Winnipeg Sensor Privacy Impact Assessments - Bylaw Guide

Technology and Data Manitoba 3 Minutes Read · published February 11, 2026 Flag of Manitoba

Introduction

Winnipeg, Manitoba projects that deploy sensors or surveillance technology must address privacy risks early. This guide explains how municipal teams, contractors and vendors can prepare Sensor Privacy Impact Assessments (PIAs) for city-related projects, what municipal offices are involved, and practical steps to reduce legal and operational risk.

When a Sensor PIA Is Needed

Sensors include cameras, microphones, license plate readers, environmental monitors with identifying capability, or networked devices that collect personal information. A Sensor PIA is recommended for systems that may capture identifiable information or enable personal profiling. For provincial privacy obligations and general PIA practice, see the stated access and privacy frameworks [1] and municipal access guidance [2].

Planning and Design Considerations

  • Document the purpose and legal authority for collection, retention periods, and data minimization measures.
  • Assess data flows, storage locations, encryption, and access controls.
  • Identify vendors and third-party processors and ensure contractual privacy terms.
  • Plan for transparency: signage, public notices and community consultation where appropriate.
Start PIAs at project scoping to avoid costly redesigns later.

Penalties & Enforcement

There is no single published City of Winnipeg bylaw that sets a dedicated fine schedule for failure to complete a sensor PIA; enforcement and remedies are generally managed through municipal authorities and provincial privacy law. Specific fine amounts and escalation steps are not specified on the cited pages [1][2].

  • Fines: not specified on the cited page.
  • Escalation for repeat or continuing offences: not specified on the cited page.
  • Non-monetary sanctions: orders to stop collection, removal of equipment, or court actions may be available under municipal authority or provincial law; exact remedies not specified on the cited page.
  • Enforcer: typical offices involved include the City Clerk/Access and Privacy office and By-law Enforcement; police-run surveillance falls under Winnipeg Police Service policy and oversight.
  • Appeals and review routes: where a municipal order applies, appeal processes or judicial review in provincial court may be available; specific time limits are not specified on the cited page.
If enforcement or fines are a concern, obtain early legal and privacy office input.

Applications & Forms

No dedicated City-published PIA submission form for sensor projects is listed on the cited pages; project teams should consult the City Clerk/Access and Privacy office and the project lead for current requirements [2].

Implementation & Compliance Checklist

  • Complete a documented PIA before procurement or installation.
  • Include data retention and deletion schedules in contracts and records management plans.
  • Maintain audit logs and make them available to authorized oversight staff.
  • Establish a public notice and complaint pathway for affected residents.
Documenting decisions and technical mitigations is the best defense in oversight or complaint situations.

FAQ

What is a sensor PIA?
A Sensor Privacy Impact Assessment documents privacy risks, legal authority, mitigations and operational controls for sensor deployments.
Who must prepare a PIA for a Winnipeg project?
Project leads, contractors or city departments proposing sensors should prepare a PIA in consultation with the City Clerk/Access and Privacy office or the project contact.
Are there published fines for failing to do a PIA?
Specific fines for failing to complete a sensor PIA are not specified on the cited pages; enforcement may use municipal or provincial authorities depending on the case [1][2].

How-To

  1. Identify the sensor type, data collected and legal authority for collection.
  2. Map data flows, retention, access roles and technical safeguards.
  3. Consult the City Clerk/Access and Privacy office and, if applicable, the Winnipeg Police Service for operational policy alignment.
  4. Incorporate PIA findings into procurement and contract terms with vendors.
  5. Publish required public notices and ensure a complaint and review channel is available.
  6. Maintain the PIA document and review after deployment or when requirements change.

Key Takeaways

  • Start PIAs at project inception to reduce retrofit risk.
  • Consult municipal access and privacy staff early and keep records of decisions.

Help and Support / Resources

    Categories

    General Governance and Administration Public Safety Public Health and Welfare Land Use and Zoning Housing and Building Standards Transportation Environmental Protection Parks and Public Spaces Business and Consumer Protection Taxation and Finance Labor and Employment Education Civil Rights and Equity Elections and Campaign Finance Events and Special Uses Signs and Advertising Utilities and Infrastructure Technology and Data