It has now been more than three months since Talvest Mutual Funds, a division of CIBC, reported to the public that a back-up computer record went “missing” during transit. The actual loss took place in December of last year. We have written on this subject on a number of occasions since. Still, after all this time, there is no follow-up to be found on the Talvest or CIBC websites or that of the federal privacy commission of Canada. One gets the impression that everyone connected with the problem would just like to see it go away with no explanation offered as to what happened that could have so seriously compromised the personal financial information of thousands of customers —everyone except the customers, that is.
Some months ago we posed the question: Why do these privacy breaches continue to happen so frequently? The answer, in part, can be found in this example of how companies and government officials deal with such issues. It is a classic case of a failure to follow up, a failure to keep customers informed and a failure on the part of the regulator to show that it is taking the matter seriously.