My data, everyone’s business – Privacy regulators issue Concluding Joint Statement on data scraping and the protection of privacy
On October 28, 2024, the Office of the Privacy Commissioner of Canada (“OPC”) issued a Concluding Joint Statement on data scraping and privacy protection.[1] This document outlines the expectations for organizations to safeguard individuals against the risks posed by unlawful […]
Facebook failed to obtain consent and safeguard personal data: Federal Court Appeal clarifies PIPEDA compliance
INTRODUCTION On September 9, 2024, the Federal Court of Appeal (the “FCA”) issued its decision in Privacy Commissioner of Canada v Facebook Inc., 2024 FCA 140,[i] overturning the Federal Court’s decision[ii] and declaring that Facebook, Inc. (now Meta Platforms Inc.) […]
EU Artificial Intelligence Act: Implementation timeline and impact on Canadian companies
On July 12th, 2024, the European Union’s Artificial Intelligence Act (the “AI Act” or the “Act”) was published in the Official Journal of the European Union, making it the world’s first comprehensive legislation regulating artificial intelligence (“AI”) technologies. The AI […]
Essential legal due diligence for investing in AI companies: Top tips for investors and legal advisors
Introduction Investment banks and private equity firms are increasingly attracted to the potential of artificial intelligence (“AI”) companies as lucrative investment opportunities. However, the unique and evolving nature of AI technology and developing regulations demands comprehensive due diligence to evaluate […]
Le gouvernement du Québec publie un Règlement sur l’anonymisation des renseignements personnels
Le 22 septembre 2023 marquait l’entrée en vigueur d’importantes modifications à la Loi sur la protection des renseignements personnels dans le secteur privé du Québec (la « Loi sur le secteur privé ») pour toutes les entreprises qui recueillent, détiennent, utilisent ou […]
Legal privilege in cyber incident response: Insights from the LifeLabs data breach
When organizations fall victim to cyber-attacks or other incidents involving data security, they must respond in a way that allows for swift action, while still looking around corners to what additional risks might be lurking after the incident has been […]
AI in music: The Drake/Tupac case and beyond
In a matter of days, Drake’s latest release went from making headlines around the world to being taken down amidst threats of legal action from the estate of arguably one of the most revered and popular rap artists of all […]
Privacy prevails: The Supreme Court of Canada’s landmark decision regarding IP address privacy
On March 1, 2024, the Supreme Court of Canada released its decision in R v Bykovets, finding that IP addresses attract a reasonable expectation of privacy. Accordingly, corporations should take note that they have no legal obligation to provide the […]
Officer and director liability for cybersecurity breaches: Canadian implications of the SolarWinds case
Facts With the continued prevalence of cybersecurity threats and the many times associated consequences of business interruption, reputational damage, personal data breaches, disclosure of confidential and proprietary information, as well as loss of revenue, it comes as no surprise that […]
Mesures pratiques pour aider votre entreprise à se préparer à la nouvelle législation canadienne en matière de protection de la vie privée : Loi 25 du Québec et le projet de loi fédéral C-27
La législation sur la protection de la vie privée au Canada est en plein changement – voici un guide pratique pour aider les entreprises à s’adapter à la Loi 25 du Québec et au projet de loi C-27 du gouvernement fédéral. Le […]
