Jeremie Wyatt (CA)

Subscribe to all posts by Jeremie Wyatt (CA)

Managing AI risks and legal implications, effective cybersecurity, ensuring privacy and the integrity of organizational records

Photo of Imran Ahmad (CA)Photo of John Cassell (CA)Photo of Maya MedeirosPhoto of Veronique Barry (CA)Photo of Sara A. Levine, KC (CA)Photo of Jesse BeatsonPhoto of Roxanne Caron (CA)Photo of Jeremie Wyatt (CA)By Imran Ahmad (CA), John Cassell (CA), Maya Medeiros, Veronique Barry (CA), Sara A. Levine, KC (CA), Jesse Beatson, Roxanne Caron (CA) and Jeremie Wyatt (CA) on Posted in Artificial Intelligence, Cybersecurity
In a world where generative AI is driving innovation and technology is outpacing legislation, there’s a lot for companies to consider to maintain operational effectiveness and minimize risk. To help provide some guidance, Norton Rose Fulbright Canada hosted its 2023 technology, privacy and cybersecurity virtual summit. Our leading lawyers were joined by prominent industry leaders … Continue reading

Act 25 – Demystifying privacy impact assessments with the CAI’s new tools

Photo of Imran Ahmad (CA)Photo of Veronique Barry (CA)Photo of Roxanne Caron (CA)Photo of Jeremie Wyatt (CA)By Imran Ahmad (CA), Veronique Barry (CA), Roxanne Caron (CA) and Jeremie Wyatt (CA) on Posted in Data Protection, Privacy law
With most provisions of the Act to modernize legislative provisions as regards the protection of personal information (Act 25) having just come into effect on September 22, public bodies and enterprises (organizations) will now need to conduct privacy impact assessments (PIA) during various projects that involve personal information. A PIA is an impact analysis that takes all … Continue reading

Practical steps for businesses to comply with Bill C-27: part 2

Photo of Imran Ahmad (CA)Photo of Shreya GuptaPhoto of Jeremie Wyatt (CA)By Imran Ahmad (CA), Shreya Gupta and Jeremie Wyatt (CA) on Posted in Cybersecurity, Data Protection, Data Transfer, Intellectual Property, Privacy law
In our previous update, we summarized key operational elements that businesses should be aware of under the proposed Consumer Privacy Protection Act (CPPA), and provided practical tips to help businesses comply with these new requirements. As currently drafted, the CPPA codifies a number of best practices and recommendations issued by the Office of the Privacy Commissioner of Canada … Continue reading

Practical steps for businesses to comply with Bill C-27: Part 1

Photo of Jeremie Wyatt (CA)Photo of Imran Ahmad (CA)Photo of Shreya GuptaBy Jeremie Wyatt (CA), Imran Ahmad (CA) and Shreya Gupta on Posted in Compliance and risk management, Privacy law
The House of Commons recently introduced Bill C-27, the successor to Bill C-11, which died on the docket when Parliament was dissolved in the fall of 2021. Bill C-27 introduces three new acts: the Consumer Privacy Protection Act (“CPPA”), the Personal Information and Data Protection Tribunal Act, and the Artificial Intelligence and Data Act (“AIDA”), which … Continue reading

The aftermath of an incident – business considerations surrounding record-keeping

Photo of Jeremie Wyatt (CA)Photo of John Cassell (CA)Photo of Sara A. Levine, KC (CA)By Jeremie Wyatt (CA), John Cassell (CA) and Sara A. Levine, KC (CA) on Posted in Compliance and risk management, Data breach, Vendor management and transactions
In our previous publication, we discussed the legal obligations and procedural considerations surrounding maintaining records of privacy incidents. While the specific obligations vary by jurisdiction, maintaining some form of a record that tracks privacy incidents is a statutory obligation for private-sector organizations subject to Quebec, Alberta, or federal laws. Organizations should also be aware of … Continue reading

Bill C-26: a first step at reinforcing Canadian cybersecurity

Photo of Jeremie Wyatt (CA)Photo of Imran Ahmad (CA)Photo of John Cassell (CA)Photo of Tiana Corovic (CA)Photo of Katarina DukeBy Jeremie Wyatt (CA), Imran Ahmad (CA), John Cassell (CA), Tiana Corovic (CA), Katarina Duke and Admin on Posted in Compliance and risk management, Cybersecurity
On June 14, the House of Commons introduced Bill C-26: An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts (Bill C-26). This bill is presented in two parts: The first is to amend the Telecommunications Act to promote the security of the Canadian telecommunications system; The second is to enact the Critical Cyber … Continue reading

The aftermath of an incident – why keeping records of data breaches and privacy incidents matters

Photo of Jeremie Wyatt (CA)Photo of Imran Ahmad (CA)Photo of Sara A. Levine, KC (CA)By Jeremie Wyatt (CA), Imran Ahmad (CA) and Sara A. Levine, KC (CA) on Posted in Compliance and risk management, Data breach, Regulatory response
As privacy incidents and security breaches involving personal information become increasingly frequent, organizations are more and more aware of the importance of implementing a robust privacy program to mitigate the risks and impacts of such incidents. While this preparation is important, organizations must also consider the aftermath of a privacy incident. In this first blog … Continue reading

Privacy legislation reform: Bill 64 has now been passed

Photo of Imran Ahmad (CA)Photo of Veronique Barry (CA)Photo of Jeremie Wyatt (CA)By Imran Ahmad (CA), Veronique Barry (CA) and Jeremie Wyatt (CA) on Posted in Compliance and risk management, Cybersecurity, Privacy law
Bill 64, which purports to modernise Québec’s privacy legislation, was recently passed. This sweeping reform of the province’s framework for processing personal information hinges on three main axes: increased obligations for enterprises that collect or otherwise process personal information, the creation of new rights for persons whose information is collected, and the imposition of far … Continue reading
LexBlog