News

Insurance as a cybersecurity and privacy risk management tool

Éloïse Gratton October 19, 2021

While organizations primarily manage cybersecurity and privacy risks through practices, policies and procedures, organizations often look to manage residual risks through insurance. Two recent Canadian cases illustrate how traditional insurance policies might provide limited or no coverage for losses and liabilities resulting from cybersecurity and privacy incidents. Organizations that seek to manage residual cybersecurity and […] Read more

News

Adoption finale du projet de loi n° 64 – Principales exigences pour les entreprises

Éloïse Gratton September 23, 2021

Le 21 septembre 2021, l’Assemblée nationale du Québec a adopté le projet de loi n° 64, Loi modernisant des dispositions législatives en matière de protection des renseignements personnels qui introduit des modifications importantes à la législation en matière de protection des renseignements personnels dans le secteur privé et public. Nous avons préparé un tableau qui résume sur […] Read more

News

Québec adopts Bill 64 – Key requirements for businesses

Éloïse Gratton September 23, 2021

On Sept. 21, 2021, the Québec National Assembly adopted Bill 64, An Act to modernize legislative provisions as regards the protection of personal information, which brings significant changes to Québec private sector and public sector privacy law. We have prepared a summarizing chart which focuses on proposed amendments to Québec’s Act respecting the protection of personal information […] Read more

News

Ontario court dismisses cyber attack class action: Why ‘intrusion upon seclusion’ didn’t work

Éloïse Gratton September 17, 2021

The Ontario Superior Court of Justice has dismissed another class action in which the plaintiff used ‘intrusion upon seclusion’ to claim damages for a cyber attack. Justice Perell’s decision in Del Giudice v Thompson (Thompson) reinforces recent findings in similar cases where the intrusion upon seclusion tort was not upheld and organizations were not found vicariously liable […] Read more

News

Mixed results in privacy class action against doctor who allegedly filmed patients

Éloïse Gratton August 31, 2021

A plastic surgeon alleged to have filmed his patients with surveillance cameras faced a privacy class action case. In G.C. v. Jugenburg (2021 ONSC 3119), the Ontario Superior Court certified a privacy breach class action against Dr. Martin Jugenburg, but declined to certify a class action for patients whose images were posted on the internet, published, or otherwise displayed […] Read more

News

OSFI updates Technology and Cyber Security Incident Reporting Advisory

Éloïse Gratton August 28, 2021

On August 13, 2021, the Office of the Superintendent of Financial Institutions (OSFI) released an updated Technology and Cyber Security Incident Reporting Advisory (Advisory) that imposes enhanced requirements for federally regulated financial institutions (FRFIs) regarding the prompt (within 24 hours or sooner if possible) reporting of technology and cybersecurity incidents to OSFI. The Advisory is effective immediately […] Read more