I’d attribute our knowledge that “CIBC loses info on 470,000 Canadians” (reported in the Globe and Mail) to the new transparency imperative, but as the CIPPIC survey makes clear, privacy regulators are finding notice requirements in extant laws. (More on that excellent survey soon.) Also note that the Globe and Mail seems to think that Canadians have SSNs.
Also note that 470,000 Canadians is roughly 1/60th of the population. An equivallent US breach would be 5 million people.
Via Pogo was right.