Personal information is defined under PIPEDA as any information that is identifiable or directly attributable to an individual. It does not cover information about an individual that is available from a public source, such as a telephone directory or legal directory. It also does not cover aggregated data, used for statistical and reporting purposes, from which data a member’s identity cannot be determined.
Purposes for Collecting Personal Information
The MLA collects personal information for the following limited purposes:
- to establish and maintain a membership database and an e-mail network for the collection of membership dues, publication of a members’ directory, sign-out cards, lockers, record keeping and statistical purposes and to respond to legitimate inquiries from the public; and
- to establish and maintain mailing lists for newsletters, notification of workshops and seminars, or legal updates that MLA believes might be informative or of benefit to the members.
Consent to the Collection, Use, and Disclosure of Personal Information
When an individual commences or renews a membership with the MLA, he or she will be deemed to consent to the MLA collecting, using and disclosing personal information obtained for the purposes listed above unless he or she explicitly advises otherwise in writing.
The MLA does not sell, barter, or lease personal information it obtains from its members to third parties (i.e. the MLA does not provide our member mailing list to businesses).
Under PIPEDA and other Federal and Provincial Legislation, the MLA may disclose personal information without a member’s consent to:
- government or legal enforcement agencies if the MLA determines that the member has provided incorrect information for fraudulent or illegal purposes;
- government or legal enforcement agencies if the information is collected in the midst of a criminal investigation;
- legal enforcement agency if the MLA determines that there is imminent risk of death or serious bodily harm, including psychological harm, to an identifiable person or group of persons;
- disclosure to a third party individual or organization if so ordered by a Court or Tribunal of competent jurisdiction; and
- defend against allegations of criminal or civil liability, or professional malpractice or misconduct, by the member or former member.
Accuracy of a MEMBER’s Personal Information
The MLA endeavours to ensure that all personal information provided by the member and in its possession, is accurate, current and as complete as is necessary for the purposes for which the personal information was collected, used and maintained. Upon notification by a member that the personal information requires correction or updating, the MLA will make the necessary amendments to the member’s file where applicable.
Retention of the MEMBER’s Personal Information
If the person is no longer a member of the MLA, his/her personal information will continue to be updated and maintained unless the person requests otherwise.
The MLA has implemented a number of physical, organizational and technological safeguards appropriate to the sensitivity of the member’s personal information, including but not limited to:
- Members’ files are maintained electronically and in paper form, located in areas where access is restricted to authorized personnel.
- The MLA utilizes the most current firewall, virus protection and other technological safeguards to protect personal information that is retained on the computer network. The MLA has developed and implemented safe Internet and email use protocols for its staff and contracted employees to reduce the risk of inadvertent disclosure as a result of Internet-sourced viruses.
Regarding electronic transmission of personal information (i.e. email), there is no method of transmitting or storing data that is completely secure. The MLA uses all available technological security in the transmission of the member’s personal information. Notwithstanding these technological safeguards, all Internet transmissions are susceptible to possible loss, misrouting, interception and misuse.
The MLA makes available its privacy policies and procedures regarding the handling of personal information that it collects on the Internet website at www.middlaw.on.ca. As well, any inquiries regarding personal information management practises may be directed to the Chief Privacy Officer, namely, the Chair of the Administration Committee of the MLA.
Under PIPEDA, an individual is entitled to access to the personal information held about him/her with the following exceptions as permitted under the Federal Privacy Legislation:
- The MLA will deny access if the individual seeking access fails to produce sufficient identification to verify that they are the individual about whose personal information access is being sought;
- No access will be granted to personal information that is not about the individual seeking access;
- No access will be granted to information that is part of a criminal investigation;
- No access will be granted where such access would harm or interfere with law enforcement activities and other investigative functions of a body authorized by statute to perform such functions;
- No access will be granted to information where such access might threaten the life, safety and security, including psychological safety, of the individual seeking access;
- No access will be granted to the individual who is a minor or mentally incompetent.
The MLA reserves the right to refuse access that it believes is repetitious, frivolous, or vexatious.
Upon receiving a request for access in writing, the MLA will endeavour to have the information available to the individual seeking access within 60 days of verification of the individual’s identity.
The individual entitled to access may challenge the completeness of his/her personal information under the MLA’s care and control. Upon successful demonstration that there is an error in the personal information held by the MLA, the MLA will amend the information where appropriate.
The Chair of the Administration Committee of the MLA will investigate all concerns or complaints respecting the handling of personal information under the control of the MLA that are received in writing. As promptly as possible, the Chair of the Administration Committee will report to the individual the results of the investigation and, where the complaint is found to be justified, steps will be taken to resolve the matter.
If the individual is dissatisfied with the report provided by the Chair of the Administration Committee, or feels that the corrective action taken by the MLA is insufficient, the individual may direct a complaint to the President of the MLA or the Federal Privacy Commissioner in writing.
If a question arises regarding access to your personal information held by the MLA, or there is a concern about the manner in which the MLA collects, uses, retains and discloses your personal information as a member of the MLA, please contact:
Chair of the Administration Committee
c/o Middlesex Law Association
Ground Floor, Unit N,
80 Dundas Street West
London, Ontario N6A 6A1
Telephone: (519) 679-7046
Facsimile: (519) 672-5917