Come July 1, 2020, Canadian entities caught under the California Consumer Privacy Act (CCPA) will need to comply with proposed regulations that were recently issued by the Attorney General’s office.
The draft rules clarify...more
11/12/2019
/ California Consumer Privacy Act (CCPA) ,
Canada ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Private Right of Action
To mark the one-year anniversary of mandatory breach reporting under the Personal Information Protection and Electronic Documents Act (PIPEDA), the Office of the Privacy Commissioner of Canada (OPC) published a blog post...more
On September 23, 2019, the Office of the Privacy Commissioner of Canada (OPC) concluded its consultation on transfers for processing, initially launched on April 9, 2019. Fortunately, the OPC has determined that its approach...more
On April 9, 2019, the Office of the Privacy Commissioner of Canada (OPC) played a belated April Fools’ joke. They launched a consultation on transborder data flows in which they indicated that they were revisiting their...more
As part of our quarterly series on current trends across different industries, our first article for 2019 looks at the current landscape of cybersecurity and highlights key legal trends and developments. We also offer some...more
On January 24, 2019, the Office of the Superintendent of Financial Institutions (OSFI) published the Technology and Cybersecurity Incident Reporting Advisory (Advisory) applicable to all federally regulated financial...more
On October 29, 2018, the Office of the Privacy Commissioner of Canada (OPC) published the final guidance intended to assist organizations in complying with the mandatory breach reporting and record-keeping requirements under...more
On September 17, 2018, the Office of the Privacy Commissioner of Canada (OPC) published draft guidelines on mandatory breach reporting under the Personal Information Protection and Electronic Documents Act (PIPEDA). The...more
The final Breach of Security Safeguards Regulations (Regulations) under the federal Personal Information Protection and Electronic Documents Act (PIPEDA) were made on March 26, 2018, and published on April 18, 2018. The...more
Your printer. The water cooler. The thermostat. What do these things have in common? All of them can be connected to the Internet of Things (IoT).
The IoT continued its meteoric rise in 2017 with a vast array of everyday...more
DUE DILIGENCE PHASE -
Does the Target send commercial electronic messages (CEMs) from Canada and/or to recipients in Canada? CEMs include any email, text message or other direct electronic message that wholly or partly...more
Businesses obtain welcome relief from the imminent threat of private lawsuits under Canada’s Anti-Spam Legislation (CASL) as the private right of action, originally scheduled to come into force on July 1, 2017, has been...more
Many fintech companies collect and process vast amounts of data in order to provide financial services quickly and inexpensively. Much of this data is highly sensitive personal information such as date of birth, social...more
On March 4, 2016, Innovation, Science and Economic Development Canada (Ministry) published a consultation document soliciting input from stakeholders on the development of regulations that will support mandatory data breach...more
After lengthy debates, Bill S-4, the Digital Privacy Act? finally received royal assent on June 18, 2015, and is now law. The federal government introduced Bill S-4 on April 8, 2014, which marked the government’s third...more