On 16 July 2024, the Malaysian Dewan Rakyat (House of Representatives of the Malaysian Parliament) passed the Personal Data Protection (Amendment) Bill 2024 (the PDP Bill). The PDP Bill, which had been under review by the Malaysian Government for
data privacy
Anonymizing personal information – how to comply
Since the adoption in September 2021 of the Act to modernize legislative provisions as regards the protection of personal information (Law 25), several new concepts and mechanisms have been introduced to the Quebec legislation.
These new concepts include anonymization…
UK Information Commissioner’s Office Publishes Final Guidance On Employee Monitoring



The UK Information Commissioner’s Office (ICO) published its final guidance on monitoring workers on 3 October 2023 (the Guidance). The Guidance is aimed at employers across both the private and public sector. Responding to the rise of remote working and…
Act 25 – Demystifying privacy impact assessments with the CAI’s new tools
With most provisions of the Act to modernize legislative provisions as regards the protection of personal information (Act 25) having just come into effect on September 22, public bodies and enterprises (organizations) will now need to conduct privacy impact assessments…
Texas enacts comprehensive privacy law
On June 13, 2023, the Texas Governor signed HB4, making Texas the tenth state to have a comprehensive privacy law, joining California, Colorado, Connecticut, Montana, Virginia, and Utah (all in effect or going into effect in 2023), Montana and…
Building Cyber Resiliency In the Energy Sector


For the energy sector, cybersecurity has been a top-of-mind issue for some time. This is particularly true given some of the high-profile cyber-attacks seen in recent years that have grabbed not only media headlines but also resulted in operational disruption…
Privacy law is becoming more technically sophisticated. So should you.
As privacy laws and requirements become more technically sophisticated, businesses may want to consider how they can follow suit.…
Autonomous Vehicles – Canada’s Current Legal Framework: Privacy (Part 4)

Across the globe, the race is already underway among vehicle manufacturers to develop fully autonomous vehicles (AVs). AVs currently under development make sense of their surroundings and control vehicle operation through data gathered about the outside world. Like other connected…
Bring-Your-Own-Device Programs: A Balance Between Privacy and Cybersecurity



A ”bring your own device” (BYOD) program is a popular arrangement used by employers, whereby employees use their personal devices (e.g., smartphones, laptops, or tablets) for both personal and business purposes. Last year, about two-thirds of Canadian private…
Ontario Court of Appeal Limits Application of Tort of Intrusion Upon Seclusion for Cyberattacks


In three recent cases, the Court of Appeal for Ontario effectively curtailed the ability of privacy breach victims to advance claims under the tort of intrusion upon seclusion against organizations for failing to prevent unauthorized access to personal information by…