Over the last 20 years or so, a range of new policy instruments has entered the “toolbox” of those regulators charged with implementing and enforcing information privacy and data protection policy. During the earlier history of these policies, it was generally assumed that law alone, codifying the information privacy principles and establishing independent oversight, would be both necessary and sufficient to regulate the collection, use and dissemination of personal data by organisations. The assumptions have shifted. Now, it is generally assumed that law is necessary, but not sufficient.
CITATION STYLE
Bayley, R. M., & Bennett, C. J. (2012). Privacy Impact Assessments in Canada. In Law, Governance and Technology Series (Vol. 6, pp. 161–185). Springer Nature. https://doi.org/10.1007/978-94-007-2543-0_7
Mendeley helps you to discover research relevant for your work.