Data privacy in translation: how Canada’s language industry will respond to CPPA – IT World Canada
When it comes to embracing technological advances, the translation services industry can be considered to be among the list of quick adopters. Translation technology has a long history in parallel with major advancements in tech in general, the most significant being the rise of computer-assisted translation (CAT) tools in the 1990s with the public and commercial boom of the internet. Today, language technology has become an essential component of how the industry operates.
Being an early adopter isn’t without its challenges. Translation services tend to collect and work with massive amounts of linguistic data. In Canada, this puts them in the crosshairs of attempts to modernize national privacy policy through its Consumer Privacy Protection Act (CPPA).
Before we can talk about where translation services fit into the picture, we need to understand what the CPPA is, and where it currently stands.
The CPPA is one of the major components of 2020’s Bill C-11, or the Digital Charter Implementation Act. The other is the Personal Information and Data Protection Tribunal Act (PIDPTA). Taken together, these two documents would serve to replace the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s existing legislation on the collection and use of personal information by private institutions and businesses, which passed into law on April 13, 2000.
Bill C-11 was tabled in the House of Commons on December 2, 2020. The bill was polarizing from its original iteration, with critics pointing out that its provisions appeared to be designed to give individuals less control over their data than in existing legislation. Daniel Therrien, then Privacy Commissioner, called Bill C-11 “a step back” and “needs significant changes if confidence in the digital economy is to be restored.”
At the time, endeavours to modernize Canada’s privacy laws were under heavy scrutiny in the wake of the Cambridge Analytics scandal in 2018, where personal information of tens of millions of Facebook users were used without consent in the election campaign of Donald Trump for President of the United States. Several data firms in the UK and Canada were implicated in the scandal.
The Office of the Privacy Commissioner submitted a number of proposed revisions to the bill in order to address a number of issues, including:
Despite continued parliamentary discussion, Bill C-11 died in late 2021 with the fall election. Plans are underway to reintroduce the bill for further discussion under the new administration, but these have yet to move forward. For now, PIPEDA remains in effect as the authoritative legislation on data privacy.
Canada holds 10 per cent of the global market for the translation services industry, despite constituting 0.5 per cent of the world’s population. Translation services accumulate massive amounts of data in the form of text, audio and video as part of the course of business. As such, the industry is one among those likely to be hardest hit by changes to Canadian privacy policy.
As such, the Canadian government’s efforts to reform PIPEDA through the CPPA are of great interest to companies offering translation services within Canada.
The CPPA is modelled after the European Union’s General Data Protection Regulation (GDPR). Because of the aggressive stance by the EU when it comes to data privacy and protection, GDPR is now seen as the gold standard when it comes to privacy and protecting the data of citizens. PIPEDA is not as strict as GDPR. In fact, the European Commission only considers PIPEDA to be partially adequate when it comes to data protection.
But with the introduction of the CPPA, all of that might be changed. It would create new obligations for companies when handling data of consumers, and also impose harsher penalties for those who violate it.
Just how harsh are the proposed penalties under the CPPA? Under the proposed legislation, the most serious offences may be fined up to five per cent of the global revenues of a company or C$25 million, whichever of those two options is larger. Those are the most drastic of penalties imposed by any G7 country to date for privacy violations if it becomes law.
Translation technology and service providers that are working in Canada must ensure that the personal information and documents of their clients must stay safe. Under the PIPEDA, Canadians must give their consent to have their personal data collected, and this is likely to become even more affirmed through the CPPA. They should also be informed as to how their personal data will be used. Consumers can also demand from the organizations that collected their data documents showing how their personal information will be used. They can also check if the information collected about them is accurate.
Companies offering translation technology and services to Canadians must keep these things in mind whenever they are gathering data from users and when using those data.
One of the major provisions of the PIPEDA is to ensure that businesses and organizations get consent from consumers when getting data. There are several important aspects of getting content that organizations must not forget.
These are just some principles that companies providing translation should keep in mind when giving privacy notice to consumers.
The Canadian government takes data privacy seriously. The PIPEDA may not be as strict as Europe’s GDPR, but it is still quite rigorous when it comes to how the personal data of Canadians will be collected. Any company offering translation technologies and services working with people in Canada should take heed of what this law is all about. Once the CPPA becomes law, Canada will become at par with Europe when it comes to data privacy.
Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.
©
IT World Canada. All Rights Reserved.
