Introduction - As a federal state with law-making powers shared between federal and provincial/territorial governments, Canada has both federal and provincial/territorial privacy laws that govern the private and public...more
A little over nine months after it passed An Act to modernize legislative provisions as regards the protection of personal information (“Bill 64”) overhauling, among other legislation, the province’s public and private sector...more
Back in November, I wrote on this blog about Big Data being one of the challenges that is forcing technology to move more to the data sooner in the discovery process. One of the most notable fun facts that illustrate just how...more
Over the last few years, data privacy has been brought in to the public focus more than ever before. What information is being collected about you, how is it being used, and who has the ability to access it. ...more
To mark the one-year anniversary of mandatory breach reporting under the Personal Information Protection and Electronic Documents Act (PIPEDA), the Office of the Privacy Commissioner of Canada (OPC) published a blog post...more
On November 1st of last year, businesses became subject to new mandatory breach reporting regulations under Canada’s federal private sector privacy law, the Personal Information Protection and Electronic Documents Act...more
As the digital landscape evolves, and the commoditization of personal information increases, expectations as to what constitutes appropriate consent for the collection, use and disclosure of personal information in Canada are...more
Mandatory privacy breach notification, reporting and record-keeping obligations under Canada’s federal data protection law called the Personal Information Protection and Electronic Documents Act (PIPEDA) will come into force...more
On October 29, 2018, the Office of the Privacy Commissioner of Canada (OPC) published the final guidance intended to assist organizations in complying with the mandatory breach reporting and record-keeping requirements under...more
On April 18, 2018, the Government of Canada published the final regulations relating to mandatory reporting of privacy breaches under Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”). ...more
The final Breach of Security Safeguards Regulations (Regulations) under the federal Personal Information Protection and Electronic Documents Act (PIPEDA) were made on March 26, 2018, and published on April 18, 2018. The...more
The Government of Canada has announced that its proposed data breach notification requirements pursuant to the Digital Privacy Act (the “Act”) will take effect on November 1, 2018. The Act amends Canada’s Personal...more
Recently, the Office of the Privacy Commissioner of Canada (OPC) released an important draft Position on Online Reputation (paper). The paper takes the position that current federal privacy legislation, the Personal...more
As multinational employers are aware, data privacy laws can vary greatly from jurisdiction to jurisdiction. Ensuring compliance with the different requirements can be challenging, and the penalties for noncompliance can be...more
Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”) has been amended by The Digital Privacy Act (the “DPA”). DPA updates PIPEDA and modernizes Canadian data privacy and security law. DPA is now...more
Data security breaches marred the 2013 holiday season for many consumers and retailers. The most famous security breach, at Target Corporation (Target), involved the loss of information on 40 million payment cards and...more
This fall, Canadian Parliament failed to pass proposed amendments to its federal privacy law that would impose a mandatory breach notification requirement. Bill C-12, originally introduced in 2010 and reintroduced in 2011,...more
Canada’s Federal Privacy Commissioner Jennifer Stoddart today released a position paper which offers a roadmap for modernizing Canada’s federal private-sector privacy law, Personal Information Protection and Electronic...more