On May 24, 2024, the Office of the Information and Privacy Commissioner of Canada (OPC) issued new guidance relating to data breach reporting for federal institutions and businesses....more
Congress has repeatedly failed to pass comprehensive national data protection legislation, and the states are rapidly filling the void with laws that impose different requirements on a state-by-state basis. Most of these...more
California Privacy Protection Agency Releases Revised Regulations - With the effective date less than three months away, and ahead of a Board Meeting on October 28 and 29, the California Privacy Protection Agency released...more
A little over nine months after it passed An Act to modernize legislative provisions as regards the protection of personal information (“Bill 64”) overhauling, among other legislation, the province’s public and private sector...more
L’économie numérique a transformé nos modes de vie ainsi que la façon dont les organisations exercent leurs activités. Elle soulève également des enjeux inédits au chapitre de la protection de la vie privée; des enjeux qui...more
The digital economy has changed the way we live and the way organizations carry on business. It has also raised unique privacy challenges that were not imaginable when Canada’s private-sector privacy laws were originally...more
To mark the one-year anniversary of mandatory breach reporting under the Personal Information Protection and Electronic Documents Act (PIPEDA), the Office of the Privacy Commissioner of Canada (OPC) published a blog post...more
On November 1st of last year, businesses became subject to new mandatory breach reporting regulations under Canada’s federal private sector privacy law, the Personal Information Protection and Electronic Documents Act...more
The Office of the Privacy Commissioner of Canada (OPC)'s report, Personal Information Protection and Electronic Documents Act (PIPEDA) Report of Findings #2019-001, issued April 9, 2019, into the Equifax hack, created...more
In this month's Privacy & Cybersecurity Update, we examine several recent U.K.-related cybersecurity developments and the SEC's risk alert reminding investment advisers and broker-dealers to follow through on implementing...more
On April 9, 2019, the Office of the Privacy Commissioner of Canada (OPC) played a belated April Fools’ joke. They launched a consultation on transborder data flows in which they indicated that they were revisiting their...more
As part of our quarterly series on current trends across different industries, our first article for 2019 looks at the current landscape of cybersecurity and highlights key legal trends and developments. We also offer some...more
We’ve blogged previously about the patchwork of state data privacy laws, and the challenges it poses for multinational businesses. Now, U.S. companies need to beware of our neighbor to the north as well: Canada has enacted a...more
Mandatory privacy breach notification, reporting and record-keeping obligations under Canada’s federal data protection law called the Personal Information Protection and Electronic Documents Act (PIPEDA) will come into force...more
On October 29, 2018, the Office of the Privacy Commissioner of Canada (OPC) published the final guidance intended to assist organizations in complying with the mandatory breach reporting and record-keeping requirements under...more
This 10-step guide will walk you through the upcoming changes to the Personal Information Protection and Electronic Documents Act (PIPEDA), the factors to consider in being prepared under PIPEDA and other related...more
The breach notification obligations for Canadian organizations will change significantly in 2018: (i) the European Union's General Data Protection Regulation (GDPR) came into force on May 25, 2018; while (ii) new reporting...more
On September 17, 2018, the Office of the Privacy Commissioner of Canada (OPC) published draft guidelines on mandatory breach reporting under the Personal Information Protection and Electronic Documents Act (PIPEDA). The...more
On April 18, 2018, the Government of Canada published the final regulations relating to mandatory reporting of privacy breaches under Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”). ...more
On April 18, 2018, the Canadian government published long-awaited Breach of Security Safeguards Regulations specifying the requirements for notifying the Office of the Privacy Commissioner and affected individuals of data...more
The final Breach of Security Safeguards Regulations (Regulations) under the federal Personal Information Protection and Electronic Documents Act (PIPEDA) were made on March 26, 2018, and published on April 18, 2018. The...more
The Government of Canada has announced that its proposed data breach notification requirements pursuant to the Digital Privacy Act (the “Act”) will take effect on November 1, 2018. The Act amends Canada’s Personal...more
Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”) has been amended by The Digital Privacy Act (the “DPA”). DPA updates PIPEDA and modernizes Canadian data privacy and security law. DPA is now...more
Retail Tracking Update: Privacy Guidance Following Nomi Technologies - There is currently a widespread effort to quantify everything, from steps, to sleep, to batted ball exit velocity. Fifteen years ago, TV host Jeremy...more
Just prior to recessing for the summer, the Canadian government enacted the Digital Privacy Act. It includes a number of targeted amendments to strengthen existing provisions of the Personal Information Protection and...more