The Ontario Court of Appeal recently released a trilogy of decisions (Winder v. Marriott International, Inc., 2022 ONCA 815; Obodo v. Trans Union of Canada, Inc., 2022 ONCA 814; Owsianik v. Equifax Canada Co., 2022 ONCA 813)...more
The disposal of hardware in the wrong manner can leave an organization offside its regulatory obligations under privacy legislation. Depending on the residence of the individuals or entities whose personal data is stored by...more
10/14/2022
/ Canada ,
Computer Hard Drives ,
Computer Servers ,
Corporate Counsel ,
Data Breach ,
Data Protection ,
Data Security ,
Hardware ,
Morgan Stanley ,
Personal Data ,
Securities and Exchange Commission (SEC) ,
Waste Disposal ,
Web Servers
Ransomware continues to present an increasing risk to all organizations. Ransomware attacks can involve the installation of malicious software designed to block access to computer systems and/or steal data, and a...more
3/15/2022
/ Canada ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Financial Crimes ,
Financial Institutions ,
Financial Reporting ,
Popular ,
Ransomware
OSFI, the Canadian Federal Office of the Superintendent of Financial Institutions, on August 13, 2021, issued new guidance on Technology and Cyber Security Incident Reporting, replacing prior guidance of March 2019....more
8/31/2021
/ Canada ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Financial Institutions ,
Financial Services Industry ,
Hackers ,
Personally Identifiable Information ,
Popular ,
Risk Management
On April 30, 2021, the Government of Ontario introduced Building a Digital Ontario, the province's new digital and data strategy, which lays the foundation for Ontario to become "the world's leading digital jurisdiction."...more
Comprehensive reform to Canada's privacy legislation—which privacy experts have long anticipated—is now imminent. Today, the Minister of Innovation, Science and Industry, the Honourable Navdeep Bains, tabled the Digital...more
In its Annual Report to Parliament on the Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA), the Office of the Privacy Commissioner (OPC) has repeated its previous calls for reform to...more
It is not only hackers who pose a risk to an organization's information security; hostile insiders do as well. According to Verizon, an estimated 34 percent of data breaches involve internal actors. Hostile insiders may be...more
Summer 2019 saw a flurry of major fines levied against large corporations for data breaches and other privacy violations. Ranging from a €460,000 fine under the European General Data Protection Regulation (GDPR) for a Dutch...more
Violations of privacy–already regulated by the Office of the Privacy Commissioner of Canada (as well as provincial privacy regulators)–may also soon be regulated by Canada’s Competition Bureau. In a statement yesterday at the...more
Seeking input from interested third parties, the Office of the Privacy Commissioner of Canada (OPC) announced a revision to its policy position on transborder data flow under the federal Personal Information Protection and...more
The Toronto Sun reported this morning that the privacy of 4,500 consumers of recreational cannabis in Ontario has been compromised. The names and addresses of individuals purchasing cannabis through the Ontario Cannabis Store...more
This 10-step guide will walk you through the upcoming changes to the Personal Information Protection and Electronic Documents Act (PIPEDA), the factors to consider in being prepared under PIPEDA and other related...more
Almost three years after the Digital Privacy Act was passed, the federal government has finalized regulations on mandatory breach notification, reporting, and recordkeeping for the private sector in Canada. The regulations...more
It's not the kind of news a retail giant wants to make. In May 2017, Target agreed to a $18.5-million settlement to resolve a 47-state investigation into a massive 2013 hack. This settlement put Target's total cost of the...more
The CEO of the popular ride-sharing app, Uber, published a bombshell letter to the public yesterday, stating that two hackers had stolen information from almost 60 million driver and rider accounts in October 2016....more
The Importance of Detection Once the Enemy Is Past the Gates -
The recently announced data breaches involving Equifax, Deloitte and the U.S. Securities and Exchange Commission underscore that data breaches are a way of...more
Given the increasing threat of cyberattacks and the corresponding costs, businesses are increasingly considering cybersecurity insurance. But insurance is only as effective as the scope of the coverage. Though Canadian...more
Names, emails, credit card numbers, and home addresses: chances are good that your business collects client data with information that is valuable to hackers on the black market. A hacker will at some point try to access...more
Your organization will in all likelihood suffer a cyberattack. According to a recent study by Accenture, the average Canadian organization faces about 96 cyberattacks per year, nearly one third of which result in a security...more
2/17/2017
/ Canada ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Security ,
Directors ,
Hackers ,
Home Depot ,
Information Technology ,
Risk Management ,
Shareholders
In 2016, cybersecurity continued to grow as a primary business risk for companies worldwide. Data breaches continued to escalate both in number and magnitude and the landscape of legal and regulatory liability evolved and...more
2/10/2017
/ Ashley Madison ,
Bitcoin ,
Breach Notification Rule ,
Canada ,
Class Action ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Popular ,
Ransomware ,
Risk Assessment ,
Risk Management ,
Yahoo!
The United States Federal Trade Commission ("FTC") strikes again. In the action by the FTC involving the cybersecurity breach of Toronto-based AshleyMadison.com (operated by Ruby Corp. and hereafter referred to as "Ashley...more
In the world of cyber hacks and leaks, there are two general categories of players: the fraudsters who steal data in order to obtain a profit, and the “hacktivists” who expose data, purportedly for the greater good....more
5/20/2016
/ Admissible Evidence ,
Ashley Madison ,
Canada ,
Class Action ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Edward Snowden ,
Hackers ,
Panama Papers ,
Popular ,
Rules of Civil Procedure ,
WikiLeaks ,
Young Lawyers
The threat of commercial crime against companies is transforming. Technology has created new and innovative ways for fraudsters to exploit individuals and companies through cyber attacks. This new face of fraud can give rise...more
2/5/2016
/ Anthem Insurance ,
Ashley Madison ,
Blue Cross ,
Canada ,
Competition Authorities ,
Cyber Attacks ,
Data Breach ,
Federal Trade Commission (FTC) ,
Home Depot ,
Neiman Marcus ,
Personal Liability ,
PIPEDA ,
Risk Management ,
Sony ,
Target