Last Friday, the Office of the Privacy Commissioner of Canada (OPC) published its Draft Position on Online Reputation. In this Draft Position, the OPC articulated the view that the Personal Information Protection and Electronic Documents Act (“PIPEDA”) already include a de-indexing right – allowing individuals to request that search engines de-index results with respect to their […] Read more
Auteure: Claire Farnoux, étudiante au cours DRT-6929E-A Depuis le mois de décembre 2014, le code criminel canadien prévoit une infraction de publication non consensuelle d’une image intime, en son article 162.1(1) visant « Quiconque sciemment publie, distribue, transmet, vend ou rend accessible une image intime d’une personne, ou en fait la publicité, sachant que cette personne n’y […] Read more
The January 2018 OPC finding and settlement of VTech data breach enforcement actions by the Privacy Commissioner of Canada and the United States Federal Trade Commission provide important guidance for data security and compliance with personal information protection laws. Most importantly, organizations should establish a comprehensive information security management framework. Read more
Canada’s Anti-Spam Legislation (also known as “CASL”) came into force in July 2014 and provided that a review of its provisions and operation had to be undertaken three years after it came into force. The House of Commons Standing Committee on Industry, Science and Technology (“INDU”) undertook this review and held hearings this fall. On […] Read more
J’enseignerai, pour une sixième année consécutive, le cours DRT-6929E-A, un cours portant sur le droit des TI et de la protection des renseignements personnels à la Faculté de droit de l’Université de Montréal. Le cours est offert aux étudiants à la maîtrise et se déroule tous les mercredis de 16h à 19h, du 10 janvier […] Read more
In the recent seminal decision R. v. Marakah, 2017 SCC 59, the Supreme Court of Canada (the “SCC”) established that Canadians have a reasonable expectation of privacy in the text messages they send, even after they have been received by the recipient. The majority opinion, which led 5-2 but with heavy dissent, recognized the privacy implications […] Read more
On October 19, 2017, the Canadian Radio-television and Telecommunications Commission issued Compliance and Enforcement Decision CRTC 2017-368 in a contested enforcement proceeding, imposing a $200,000 penalty on Compu.Finder for violating Canada’s Anti-Spam Legislation (commonly known as “CASL”) by sending 317 commercial emails without the recipients’ consent and in some instances without a compliant unsubscribe mechanism. […] Read more
There has been uncertainty in Canada with regards to whether consumer-incentive programs involving loyalty or rewards points fall under the scope of provincial consumer protection laws, given their free nature. Loyalty programs encourage consumers to be loyal to a specific merchant in exchange for the opportunity to obtain goods and services either at a discounted […] Read more
On October 13, 2017, the Group of Seven countries, including Canada, the United Kingdom and the United States (the “G-7”), issued a report titled G-7 Fundamental Elements for Effective Assessment of Cybersecurity in the Financial Sector (the “G7FEA”) to provide guidance for effective cybersecurity assessments by financial sector organizations. The G7FEA supplements the G-7’s 2016 report titled G7 […] Read more
On October 19, 2017, the Canadian Securities Administrators (“CSA”) published Staff Notice 33-321 Cyber Security and Social Media to report on a survey of cybersecurity and social media practices by firms registered to trade securities or to advise clients regarding securities, and to provide guidance regarding cybersecurity and social media practices. The Staff Notice supplements the CSA’s […] Read more