In its Annual Report to Parliament on the Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA), the Office of the Privacy Commissioner (OPC) has repeated its previous calls for reform to...more
Ontario's Ministry of Government and Consumer Services recently announced that it is contemplating new private sector privacy legislation (PSPL) to govern how businesses collect, use and disclose customers' data. The Ministry...more
Following the recent fine against Facebook for C$9.5 million under the Competition Act pursuant to allegations that it made "false or misleading claims about the privacy of Canadians' personal information,” the Competition...more
Facebook has agreed to pay a fine of $9 million under the federal Competition Act stemming from the Cambridge Analytica matter and to reimburse the cost of the inquiry of $500,000 (without any acknowledgment of wrongdoing)....more
The Canadian Internet Registration Authority (CIRA) launched a domain name system (DNS) service on April 23, 2020. CIRA is the entity responsible for overseeing Canada's .ca country-code top-level domain (ccTLD). CIRA is...more
In the fight to combat the spread of COVID-19, governments throughout the world have been considering the use of digital contact-tracing apps. Contact-tracing apps seek to interrupt the onward transmission of the coronavirus...more
It is not only hackers who pose a risk to an organization's information security; hostile insiders do as well. According to Verizon, an estimated 34 percent of data breaches involve internal actors. Hostile insiders may be...more
As countries around the world continue their efforts to combat the novel coronavirus (COVID-19), governments are increasingly turning to technology to enforce "social distancing" rules and related measures designed to contain...more
Given the disruptions arising from COVID-19, organizations are well advised to consider how such disruptions will impact their key information technology (IT) projects and services. In particular, starting with those projects...more
As the COVID-19 outbreak continues, scammers and hackers are taking advantage of the fear and confusion surrounding the current circumstances by posing as reputable news sources, or offering information. These malicious...more
The OIPC has issued recent guidance for private sector organizations operating in British Columbia, which include provincially or federally incorporated companies that conduct business in the province and are subject to the...more
2020 is shaping up to be a significant year for regulation of privacy issues, with two significant events taking place so far this year. In early February, the Office of the Privacy Commissioner (OPC) commenced an action...more
3/10/2020
/ Artificial Intelligence ,
Cambridge Analytica ,
Canada ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Data Security ,
OPC ,
PIPEDA ,
Popular
Violations of privacy—already overseen by the Office of the Privacy Commissioner of Canada (as well as provincial privacy commissioners)—may soon be subject to fines under the federal Competition Act. In a statement yesterday...more
Between 2016 and 2019, Business Email Compromise (BEC) scams cost American organizations US$3.1 billion in losses and Canadian organizations US$33.6 million. This type of pervasive scam targets large and small businesses...more
10/8/2019
/ Business E-Mail Compromise (BEC) ,
CEOs ,
Cyber Attacks ,
Cybersecurity ,
Email Policies ,
Fraud ,
Internal Controls ,
Popular ,
Risk Management ,
Scams ,
Small Business ,
Vulnerability Assessments
As the digital landscape evolves, and the commoditization of personal information increases, expectations as to what constitutes appropriate consent for the collection, use and disclosure of personal information in Canada are...more
Summer 2019 saw a flurry of major fines levied against large corporations for data breaches and other privacy violations. Ranging from a €460,000 fine under the European General Data Protection Regulation (GDPR) for a Dutch...more
The recently announced federal government cybersecurity certification program is targeted at small- and medium-sized enterprises (SMEs), but larger organizations should also take note....more
The Office of the Information and Privacy Commissioner of Ontario (OIPC) released its 2018 Annual Report: Privacy and Accountability for a Digital Ontario on Wednesday, July 10, 2019. This report signals a move toward...more
7/16/2019
/ Artificial Intelligence ,
Canada ,
Cyber Attacks ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Faxes ,
Personally Identifiable Information ,
Popular ,
Privacy Concerns ,
Regulatory Oversight
Violations of privacy–already regulated by the Office of the Privacy Commissioner of Canada (as well as provincial privacy regulators)–may also soon be regulated by Canada’s Competition Bureau. In a statement yesterday at the...more
The federal government has launched Canada’s new Digital Charter that comprises 10 broad principles to govern the use of data in the digital world. The stated purpose of the Digital Charter is to guide dialogue around changes...more
We had a packed house for our Cyber Time: Crash Course for Directors and Officers event this week at the Bennett Jones Calgary office. The half-day session covered current cyber threats facing businesses today, litigation...more
Seeking input from interested third parties, the Office of the Privacy Commissioner of Canada (OPC) announced a revision to its policy position on transborder data flow under the federal Personal Information Protection and...more
The Office of the Superintendent of Financial Institutions (OSFI) just published an advisory letter for federally regulated financial institutions (FRFI). The advisory sets out OSFI's expectations for FRFI cybersecurity...more
The Toronto Sun reported this morning that the privacy of 4,500 consumers of recreational cannabis in Ontario has been compromised. The names and addresses of individuals purchasing cannabis through the Ontario Cannabis Store...more
This 10-step guide will walk you through the upcoming changes to the Personal Information Protection and Electronic Documents Act (PIPEDA), the factors to consider in being prepared under PIPEDA and other related...more