When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
Uncovering Hidden Risks: Ep 13 - Unveil Data Security Paradoxes
Le 4 juillet 2024, la Cour d’appel de la Colombie-Britannique (la « CACB ») a rendu deux jugements d’appel en matière d’actions collectives dans des contextes de fuite de données. Ce faisant, la CACB a clarifié la portée...more
On May 24, 2024, the Office of the Information and Privacy Commissioner of Canada (OPC) issued new guidance relating to data breach reporting for federal institutions and businesses....more
Le 13 mai 2024, le gouvernement de l’Ontario (le « gouvernement ») a déposé le projet de loi 194, Loi de 2024 visant à renforcer la cybersécurité et la confiance dans le secteur public (le « projet de loi 194 »). S’il est...more
On May 13, 2024, the Government of Ontario introduced Bill 194, the Strengthening Cyber Security and Building Trust in the Public Sector Act, 2024 (Bill 194), which, if passed, will significantly reform the Freedom of...more
Les atteintes à la protection des données étant toujours à la hausse, les sociétés se retrouvent souvent à la croisée des chemins entre les innovations technologiques et les risques juridiques. Approfondissez vos...more
Rising data breaches put companies at the crossroads of tech innovation and legal risk. Dive into Canada's cybersecurity litigation landscape with these five top trends from our Canadian Cybersecurity Trends Study....more
As of February 1, 2023, public bodies in British Columbia (B.C.) will be required to report privacy breaches and have privacy management programs. The two provisions are the last to come into force from amendments made to...more
The Ontario Court of Appeal recently released a trilogy of decisions (Winder v. Marriott International, Inc., 2022 ONCA 815; Obodo v. Trans Union of Canada, Inc., 2022 ONCA 814; Owsianik v. Equifax Canada Co., 2022 ONCA 813)...more
Le métavers est souvent décrit comme l’Internet de demain. Bien que son développement n’en soit qu’à un stade précoce, des sociétés émergentes et d’autres bien établies investissent des millions de dollars dans la mise au...more
The disposal of hardware in the wrong manner can leave an organization offside its regulatory obligations under privacy legislation. Depending on the residence of the individuals or entities whose personal data is stored by...more
Ransomware continues to present an increasing risk to all organizations. Ransomware attacks can involve the installation of malicious software designed to block access to computer systems and/or steal data, and a...more
Last week’s blog detailed the wave of state legislation that occurred in the U.S. during 2021. It is no surprise that there were also many data privacy developments abroad. It is crucial that organizations affected by...more
OSFI, the Canadian Federal Office of the Superintendent of Financial Institutions, on August 13, 2021, issued new guidance on Technology and Cyber Security Incident Reporting, replacing prior guidance of March 2019....more
The Ministry of Service Alberta is seeking public input on the province's statutory privacy protections. This follows Ontario's recent gesture to modernize its privacy framework and request feedback, which we discussed in...more
On April 30, 2021, the Government of Ontario introduced Building a Digital Ontario, the province's new digital and data strategy, which lays the foundation for Ontario to become "the world's leading digital jurisdiction."...more
Le 12 juin 2020, le gouvernement du Québec a présenté le projet de loi no 64, intitulé Loi modernisant des dispositions législatives en matière de protection des renseignements personnels (le « projet de loi »), à l’Assemblée...more
On June 12, 2020, the Government of Quebec tabled Bill 64, an Act to modernize legislative provisions as regards the protection of personal information (Bill), before the National Assembly of Quebec. The Bill proposes to...more
It is not only hackers who pose a risk to an organization's information security; hostile insiders do as well. According to Verizon, an estimated 34 percent of data breaches involve internal actors. Hostile insiders may be...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - Cybersecurity Standards Issued for Government Contractors - On January 31, the Office of the Under Secretary of Defense for Acquisition and...more
To mark the one-year anniversary of mandatory breach reporting under the Personal Information Protection and Electronic Documents Act (PIPEDA), the Office of the Privacy Commissioner of Canada (OPC) published a blog post...more
On November 1st of last year, businesses became subject to new mandatory breach reporting regulations under Canada’s federal private sector privacy law, the Personal Information Protection and Electronic Documents Act...more
As cyberattacks become both more prevalent and complex, it’s often no longer a matter of “if”, but “when” a breach will occur. However, organizations can take steps to reduce the risk of a breach and to mitigate the impact of...more
Several former Yahoo! Inc. executives recently settled a derivative action for US$29-million, following data breaches from 2013 and 2014 that compromised approximately three billion accounts. These data breaches were the...more
Mandatory privacy breach notification, reporting and record-keeping obligations under Canada’s federal data protection law called the Personal Information Protection and Electronic Documents Act (PIPEDA) will come into force...more
On October 29, 2018, the Office of the Privacy Commissioner of Canada (OPC) published the final guidance intended to assist organizations in complying with the mandatory breach reporting and record-keeping requirements under...more