Blog

News

Canada’s Anti-Spam Legislation – 2022 Year in Review

In 2022, the Canadian Radio-television and Telecommunications Commission continued to enforce Canada’s Anti-Spam Legislation (commonly known as “CASL”). CASL CASL creates a comprehensive regime of offences, enforcement mechanisms and potentially severe penalties designed to prohibit the sending of unsolicited commercial electronic messages (CEMs), the unauthorized commercial installation and use of computer programs on another person’s computer system […] Read more

News

La CAI se prononce sur l’interprétation de nouvelles exigences en matière d’intelligence artificielle

La Commission d’accès à l’information (la « CAI ») a récemment publié une décision au sujet de l’utilisation d’un système d’intelligence artificielle (« IA »). Cette décision aborde certaines nouvelles dispositions introduites par la Loi modernisant des dispositions législatives en matière de protection des renseignements personnels (la « Loi 64 »)1, qui n’entreront en vigueur que le 22 septembre 2023, et donne un aperçu du cadre d’analyse que pourrait […] Read more

News

The CAI rules on the interpretation of new AI requirements

The Commission d’accès à l’information (CAI) recently published a decision regarding the use of an artificial intelligence (AI) system. This decision refers to some new provisions introduced by the Act to modernize legislative provisions as regards the protection of personal information (Bill 64),1 coming into force on September 22, 2023, and offers insight into the analytical framework the CAI might […] Read more

News

Software License Agreements: A Practical Guide

Computer software is an essential tool for almost every organization. Businesses and other organizations use computer software to create products, perform services, manage relationships, control internal operations, and process and store sensitive and regulated data. Almost every organization procures and uses various kinds of computer software and ancillary services provided by numerous software vendors/service providers. […] Read more

News

New privacy compliance requirements coming under B.C.’s FIPPA legislation

Commencing February 1, 2023, British Columbia’s public sector privacy statute – the Freedom of Information and Protection of Privacy Act – will require public bodies to have a privacy management program and to comply with privacy breach notification obligations. Accordingly, public bodies should now prepare for compliance with those new requirements. You can read our article on […] Read more

News

Transfert de renseignements personnels hors du Québec : nouvelles exigences pour les entreprises

La Loi modernisant des dispositions législatives en matière de protection des renseignements personnels (la « Loi amendée »), adoptée le 21 septembre 2021, introduit d’importantes modifications au régime applicable à la communication de renseignements personnels à l’extérieur du Québec (c’est-à-dire au partage ou à l’accès à distance, que nous regroupons sous le vocable « transfert »), que ce transfert soit destiné […] Read more

News

Cross-border transfers of personal information outside Québec: new requirements for businesses

The Act to modernize legislative provisions as regards the protection of personal information (the Amended Act), adopted on September 21, 2021, makes significant changes to the rules applicable to the communication of personal information outside Québec (specifically, the sharing of information or the granting of remote access, both of which we will refer to as transfers), whether […] Read more

News

Ontario Court of Appeal rules against plaintiffs in trilogy of privacy class actions

In a highly anticipated trilogy of privacy class action certification appeals, the Ontario Court of Appeal refused to certify three class actions based on the tort of intrusion upon seclusion. In Oswianik v. Equifax Canada Co., Obodo v. Trans Union of Canada, Inc., and Winder v. Marriott International, Inc., the Ontario Court of Appeal held that defendants who collect […] Read more

News

Privacy Commissioner decision provides guidance for parties to M&A transactions

The Privacy Commissioner of Canada’s decision regarding the Starwood/Marriott data security breach provides important guidance for parties to M&A transactions and for all organizations that handle personal information. Marriott International (Marriott) acquired Starwood Hotels (Starwood) through a share purchase transaction in September 2016. Marriott assessed Starwood’s IT practices as part of the transaction due diligence. After the […] Read more