We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Le 23 avril 2025, dans l’affaire Insurance Corporation of British Columbia v. Ari (décision disponible uniquement en anglais), la Cour d’appel de la Colombie-Britannique (la « CACB ») a confirmé une décision de première...more
The past year has introduced some uncertainty for institutional defendants facing privacy breach class actions in Canada. While Ontario’s Court of Appeal has been consistent in its approach to class actions against “database...more
When we are retained by clients to guide them through a cyber-attack in which information has been stolen by a threat actor, we almost always find that the client has unnecessarily stored sensitive information far beyond the...more
Le 26 mars 2025, le Commissariat à la protection de la vie privée du Canada (le « CPVP ») a déployé, à l’intention des organisations, un outil d’autoévaluation du risque réel de préjudice grave à la vie privée (l’« outil »)....more
On March 26, 2025, the Office of the Privacy Commissioner of Canada (OPC) released a privacy breach real risk of significant harm assessment tool (Tool) for organizations....more
As in previous years, our team marks Data Privacy Week with a summary of important privacy developments in Canada in 2024 and highlights what a busy electoral year could mean for Canadian privacy law in 2025....more
In Insurance Corporation of British Columbia v. Ari, 2023 BCCA 331, the British Columbia Court of Appeal (BCCA) confirmed that an employer may be found vicariously liable when its employee violates of s. 1 of the province’s...more
Theft of personal information does not by itself entitle the victim to damages in Canada; proof of loss or harm is required, the Alberta Court of Appeal held recently in Setoguchi v Uber BV. This, and other recent decisions,...more
Recent findings by the Office of the Privacy Commissioner of Canada (“OPC”) found that Home Depot of Canada Inc. (“Home Depot”) did not obtain valid meaningful consent to share summary purchase information with Meta Platforms...more
In a trilogy of rulings released on November 25, 2022, the Ontario Court of Appeal (“Court”) has ruled that the tort of intrusion upon seclusion cannot extend to companies that collect and store personal information and fall...more
The Ontario Court of Appeal recently ruled that an organization that fails to take adequate steps to safeguard personal information in its possession cannot be held liable under the tort of intrusion upon seclusion when that...more
With the first wave of amendments to Québec’s An Act Respecting the Protection of Personal Information in the Private Sector (“PPIPS”) having taken effect just over a month ago, we thought we would share some misconceptions...more
Depuis le 22 septembre 2022, les entités du secteur privé exerçant des activités au Québec doivent aviser, avec diligence, la Commission d’accès à l’information (la « CAI ») de toute atteinte à la vie privée (soit un «...more
As of September 22, 2022, private-sector entities carrying on business in Quebec are required to notify Quebec’s Commission d’acces a l’information (CAI) and affected individuals of a privacy breach (referred to as a...more
Last week’s blog detailed the wave of state legislation that occurred in the U.S. during 2021. It is no surprise that there were also many data privacy developments abroad. It is crucial that organizations affected by...more
Le 12 juin 2020, le gouvernement du Québec a présenté le projet de loi no 64, intitulé Loi modernisant des dispositions législatives en matière de protection des renseignements personnels (le « projet de loi »), à l’Assemblée...more
On June 12, 2020, the Government of Quebec tabled Bill 64, an Act to modernize legislative provisions as regards the protection of personal information (Bill), before the National Assembly of Quebec. The Bill proposes to...more