Latest Posts
Search for:
Tag

Canada

Browsing
In Data Privacy

Provincial Private Sector Privacy Legislation Before Legislative Assembly of Ontario

by 5 Mins Read

In Canada, the federal Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5, as amended) (“PIPEDA”) applies to the collection, use or disclosure of personal information in the course of commercial activities. A commercial activity is defined as, essentially, any transaction, act or conduct that has a “commercial character.” To the extent that organizations engage in the sale of goods or services, or otherwise engage in commercial activities, any personal information collected, used…

In Data Privacy

Security Breach Notification Requirements Commence on November 1, 2018 in Canada

by 5 Mins Read

Last September, we advised that Innovation, Science and Economic Development Canada (“Canada’s Department of Industry”) had released proposed security breach notification regulations under Canada’s federal private sector privacy law – the Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5, as amended) (“PIPEDA”) (the “Proposed Regulations”).While the Government of Canada has not provided a public update on the status of the Proposed Regulations, the Governor General in Council (i.e. cabinet) issued an Order…

In Data Privacy

Parliamentary Committee Recommends Significant Amendments to Canada’s Private Sector Privacy Legislation

by 9 Mins Read

Canada’s private sector privacy legislation, which was enacted in the year 2000 and was fully in force by 2004, is known as the Personal Information Protection and Electronic Documents Act (“PIPEDA”).Under PIPEDA, the portion of the statute that addresses privacy and personal information (i.e. Part 1) requires a parliamentary review every five years. In May 2007, the Canadian House of Commons’ Standing Committee on Access to Information, Privacy and Ethics (the “Committee”) tabled in the…

In Data Privacy

Proposed Canadian Federal Data Breach Notification Regulations Released for Public Comment

by 8 Mins Read

Earlier this month, Innovation, Science and Economic Development Canada (“Canada’s Department of Industry”) released its proposed data breach notification regulations under Canada’s federal private sector privacy law – the Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5, as amended) (“PIPEDA”) (the “Proposed Regulations”).The government of Canada is accepting public comments on the Proposed Regulations until the end of September 2017.Legislative BackgroundIn Canada, PIPEDA applies to the collection, use or disclosure of personal…

In Data Privacy

Government of Canada repeals July 1, 2017 implementation of private right of action under Canada’s Anti-Spam Legislation (CASL)

by 2 Mins Read

On June 7, 2017, Innovation, Science and Economic Development Canada (formerly known as Industry Canada) announced that on June 2, 2017, the Government of Canada, through an Order in Council, repealed the July 1, 2017 implementation of the private right of action under Canada’s Anti-Spam Legislation (“CASL”).The private right of action, had it come into force on July 1st, would have allowed private lawsuits (including class actions) to be filed against individuals and organizations for…

In Data Privacy

Raising the Stakes: New Developments in Canadian Privacy Torts

by 6 Mins Read

In today’s information economy, organizations are increasingly engaged in the collection and use of individuals’ personal information. This data is subject to a range of cyber risks, from third party hacking to simple human error. Over the past decade, some of the world’s largest corporations have suffered data breaches or other lapses in data management.While the potential for reputational harm arising from improper disclosure of personal information is clear, the applicable law and possible monetary…

In Data Privacy

Canada’s Anti-Spam Legislation (CASL): A reminder from the regulator regarding record keeping and consent

by 2 Mins Read

On July 1, 2014, most of Canada’s Anti-Spam Legislation (CASL) came into force. On July 27, 2016, CASL’s primary regulator, the Canadian Radio-television and Telecommunications Commission (“CRTC”) issued an Enforcement Advisory titled “Notice for businesses and individuals on how to keep records of consent”, which addresses the CRTC’s expectations regarding proof of consent and record keeping.Under Section 13 of CASL, individuals and organizations must be able to demonstrate, by way of cogent evidence, that they…

In Data Privacy

Canada’s Privacy Commissioner clamps down on spam and the automated harvesting of electronic addresses

by 3 Mins Read

Another anti-spam enforcement action recently took place in Canada, this time led by Canada’s federal privacy regulator, the Office of the Privacy Commissioner (OPC). This enforcement action is the first time the OPC has publicly found an organization to have violated the general restriction under Canada’s federal privacy law against the non-consensual collection of electronic addresses via computer programs or the use of such addresses—a restriction that was introduced into law when Canada’s anti-spam law…

In Data Privacy

DOJ v. Apple: Key Lessons for Employers

by 4 Mins Read

The U.S. Justice Department announced last week that they were dropping their court action in which they sought to compel Apple to create a backdoor to override their existing iPhone passcode protection software.If you followed this story, you know that a public and controversial battle ensued between the Justice Department and Apple over access to the iPhone used by Syed Farook, one of the perpetrators of the San Bernardino terrorist attack.BackgroundThe FBI recovered Mr. Farook’s…

In Data Privacy

Canadian Regulator Flexes Muscles With First Warrant Under Canada’s Anti-Spam Law

by 2 Mins Read

The Canadian Radio-television and Telecommunications Commission (CRTC), one of the regulators responsible for enforcing Canada’s anti-spam law (CASL), served its first warrant under CASL on December 3, 2015. The warrant was served to take down a botnet command-and-control server located in Toronto, Ontario. Along with other recent enforcement actions that resulted in large payments being made under CASL, this warrant further affirms how the CRTC is taking the enforcement of the legislation seriously.Taking Down DorkbotThe…

Load More