Asking the right questions within your organization is key to effectively managing cyber risk. Here are 10 questions that you should ask your team...more
4/4/2025
/ Canada ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Incident Response Plans ,
Policies and Procedures ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management ,
Third-Party Risk
On September 26, 2023, the House of Common's Standing Committee on Industry and Technology (the Standing Committee) embarked on a comprehensive examination of Bill C-27, the Digital Charter Implementation Act. If passed, this...more
On July 13, 2023, the Supreme Court of Canada (SCC) denied leave to appeal from three Ontario Court of Appeal (ONCA) decisions declining to apply the tort of intrusion upon seclusion to database defendants—i.e., organizations...more
The Federal Court of Canada released a decision on April 14, 2023 in OPC v Facebook Inc.,2023 FCC 533 [Facebook], dismissing the Privacy Commissioner's application against Facebook (now Meta Platforms, Inc.) stemming from...more
The Ontario Court of Appeal recently released a trilogy of decisions (Winder v. Marriott International, Inc., 2022 ONCA 815; Obodo v. Trans Union of Canada, Inc., 2022 ONCA 814; Owsianik v. Equifax Canada Co., 2022 ONCA 813)...more
The disposal of hardware in the wrong manner can leave an organization offside its regulatory obligations under privacy legislation. Depending on the residence of the individuals or entities whose personal data is stored by...more
10/14/2022
/ Canada ,
Computer Hard Drives ,
Computer Servers ,
Corporate Counsel ,
Data Breach ,
Data Protection ,
Data Security ,
Hardware ,
Morgan Stanley ,
Personal Data ,
Securities and Exchange Commission (SEC) ,
Waste Disposal ,
Web Servers
On June 14, 2022, federal Public Safety Minister Marco Mendicino introduced Bill C-26, An Act Respecting Cyber Security (ARCS). Intended to strengthen cybersecurity of vital services and vital systems, this proposed...more
Understanding the Draft of the Consumer Privacy Protection Act and Artificial Intelligence and Data Act -
On June 16, 2022, the Digital Charter Implementation Act, 2022 (DCIA) was introduced as Bill C-27. The DCIA will...more
6/20/2022
/ Artificial Intelligence ,
Canada ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
New Legislation ,
Personal Information
Ransomware continues to present an increasing risk to all organizations. Ransomware attacks can involve the installation of malicious software designed to block access to computer systems and/or steal data, and a...more
3/15/2022
/ Canada ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Financial Crimes ,
Financial Institutions ,
Financial Reporting ,
Popular ,
Ransomware
OSFI, the Canadian Federal Office of the Superintendent of Financial Institutions, on August 13, 2021, issued new guidance on Technology and Cyber Security Incident Reporting, replacing prior guidance of March 2019....more
8/31/2021
/ Canada ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Financial Institutions ,
Financial Services Industry ,
Hackers ,
Personally Identifiable Information ,
Popular ,
Risk Management
Organizations operating in Ontario may soon be subject to an entirely new provincial privacy regime that could impose substantial compliance obligations, and establish significant penalties for contravention of those...more
6/28/2021
/ Canada ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronically Stored Information ,
Information Governance ,
Information Management ,
Personal Information ,
Privacy Laws ,
Privacy Policy
On April 30, 2021, the Government of Ontario introduced Building a Digital Ontario, the province's new digital and data strategy, which lays the foundation for Ontario to become "the world's leading digital jurisdiction."...more
The long-awaited comprehensive reform to Canada's private sector privacy legislation is now finally underway. On November 17, 2020, the Digital Charter Implementation Act, 2020 (DCIA) was introduced. The DCIA will enact the...more
Comprehensive reform to Canada's privacy legislation—which privacy experts have long anticipated—is now imminent. Today, the Minister of Innovation, Science and Industry, the Honourable Navdeep Bains, tabled the Digital...more
In its Annual Report to Parliament on the Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA), the Office of the Privacy Commissioner (OPC) has repeated its previous calls for reform to...more
It is not only hackers who pose a risk to an organization's information security; hostile insiders do as well. According to Verizon, an estimated 34 percent of data breaches involve internal actors. Hostile insiders may be...more
2020 is shaping up to be a significant year for regulation of privacy issues, with two significant events taking place so far this year. In early February, the Office of the Privacy Commissioner (OPC) commenced an action...more
3/10/2020
/ Artificial Intelligence ,
Cambridge Analytica ,
Canada ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Data Security ,
OPC ,
PIPEDA ,
Popular
The federal government has launched Canada’s new Digital Charter that comprises 10 broad principles to govern the use of data in the digital world. The stated purpose of the Digital Charter is to guide dialogue around changes...more
Your organization will in all likelihood suffer a cyberattack. According to a recent study by Accenture, the average Canadian organization faces about 96 cyberattacks per year, nearly one third of which result in a security...more
2/17/2017
/ Canada ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Security ,
Directors ,
Hackers ,
Home Depot ,
Information Technology ,
Risk Management ,
Shareholders