The Canadian statute, The Personal Information Protection and Electronic Documents Act (PIPEDA), established principles to which an individual must adhere. The general provisions of the act require that the any organizations subject to PIPEDA, follow 10 key principles:

1. An organization must appoint someone available for controlling personal information.

2. An organization must state the purposes for personal information is collected.

3. An individual must consent to the collection of their information.

4. An organization cannot collect any more information than it needs.

5. Personal information can only be used for the purposes for which it was collected.

6. Personal information must be kept up to date.

7. Personal information must be kept secure.

8. An organization must disclose its policies with respect to the management of personal information.

9. An individual must be given access to this or her information.

10. An individual should have the ability to challenge its compliance with these principles.

PIPEDA’s 10 fair information principles form the ground rules for the collection, use and disclosure of personal information, as well as for providing access to personal information. They give individuals control over how their personal information is handled in the private sect