Canadian privacy commissioners have emphasized the importance of the final step of a privacy breach response process — prevention and lessons learned. The recent decision by the British Columbia Court of Appeal in Ari v. Insurance Corporation of British Columbia confirms that an organization’s failure to learn from past privacy breaches and prevent future privacy […] Read more

On April 23, 2019, the Canadian Radio-television and Telecommunications Commission (CRTC) issued Compliance and Enforcement Decision 2019-111, imposing an administrative penalty of $100,000 on Brian Conley — the President and Chief Executive Officer of nCrowd — for infringing consent and unsubscribe requirements under Canada’s Anti-Spam Legislation (CASL). Read our bulletin on this topic. Read more

In December 2018, the United States Financial Industry Regulatory Authority issued a Report on Selected Cybersecurity Practices – 2018 to help broker-dealer firms improve their cybersecurity programs. The Report provides detailed recommendations for managing common cyber risks, and includes a list of core cybersecurity controls for small firms. The Report provides guidance that is consistent […] Read more

In the Fall 2018 Education Law Newsletter, BLG reported on the Ontario Court of Appeal decision in R. v. Jarvis. In that decision, a high school English teacher was acquitted of voyeurism for using a camera pen to surreptitiously film female students’ chests. On February 14, 2019, the Supreme Court of Canada unanimously reversed the Ontario […] Read more

Canada’s federal Personal Information Protection and Electronic Documents Act (“PIPEDA”) imposes obligations on private sector organizations that suffer a breach of security safeguards affecting personal information under their control. Details of those obligations are set out in PIPEDA, the Breach of Security Safeguards Regulations and the guidance document titled “What you need to know about […] Read more