PIPEDA is Canada’s federal privacy law governing the collection, use, and disclosure of personal information in commercial activities. Mobile applications and services operating in Canada must comply with the Act, which grants individuals certain rights over their personal data and requires organizations to protect it with appropriate security measures.
To comply with PIPEDA, organizations should protect all devices, applications and places where customer data is stored and accessed, including mobile devices.
For a mobile device fleet, it means enforcing threat detection and response using a Mobile Threat Defense solution, as it will protect smartphones and tablets from malware, phishing, network exploits that cause personal data theft and leakage.
For mobile applications, it means ensuring all applications process data with appropriate safeguards and remediating risky behaviors and vulnerabilities with Static Application Security Testing and Compliance Audit.