Responsible organizations understand that privacy governance is essential for the systematic and compliant management of personal data and for maintaining customer and stakeholder trust. In a world where people increasingly...more
The tightening of privacy and data protection compliance obligations in Canada and the United States, has led to increasingly comprehensive “data security and privacy” representations and warranties in purchase agreements, as...more
As of September 22, 2024, the final provision of Law 25, An Act to modernize legislative provisions as regards the protection of personal information, will take effect, establishing a new right to data portability for...more
California Privacy Protection Agency Releases Revised Regulations - With the effective date less than three months away, and ahead of a Board Meeting on October 28 and 29, the California Privacy Protection Agency released...more
As states have continued to debate and pass new comprehensive privacy statutes – such as those in Virginia and Colorado – a common refrain from business leaders is the need for a comprehensive federal privacy statute that...more
On June 16, 2022, the government of Canada tabled a bill that would make significant changes to privacy laws impacting employers in the federal jurisdiction. The new legislation, the Digital Charter Implementation Act (Bill...more
Bill 64 largely tracks with already existing privacy regulations in other jurisdictions and will take effect over the course of the next three years, with some provisions taking effect in September 2022. On September 21...more
2021 promises to be an exciting year in the data and privacy space. With the adoption of technologies that collect, analyze, aggregate, distribute and share data, and the implementation of new laws and regulations in...more
On November 17, 2020, the Canadian Minister of Innovation, Science and Industry introduced Bill C-11, the Digital Charter Implementation Act, which proposes a new privacy law called the Consumer Privacy Protection Act (CPPA)....more
At the beginning of 2020, a Federal privacy law, similar to that of GDPR or PIPEDA, was a faint and distant reality. However, in light of some mobile device and other monitoring being considered because of the COVID-19...more
As the digital landscape evolves, and the commoditization of personal information increases, expectations as to what constitutes appropriate consent for the collection, use and disclosure of personal information in Canada are...more
The Internet Society’s Online Trust Alliance (OTA) released a report this week that measured 1200 U.S.-based organizations’ readiness for three major global privacy regulations: the General Data Protection Regulation (GDPR)...more
In this month's Privacy & Cybersecurity Update, we examine several recent U.K.-related cybersecurity developments and the SEC's risk alert reminding investment advisers and broker-dealers to follow through on implementing...more
Recently, the Office of the Privacy Commissioner of Canada (OPC) released an important draft Position on Online Reputation (paper). The paper takes the position that current federal privacy legislation, the Personal...more
As multinational employers are aware, data privacy laws can vary greatly from jurisdiction to jurisdiction. Ensuring compliance with the different requirements can be challenging, and the penalties for noncompliance can be...more
Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”) has been amended by The Digital Privacy Act (the “DPA”). DPA updates PIPEDA and modernizes Canadian data privacy and security law. DPA is now...more
Data security breaches marred the 2013 holiday season for many consumers and retailers. The most famous security breach, at Target Corporation (Target), involved the loss of information on 40 million payment cards and...more