ARCHIVED—Principles for Electronic Authentication
A Canadian Framework
Archived Content
Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated after the date of archiving. Web pages that are archived on the Web are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats on the "Contact Us" page.
May 2004
PDF Version (134 KB - 26 pages)
Information on Downloading a PDF Reader
To access the Portable Document Format (PDF) version you must have a PDF reader installed. If you do not already have such a reader, there are numerous PDF readers available for free download or for purchase on the Internet:
Contents
Introduction
Why and How to Use the Principles
About the Principles
Concepts and Terminology
Scope and Nature of the Principles
Principles
Principle 1: Responsibilities of Participants
Principle 2: Risk Management
Principle 3: Security
Principle 4: Privacy
Principle 5: Disclosure Requirements
Principle 6: Complaints Handling
Additional Information and References
Introduction
All Canadians – individuals, businesses and governments – share an interest in ensuring that electronic communications are secure. As our use of public electronic networks continues to evolve, from searching the Internet for information to exchanging information and money online, we need greater assurance that these messages and transactions are secure and that our privacy is protected. Authentication of electronic communications can make a significant contribution to meeting this need and to building user confidence.
The Principles for Electronic Authentication are designed to function as benchmarks for the development, provision and use of authentication services in Canada. The Principles are intended to form the basis of codes of conduct, voluntary initiatives and guidelines tailored to the requirements of specific industries and government. For individual and business users of authentication services, the Principles are intended to be a useful source of information and benchmarks against which to evaluate services offered in the marketplace.
The Principles were developed by the Authentication Principles Working Group, convened by Industry Canada and with broad representation from industry, professional associations, consumer groups and various levels of government. The following organizations participated in the Working Group and supported the development of the Principles:
- Bell Canada
- Canadian Advanced Technology Alliance
- Canadian Bankers Association
- Canadian Bar Association
- Canadian Institute of Chartered Accountants
- Canadian Payments Association
- Certified General Accountants Association of Canada
- Deloitte & Touche LLP Canada
- Digital Discretion Inc.
- Gowling Lafleur Henderson LLP
- Industry Canada (Electronic Commerce Branch and Office of Consumer Affairs)
- Information Technology Association of Canada
- Insurance Bureau of Canada
- Juricert Services Inc.
- Province of British Columbia
- Province of Ontario
- Public Interest Advocacy Centre
- RBC Financial Group
- Retail Council of Canada
- Scotiabank
- Spyrus Inc.
- Standards Council of Canada
- Teranet Inc.
- Treasury Board of Canada Secretariat
- University of Ottawa Law School
- Visa Canada Association
- Date modified:
