Le 26 mars 2025, le Commissariat à la protection de la vie privée du Canada (le « CPVP ») a déployé, à l’intention des organisations, un outil d’autoévaluation du risque réel de préjudice grave à la vie privée (l’« outil »)....more
On March 26, 2025, the Office of the Privacy Commissioner of Canada (OPC) released a privacy breach real risk of significant harm assessment tool (Tool) for organizations....more
Responsible organizations understand that privacy governance is essential for the systematic and compliant management of personal data and for maintaining customer and stakeholder trust. In a world where people increasingly...more
The tightening of privacy and data protection compliance obligations in Canada and the United States, has led to increasingly comprehensive “data security and privacy” representations and warranties in purchase agreements, as...more
As of September 22, 2024, the final provision of Law 25, An Act to modernize legislative provisions as regards the protection of personal information, will take effect, establishing a new right to data portability for...more
California Privacy Protection Agency Releases Revised Regulations - With the effective date less than three months away, and ahead of a Board Meeting on October 28 and 29, the California Privacy Protection Agency released...more
As states have continued to debate and pass new comprehensive privacy statutes – such as those in Virginia and Colorado – a common refrain from business leaders is the need for a comprehensive federal privacy statute that...more
Bill 64 largely tracks with already existing privacy regulations in other jurisdictions and will take effect over the course of the next three years, with some provisions taking effect in September 2022. On September 21...more
2021 promises to be an exciting year in the data and privacy space. With the adoption of technologies that collect, analyze, aggregate, distribute and share data, and the implementation of new laws and regulations in...more
At the beginning of 2020, a Federal privacy law, similar to that of GDPR or PIPEDA, was a faint and distant reality. However, in light of some mobile device and other monitoring being considered because of the COVID-19...more
The Internet Society’s Online Trust Alliance (OTA) released a report this week that measured 1200 U.S.-based organizations’ readiness for three major global privacy regulations: the General Data Protection Regulation (GDPR)...more
As multinational employers are aware, data privacy laws can vary greatly from jurisdiction to jurisdiction. Ensuring compliance with the different requirements can be challenging, and the penalties for noncompliance can be...more
Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”) has been amended by The Digital Privacy Act (the “DPA”). DPA updates PIPEDA and modernizes Canadian data privacy and security law. DPA is now...more