Privacy class actions triggered by data breaches are growing in popularity in Canada, with more than 30 of them pending throughout the country. While none of these cases have yet been heard on their merits, some are being certified or authorized. The Superior Court of Quebec recently rendered judgment on a motion to authorize a […] Read more
The Federal Court has recently issued its judgment in the application against Romania-based website Globe24h.com. This case follows the Office of the Privacy Commissioner’s PIPEDA Report of Findings #2015-002 “Website that generates revenue by republishing Canadian court decisions and allowing them to be indexed by search engines contravened PIPEDA”. Globe24h was republishing Canadian court decisions, allowing them […] Read more
I was recently interviewed by CyberScout just after I appeared on a privacy panel at CyberScout’s Privacy XChange Forum entitled “Where In the World: A Quick and Easy Breakdown of Privacy Standards and Regulations”. In the interview, I summarize the breach notification regulations in Canada and discuss what should be included in a cybersecurity plan. I also discuss […] Read more
BLG released today its Top 10 Legal Risks for Business in 2017, which is an annual thought leadership report forecasting the key trends and regulatory changes that will have legal implications for its clients in the year ahead. The second risk discussed in this annual report relates to cybersecurity and data privacy. The 2016 Annual Privacy Governance […] Read more
J’enseignerai, pour une cinquième année consécutive, le cours DRT-6929E-A, un cours portant sur le droit des TI et de la protection des renseignements personnels à la Faculté de droit de l’Université de Montréal. Le cours est offert aux étudiants à la maîtrise et se déroule tous les lundis de 16h à 19h, du 9 janvier […] Read more
I recently came across an article entitled “How Social Security numbers became Skeleton keys for fraudsters” which raises how, in the U.S., the Social Security number is overused and abused by hospitals, banks and even retailers, putting millions of Americans at risk of identity theft. The article goes on to explain how this number was […] Read more
The Supreme Court of Canada’s recent decision in Royal Bank of Canada v. Trang, (“Trang“) reviewed the obligations of financial institutions to preserve personal information and clarified when disclosure of personal information without consent will be permitted. This decision has considerable implications for creditors and third party lenders. There is a strong suggestion that debtors […] Read more
The 2016 Brussels Privacy Symposium which took place last week (November 8th) is the first annual academic program jointly presented by the Brussels Privacy Hub of the Vrije Universiteit Brussel (VUB) and the Future of Privacy Forum (FPF). The all-day workshop is titled: Identifiability: Policy and Practical Solutions for Anonymization and Pseudonymization. Khaled El Emam, […] Read more
Wearable and mobile devices that help users track physiological information can greatly improve consumers’ lives. Wearable technologies – and related apps and services – can use sensors to collect environmental, behavioral, and social data from consumers. Users can monitor, evaluate, and improve something as simple as a fitness routine or as serious as a medicine […] Read more
Le 3 octobre 2016, la Commission d’accès à l’information (CAI) rendait public son rapport quinquennal 2016, intitulé « Rétablir l’équilibre », concernant l’application de la Loi sur l’accès aux documents des organismes publics et sur la protection des renseignements personnels et de la Loi sur la protection des renseignements personnels dans le secteur privé (ci-après la « Loi […] Read more