Tag

Canada

Browsing

On January 28, 2020 – International Data Privacy Day – the Office of the Privacy Commissioner of Canada (OPC) released its proposals for ensuring appropriate regulation of artificial intelligence (AI), and announced that it is seeking public feedback. Parties have until March 13, 2020 to file submissions with the OPC, in accordance with the OPC’s “Notice of consultation and call for comments on AI consultation paper” which is available here. The OPC’s 11 proposals for…

In Canada, the federal Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5, as amended) (“PIPEDA”) applies to the collection, use or disclosure of personal information in the course of commercial activities. A commercial activity is defined as, essentially, any transaction, act or conduct that has a “commercial character.” To the extent that organizations engage in the sale of goods or services, or otherwise engage in commercial activities, any personal information collected, used…

Last September, we advised that Innovation, Science and Economic Development Canada (“Canada’s Department of Industry”) had released proposed security breach notification regulations under Canada’s federal private sector privacy law – the Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5, as amended) (“PIPEDA”) (the “Proposed Regulations”).While the Government of Canada has not provided a public update on the status of the Proposed Regulations, the Governor General in Council (i.e. cabinet) issued an Order…

Canada’s private sector privacy legislation, which was enacted in the year 2000 and was fully in force by 2004, is known as the Personal Information Protection and Electronic Documents Act (“PIPEDA”).Under PIPEDA, the portion of the statute that addresses privacy and personal information (i.e. Part 1) requires a parliamentary review every five years. In May 2007, the Canadian House of Commons’ Standing Committee on Access to Information, Privacy and Ethics (the “Committee”) tabled in the…

Earlier this month, Innovation, Science and Economic Development Canada (“Canada’s Department of Industry”) released its proposed data breach notification regulations under Canada’s federal private sector privacy law – the Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5, as amended) (“PIPEDA”) (the “Proposed Regulations”).The government of Canada is accepting public comments on the Proposed Regulations until the end of September 2017.Legislative BackgroundIn Canada, PIPEDA applies to the collection, use or disclosure of personal…

On June 7, 2017, Innovation, Science and Economic Development Canada (formerly known as Industry Canada) announced that on June 2, 2017, the Government of Canada, through an Order in Council, repealed the July 1, 2017 implementation of the private right of action under Canada’s Anti-Spam Legislation (“CASL”).The private right of action, had it come into force on July 1st, would have allowed private lawsuits (including class actions) to be filed against individuals and organizations for…

In today’s information economy, organizations are increasingly engaged in the collection and use of individuals’ personal information. This data is subject to a range of cyber risks, from third party hacking to simple human error. Over the past decade, some of the world’s largest corporations have suffered data breaches or other lapses in data management.While the potential for reputational harm arising from improper disclosure of personal information is clear, the applicable law and possible monetary…

On July 1, 2014, most of Canada’s Anti-Spam Legislation (CASL) came into force. On July 27, 2016, CASL’s primary regulator, the Canadian Radio-television and Telecommunications Commission (“CRTC”) issued an Enforcement Advisory titled “Notice for businesses and individuals on how to keep records of consent”, which addresses the CRTC’s expectations regarding proof of consent and record keeping.Under Section 13 of CASL, individuals and organizations must be able to demonstrate, by way of cogent evidence, that they…

Another anti-spam enforcement action recently took place in Canada, this time led by Canada’s federal privacy regulator, the Office of the Privacy Commissioner (OPC). This enforcement action is the first time the OPC has publicly found an organization to have violated the general restriction under Canada’s federal privacy law against the non-consensual collection of electronic addresses via computer programs or the use of such addresses—a restriction that was introduced into law when Canada’s anti-spam law (CASL)…

The U.S. Justice Department announced last week that they were dropping their court action in which they sought to compel Apple to create a backdoor to override their existing iPhone passcode protection software.If you followed this story, you know that a public and controversial battle ensued between the Justice Department and Apple over access to the iPhone used by Syed Farook, one of the perpetrators of the San Bernardino terrorist attack.BackgroundThe FBI recovered Mr. Farook’s…