the personal information on your mobile device, download the OPC’s free myPRIVACYapp.

Video: Privacy and Social Networks: Do you know what happens to your personal information once you post it on to social networking sites? Watch this video that OPC created to understand how social networking sites make money off of your personal information. It may cause you to ask yourself some tough questions the next time you update your information online.

Infographic: 10 tips for preventing identity theft: Anyone who has personal information is at risk of identity theft, and the risks are higher now that we use technology for so many purposes. And while it’s impossible to entirely eliminate the risk of becoming a victim, it is possible to reduce it. The OPC’s infographic details 10 things you can do to prevent yourself from becoming a target.

Introduction to Cloud Computing: When you store your photos online instead of on your home computer, or use webmail or a social networking site, you are using a “cloud computing” service. The OPC’s fact sheet explains the privacy implications of this.

For more information on the privacy risks that come with technology, and on how to protect yourself, visit the OPC’s page of fact sheets covering a range of issues and topics.


26 Sep 2012

New presentation helps kids in grades 4 to 6 understand their online footprint


Canadian kids are communicating online more than ever before, and are using tools like Skype sometimes even before they learn to walk. Many of us are astonished at how easily they adapt to new devices that connect to the Internet and at how these devices can quickly become part of their lives, as they use them to chat, surf, post, play and learn.

Many kids, however, don’t fully understand the impact that some online activities have on their privacy. They don’t understand the digital footprint they are leaving behind.

For this reason, the Office of the Privacy Commissioner of Canada has added a new component to its Protecting Your Online Rep presentation series. Today, we are launching Understanding Your Online Footprint: How to protect your personal information on the Internet, a presentation for young people in grades 4 to 6. The package includes slides, speaking notes and discussion topics for educators, community leaders and parents to speak with young people about online privacy.

The new presentation is packed with practical advice and features graphics and speaking notes that are tailored to the social realities and online activities of kids in grades 4 to 6. The goal of this tool is to help demonstrate how kids in this age group can use the Internet and have fun, without giving away too much of their personal information.

If you haven’t already checked them out, make sure to look at the presentation package for students in grades 7 and 8 (Secondary I to II in Quebec) and the presentation package for students in grades 9 to 12 (Secondary III to V in Quebec).

And if you have any questions or comments about our latest presentation, please let us know in the comments section below. Your feedback helps us improve the resources we develop.


6 Jun 2012

Graphic Novel: A New Tool to Help Younger Canadians Understand and Navigate Online Privacy


 

Graphic novel Cover: Social Smarts: Privacy, the Internet and You

The Privacy Commissioner has launched a new tool to help young Canadians understand and navigate privacy issues in the online world: a graphic novel entitled Social Smarts: Privacy, the Internet, and You.

The story follows Dave and Amy, a brother and sister who walk into their new school only to find that students they’ve never met before know all about them from their social network pages.

Guided by a talking smart phone, Dave, Amy and their classmates learn how their choices affect their reputations. In the end, they gain a better understanding of both what’s happening ‘behind the scenes’ and how to reduce the privacy risks associated with social networking, mobile devices, and online gaming.

Copies of the 12-page graphic novel – a first for our Office – can be downloaded from our website and printed.

The graphic novel complements a youth video, parent tips and a presentation package for educators released earlier this year.

To download a copy of the graphic novel, visit: youthprivacy.ca/en/gn_intro.html


5 Jun 2012

Evolving technologies creating new privacy risks for youth


Image of children speaking on cell phones

Young people are embracing new digital communication technologies at earlier and earlier ages.  While they recognize the importance of protecting their privacy, they’re often not aware of the potential privacy risks that can accompany these novel technologies.

A recent study found that a third of North American Gen-Y moms (aged 18 to 27) let their children use a laptop by age two. According to the Joan Ganz Center in New York, by age three, those laptops and tablets are connected to the Internet daily for about a quarter of U.S. kids. By age five, the proportion online soars to half.

