PIPEDA Case Summary #2009-014:
When applying for a personal membership at a store, an individual was asked to supply the store with her driver’s licence number and date of birth. No purpose for collecting this personal information was offered, and when she later requested access to it, her request and follow-ups were ignored until this Office notified the organization about them.The Assistant Commissioner made recommendations to the organization with regard to informing applicants about the purposes for collecting specific personal information, acceptable collections of personal information for its membership applications, and purging previously collected unique identifying numbers from its online system.
Read more on the Office of the Privacy Commissioner of Canada.