MT Cybersecurity Blog

cybersecurity-blog-banner

Miller Thomson Blogs put a more conversational lens on Canadian law. See the diverse perspectives of our lawyers here.

Displaying 1-10 of 43

Practical Strategies for Responding to a Cyber-Attack

November 1, 2019 | David Krebs

The author would like to thank the co-author of this article, Claudiu Popa[1], for his contributions and expertise in this area. Organizations across industry sectors are learning to recognize just what cyber-attacks look like, as Canadian companies are experiencing dozens...

More

Moving Back the Goalposts – Federal Commissioner Confirms a Transborder Transfers of Personal Data Remain a “Use”

October 1, 2019 | David Krebs

Six months after it started, the consultation process on the proper treatment of transborder personal data transfers has now closed. On September 23, 2019, the Federal Privacy Commissioner (“OPC”) confirmed that transborder transfers of personal data will remain a “use” of...

More

Receiving a Data Breach Notification – Commissioner’s Guidance for Individuals, Lessons for Organizations

September 25, 2019 | David Krebs

As reported by numerous previous articles, Canada’s federal data breach notification laws have been in effect since Nov 1, 2018, and require all organizations subject to the Personal Information Protection and Electronic Documents Act (“PIPEDA”) to report to the federal...

More

Cybersecurity Risks in Medical Devices – Health Canada Adopts Guidance Document

August 27, 2019 | David Krebs

Cybersecurity and data breaches are topics of high concern for Canadians. As discussed in previous blog articles, data breaches in Canada, North America and Europe have illustrated how financially motivated hackers and human error can put personal data at risk,...

More

Data Breaches, GDPR Fines, and Transborder Transfers – the Challenges of Assessing Cybersecurity and Privacy Risk

August 16, 2019 | David Krebs

Data breaches, steep fines under GDPR, and changing requirements for transborder data transfers are just a few of the headline-making issues in the first half of 2019.  It has been anything but quiet for cybersecurity and privacy professionals or organizations...

More

Impact of Recent GDPR Enforcement on Privacy Due Diligence in M&A

July 25, 2019 | David Krebs

In our last blog article, we discussed the British data protection authority’s (“ICO”) announcement to impose large fines on British Airways and Marriott Hotels for separate large-scale data breaches affecting those businesses. In this article, we will turn our minds...

More

GDPR Shows its Teeth – UK Pursuing Record Fines for Data Breaches, Emphasizes Accountability

July 11, 2019 | David Krebs

If there was any question as to the willingness of EU data protection authorities to pursue significant monetary penalties for violations of the European General Data Protection Regulation (“GDPR”), this past week has surely put those uncertainties to rest. The...

More

Canada’s Digital Charter Triggers Reframing of Consultation on Transborder Personal Data Transfers

June 13, 2019 | David Krebs, Abbie Treslan

In April of this year, as discussed in our previous blog posts, the Office of the Privacy Commissioner of Canada (“OPC”) called for changes to the way Canadian privacy law treats transborder personal data transfers, and commenced a consultation process....

More

GDPR Turns One, eh? Current Impact on Canadian Businesses and the Road Ahead

May 21, 2019 | David Krebs

The one-year anniversary of the European General Data Protection Regulation (”GDPR”) has nearly arrived, and there is much buzz about the impact, the level of compliance of European organizations and what lies ahead. This article will explore GDPR’s current impact...

More

Canadian Transborder Data Transfers: OPC Releases Supplemental Discussion Document

May 15, 2019 | David Krebs, Luanne Schlosser, Eric S. Charleston

As we discussed in a recent blog post on this important issue, the Office of the Privacy Commissioner of Canada (“OPC”) last month announced its intention to interpret the “transfer” of personal information as a “disclosure” rather than a “use”...

More

Displaying 1-10 of 43

Disclaimer

The blog sets out a variety of materials relating to the law to be used for educational and non-commercial purposes only; the author(s) of the blog do not intend the blog to be a source of legal advice. Please retain and seek the advice of a lawyer and use your own good judgement before choosing to act on any information included in the blog. If you choose to rely on the materials, you do so entirely at your own risk.