News | Page 26
News
CASL Enforcement Decision — Interpretive Guidance for Compliance and Penalties
Éloïse Gratton November 22, 2017
On October 19, 2017, the Canadian Radio-television and Telecommunications Commission issued Compliance and Enforcement Decision CRTC 2017-368 in a contested enforcement proceeding, imposing a $200,000 penalty on Compu.Finder for violating Canada’s Anti-Spam Legislation (commonly known as “CASL”) by sending 317 commercial emails without the recipients’ consent and in some instances without a compliant unsubscribe mechanism. […] Read more
News
Ontario and Quebec Set to Update Legal Requirements on Loyalty Programs
Éloïse Gratton November 17, 2017
There has been uncertainty in Canada with regards to whether consumer-incentive programs involving loyalty or rewards points fall under the scope of provincial consumer protection laws, given their free nature. Loyalty programs encourage consumers to be loyal to a specific merchant in exchange for the opportunity to obtain goods and services either at a discounted […] Read more
News
G-7 Guidelines for Cybersecurity Assessment
Éloïse Gratton October 27, 2017
On October 13, 2017, the Group of Seven countries, including Canada, the United Kingdom and the United States (the “G-7”), issued a report titled G-7 Fundamental Elements for Effective Assessment of Cybersecurity in the Financial Sector (the “G7FEA”) to provide guidance for effective cybersecurity assessments by financial sector organizations. The G7FEA supplements the G-7’s 2016 report titled G7 […] Read more
Events Legal News
BLG – Class Actions Update (Toronto Nov. 1st)
Éloïse Gratton October 27, 2017
BLG’s annual class actions update event is taking place on November 1, 2017, in Toronto. It is an opportunity to participate in lively and informative discussions on recent developments and trends in class actions today. I will be co-presenting with Patrick Hawkins on “Privacy and Cybersecurity – Keeping you awake at night?” Other topics include: Prevention is […] Read more
Legal News
Cybersecurity Guidance from Canadian Securities Administrators
Éloïse Gratton October 26, 2017
On October 19, 2017, the Canadian Securities Administrators (“CSA”) published Staff Notice 33-321 Cyber Security and Social Media to report on a survey of cybersecurity and social media practices by firms registered to trade securities or to advise clients regarding securities, and to provide guidance regarding cybersecurity and social media practices. The Staff Notice supplements the CSA’s […] Read more
News
Demers v. Yahoo Inc: Québec Court Confirms that Québec Consumer Law Applies to Free Online Services
Éloïse Gratton October 24, 2017
In a September 19, 2017 decision in Demers v Yahoo! Inc., the Québec Superior Court rejected Yahoo! Inc. and Yahoo! Canada Co.’s (collectively, “Yahoo”) motion to dismiss a motion for authorization of a class action resulting from two highly publicized data security incidents that occurred in 2013 and 2014. This decision has important implications for […] Read more
Events Legal News
2017 IT.CAN 21st Annual Conference (Toronto October 23-24)
Éloïse Gratton October 22, 2017
The 2017 IT.CAN 21st Annual Conference is taking place on October 23–24, at the St. Andrew’s Club and Conference Centre 150 King St. West, 16th Floor, Toronto. I will participate on a panel entitled “Legal Control of Internet Content: Who Decides and What is the Impact?” with co-panelists Curt Howard, Head of Legal, Google Canada […] Read more
Legal News
The European Union General Data Protection Regulation – A Primer for Canadian Organizations
Éloïse Gratton October 20, 2017
The European Union General Data Protection Regulation (the “GDPR”), which will come into force in May 2018, is a significant evolution in personal data protection laws, and is materially different in important respects from the Canadian Personal Information Protection and Electronic Documents Act and similar provincial laws. The GDPR is complicated and nuanced, with permitted variances among European Union […] Read more
News
IAPP – Privacy. Security. Risk. 2017 (San Diego October 16-18)
Éloïse Gratton October 14, 2017
I will be attending the IAPP PSR 2017 annual event in San Diego (October 16-18) and presenting on the following topic “Learn From my Fail: Avoiding Privacy Program Snafus & Screw-Ups” with the following co-panelists: Lael Bellamy, CIPP/US, CPO, The Weather Channel Peggy Eisenhauer, CIPP/US, Founder, Privacy & Information Management Services Eloïse Gratton, Partner and National Co-leader, Privacy and Data Protection, Borden Ladner […] Read more
News
Important Changes to Password Best Practices Guidance
Éloïse Gratton October 13, 2017
Passwords are an essential cybersecurity tool. Unfortunately, some long-standing password practices recommended by regulators and standards organizations may encourage risky behaviour. Regulators and standards organizations have recently issued updated guidance recommending simplified password practices (e.g. no mandatory regular password changes) to increase password security. Canadian organizations should assess and improve their password practices in light […] Read more