ID needs revamp, Desjardins CEO tells MPs
OTTAWA — The current system for identifying Canadians is inadequate for the digital age, the chief executive of Desjardins Group told MPs in an emergency parliamentary committee meeting Monday grappling with the fallout of a major data breach at his financial-services company.
The breach, revealed in June, saw the leak of names, addresses, birthdates, social-insurance numbers and other private information from roughly 2.7 million people and 173,000 businesses.
Desjardins, a Quebec-based co-operative, said a single employee, who has been fired since the breach was detected in December 2018, was responsible. A police investigation into the incident is ongoing.
CEO Guy Cormier said he was “ambivalent” about the committee meeting because he thought it was “premature” to discuss the situation while the investigation is still on. But he said his company is committed to being transparent and working with authorities on the issue.
“We must all learn from what Desjardins has undergone,” Cormier said in French.
Cormier told lawmakers on the House of Commons’ public-safety committee that although he could not recommend a particular new regime for identifying people in the digital age, “the status quo is not an option” when it comes to preventing identity theft and protecting private data.
He recommended the government convene a special working group made up of representatives from the government, the financial sector, telecommunications, legal experts and others to determine a new framework for data and privacy in Canada.
Though it bore some responsibility, Desjardins “is also a victim in this,” Alberta MP Glen Motz said.