On October 3, 2016, the Commission d’accès à l’information (CAI) released its 2016 quinquennial report, entitled “Rétablir l’équilibre” (Restoring the Balance), concerning the application of the Act respecting documents held by public bodies and the protection of personal information and the Act respecting the protection of personal information in the private sector (the “Private Sector Act”). […] Read more
On October 26, 2016, the Canadian Radio-television and Tele-communications Commission issued a Compliance and Enforcement Decision finding that Blackstone Learning Corp. violated Canada’s anti-spam legislation (CASL) by sending commercial electronic messages (CEM) without consent and imposing a $50,000 penalty. The Compliance and Enforcement Decision against Blackstone Learning Corp. related to nine email campaigns between 9 […] Read more
This year’s Privacy XChange Forum event is taking place on October 16-18 and is held at the Boulders Resort & Spa, situated in the foothills of Arizona’s Sonoran Desert. I am delighted to present with co-panelists Kate Black, Joëlle Jouret and Francesca Spidalieri on October 17th, on “Where In the World: A Quick and Easy Breakdown of Privacy Standards and Regulations”. From the […] Read more
IAPP and EY recently published their Annual Privacy Governance Report for 2016 which discusses recent privacy trends. This Report is the result of data provided by 600 privacy professionals across the globe, some of them from Canada. On the regulatory front, the Report notes that businesses are getting ready for the European Union’s new General Data Protection Regulation (entering […] Read more
The Office of the Privacy Commissioner of Canada (OPC) posted, earlier this week, the 51 submissions it received in response to its consultation on consent under the Personal Information and Electronic Documents Act (PIPEDA). The consultation is looking to identify improvements to the current consent model currently challenged. I have submitted my comments as part of this […] Read more
On September 27, 2016, the Canadian Securities Administrators released an updated cyber security notice to emphasize the need for financial market participants to proactively manage cyber risks and prepare for cybersecurity incidents, and to remind issuers to provide detailed and specific disclosures of material cyber risks in prospectuses and continuous disclosure filings. The notice provides important […] Read more
Today the Privacy Commissioner’s latest Annual Report was tabled, in Parliament. The 2015-16 report describes the work of the Office of the Privacy Commissioner of Canada (OPC) as it relates to both the Privacy Act, which applies to the federal public sector, and the Personal Information Protection and Electronic Documents Act (PIPEDA), the federal private sector privacy law. The Report discusses the […] Read more
The Conference Board of Canada and the Office of the Information and Privacy Commissioner of British Columbia co-hosted the inaugural Canadian Privacy Summit on April 13–14, 2016, in Vancouver, British Columbia. It brought together many of Canada’s foremost privacy experts from the public and private sectors in a wide-ranging conversation about the nature of privacy […] Read more
On August 22, 2016, the Office of the Privacy Commissioner of Canada (OPC) released an important joint investigation report regarding the Ashley Madison data breach, which exposed the personal information of some 32 million users of the online dating website marketed to people who are married or in committed relationships. As part of its investigation, […] Read more
The Future of Privacy Forum (FPF) announced yesterday the release of its Best Practices for Consumer Wearables and Wellness Apps and Devices, a detailed set of guidelines that responsible companies can follow to ensure they provide practical privacy protections for consumer-generated health and wellness data. I have been following these guidelines very closely over the last few […] Read more