But what is being done to educate these children to the privacy risks they face when they use online games, applications, social networks, mobile devices and geo-location?  

It’s critically important to empower our children to make well-informed decisions in this increasingly complex online environment.

In our 2011 Personal Information Protection and Electronic Documents Act Annual Report, tabled today, the Office of the Privacy Commissioner of Canada focuses on children and youth privacy.

The report outlines our recent work on the issue, including our first investigation of a youth-oriented social networking site; investigations of three complaints against Facebook; as well as an investigation into a complaint about a daycare’s use of webcam monitoring.


3 May 2012

Accountability and the Importance of Effective Privacy Management Programs for Businesses


Accountability matters when it comes to privacy. As a business, though, you may not always find it clear what accountability really means when it comes to personal information protection.  

Accountability is the first fair information principle in the federal Personal Information Protection and Electronic Documents Act (PIPEDA). This reflects its importance—it is the bedrock of the Act. It’s also implicit in Alberta and British Columbia’s respective privacy laws, the Personal Information Protection Act (PIPA).  The principle outlines the things organizations need to do to have a compliant and accountable privacy program in place.  But what does that mean in practice?

To help businesses “get accountability right”, Alberta, BC and our Office have released new guidelines —Getting Accountability Right with a Privacy Management Program. These new guidelines outline the elements of an effective privacy management program and offer scalable strategies that can be implemented by any size business.

Why should you care? 

These new guidelines outline how our offices view effective privacy management.  Big or small, an accountable business should be able to demonstrate to Privacy Commissioners that they have an effective, up-to-date privacy management program in place in the event of a complaint investigation or audit.  

Compliance, of course, is essential.  But we think there are a number of other benefits to having a privacy management program in place:

  • An organization that has a strong privacy management program may enjoy an enhanced reputation that gives it a competitive edge.
  • A privacy management program helps foster a culture of privacy throughout an organization and offers reassurance to customers and clients
  • Proper use of risk assessment tools can help prevent problems. Fixing a privacy problem after the fact can be costly so careful consideration of the purposes for a particular initiative, product or service, and an assessment that minimizes any privacy impacts beforehand is vital.
  • With a privacy management program, organizations will be able to demonstrate to customers, employees, partners, shareholders, and privacy commissioners that they have in place a robust privacy program that shows only compliance with privacy laws in Canada, but also that they are taking protection of personal information seriously.

Related Documents:

Guidelines: Getting Accountability Right with a Privacy Management Program

Interpretations: “Accountability”

Announcement: Commissioners Outline Building Blocks for Effective Privacy Management


30 Apr 2012

Privacy Awareness Week 2012: Privacy Resources for Young People


Young people today are sophisticated users of the Internet, using this medium with ease and enthusiasm. It is important that they understand the impact that these technologies can have on their privacy, and that they have the tools and information they need to make smart decisions.

That’s why the Asia Pacific Privacy Authorities (APPA) forum, which includes the Office of the Privacy Commissioner of Canada, has made Privacy Resources for Young People the theme of Privacy Awareness Week 2012, April 29 – May 5.

Since 2008 our Office has been developing a variety of tools designed to teach young people about the relevance and importance of privacy when using modern technologies. The OPC has a Privacy Awareness Week 2012 web page with links to all of our privacy resources for youth, parents and educators, as well as links to privacy resources for youth developed by members of the APPA forum, at: www.priv.gc.ca/resource/paw/2012/index_e.asp.

If you would like more information on youth privacy, or to stay informed regarding our tips and tools for parents, educators and youth, visit the Office’s youth website at: www.youthprivacy.ca/.

You can also visit http://www.privacyawarenessweek.org for links to a wide variety of international privacy guidance including tips, animations, brochures, discussion topics and interactive website materials.

We also encourage you to follow us on twitter: @privacyprivee, Privacy Awareness Week: #2012PAW.