Meaningful consent and data protection of third-party apps: Federal Court dismisses Privacy Commissioner’s complaint against Facebook
On April 13, 2023, the Federal Court handed down its decision in a case brought by the Office of the Privacy Commissioner of Canada (the “OPC”) against Facebook Inc. (“Facebook”).[1] The case centers around Facebook’s obligations with respect to third-party […]
Tackling privacy and cybersecurity challenges as critical parts of ESG success
Privacy and cybersecurity have evolved to take on major socio-political implications in recent years. Cybersecurity is currently one of the most serious enterprise risks facing Canadian businesses. It is also one of the greatest threats to national security and global […]
Privacy by Design and its current role in promoting trust in technology
OneTrust DataGuidance
David Krebs and Amanda Cutinha author an article for DataGuidance on Privacy by Design: Digital technology has and is continuing to transform the ways in which we interact with ourselves, each other, and the world at large. However, the benefits […]
2022 Year in Review – legal updates in Canadian marketing, advertising and product compliance
2022 proved to be an interesting year in the advertising, marketing and product compliance space in Canada. From changes to labelling requirements for foods and natural health products, amendments to Canada’s Competition Act to address drip pricing, an increased focus […]
Failure to prevent a data breach not equal to invasion of privacy: Ontario Court of Appeal shuts the door on “intrusion upon seclusion” tort
The Ontario Court of Appeal has released a new trilogy of cases regarding the privacy tort “intrusion upon seclusion.” Specifically, whether the privacy tort is available as against commercial entities collecting and storing clients’ personal information, where there was a […]
A to-do list for incident response
Cybersecurity incidents and data breaches arise without notice. Your organization may have fallen victim to a cyberattack or you may have received notice from a supplier that they have been attacked. Or perhaps a key employee has lost an unencrypted […]
Tactical and strategic steps for successful cyber incident preparedness
To kick-off this year’s cyber awareness month, we wanted to present an article that would look back on the past year along with our experience counseling organizations, large and small across all sectors, through the ordeal of cyberattacks, data extortion […]
Managing cybersecurity in M&A transactions: How to mitigate risk through due diligence
As companies have become increasingly technology-driven in recent years, a target’s cybersecurity posture has become a key focal point in the diligence process. The COVID-19 pandemic has made this concern particularly acute: notwithstanding that an increasingly large number of people […]
Takeaways on privacy breach risk assessment and data security programs: Alberta Privacy Commissioner issues breach report
On July 29, 2022 the Office of the Information and Privacy Commissioner of Alberta (the “OIPC”) issued its report on data breaches (PDF) (the “Report”). Alberta has been the leading Canadian jurisdiction with the most long-standing experience when it comes to reviewing, […]
David Krebs quoted in Canadian Lawyer article on Bill C-26
Canadian Lawyer, "‘Vital systems’ cybersecurity law’ will expand information sharing, protect organizations: lawyer"
In this article, David Krebs discusses Bill C-26, a two-part piece of proposed legislation which includes the Critical Cyber Systems Protection Act, and its effects: The proposed law would take requirements which already exist for banks under the Office of […]
