Éloïse Gratton

In December 2018, the United States Financial Industry Regulatory Authority issued a Report on Selected Cybersecurity Practices – 2018 to help broker-dealer firms improve their cybersecurity programs. The Report provides detailed recommendations for managing common cyber risks, and includes a list of core cybersecurity controls for small firms. The Report provides guidance that is consistent […] Read more

In the Fall 2018 Education Law Newsletter, BLG reported on the Ontario Court of Appeal decision in R. v. Jarvis. In that decision, a high school English teacher was acquitted of voyeurism for using a camera pen to surreptitiously film female students’ chests. On February 14, 2019, the Supreme Court of Canada unanimously reversed the Ontario […] Read more

Canada’s federal Personal Information Protection and Electronic Documents Act (“PIPEDA”) imposes obligations on private sector organizations that suffer a breach of security safeguards affecting personal information under their control. Details of those obligations are set out in PIPEDA, the Breach of Security Safeguards Regulations and the guidance document titled “What you need to know about […] Read more

A recent Ontario court decision clarifies the distinction between personal information and private information and confirms that the wrongful disclosure of personal information may not always amount to a violation of privacy. In Broutzas, 2018 ONSC 6315, the court refused to certify a proposed privacy class action involving the sale of new mother contact information […] Read more

On January 24, 2019, the Office of the Superintendent of Financial Institutions issued an Advisory setting out expectations for federally regulated financial institutions’ prompt (within 72 hours) reporting of technology and cybersecurity incidents. The Advisory will be effective on March 31, 2019. Federally regulated financial institutions should now take steps to prepare for compliance with […] Read more