OIPC Logo

Joint Guidance

If there is a resource that is no longer available, please contact the office.

  • Captured on Camera: Street Level Imaging Technology, the Internet and You

    Street-level imaging technology may offer benefits, but these should not come at the cost of privacy. This fact sheet provides awareness on the use of such technology. Published in August 2010.

  • Cloud Computing for Small- and Medium-Sized Enterprises

    This guidance document, prepared jointly by the federal Office of the Privacy Commissioner and the Offices of the Information and Privacy Commissioner of Alberta and British Columbia is specifically intended to help small- and medium-sized enterprises understand what their privacy responsibilities are and to offer some suggestions to address privacy considerations in the cloud. Published in June 2012.

  • Collection of Driver's Licence Numbers Under Private Sector Privacy Legislation: A Guide for Retailers

    This guide is intended to help retailers navigate the privacy issues and risks related to driver’s licences and to encourage them to carefully consider whether they need any information from customer driver’s licences at all. Published in March 2007.

  • GDPR Resources

    This webpage provides links to external resources about the European Union's General Data Protection Regulation (GDPR). The OIPC does not oversee the application of GDPR to Alberta organizations and cannot provide advice regarding compliance with GDPR. Alberta organizations may need to comply with GDPR if they have an establishment within the EU, or offer goods or services to individuals in the EU (regardless of payment) or monitor the behaviour of individuals in the EU.

  • Direct-to-Consumer Genetic Testing and Privacy

    As direct-to-consumer genetic tests become increasingly available, particularly over the Internet, it is important to understand their privacy risks. This document explains some of the key privacy risks associated with these tests, informs individuals of their rights and encourages them to ask themselves a series of questions before buying one online. (This document opens as an external link.) Updated in December 2017.

  • Getting Accountability Right with a Privacy Management Program

    This guide outlines what is expected in a privacy management program in order to be accountable for the personal information in the custody or under the control of businesses and organizations. Published in April 2012.

  • Getting Accountability Right with a Privacy Management Program: At a Glance

    This document provides a snapshot of the full guide, "Getting Accountability Right with a Privacy Management Program". It briefly outlines what is expected in a privacy management program in order to be accountable for the personal information in the custody or under the control of businesses and organizations. Published in April 2012.

  • Guidance for the Use of Body-Worn Cameras by Law Enforcement Authorities

    The guidance is meant to assist law enforcement agencies, other public bodies or private organizations develop policies and procedures governing the use of body-worn cameras. This document was developed in partnership with information and privacy authorities from across Canada. Published in February 2015.

  • Guidelines for Obtaining Meaningful Consent

    Building on previous publications examining the current state of consent, including challenges and potential solutions, this document sets out practical and actionable guidance regarding what organizations should do to ensure that they obtain meaningful consent. It was jointly issued by the OIPC, the Office of the Privacy Commissioner of Canada and the Office of the Information and Privacy Commissioner for British Columbia. Published in May 2018.

  • Guidelines for Online Consent

    In partnership with the federal Office of the Privacy Commissioner and the Office of the Information and Privacy Commissioner of British Columbia, these guidelines were developed to address the issue of consent requirements under private sector privacy laws. Published in May 2014.

  • Guidelines for Overt Video Surveillance in the Private Sector

    To help organizations achieve compliance with private sector privacy legislation, the offices of the federal, B.C. and Alberta privacy commissioners developed these guidelines. In a question and answer format, this document sets out the principles for evaluating the use of video surveillance and for ensuring that its impact on privacy is minimized. Published in March 2008.

  • International Privacy Competency Framework for School Students

    This framework is intended to help educators teach students about responsible and ethical use of new technologies in the digital age. It is of general application meant to be adapted for local educational purposes, laws and regulatory approaches. Published in October 2016.

  • Is a Bring Your Own Device (BYOD) Program the Right Choice for Your Organization? Privacy and Security Risks of a BYOD Program

    In partnership with the Office of the Privacy Commissioner of Canada and the Office of the Information and Privacy Commissioner of British Columbia, these guidelines were published to address what organizations should consider when determining whether to implement BYOD. Published in August 2015.

  • Lesson Plan: Connect the Dots

    This activity sheet has kids complete the picture of a family with a checklist of rules they can use at home to practice good online privacy. Published in August 2019.

