MT Cybersecurity Blog

Digital Security and data protection. Conceptual illustration with advanced technology digital display

Miller Thomson Blogs put a more conversational lens on Canadian law. See the diverse perspectives of our lawyers here.

Displaying 11-20 of 57

Privacy and cybersecurity during COVID-19 – Tips for Canadian organizations

March 24, 2020 | Eliott Cheeseman, David Krebs, Kathryn M. Frelick

With the emergence of COVID-19 in Canada, organizations are faced with many additional concerns and considerations in their daily operations and strategic planning. Remote work has become the norm, and the health of employees, customers and suppliers is a key...


Privacy Commissioner consultation on AI

February 4, 2020 | Kelly Harris, Eliott Cheeseman

Continuing to highlight the need for reform, the Office of the Privacy Commissioner of Canada (“OPC”) has initiated a consultation on recommendations they have presented to adapt the private sector privacy statute Personal Information Protection and Electronic Documents Act (“PIPEDA”) to address...


Canadian Privacy Commissioner Tables Annual Report, Calling for Human Rights-Based Overhaul of Privacy Laws

January 10, 2020 | David Krebs

On December 10, 2019, Commissioner Therrien presented his office’s 2019 annual report to Parliament, which was later followed by a press release highlighting key aspects of and views expressed in this latest report. Unsurprisingly, the need for privacy law reform...


“Once More Unto the (Data) Breach”…Looking back at Twelve Months of Mandatory Breach Notifications

November 26, 2019 | David Krebs, Hasith Andrahennadi

As described in numerous previous articles over the course of 2019, the past year saw an unprecedented number of breach notifications in Canada. In Europe, under the scrutiny of the General Data Protection Regulations (“GDPR”), there were a whopping 89,200...


Implementing Privacy by Design

November 26, 2019 | David Krebs

“Privacy by design” (“PbD”) is not a new concept but one that has been receiving increasing attention and legal clout in Canada, Europe, and around the world. Broadly speaking, it requires designing a system or process in a manner that...


Practical Strategies for Responding to a Cyber-Attack

November 1, 2019 | David Krebs

The author would like to thank the co-author of this article, Claudiu Popa[1], for his contributions and expertise in this area. Organizations across industry sectors are learning to recognize just what cyber-attacks look like, as Canadian companies are experiencing dozens...


Moving Back the Goalposts – Federal Commissioner Confirms a Transborder Transfers of Personal Data Remain a “Use”

October 1, 2019 | David Krebs

Six months after it started, the consultation process on the proper treatment of transborder personal data transfers has now closed. On September 23, 2019, the Federal Privacy Commissioner (“OPC”) confirmed that transborder transfers of personal data will remain a “use” of...


Receiving a Data Breach Notification – Commissioner’s Guidance for Individuals, Lessons for Organizations

September 25, 2019 | David Krebs

As reported by numerous previous articles, Canada’s federal data breach notification laws have been in effect since Nov 1, 2018, and require all organizations subject to the Personal Information Protection and Electronic Documents Act (“PIPEDA”) to report to the federal...


Cybersecurity Risks in Medical Devices – Health Canada Adopts Guidance Document

August 27, 2019 | David Krebs

Cybersecurity and data breaches are topics of high concern for Canadians. As discussed in previous blog articles, data breaches in Canada, North America and Europe have illustrated how financially motivated hackers and human error can put personal data at risk,...


Data Breaches, GDPR Fines, and Transborder Transfers – the Challenges of Assessing Cybersecurity and Privacy Risk

August 16, 2019 | David Krebs

Data breaches, steep fines under GDPR, and changing requirements for transborder data transfers are just a few of the headline-making issues in the first half of 2019.  It has been anything but quiet for cybersecurity and privacy professionals or organizations...


Displaying 11-20 of 57


This blog sets out a variety of materials relating to the law to be used for educational and non-commercial purposes only; the author(s) of this blog do not intend the blog to be a source of legal advice. Please retain and seek the advice of a lawyer and use your own good judgement before choosing to act on any information included in the blog. If you choose to rely on the materials, you do so entirely at your own risk.