Discover how artificial intelligence is reshaping the future of mergers and acquisitions. From identifying strategic opportunities to streamlining due diligence and enhancing contract negotiations, AI is revolutionizing every stage of the M&A process. This article explores the tangible advantages of
Anonymizing personal information – how to comply
Since the adoption in September 2021 of the Act to modernize legislative provisions as regards the protection of personal information (Law 25), several new concepts and mechanisms have been introduced to the Quebec legislation.
These new concepts include anonymization
How to Effectively Draft Data Processing Agreements to Protect Information Shared with Service Providers – Part 2
In our previous post, we discussed specific considerations for common boilerplate provisions in data processing agreements (DPAs). Due to the sensitivity of data transfers and privacy laws, DPAs require careful drafting to ensure the data processor complies with appropriate
How to Effectively Draft Data Processing Agreements to Protect Information Shared with Service Providers – Part 1
Modern businesses collect and process personal information about their customers and employees for the benefit of their business – these benefits include identifying opportunities to enhance their products or services, streamlining operations, reducing costs or maximizing profits. Processing such data
Managing AI risks and legal implications, effective cybersecurity, ensuring privacy and the integrity of organizational records
In a world where generative AI is driving innovation and technology is outpacing legislation, there’s a lot for companies to consider to maintain operational effectiveness and minimize risk. To help provide some guidance, Norton Rose Fulbright Canada hosted its 2023
Act 25 – Demystifying privacy impact assessments with the CAI’s new tools
With most provisions of the Act to modernize legislative provisions as regards the protection of personal information (Act 25) having just come into effect on September 22, public bodies and enterprises (organizations) will now need to conduct privacy impact assessments
Practical steps for businesses to comply with Bill C-27: part 2
In our previous update, we summarized key operational elements that businesses should be aware of under the proposed Consumer Privacy Protection Act (CPPA), and provided practical tips to help businesses comply with these new requirements. As currently drafted, the
Practical steps for businesses to comply with Bill C-27: Part 1
The House of Commons recently introduced Bill C-27, the successor to Bill C-11, which died on the docket when Parliament was dissolved in the fall of 2021. Bill C-27 introduces three new acts: the Consumer Privacy Protection Act (“
The aftermath of an incident – business considerations surrounding record-keeping
In our previous publication, we discussed the legal obligations and procedural considerations surrounding maintaining records of privacy incidents. While the specific obligations vary by jurisdiction, maintaining some form of a record that tracks privacy incidents is a statutory obligation
Bill C-26: a first step at reinforcing Canadian cybersecurity
On June 14, the House of Commons introduced Bill C-26: An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts (Bill C-26). This bill is presented in two parts:
- The first is to amend