  • Lesson Plan: Kids' Privacy Sweep

    Information for teachers and students in the form of a lesson plan to learn about personal information, privacy and privacy laws. Published in September 2015.

  • Lesson Plan: Learning About Passwords / Colour the Tablet

    This activity sheet challenges kids to create their own strong, eight-character password by filling in the blanks. It also asks them to draw a lock on a tablet, representing how password protects an electronic device. Published in August 2019.

  • Lesson Plan: Getting Toothpaste Back in the Tube - A Lesson on Online Information

    A lesson plan for teachers and students where students watch a short video that compares getting rid of personal information online to getting toothpaste back in a tube. After a short discussion of visual analogies like this work, students discuss the meaning of the video - that information online is permanent - through a series of short scenarios. Finally, students create a simple animation that illustrates these principles. Published in January 2019.

  • Lesson Plan: Privacy Rights of Children and Teens

    A lesson plan developed for teachers and students to introduce students to the privacy principles that inform private sector privacy laws in Canada relating to personal information collection online. They learn ways to find out what personal information may or has been collected by platforms that they use, how to limit data collection about themselves, and the various forms of recourse that are available to them if they feel an organization is not respecting their rights. Published in January 2019.

  • Lesson Plan: Privacy Snakes and Ladders

    This activity sheet is a twist on the classic children’s game that helps players learn how to make smart privacy choices by climbing up a ladder when they make a good decision or sliding down a snake because they have shared a password with a friend, for example. Published in August 2019.

  • Lesson Plan: Know the Deal - The Value of Privacy

    A lesson plan for teachers and students to introduce students to the idea that privacy is a fundamental human rights and that their personal information is valuable. The lesson focuses on the "economics" of personal information and that most "free" apps and online services make some or all of their revenue by collecting, and in some cases reselling, users' personal information. Students will watch a video that illustrates the idea that they they may be paying with their privacy and then discuss some of the ramifications of this. They will learn about tools and techniques for minimizing the personal information they should share and create a public service announcement that helps them and their peers "know the deal" about the value of privacy. Published in January 2019.

  • Lesson Plan: Word Search

    This activity sheet introduces children to privacy vocabulary by having them comb through a puzzle to find words such as “post,” “click” and “footprint.” Published in August 2019.

  • Photo Identification Guidance

    Verifying identity to prevent credit card fraud in the retail sector is a practice that has been endorsed not only by credit card companies and payment card processors, but also privacy commissioners. This fact sheet provides perspective on balancing privacy rights with the collection of personal information by organizations. Published in September 2007.

  • Policy Statement on the Collection, Use and Disclosure of Genetic Test Results

    This policy statement on the collection, use and disclosure of a genetic test was issued in response to the federal Genetic Non-Discrimination Act. That Act prohibits any person from requiring an individual to undergo a genetic test as a condition of providing goods or services or entering into a contract. The statement was issued by the Office of the Privacy Commissioner of Canada, the Commission d'accès à l'information du Québec, the Office of the Information and Privacy Commissioner for British Columbia and the Office of the Information and Privacy Commissioner of Alberta. Issued in December 2017.

  • Privacy Proofing Your Retail Business: Tips for Protecting Customers' Personal Information

    The OIPC, jointly with the OIPC of B.C., the Retail Council of Canada and the Access and Privacy Branch of Service Alberta developed this document to address the specific threats and challenges to privacy compliance in the Canadian retail industry. Published in March 2007.

  • Securing Personal Information: A Self-Assessment Tool for Public Bodies and Organizations

    Public bodies and organizations are required under law to take reasonable steps to safeguard the personal information in their custody or control from such risks as unauthorized access, collection, use, disclosure, copying, modification, disposal or destruction. This tool is designed to help public bodies and organizations determine how well they are protecting personal information. Updated in October 2020.

  • Seizing Opportunity: Good Privacy Practices for Developing Mobile Apps

    This guidance was developed jointly by the Office of the Privacy Commissioner of Canada and the Offices of the Information and Privacy Commissioner of Alberta and British Columbia to draw attention to key privacy considerations when designing and developing mobile apps. Published in October 2012.

  • Use of Social Insurance Numbers by Private Sector Organizations

    This document was jointly developed by the Offices of the Information and Privacy Commissioner of Alberta and British Columbia to draw awareness to the privacy risks associated with the use of social insurance numbers by businesses and organizations. Published in April 2005.