Blog
Events News
Webinar: Complying with Canada’s Upcoming Breach Notification Requirements (August 29)
Éloïse Gratton August 10, 2017
I will participate, with Eduard Goodman, Global Privacy Officer for Cyberscout, at a webinar taking place on Tuesday, August 29, at 11 am PT / 2 pm ET on the management of cybersecurity breaches and notification requirements. The amendments to PIPEDA – through the Digital Privacy Act – will require private-sector organisations doing business in Canada to notify […] Read more
News
Settlement of Ashley Madison Data Breach U.S. Class Action Lawsuits
Éloïse Gratton August 10, 2017
In 2015, the Ashley Madison discreet affair website operated by Ruby Corp. (previously known as Avid Life Media) was subject to a cyber-attack by hackers who published the details (including sensitive personal information) of over 30 million Ashley Madison user accounts. The data breach resulted in a joint investigation by the Canadian and Australian Privacy […] Read more
Events News
Responsible Openness: What You Need To Know To Get Started Today – RDA Event September 18th
Éloïse Gratton July 29, 2017
I will be participating at the Responsible Openness: What You Need To Know To Get Started Today – RDA 10th Plenary Collocated Event taking place in Montreal on September 18, 2017. Research projects handling data come under scrutiny when they seek to obtain funding, with the principal investigator asked to present a responsible data management […] Read more
News
Mandatory Reporting of Privacy Breaches to the Information and Privacy Commissioner now required under the Personal Health Information Act
Éloïse Gratton July 12, 2017
In June 2016, the Personal Health Information Protection Act (PHIPA) was amended to require that custodians provide notice to the Information and Privacy Commissioner of Ontario if the circumstances surrounding a theft, loss or unauthorized use or disclosure met certain requirements. In June yhis year, the regulations setting out those circumstances were published and are […] Read more
News
BLG recrute Avocat salarié – Droit des Technologies de l’information et Protection de la vie privée
Éloïse Gratton July 10, 2017
BLG offre à ses clients des conseils stratégiques et juridiques dans le domaine du droit des technologies de l’information et de la protection de la vie privée par le biais de son groupe sectoriel Respect de la vie privée et protection des renseignements personnels que je supervise. Ce groupe sectoriel est reconnu pour être un chef […] Read more
News
Google Inc. v. Equustek Solutions Inc.: Supreme Court Gives the Green Light to Global Orders to Take Down Search Results
Éloïse Gratton July 5, 2017
The Supreme Court of Canada confirmed for the first time last week in Google Inc. v. Equustek Solutions Inc. that Canadian courts can order the worldwide removal of search results. I have co-authored a bulletin on this topic with Julien Boudreault, which is summarized below. Overview In a divided decision (7-2), the Court upheld an interlocutory […] Read more
News
Douez v. Facebook : The Supreme Court of Canada confirms that a business cannot contract out of the local privacy law
Éloïse Gratton June 28, 2017
On June 23rd, 2017, the Supreme Court of Canada issued a decision in Douez v. Facebook on the enforceability of forum selection clauses in online contracts which will significantly affect the legal risks of businesses employing the Business to Consumer (B2C) revenue model. The divided Court rejected Facebook’s effort to block a privacy class action […] Read more
Legal
Legal Privilege for Data Security Incident Investigation Reports
Éloïse Gratton June 9, 2017
My partner Brad Freedman recently published a short article on Legal Privilege for Data Security Incident Investigation Reports. Data security incident response activities usually involve the creation of sensitive communications and documents that might be subject to legal disclosure obligations unless they are protected by legal privilege. An organization’s ability to assert legal privilege over a communication […] Read more
Legal News
CASL – Government Suspends Private Right of Action
Éloïse Gratton June 7, 2017
The Government of Canada published today an Order in Council P.C. 2017-0580, indefinitely suspending the effective date of the private right of action under Canada’s Anti-Spam Legislation (CASL). The Precis for the Order in Council explains that purpose of the Order is to delay the coming into force date of the private right of action […] Read more
News
Canada’s Anti-Spam Legislation: Preparing for the End of Special Transition Rule for Implied Consent to Receive CEMs
Éloïse Gratton May 25, 2017
On July 1, 2017, contraventions of Canada’s Anti-Spam Legislation (commonly known as “CASL”) will be subject to enforcement through private litigation, including class proceedings. On the same day, certain implied consents to receive commercial electronic messages, which are based on a special transition rule, will expire. Organizations should take steps now to verify their CASL […] Read more