BC Commissioner Releases Cannabis Sales Privacy Protection Guidelines
As a result of the recent legalization of recreational cannabis in Canada, the Office of the Information and Privacy Commissioner for British Columbia (the “OIPC”) published guidelines (titled “Protecting Personal Information: Cannabis Transactions”) that aim to clarify the rights and...
NIST Launches Privacy Framework Initiative
For many years, the cybersecurity framework developed by the U.S. Department of Commerce’s National Institute of Standards and Technology (“NIST”) has been relied upon by organizations around the world as a foundational framework document. Given its success in the cybersecurity...
Canadian Commissioner Seeks Stronger Privacy Laws
Last week, the Office of the Privacy Commissioner (the “OPC”) released its 2017-2018 Annual Report (the “Report”). The Commissioner took the opportunity to raise serious concerns around the adequacy of Canadian privacy laws in the face of an increasingly digital...
Mandatory Breach Draft Guidance Released
On September 17, 2018, the federal Office of the Privacy Commissioner (“OPC”) published its draft guidance about mandatory reporting of breaches of security safeguards (“Draft Guidelines”). The OPC is seeking public comments as it readies itself for a November 1,...
Getting Privacy Due Diligence Right
Increasingly, a key asset that organizations hold is the sensitive data they collect, use and retain about their customers, employees and suppliers. It is, therefore, no surprise that data security and privacy compliance have become a top-of-mind consideration for organizations...
Upcoming Mandatory Breach Notification Refresher
In keeping with the global movement towards increased data protection legislation, as evidenced by the recent enactment of the General Data Protection Regulation (GDPR) in Europe and similar legislation adopted in California and Brazil, Canada will (as of November 1,...
Brazilian GDPR Comes into Force
On August 14, 2018, less than three months after the coming into force of the European General Data Privacy Protection Regulation (“GDPR”), the President of Brazil sanctioned, with partial veto, bill PLC 53/2018, which regulates the protection of personal information...
Canadian Privacy Commissioner says public profiles are private
On June 12, 2018, the Office of the Privacy Commissioner (“OPC”) [1] released its report [2] into Profile Technology Ltd.’s (“Profile Technology”) use of “publicly available” Facebook profiles. The OPC concluded that Profile Technology had not obtained the necessary consents from individuals...
PIPEDA and the Digital Privacy Act: Part 2 – Application to Pension Plans?
As discussed in our most recent blog post, much attention has been given recently to the Digital Privacy Act[1] and the changes that will come into force later this year under the Personal Information Protection and Electronic Documents Act (“PIPEDA”)...
California Passes New Privacy Law
As of January 1, 2020, organizations around the world who process personal data of California residents will be required to comply with the new provisions of the California Civil Code, as amended by the California Consumer Privacy Act of 2018...
