We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
En 2023, une cyberattaque d’envergure a exposé les données génétiques personnelles de millions d’utilisateurs de 23andMe, une société américaine offrant des services d’analyse du code génétique aux particuliers, poussant les...more
On June 17, 2025, the Office of the Privacy Commissioner of Canada (OPC) released a summary of its investigation findings regarding a data breach at 23andMe, which affected nearly seven million customers, including...more
When we are retained by clients to guide them through a cyber-attack in which information has been stolen by a threat actor, we almost always find that the client has unnecessarily stored sensitive information far beyond the...more
Le 4 juillet 2024, la Cour d’appel de la Colombie-Britannique (la « CACB ») a rendu deux jugements d’appel en matière d’actions collectives dans des contextes de fuite de données. Ce faisant, la CACB a clarifié la portée...more
2022 continued to be positive for institutional clients involved in privacy breach class actions, with the Ontario Court of Appeal refusing to expand the tort of intrusion upon seclusion to impose liability on institutions...more
Theft of personal information does not by itself entitle the victim to damages in Canada; proof of loss or harm is required, the Alberta Court of Appeal held recently in Setoguchi v Uber BV. This, and other recent decisions,...more
In a trilogy of rulings released on November 25, 2022, the Ontario Court of Appeal (“Court”) has ruled that the tort of intrusion upon seclusion cannot extend to companies that collect and store personal information and fall...more
Le métavers est souvent décrit comme l’Internet de demain. Bien que son développement n’en soit qu’à un stade précoce, des sociétés émergentes et d’autres bien établies investissent des millions de dollars dans la mise au...more
With the first wave of amendments to Québec’s An Act Respecting the Protection of Personal Information in the Private Sector (“PPIPS”) having taken effect just over a month ago, we thought we would share some misconceptions...more
A little over nine months after it passed An Act to modernize legislative provisions as regards the protection of personal information (“Bill 64”) overhauling, among other legislation, the province’s public and private sector...more
OSFI, the Canadian Federal Office of the Superintendent of Financial Institutions, on August 13, 2021, issued new guidance on Technology and Cyber Security Incident Reporting, replacing prior guidance of March 2019....more
The Court of Queen's Bench of Alberta, in Setoguchi v Uber B.V., 2021 ABQB 18, recently dismissed an application for certification of a proposed class action resulting from a data breach because there was no evidence of harm...more
Lorsque votre organisation est victime d’une cyberattaque ou d’une atteinte à la protection des données, la protection du secret professionnel devient vitale. À la suite d’une telle atteinte, les événements peuvent se...more
When your organization is addressing a cyber-attack or other data breach, protecting privilege is crucial. In the aftermath of a data breach, events can move very quickly. However, appropriate steps should be taken to ensure...more
Report on Patient Privacy 20, no. 7 (July 2020) - Concerns about hacking and online security have fallen since the onset of the COVID-19 pandemic, despite the fact that the actual risks have risen, according to the 2020...more
As cyberattacks become both more prevalent and complex, it’s often no longer a matter of “if”, but “when” a breach will occur. However, organizations can take steps to reduce the risk of a breach and to mitigate the impact of...more
Several former Yahoo! Inc. executives recently settled a derivative action for US$29-million, following data breaches from 2013 and 2014 that compromised approximately three billion accounts. These data breaches were the...more
More on the rather shocking departure of John Flannery from GE, the Board that didn’t want to give him any more leash for his turnaround plans, and the future of the embattled corporate giant under Larry Culp....more
Though he was apparently ready to go with his “verbal agreement with the Saudis” defense, Elon Musk capitulated to pressure “from his lawyers and investors of Tesla” and agreed to resolve all SEC allegations of wrongdoing,...more
With South Dakota and Alabama’s new statutes, all 50 states and the District of Columbia have now enacted data breach notification laws. The Oregon and Delaware amended statutes will enhance requirements, and Canada’s new law...more
The Government of Canada has announced that its proposed data breach notification requirements pursuant to the Digital Privacy Act (the “Act”) will take effect on November 1, 2018. The Act amends Canada’s Personal...more
The security breach announced by Equifax Inc. on September 7, 2017, grabbed headlines around the world as Equifax revealed that personal data of roughly 143 million consumers in the United States and certain UK and Canadian...more
News about malicious cyber-attacks have been flooding media outlets in recent weeks as high-profile viruses (including WannaCry and Petya) continue to hit leading global and Canadian companies. What’s the cost here at home?...more
Given the increasing threat of cyberattacks and the corresponding costs, businesses are increasingly considering cybersecurity insurance. But insurance is only as effective as the scope of the coverage. Though Canadian...more
McDonald’s Canada has shut down its careers webpage following a breach that occurred in mid-March. A hacker gained access to the jobs section of its website and compromised the personal information, including names,...more