Blog

News

IAPP 2019

BLG is proud to be a platinum sponsor of the IAPP Canada Privacy Symposium 2019 taking place May 22-24 at the adjoining Metro Toronto Convention Centre (North Building) and InterContinental Hotel. Members of our Privacy and Data Protection Group and Cybersecurity Law Group will be speaking throughout the conference : 1. Dealing with Regulators I will be presenting on Wednesday May 22,  2 […] Read more

News

Important Privacy Commissioner Consultation Impacting Cross-Border Dataflows and Outsourcing

In a significant departure from its guidelines and decisions under the Personal Information Protection and Electronic Documents Act, the Privacy Commissioner of Canada introduced in an April 9, 2019 decision a requirement for an organization to obtain consent for outsourcing activities involving personal information to a service provider outside of Canada. In light of this significant change […] Read more

News

Financial Industry Regulator Issues Cybersecurity Guidance

In December 2018, the United States Financial Industry Regulatory Authority issued a Report on Selected Cybersecurity Practices – 2018 to help broker-dealer firms improve their cybersecurity programs. The Report provides detailed recommendations for managing common cyber risks, and includes a list of core cybersecurity controls for small firms. The Report provides guidance that is consistent […] Read more

News

Frequently Asked Questions – Compliance with PIPEDA’s Security Breach Obligations

Canada’s federal Personal Information Protection and Electronic Documents Act (“PIPEDA”) imposes obligations on private sector organizations that suffer a breach of security safeguards affecting personal information under their control. Details of those obligations are set out in PIPEDA, the Breach of Security Safeguards Regulations and the guidance document titled “What you need to know about […] Read more

News

Court Denies Certification in Privacy Class Action: Personal Information is Not Necessarily Private Information

A recent Ontario court decision clarifies the distinction between personal information and private information and confirms that the wrongful disclosure of personal information may not always amount to a violation of privacy. In Broutzas, 2018 ONSC 6315, the court refused to certify a proposed privacy class action involving the sale of new mother contact information […] Read more

News

OSFI Issues Advisory on Technology and Cybersecurity Incident Reporting

On January 24, 2019, the Office of the Superintendent of Financial Institutions issued an Advisory setting out expectations for federally regulated financial institutions’ prompt (within 72 hours) reporting of technology and cybersecurity incidents. The Advisory will be effective on March 31, 2019. Federally regulated financial institutions should now take steps to prepare for compliance with […] Read more

News

Canada’s Anti-Spam Legislation — 2018 Year in Review

In 2018, the Canadian Radio-television and Telecommunications Commission continued to enforce Canada’s Anti-Spam Legislation (commonly known as CASL) and issued an important information bulletin regarding the CASL provision that imposes indirect liability for CASL violations. In addition, the federal government issued a formal response to a parliamentary committee report on CASL. Read our bulletin on […] Read more