Regulatory Ramblings: Episode 72 - Cultural Roots, Belonging, and the Fear of Change: What’s Next for Inclusion?
Daily Compliance News: June 24, 2025, The Questions, Questions, and More Questions Edition
Hot Topics in International Trade - Tariff Mitigation Strategies
Everything Compliance, Shout Outs and Rants: Episode 151, The What is Illegal DEI Edition
Adapting to Tariffs and Other Trade Policy Shifts Under the Trump Administration
A Brief Primer on Tariffs Under the Trump Administration
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
Private M&A 2024: Key Trends and Forecasts
Patent Considerations in View of the Nearshoring Trends to the Americas
Examining E-Discovery in Competition Law
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Shifting Dynamics in Private Equity
4 Key Takeaways | Major U.S. Supreme Court Trademark & Copyright Decisions
Hidden Traffic : New Human Trafficking and Child Labor Regulation in Canada with Sean Stephenson
[Podcast] Catching Up on Canadian Environmental Regulation
[Podcast] USMCA in Review, with C.J. Mahoney, Former Deputy U.S. Trade Representative
Episode 4 - USMCA and the trade relationship between the U.S.A, Mexico, & China
Five Questions, Five Answers: Electric Mobility Canada on Its Promises for a Cleaner Economy
Five Questions, Five Answers: The Voice of Canadian Automotive Parts Manufacturers
The Great Green North: A Discussion on Canada’s Environmental Regulations
En 2023, une cyberattaque d’envergure a exposé les données génétiques personnelles de millions d’utilisateurs de 23andMe, une société américaine offrant des services d’analyse du code génétique aux particuliers, poussant les...more
On June 17, 2025, the Office of the Privacy Commissioner of Canada (OPC) released a summary of its investigation findings regarding a data breach at 23andMe, which affected nearly seven million customers, including...more
When we are retained by clients to guide them through a cyber-attack in which information has been stolen by a threat actor, we almost always find that the client has unnecessarily stored sensitive information far beyond the...more
Le 4 juillet 2024, la Cour d’appel de la Colombie-Britannique (la « CACB ») a rendu deux jugements d’appel en matière d’actions collectives dans des contextes de fuite de données. Ce faisant, la CACB a clarifié la portée...more
2022 continued to be positive for institutional clients involved in privacy breach class actions, with the Ontario Court of Appeal refusing to expand the tort of intrusion upon seclusion to impose liability on institutions...more
Theft of personal information does not by itself entitle the victim to damages in Canada; proof of loss or harm is required, the Alberta Court of Appeal held recently in Setoguchi v Uber BV. This, and other recent decisions,...more
In a trilogy of rulings released on November 25, 2022, the Ontario Court of Appeal (“Court”) has ruled that the tort of intrusion upon seclusion cannot extend to companies that collect and store personal information and fall...more
Le métavers est souvent décrit comme l’Internet de demain. Bien que son développement n’en soit qu’à un stade précoce, des sociétés émergentes et d’autres bien établies investissent des millions de dollars dans la mise au...more
With the first wave of amendments to Québec’s An Act Respecting the Protection of Personal Information in the Private Sector (“PPIPS”) having taken effect just over a month ago, we thought we would share some misconceptions...more
A little over nine months after it passed An Act to modernize legislative provisions as regards the protection of personal information (“Bill 64”) overhauling, among other legislation, the province’s public and private sector...more
OSFI, the Canadian Federal Office of the Superintendent of Financial Institutions, on August 13, 2021, issued new guidance on Technology and Cyber Security Incident Reporting, replacing prior guidance of March 2019....more
The Court of Queen's Bench of Alberta, in Setoguchi v Uber B.V., 2021 ABQB 18, recently dismissed an application for certification of a proposed class action resulting from a data breach because there was no evidence of harm...more
Lorsque votre organisation est victime d’une cyberattaque ou d’une atteinte à la protection des données, la protection du secret professionnel devient vitale. À la suite d’une telle atteinte, les événements peuvent se...more
When your organization is addressing a cyber-attack or other data breach, protecting privilege is crucial. In the aftermath of a data breach, events can move very quickly. However, appropriate steps should be taken to ensure...more
Report on Patient Privacy 20, no. 7 (July 2020) - Concerns about hacking and online security have fallen since the onset of the COVID-19 pandemic, despite the fact that the actual risks have risen, according to the 2020...more
As cyberattacks become both more prevalent and complex, it’s often no longer a matter of “if”, but “when” a breach will occur. However, organizations can take steps to reduce the risk of a breach and to mitigate the impact of...more
Several former Yahoo! Inc. executives recently settled a derivative action for US$29-million, following data breaches from 2013 and 2014 that compromised approximately three billion accounts. These data breaches were the...more
More on the rather shocking departure of John Flannery from GE, the Board that didn’t want to give him any more leash for his turnaround plans, and the future of the embattled corporate giant under Larry Culp....more
Though he was apparently ready to go with his “verbal agreement with the Saudis” defense, Elon Musk capitulated to pressure “from his lawyers and investors of Tesla” and agreed to resolve all SEC allegations of wrongdoing,...more
With South Dakota and Alabama’s new statutes, all 50 states and the District of Columbia have now enacted data breach notification laws. The Oregon and Delaware amended statutes will enhance requirements, and Canada’s new law...more
The Government of Canada has announced that its proposed data breach notification requirements pursuant to the Digital Privacy Act (the “Act”) will take effect on November 1, 2018. The Act amends Canada’s Personal...more
The security breach announced by Equifax Inc. on September 7, 2017, grabbed headlines around the world as Equifax revealed that personal data of roughly 143 million consumers in the United States and certain UK and Canadian...more
News about malicious cyber-attacks have been flooding media outlets in recent weeks as high-profile viruses (including WannaCry and Petya) continue to hit leading global and Canadian companies. What’s the cost here at home?...more
Given the increasing threat of cyberattacks and the corresponding costs, businesses are increasingly considering cybersecurity insurance. But insurance is only as effective as the scope of the coverage. Though Canadian...more
McDonald’s Canada has shut down its careers webpage following a breach that occurred in mid-March. A hacker gained access to the jobs section of its website and compromised the personal information, including names,...more