BC expands opportunities for cloud-based services for public bodies

Bill 35 received royal assent yesterday, October 31, amending the Freedom of Information and Protection of Privacy Act to relax some of the strict Canada-only personal information storage and disclosure requirements that public bodies in British Columbia must comply with.

Before anyone gets too spooked about troves of information being stored abroad, the amendments outline fairly limited circumstances where personal information can be disclosed outside Canada. Our understanding is these amendments are intended to enable public bodies, as long as the provisions are satisfied, to use cloud services for their IT needs.

The key amendment is the new section 33.1(1)(p.2) of FIPPA. It gives public bodies the new authority to disclose personal information for the purposes of processing as long as the disclosure does not involve intentional access to personal information by an individual, or result in the storage of the personal information (other than personal information that is metadata). (Section 33.1(1)(p.1) has been amended, to clarify the existing authority for public bodies to allow temporary access to their information systems from abroad, for system trouble-shooting, maintenance, repair and similar limited support purposes.)

Practically-speaking, the new paragraph (p.2) will give local governments more choice in selecting modern cloud-based technologies to better serve their citizens.

For assistance in determining whether a new service provider is right for you, or for any other privacy (or freedom of information) questions, please contact our privacy team at Young Anderson:

David Loukidelis
Ethan Plato

Download pdf: BC expands opportunities for cloud-based services for public bodies