Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
Welcome to the Summer 2025 issue of Blakes Data Governor, published by the Blakes Privacy & Data Protection group. Blakes Data Governor provides actionable insights and practical overviews of recent developments impacting...more
On June 17, 2025, the Office of the Privacy Commissioner of Canada (OPC) released a summary of its investigation findings regarding a data breach at 23andMe, which affected nearly seven million customers, including...more
Le 23 avril 2025, dans l’affaire Insurance Corporation of British Columbia v. Ari (décision disponible uniquement en anglais), la Cour d’appel de la Colombie-Britannique (la « CACB ») a confirmé une décision de première...more
The past year has introduced some uncertainty for institutional defendants facing privacy breach class actions in Canada. While Ontario’s Court of Appeal has been consistent in its approach to class actions against “database...more
Le 23 avril 2025, le Règlement sur la gestion et le signalement des incidents de sécurité de l’information de certaines institutions financières et des agents d’évaluation du crédit (le « Règlement ») est entré en vigueur au...more
When we are retained by clients to guide them through a cyber-attack in which information has been stolen by a threat actor, we almost always find that the client has unnecessarily stored sensitive information far beyond the...more
Le 26 mars 2025, le Commissariat à la protection de la vie privée du Canada (le « CPVP ») a déployé, à l’intention des organisations, un outil d’autoévaluation du risque réel de préjudice grave à la vie privée (l’« outil »)....more
On March 26, 2025, the Office of the Privacy Commissioner of Canada (OPC) released a privacy breach real risk of significant harm assessment tool (Tool) for organizations....more
Comme dans les années passées, notre équipe souligne la Semaine de la protection des données en résumant les principaux développements survenus dans ce domaine en 2024 au Canada et en présentant un aperçu des répercussions...more
As in previous years, our team marks Data Privacy Week with a summary of important privacy developments in Canada in 2024 and highlights what a busy electoral year could mean for Canadian privacy law in 2025....more
2022 continued to be positive for institutional clients involved in privacy breach class actions, with the Ontario Court of Appeal refusing to expand the tort of intrusion upon seclusion to impose liability on institutions...more
Amendments to British Columbia’s Freedom of Information and Protection of Privacy Act (FIPPA) taking effect on February 1, 2023, will impose more stringent privacy requirements on provincial public bodies, such as hospitals,...more
Last week’s blog detailed the wave of state legislation that occurred in the U.S. during 2021. It is no surprise that there were also many data privacy developments abroad. It is crucial that organizations affected by...more
Summer 2019 saw a flurry of major fines levied against large corporations for data breaches and other privacy violations. Ranging from a €460,000 fine under the European General Data Protection Regulation (GDPR) for a Dutch...more
Equifax to Pay up to $700 Million as Part of Settlement for 2017 Data Breach - Equifax has agreed to pay at least $575 million, and potentially up to $700 million, as part of a global settlement with the FTC, the CFPB, and...more
Violations of privacy–already regulated by the Office of the Privacy Commissioner of Canada (as well as provincial privacy regulators)–may also soon be regulated by Canada’s Competition Bureau. In a statement yesterday at the...more
In this month's Privacy & Cybersecurity Update, we examine several recent U.K.-related cybersecurity developments and the SEC's risk alert reminding investment advisers and broker-dealers to follow through on implementing...more
On the heels of the European Union's General Data Protection law, which went into effect in May 2018, California has enacted the California Consumer Privacy Act ("CCPA")—the result of an 11th-hour compromise between...more
On December 28, 2016, the New York Department of Financial Services ("DFS") released a revised version of a proposed regulation that would require banks, insurance companies, and other financial services institutions...more
Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”) has been amended by The Digital Privacy Act (the “DPA”). DPA updates PIPEDA and modernizes Canadian data privacy and security law. DPA is now...more
In this issue: - Navigating Public Company Cybersecurity Obligations: Advising Boards and Disclosing to Investors - FTC Updates School-Related COPPA Guidance - Status Update on the EU Data Protection...more
These are busy times in the data privacy/security world. If Misery Loves Company, Target Has Friends - Target was not the only target of data thieves this holiday season. Reports over the weekend revealed that...more