Privacy & Information Protection

Displaying 1-10 of 91

Implementing Privacy by Design

“Privacy by design” (“PbD”) is not a new concept but one that has been receiving increasing attention and legal clout in Canada, Europe, and around the world. Broadly speaking, it requires designing a system or process in a manner that...

More

Canada’s Digital Charter Triggers Reframing of Consultation on Transborder Personal Data Transfers

In April of this year, as discussed in our previous blog posts, the Office of the Privacy Commissioner of Canada (“OPC”) called for changes to the way Canadian privacy law treats transborder personal data transfers, and commenced a consultation process....

More

Moving the Goalposts for Canadian Data: Federal Privacy Commissioner Changes Position on Cross-Border Transfers

A high profile data breach involving a US company, Equifax Inc.[i], and its Canadian subsidiary, Equifax Canada Co., along with the coming into force of the European Data Protection Regulation (“GDPR”), appear to be the driving forces behind the Office...

More

What Exemption? – Pitfalls and Stumbling Blocks in CASL and Privacy Compliance

The Canadian Anti-Spam Law (“CASL”) has been with us now for five years and it has been over 15 years since the Personal Information Protection and Electronic Documents Act (“PIPEDA”) came into force. Then why is CASL and privacy compliance...

More

IT Service and Infrastructure Providers Beware: Key Guidance Released by the CRTC regarding Liability of Intermediaries for CASL Breaches

Background On November 5, 2018, the Canadian Radio-television and Telecommunications Commission (CRTC) issued new guidance for assessing intermediary liability under Section 9 of CASL.  This guidance follows Notices of Violation issued by the CRTC on July 11, 2018 to Sunlight...

More

BC Commissioner Releases Cannabis Sales Privacy Protection Guidelines

As a result of the recent legalization of recreational cannabis in Canada, the Office of the Information and Privacy Commissioner for British Columbia (the “OIPC”) published guidelines (titled “Protecting Personal Information: Cannabis Transactions”) that aim to clarify the rights and...

More

NIST Launches Privacy Framework Initiative

For many years, the cybersecurity framework developed by the U.S. Department of Commerce’s National Institute of Standards and Technology (“NIST”) has been relied upon by organizations around the world as a foundational framework document. Given its success in the cybersecurity...

More

Canadian Commissioner Seeks Stronger Privacy Laws

Last week, the Office of the Privacy Commissioner (the “OPC”) released its 2017-2018 Annual Report (the “Report”). The Commissioner took the opportunity to raise serious concerns around the adequacy of Canadian privacy laws in the face of an increasingly digital...

More

Mandatory Breach Draft Guidance Released

On September 17, 2018, the federal Office of the Privacy Commissioner (“OPC”) published its draft guidance about mandatory reporting of breaches of security safeguards (“Draft Guidelines”).  The OPC is seeking public comments as it readies itself for a November 1,...

More

Getting Privacy Due Diligence Right

Increasingly, a key asset that organizations hold is the sensitive data they collect, use and retain about their customers, employees and suppliers. It is, therefore, no surprise that data security and privacy compliance have become a top-of-mind consideration for organizations...

More

Displaying 1-10 of 91

Stay Informed

Sign-up to receive electronic communications, including newsletters on legal developments, event invitations, firm news and more.

Subscribe