Tag archives: Canada

Bill C-11: Canada proposes new data privacy legislation

Norton Rose Fulbright - Data Protection Report blog

On November 17, 2020, the Minister of Innovation, Science and Industry, Navdeep Bains, tabled proposed legislation in Parliament that aims to overhaul Canada’s data privacy law. Bill C-11, entitled An Act to enact the Consumer Privacy Protection Act and the Personal Information and Data Protection Tribunal Act and to make consequential and related amendments to other Act, will create new data privacy obligations and new enforcement mechanisms for these obligations if it becomes law.… Continue Reading

COVID tracing & AI: Physically distant, socially together

Data Protection Report - Norton Rose Fulbright

As the second wave of COVID-19 spreads across Canada, the use of COVID-19 tracing apps is on the rise. For example, the Government of Canada released COVID Alert–an app using Bluetooth technology to help people report positive diagnoses, and control the spread of the virus. The success of the app depends on a high quantity of users, but concerns over privacy and the use of artificial intelligence (AI) in analyzing the data may hinder that objective.

COVID tracing apps

With the launch of COVID Alert, Canada joined 40 other countries that have launched tracing apps. The Bluetooth-based app … Continue Reading

Canada’s Mandatory Privacy Breach Reporting Requirements coming into force November 1, 2018

Data Protection Report - Norton Rose Fulbright

Starting on November 1, organizations across Canada subject to the Personal Information Protection and Electronic Documents Act (PIPEDA) will be required to provide notice of certain privacy breaches.

The breach reporting requirements relate to a “breach of security safeguards,” which is defined in PIPEDA as: the loss of, unauthorized access to or unauthorized disclosure of personal information resulting from a breach of an organization’s security safeguards, or from a failure to establish those safeguards.

If it is reasonable to believe the breach of security safeguards creates a real risk of significant harm to the individual:

  • Organizations will be required to
Continue Reading

Draft mandatory data breach reporting regulations released for comment in Canada

Data Protection Report - Norton Rose Fulbright

On September 2, 2017, the Government of Canada published proposed new data breach regulations in the Canada Gazette.

These regulations set out specifics regarding the mandatory data breach reporting requirements under the Personal Information Protection and Electronic Documents Act.

The PIPEDA Amendments were passed in June, 2015 but are not yet in force.

Overview

The Regulations set out the proposed requirements for the reporting of  data breaches of security safeguards (each, a Breach). Under the PIPEDA Amendments, a report to the Privacy Commissioner of Canada is required if it is reasonable in the circumstances to believe that the … Continue Reading

Canada Passes Legislation Protecting Genetic Information

Data Protection Report - Norton Rose Fulbright

The Canadian Parliament recently passed Bill S-201, the Genetic Non-Discrimination Act, which protects individuals from having to disclose information related to genetic testing and test results. Specifically, the Act prohibits any person from requiring an individual to undergo a genetic test or disclose the results of a genetic test as a condition of providing goods or services to, entering into or continuing a contract or agreement with, or offering specific conditions in a contract or agreement with, the individual. Contravention of the Act is punishable by significant fines and even potential imprisonment. There are express exceptions for health care … Continue Reading

The Long Arm of Canadian Privacy Law

Data Protection Report - Norton Rose Fulbright

Earlier this year, a Canadian trial court ruled that Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”) has extra-territorial application and restricts the dissemination of personal information of Canadians, even where the information is already public, and even though it is made available from outside Canada.… Continue Reading

IP Addresses as Personal Information: the Canadian and EU Positions Contrasted

Data Protection Report - Norton Rose Fulbright

The October 19, 2016 judgment of the European Court of Justice in the matter brought by Patrick Breyer against the Federal Republic of Germany (the “EU Decision”) raises the issue of whether an IP address is personal information under the EU Directive 95/46/EC and provides an interesting comparison with the Canadian perspective.… Continue Reading

Former Privacy Commissioner of Canada Jennifer Stoddard to headline a privacy event at Norton Rose Fulbright’s Montreal office

Data Protection Report - Norton Rose Fulbright

On September 25, 2015, Jennifer Stoddard will visit Norton Rose Fulbright in Montreal to discuss the proposed sweeping reforms to Quebec’s legislation governing access to information and protection of personal information in the public sector. These reforms include proactive publication of government information at all levels, including studies and statistics in health and education and statistics on members of professional orders. They also include proposals to publish anonymized personal information provided that re-identification risk is contained. The proposed reforms of the Quebec legislation align with calls for reform to federal legislation on the same topic. While Quebec is moving to … Continue Reading

Canada amends federal data protection law, PIPEDA

Data Protection Report - Norton Rose Fulbright

On June 18, 2015, Canada’s Senate and House of Commons passed the Digital Privacy Act to amend the country’s federal Personal Information Protection and Electronic Documents Act (PIPEDA). Many of the amendments are scheduled to come into force on a date to be determined by the government. The revised requirements (highlighted below) will have a significant impact on the treatment of personal information by organizations that are subject to PIPEDA. These are organizations that either are federally regulated and fall under the legislative authority of the Parliament of Canada, or operate within a province that does not have in place … Continue Reading

LexBlog