How do you balance sharing and protecting your business’ data? Unlike tangible assets, which can be protected primarily through physical means, intangible assets such as data require additional considerations. One key strategy to protect your business’ data is to characterize,
Ontario moves towards introducing new privacy law
Given global trends in the development of privacy laws and enforcement, Canada and several provinces are looking at modernizing their respective privacy regimes. Ontario’s new proposed privacy law, which would govern commercial activities more broadly than current legislation (i.e., our
Privacy commissioners take position on using facial recognition technology
Investigative findings
In a joint investigation report, the Privacy Commissioner of Canada, together with the commissioners of BC, Alberta, and Quebec concluded that Clearview AI violated Canadians’ privacy rights under federal and provincial privacy laws by scraping billons of images
Bill C-11: Canada proposes new data privacy legislation
On November 17, 2020, the Minister of Innovation, Science and Industry, Navdeep Bains, tabled proposed legislation in Parliament that aims to overhaul Canada’s data privacy law. Bill C-11, entitled An Act to enact the Consumer Privacy Protection Act and the Personal Information and Data Protection Tribunal Act and to make consequential and related amendments to other Act, will create new data privacy obligations and new enforcement mechanisms for these obligations if it becomes law.
Data protection and cyber risk issues in arbitration – dealing with regulation, cyber attacks and hacked evidence
The GDPR has significantly altered the landscape of data protection. Its broad scope and potentially severe penalties have forced those who hold and process data to take note of its provisions. In certain instances, that will include many in the
Major DDoS Attacks Signal Need for Strengthened Cyber Defenses
On Friday, October 21, a series of Distributed Denial of Service (DDoS) attacks were launched against the servers of Dyn, a major DNS host. DNS hosts operate in a manner akin to a switchboard for the Internet, helping to route domain names (e.g., dataprotectionreport.com) to underlying IP addresses (e.g., 104.28.6.115). By attacking Dyn, hackers were able to prevent end-users from reaching the websites and online services that relied on Dyn, including Netflix, Twitter, Spotify, SoundCloud, Amazon, AirBnB, Reddit, PayPal, Pinterest, CNN, Fox News, the Guardian, the New York Times, and the Wall Street Journal. In a statement, Dyn described the attack as “a sophisticated, highly distributed attack involving 10s of millions of IP addresses.”
Canada uses anti-spam law to take down Toronto botnet
The Canadian Radio-television and Telecommunications Commission (CRTC) announced on Thursday, December 3, 2015, that it had served its first-ever warrant under Canada’s anti-spam law (CASL, enacted July 2014) to take down a command-and-control server located in Toronto, Ontario, that was being used to distribute Win32/Dorkbot malware.
Ontario to introduce enhanced privacy legislation for healthcare data
The Government of Ontario announced that it intends to introduce amendments to the Province’s Personal Health Information Protection Act (PHIPA) that, if passed, would strengthen privacy rules with respect to health records, make it easier to prosecute offences, and increase fines for privacy breaches.