Blog
News
Privacy Commissioner’s Guidance for Compliance with PIPEDA’s Breach of Security Safeguards Obligations
Éloïse Gratton October 30, 2018 Security Breach
On October 29, 2018 the Office of the Privacy Commissioner of Canada (“OPC”) issued a guidance document titled “What you need to know about mandatory reporting of breaches of security safeguards” (the “Guidance”) to help organizations comply with personal information security breach obligations under Canada’s federal Personal Information Protection and Electronic Documents Act (“PIPEDA”). Commencing […] Read more
Events Legal
Formation de 3 heures à Montréal – Cybersécurité et vie privée des employés
Éloïse Gratton October 20, 2018
J’offrirai, avec mon associée Katherine Poirier, une formation de 3 heures au début du mois de novembre en matière de cybersécurité et vie privée des employés. Le vol d’informations confidentielles est un fléau en pleine croissance. Il devient donc essentiel de connaître le cadre juridique, d’identifier les risques afférents et de développer les outils nécessaire […] Read more
News
Our comments in response to the OPC Notice of consultation on new mandatory breach reporting guidance
Éloïse Gratton October 3, 2018
Brad Freedman, François Joli-coeur and I have submitted comments on October 2, 2018 in response to the Notice of consultation on new mandatory breach reporting guidance and form issued by the Office of the Privacy Commissioner of Canada (“OPC”). The Notice invites comments regarding the OPC’s draft guidance, published September 17, 2018, regarding the breach of […] Read more
News
Video – What should US companies know about Canadian privacy laws?
Éloïse Gratton September 24, 2018
Privacy laws are constantly evolving. Companies doing business in Canada need to be aware of their requirements. Privacy and data protection in Canada is typically more stringent than in the United States and includes regulations to govern the collection, use and sharing of personal information. In this video, I discuss the differences between Canadian and […] Read more
News
Preparing for Compliance with New Privacy Consent Guidelines
Éloïse Gratton September 21, 2018
Commencing January 1, 2019, the Privacy Commissioner of Canada will begin enforcing Guidelines for obtaining meaningful consent, which impose requirements and provide recommendations for private sector organizations to obtain legally valid consent for the collection, use and disclosure of personal information. The Guidelines specify requirements for the form and content of privacy policies/notices and for clear […] Read more
Events Legal
Privacy and Data Protection Luncheon (Toronto Sept. 27th): GDPR, new breach notification and consent requirements
Éloïse Gratton September 5, 2018
BLG is organizing a privacy luncheon on September 27th in Toronto. Privacy and data protection continue to be top business and legal risks for Canadian organizations. Recent legal developments impose significant new restrictions and requirements for the handling of personal information, and expose Canadian organizations to potentially substantial risks and liabilities. I will be presenting […] Read more
Legal News
Séminaire en protection de la vie privée le 26 septembre à Montréal: RGPD, nouvelles obligations relatives aux atteintes à la sécurité et à l’obtention du consentement
Éloïse Gratton September 4, 2018
BLG organise un séminaire sur le respect de la vie privée et la protection des renseignements personnels le mercredi 26 septembre 2018 à notre bureau de Montréal. Le respect de la vie privée et la protection des renseignements personnels figurent toujours parmi les plus grands risques commerciaux et juridiques auxquels sont exposées les entreprises canadiennes. Je […] Read more
Legal News
Loss of Legal Privilege over Cyberattack Investigation Report (Kaplan v. Casino Rama Services)
Éloïse Gratton August 30, 2018
Cyber incident response activities often involve the creation of forensic investigation reports that might be protected by legal privilege, depending on the purpose of the reports and the circumstances surrounding their creation and use. The 2018 Ontario Superior Court decision in Kaplan v. Casino Rama Services illustrates how an organization can lose the right to […] Read more
Legal News
Privacy Business Risks on the Rise: Privacy Concerns can Lead to Significant Loss in Market Value
Éloïse Gratton July 31, 2018
Business risks resulting from consumer privacy concerns are on the rise. Last week, Facebook and Twitter reported second quarter results which revealed that both companies lost a significant number of active users due to privacy and data protection concerns. Their stock price plummeted by approximately 20 per cent each, resulting in a combined loss in market […] Read more
Legal News Publications
Public Facebook Profiles Not Equivalent to Public Information Under PIPEDA
Éloïse Gratton July 23, 2018 Social Media
In its most recent report of findings entitled “Company’s re-use of millions of Canadian Facebook user profiles violated privacy law,” the Office of the Privacy Commissioner (the “OPC”) dealt with the often confusing issue of personal information that is publicly available and confirmed its view that Facebook profiles that are set to public are not considered “publicly […] Read more
