As a result of their deliberations, committees may make recommendations which they include in their reports for the consideration of the House of Commons or the Government. Recommendations related to this study are listed below.

Recommendation 1 on transparency:

That the Government of Canada enact transparency requirements regarding how organizations and political actors, particularly through social media and other online platforms, collect and use data to target political and other advertising based on techniques such as psychographic profiling. Such requirements could include, but are not limited to:

• The identification of who paid for the ad, including verifying the authenticity of the person running the ad;
• The identification of the target audience, and why the target audience received the ad; and
• Mandatory registration regarding political advertising outside of Canada.

Recommendation 2 on implementing measures in Canada that are similar to the General Data Protection Regulation:

That the government of Canada immediately begin implementing measures in order to ensure that data protections similar to the General Data Protection Regulation are put in place for Canadians, including the recommendations contained in the report on the Personal Information Protection and Electronic Documents Act tabled in February 2018.

Recommendation 3 on data sovereignty:

That the Government of Canada establish rules and guidelines regarding data ownership and data sovereignty with the objective of putting a stop to the non-consented collection and use of citizens’ personal information. These rules and guidelines should address the challenges presented by cloud computing.

Recommendation 4 on the Privacy Commissioner’s enforcement powers:

That the Personal Information Protection and Electronic Documents Act be amended to give the Privacy Commissioner enforcement powers, including the power to make orders and impose fines for non-compliance.

Recommendation 5 on the Privacy Commissioner’s audit powers:

That the Personal Information Protection and Electronic Documents Act be amended to give the Privacy Commissioner broad audit powers, including the ability to choose which complaints to investigate.

Recommendation 6 on the Privacy Commissioner’s additional enforcement powers:

That the Personal Information Protection and Electronic Documents Act be amended to give the Privacy Commissioner additional enforcement powers, including the power to issue urgent notices to organizations to produce relevant documents within a shortened time period, and the power to seize documents in the course of an investigation, without notice.

Recommendation 7 on the sharing of information between the Privacy Commissioner and other regulators:

That the Personal Information Protection and Electronic Documents Act be amended to allow the Privacy Commissioner to share certain relevant information in the context of investigations with the Competition Bureau, other Canadian regulators and regulators at the international level, where appropriate.

Recommendation 8 on the application of privacy legislation to political activities:

That the Government of Canada take measures to ensure that privacy legislation applies to political activities in Canada either by amending existing legislation or by enacting new legislation.