Tactical and strategic steps for successful cyber incident preparedness
To kick-off this year’s cyber awareness month, we wanted to present an article that would look back on the past year along with our experience counseling organizations, large and small across all sectors, through the ordeal of cyberattacks, data extortion […]
Managing cybersecurity in M&A transactions: How to mitigate risk through due diligence
As companies have become increasingly technology-driven in recent years, a target’s cybersecurity posture has become a key focal point in the diligence process. The COVID-19 pandemic has made this concern particularly acute: notwithstanding that an increasingly large number of people […]
Takeaways on privacy breach risk assessment and data security programs: Alberta Privacy Commissioner issues breach report
On July 29, 2022 the Office of the Information and Privacy Commissioner of Alberta (the “OIPC”) issued its report on data breaches (PDF) (the “Report”). Alberta has been the leading Canadian jurisdiction with the most long-standing experience when it comes to reviewing, […]
David Krebs quoted in Canadian Lawyer article on Bill C-26
Canadian Lawyer, "‘Vital systems’ cybersecurity law’ will expand information sharing, protect organizations: lawyer"
In this article, David Krebs discusses Bill C-26, a two-part piece of proposed legislation which includes the Critical Cyber Systems Protection Act, and its effects: The proposed law would take requirements which already exist for banks under the Office of […]
Bill C-26: A strengthening of Canada’s cyber security through mandatory reporting of cyber incidents
With the continuing threats posed by cyber criminals, state sponsored attacks, and other cybersecurity issues, the Canadian government has taken steps in line with those recently taken by the US government in order to protect and maintain oversight over critical […]
Federal Commissioner tables recommendations for privacy law reform
In the context of the Canadian Government’s plans to replace the current federal private sector privacy legislation in Canada – The Personal Information Protection and Electronic Documents Act (the “PIPEDA“), the Office of the Privacy Commissioner of Canada (the “OPC“) has […]
French data protection authority fines health software provider €1.5M for failing to protect personal information
Cybersecurity attacks, data security, and privacy breaches are no longer confined to the technical and esoteric discussions of lawyers, IT professionals, and privacy communities but rather over the past two years have become part of “coffee row” and “water cooler” […]
Privacy Commissioners take stance against collection of biometric data
The collection (and over collection) of personal information, cybersecurity incidents, and data breaches have never been more topical. Advancements in technology have led to greater global interaction and allowed for commercial efficiency in a time of limited connection. With advancements […]
Quebec’s new privacy law (Bill 64) is here – Canadian businesses take note!
While federal attempts to modernize Canadian law, in the form of Bill C-11, is languishing in privacy purgatory, the province of Quebec has completed the first step of its journey to bring its law in close alignment with those of […]
OSFI updates cybersecurity breach notification requirements
The Office of the Superintendent of Financial Institutions (“OSFI”) released a new Advisory on Technology and Cyber Security Incident Reporting, effective August 13, 2021 (the “Advisory”) which seeks to govern how federally-regulated financial institutions (“FRFIs”) should disclose and report technology […]