Data Privacy and Information Protection Mandate — CanuckDUCK

Data Privacy and Information Protection Mandate — CanuckDUCK

1. Mandate

CanuckDUCK is dutied to protect people’s personal information confidentially. Privacy is not a feature added later; it is a design mandate across the ecosystem.

2. Data minimization

• Collect the minimum personal information required for the service to function.
• Retain personal information only while it remains operationally necessary.
• Avoid collecting sensitive personal information unless there is a clear, approved, legally compliant reason.
• Design systems on the assumption that breaches can happen and exposed data should be as low-value as possible.

3. No sale of private data

CanuckDUCK does not sell private data. It does not sell personally identifiable records, private user behaviour, private political activity, or individual-level profiles.

4. Aggregated data rule

CanuckDUCK may sell aggregated data to governments or organizations when doing so supports the mission and does not conflict with privacy, neutrality, or public trust. Aggregated data must never be complete enough to identify a single person.

Before aggregated data is shared externally, it should be reviewed for re-identification risk, small-cell exposure, geographic over-specificity, rare-attribute combinations, and whether the recipient could combine it with outside data to identify individuals.

5. Security alignment

All security systems throughout the CanuckDUCK ecosystem must follow this mandate. Security architecture, access control, logging, retention, exports, backups, AI workflows, support operations, and analytics must be designed around confidentiality and minimization.

6. AI handling of data

• AI agents should prefer aggregate and public-interest context over private personal data.
• AI agents must not expose private data in summaries, reports, prompts, logs, or public outputs.
• AI agents must escalate any request to export, sell, analyze, or combine personal data in a way that could identify people.

7. Public trust principle

The privacy test is not merely “can this be done legally?” The stronger test is: would a reasonable Canadian user still trust CanuckDUCK if they understood exactly how their information was collected, retained, protected, and used?