On May 31, 2025, the Alberta Security Management for Critical Infrastructure Regulation (the Regulation) will come into force and is expected to alter existing security requirements for critical resource infrastructure in...more
Canadian courts and law societies, alike, are faced with an ever-evolving challenge: straddling the line between recognizing the potential benefits of emergent generative artificial intelligence (GenAI), while balancing the...more
Bennett Jones welcomed the opportunity to present a practical, opportunity and risk focused approach to the governance of Artificial Intelligence (AI) at the board level to the Institute of Corporate Directors. While AI is...more
On June 14, 2022, federal Public Safety Minister Marco Mendicino introduced Bill C-26, An Act Respecting Cyber Security (ARCS). Intended to strengthen cybersecurity of vital services and vital systems, this proposed...more
Understanding the Draft of the Consumer Privacy Protection Act and Artificial Intelligence and Data Act -
On June 16, 2022, the Digital Charter Implementation Act, 2022 (DCIA) was introduced as Bill C-27. The DCIA will...more
6/20/2022
/ Artificial Intelligence ,
Canada ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
New Legislation ,
Personal Information
On November 9, 2021, the Office of the Superintendent of Financial Institutions (OFSI) launched a three-month public consultation on the Draft Guideline B-13: Technology and Cyber Risk Management....more
The Ministry of Service Alberta is seeking public input on the province's statutory privacy protections. This follows Ontario's recent gesture to modernize its privacy framework and request feedback, which we discussed in...more
On April 30, 2021, the Government of Ontario introduced Building a Digital Ontario, the province's new digital and data strategy, which lays the foundation for Ontario to become "the world's leading digital jurisdiction."...more
The long-awaited comprehensive reform to Canada's private sector privacy legislation is now finally underway. On November 17, 2020, the Digital Charter Implementation Act, 2020 (DCIA) was introduced. The DCIA will enact the...more
Comprehensive reform to Canada's privacy legislation—which privacy experts have long anticipated—is now imminent. Today, the Minister of Innovation, Science and Industry, the Honourable Navdeep Bains, tabled the Digital...more
In its Annual Report to Parliament on the Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA), the Office of the Privacy Commissioner (OPC) has repeated its previous calls for reform to...more
Ontario's Ministry of Government and Consumer Services recently announced that it is contemplating new private sector privacy legislation (PSPL) to govern how businesses collect, use and disclose customers' data. The Ministry...more
The Canadian Internet Registration Authority (CIRA) launched a domain name system (DNS) service on April 23, 2020. CIRA is the entity responsible for overseeing Canada's .ca country-code top-level domain (ccTLD). CIRA is...more
As organizations in Canada identify employees, contractors or guests in the workplace who are or may be carrying, or who may have been exposed to others who are or may be carrying, the novel coronavirus (COVID-19), they will...more
Foreshadowing potential significant changes to the federal Personal Information Protection and Electronic Documents Act (PIPEDA), the Office of the Privacy Commissioner of Canada (OPC) is currently seeking input from...more
2/7/2020
/ Artificial Intelligence ,
Canada ,
Consultation ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Data Security ,
OPC ,
PIPEDA ,
Popular ,
Transparency
Violations of privacy—already overseen by the Office of the Privacy Commissioner of Canada (as well as provincial privacy commissioners)—may soon be subject to fines under the federal Competition Act. In a statement yesterday...more
While there has been controversy about the enforcement of the electronic communication provisions of Canada's Anti-Spam Law (CASL) due to the ambiguities of the complex scheme, there is widespread support for the anti-malware...more
12/16/2019
/ Anti-Spam Legislation ,
Canada ,
CASL ,
Civil Monetary Penalty ,
CRTC ,
Cybersecurity ,
E-Commerce ,
Electronic Communications ,
Enforcement Actions ,
Malware ,
Notice of Violation ,
Telecommunications
Artificial intelligence (AI) presents numerous opportunities to benefit society; however, the Office of the Privacy Commissioner of Canada (OIPC), together with numerous international counterparts, have been urging the...more
The Office of the Privacy Commissioner of Canada (OPC)'s report, Personal Information Protection and Electronic Documents Act (PIPEDA) Report of Findings #2019-001, issued April 9, 2019, into the Equifax hack, created...more
9/25/2019
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Processors ,
Data Protection ,
Equifax ,
International Data Transfers ,
Personal Data ,
PIPEDA ,
Prior Express Consent ,
Third-Party Service Provider
The Alberta Court of Appeal in Moore’s Industrial Service Ltd. v Kugler, 2019 ABCA 178 has confirmed that the limitation period under the Limitations Act (Alberta) applicable to a claim for damages under section 60 of the...more
Violations of privacy–already regulated by the Office of the Privacy Commissioner of Canada (as well as provincial privacy regulators)–may also soon be regulated by Canada’s Competition Bureau. In a statement yesterday at the...more
The federal government has launched Canada’s new Digital Charter that comprises 10 broad principles to govern the use of data in the digital world. The stated purpose of the Digital Charter is to guide dialogue around changes...more
A quote famously attributed to then FBI Director, Robert Mueller, in March 2012 advised that: “There are only two types of companies: those that have been hacked, and those that will be.”...more
In 2016, cybersecurity continued to grow as a primary business risk for companies worldwide. Data breaches continued to escalate both in number and magnitude and the landscape of legal and regulatory liability evolved and...more
2/10/2017
/ Ashley Madison ,
Bitcoin ,
Breach Notification Rule ,
Canada ,
Class Action ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Popular ,
Ransomware ,
Risk Assessment ,
Risk Management ,
Yahoo!
In its first public report of 2016, the Office of the Auditor General of Alberta reviewed, among other things, IT security for industrial control systems used in Alberta’s oil and gas industries (Report of the Auditor General...more