Eric Lai writes:
Toronto Parking Tag Operations recently “returned” a payment cheque and ticket to my mother, as it’s a Barrie-issued ticket. The thing is: neither the ticket nor cheque were hers. Mom recently paid a Toronto ticket by mail, but that’s where her involvement ends.
Apparently, Toronto staff thought nothing of “returning” a personalized cheque to a third-party with a different name. Such carelessness resulted in an egregious breach of privacy by a municipal pseudo-police agency entrusted with our sensitive personal information, and uncovered a systemic failure to prevent such mistaken disclosures.
In this case, it seems like the newspaper offered to file a privacy complaint on the person’s behalf (maybe to see how the government would react?). They report:
Trell Huether of the Ontario Information and Privacy Commissioner’s Office confirms that “the City of Toronto has an obligation to safeguard any personal information provided by the public regardless of whether the information is pertinent to them or not.”
The City of Toronto’s investigation affirmed that a privacy breach had occurred contrary to the Municipal Freedom of Information Act and the Protection of Privacy Act. To prevent a recurrence, the offending staff member received formal privacy training, and a “secondary check” protocol for mailings was implemented by the division.
Read more on Toronto Star.