MT Cybersecurity Blog


Miller Thomson Blogs put a more conversational lens on Canadian law. See the diverse perspectives of our lawyers here.

Displaying 1-10 of 31

Data Breach Reporting Obligations in Saskatchewan

March 14, 2019 | David Krebs, Jacey Safnuk

As we have written about in previous articles, data breach notification is now mandatory in Canada for the private sector in all jurisdictions where this was not already the case (e.g Alberta under the Personal Information Protection Act). Data breach...


SME Blockchain Primer

December 10, 2018 | Imran Ahmad, Katherine Barbacki

Recognizing the growing importance of distributed ledger technology (commonly known as “Blockchain”) for businesses of all sizes, on December 5, 2018, Miller Thomson LLP published its latest edition of Proof of Stake, a publication dedicated to practical legal considerations when...


Implementing Privacy by Design

November 5, 2018 | David Krebs

“Privacy by design” (“PbD”) is not a new concept but one that has been receiving increasing attention and legal clout in Canada, Europe,and around the world. Broadly speaking, it requires designing a system or process in a manner that protects...


OPC Releases Mandatory Breach Reporting Guidance

November 1, 2018 | Imran Ahmad, Catherine Bate, David Krebs, Katherine Barbacki

On October 29, 2018, the federal Office of the Privacy Commissioner (“OPC”) published the final version of its guidelines in connection with mandatory reporting of breaches of security safeguards (the “Guidelines”), ahead of the coming into force of the Breach of Security Safeguards Regulations (the “Regulations”)...


BC Commissioner Releases Cannabis Sales Privacy Protection Guidelines

October 26, 2018 | Imran Ahmad, Kelly Harris, Katherine Barbacki

As a result of the recent legalization of recreational cannabis in Canada, the Office of the Information and Privacy Commissioner for British Columbia (the “OIPC”) published guidelines (titled “Protecting Personal Information: Cannabis Transactions”) that aim to clarify the rights and...


NIST Launches Privacy Framework Initiative

October 9, 2018 | Imran Ahmad, Katherine Barbacki

For many years, the cybersecurity framework developed by the U.S. Department of Commerce’s National Institute of Standards and Technology (“NIST”) has been relied upon by organizations around the world as a foundational framework document. Given its success in the cybersecurity...


Canadian Commissioner Seeks Stronger Privacy Laws

October 2, 2018 | Imran Ahmad, Katherine Barbacki

Last week, the Office of the Privacy Commissioner (the “OPC”) released its 2017-2018 Annual Report (the “Report”). The Commissioner took the opportunity to raise serious concerns around the adequacy of Canadian privacy laws in the face of an increasingly digital...


Mandatory Breach Draft Guidance Released

September 21, 2018 | Imran Ahmad, Kathryn M. Frelick, Alexia Magneron

On September 17, 2018, the federal Office of the Privacy Commissioner (“OPC”) published its draft guidance about mandatory reporting of breaches of security safeguards (“Draft Guidelines”).  The OPC is seeking public comments as it readies itself for a November 1,...


Getting Privacy Due Diligence Right

September 14, 2018 | Imran Ahmad

Increasingly, a key asset that organizations hold is the sensitive data they collect, use and retain about their customers, employees and suppliers. It is, therefore, no surprise that data security and privacy compliance have become a top-of-mind consideration for organizations...


Upcoming Mandatory Breach Notification Refresher

September 7, 2018 | Imran Ahmad, Katherine Barbacki, Alexia Magneron

In keeping with the global movement towards increased data protection legislation, as evidenced by the recent enactment of the General Data Protection Regulation (GDPR) in Europe and similar legislation adopted in California and Brazil,  Canada will (as of November 1,...


Displaying 1-10 of 31


The blog sets out a variety of materials relating to the law to be used for educational and non-commercial purposes only; the author(s) of the blog do not intend the blog to be a source of legal advice. Please retain and seek the advice of a lawyer and use your own good judgement before choosing to act on any information included in the blog. If you choose to rely on the materials, you do so entirely at your own risk.