May Privacy Newsletter



	Intrawest Privacy Policy Canadian Legislation PIPEDA Province of BC - PIPA US Legislation US Privacy Law Can Spam Federal Trade Commission California Privacy ACLU US Department of Justice


	Privacy-Related Websites EPIC.ORG 1to1.com Privacy.org Privacy International Privacyrights.org HIPPA FCC


	CBC Report: Liberals Creating a DNC List Take the Privacy Commissioner's Quiz Time Warner Loses Employee Data MI: A Trailblazer for Workplace Identity Theft

Air Canada’s Aeroplan frequent-flier program has been sharply criticized by the Office of the Privacy Commissioner for inadequate safeguarding of personal information when a Vancouver businessman complained when he discovered his Aeroplan account was accessed and changed by his former boss.

Danny Yehia contacted Aeroplan for an explanation of why he was sent a duplicate Aeroplan statement. He was told that someone had requested the information and changed the e-mail address on his account. He discovered his former boss had obtained detailed information about his Aeroplan account from the computerized telephone information system and through an Air Canada agent. Remarkably, his former boss did not misrepresent himself or pretend to be Mr. Yehia. In fact, he provided the agent with his name to pay a processing fee to change the account.

During the inquiry, Heather Black, assistant privacy commissioner, learned “Air Canada states that he could do this because there was no personal identification number required.” She said the agent who changed the account had not been properly trained in privacy issues and "did not even seem to be aware of the importance of maintaining the confidentiality of personal information. On the whole, there was a clear lack of diligence on the part of Air Canada with respect to its handling and protection of customer personal information," stated Ms. Black.

How many customers send a company an e-mail that says “your privacy policy ROCKS?" That actually happened at Hewlett-Packard recently when they bucked standard practice to improve business processes and customer relationships by focusing on privacy within product development. This innovative approach earned HP honors in the privacy industry when they took home two awards … the “1to1 Impact Award for Privacy” and “Most Trusted Company for Privacy” in the USA by TRUSTe.

How did they do it? They realized they had a good opportunity to give customers control over their level of data sharing. Since the HP engineers were already creating an environmental program, they decided to incorporate privacy. No technology investment was necessary. All it took was improved communication and a willingness among employees to make changes. "There's nothing flashy about it," says Beth Nidzieko, engineering program manager. "It was one of our goals to work within the resources we have. And with no investment to recoup, all results lead to positive ROI.”

1.	The Privacy Commissioner has determined that your business email address is personal information. One of the reasons behind the decision was to give people some clout in asking for spamming to stop. Some companies are now making their email addresses anonymous by removing individual names and replacing them with numbers.

2.	Did you know that spoken words about an identifiable individual are considered personal information and sharing inappropriately, without the individual’s consent, is contrary to privacy legislation? Make sure private conversations are held in private places!

We’re on the road to compliance. These locations are busy collecting consent and ensuring the safeguarding of personal information in their custody: Intrawest Golf, Sandestin, Whistler Blackcomb, Resort Reservations, Intrawest Placemaking, LTG, CRM, Tremblant.

The schedule for the remaining locations:

Q2 – Club Intrawest, Storied Places, Playground and Intrawest Colorado
Q3/4 - Panorama, Blue Mountain, Snowshoe, Stratton, Lodging, Mountain Creek, CMH, A&K and Enterprise Information Technology

Our HR and Employee Experience team is concurrently launching privacy practices that relate to employees’ personal information. They are launching these practices corporate-wide as part of an initiative to standardize how HR/EE handle certain business activities.

And the winner is … (we can’t tell you without the winner’s consent … just joking). By submitting her answers to the quiz, we have her implied consent to congratulate Judith Sawasy of Intrawest Resort Club Group for correctly answering all the questions in our first privacy quiz. Judith is the winner of two nights accommodation from Lodging Ovations at Whistler Blackcomb.

Here’s your chance … test your privacy knowledge and you could win a cool privacy prize. Submit your answers to the questions below to privacynewsletter@intrawest.com.

Who is the Chief Privacy Officer for Intrawest Corporation?

Which of these is NOT one of the eight principles of privacy highlighted on the Privacy Poster?

	Stay Close	Be Discreet
	Be Open	Be Vigilant
	Be Afraid	Stay Informed
	Be Precise	Get Help
	Be Mindful

Does our approach to privacy allow an Intrawest business division or resort to share its customer information with another Intrawest business division or resort?

Email your submissions or ideas for the newsletter and/or to submit your answers for the “Test Your Knowledge” prize draw to privacynewsletter@intrawest.com.

For questions about privacy or any of Intrawest’s policies, please contact the Privacy Office at 1-888-274-4744 or email employeeprivacy@intrawest.com.