BC Freedom of Information and Privacy Association
Your Data Your Rights
May Cyber Attack
The B.C. Freedom of Information and Privacy Association is monitoring the government’s response to the series of “sophisticated cybersecurity incidents” identified over the course of the last week across the Government of British Columbia.
“Questions such as ‘how did this happen?’ and ‘what is being done to improve information security and prevent future incidents?’ must be answered,” states FIPA President Mike Larsen.
FIPA understands that the government maintains a process for responding to and investigating cybersecurity incidents. As the premier told the media yesterday, members of the public will indeed have questions about the security of their information. It is paramount for the government to continue to keep the public meaningfully informed throughout the investigation process.
When governments collect, use, or disclose personal information, they essentially require the public to trust them in keeping their most private facts secure and confidential. The public’s trust in the government, which includes managing personal information, must be earned. As the government’s response plays out, we remind all public institutions that they require the public’s trust to collect the data that empowers them to deliver government services. This must be a priority.
“Members of the public have a right to expect that public and private bodies are meeting expectations regarding the protection of their information,” says Jason Woywada, FIPA’s Executive Director.
In a datafied information society, cybersecurity risks are a fact of contemporary life, across the public, for-profit, and non-profit sectors. The public’s right to expect the government to protect and maintain the privacy of their personal information is codified by the Freedom of Information and Protection of Privacy Act (FIPPA). In addition, as technologies rapidly evolve, the government must ensure that FIPPA is up-to-date, effective, and applied in practice.
These recent incidents show that, while remediation is essential, it is of equal importance for the government to ensure that prevention is a central priority through measures like routine assessments and security improvements.
In the coming weeks the government must demonstrate in their response that they understand the importance of their responsibility to protect personal information and take the necessary steps to redress these incidents and work toward preventing similar incidents in the future.
FIPA will continue to closely monitor the provincial government’s response.
Help us keep up the fight by donating here
News coverage on the topic.
The B.C. Freedom of Information and Privacy Association is monitoring the government’s response to the series of “sophisticated cybersecurity incidents” identified over the course of the last week across the Government of British Columbia.
“Questions such as ‘how did this happen?’ and ‘what is being done to improve information security and prevent future incidents?’ must be answered,” states FIPA President Mike Larsen.
FIPA understands that the government maintains a process for responding to and investigating cybersecurity incidents. As the premier told the media yesterday, members of the public will indeed have questions about the security of their information. It is paramount for the government to continue to keep the public meaningfully informed throughout the investigation process.
When governments collect, use, or disclose personal information, they essentially require the public to trust them in keeping their most private facts secure and confidential. The public’s trust in the government, which includes managing personal information, must be earned. As the government’s response plays out, we remind all public institutions that they require the public’s trust to collect the data that empowers them to deliver government services. This must be a priority.
“Members of the public have a right to expect that public and private bodies are meeting expectations regarding the protection of their information,” says Jason Woywada, FIPA’s Executive Director.
In a datafied information society, cybersecurity risks are a fact of contemporary life, across the public, for-profit, and non-profit sectors. The public’s right to expect the government to protect and maintain the privacy of their personal information is codified by the Freedom of Information and Protection of Privacy Act (FIPPA). In addition, as technologies rapidly evolve, the government must ensure that FIPPA is up-to-date, effective, and applied in practice.
These recent incidents show that, while remediation is essential, it is of equal importance for the government to ensure that prevention is a central priority through measures like routine assessments and security improvements.
In the coming weeks the government must demonstrate in their response that they understand the importance of their responsibility to protect personal information and take the necessary steps to redress these incidents and work toward preventing similar incidents in the future.
FIPA will continue to closely monitor the provincial government’s response.