Tag archives: PIPEDA

Alberta OIPC’s 2022 PIPA Breach Report – Trends and Key Takeaways

Photo of John Cassell (CA)Photo of Imran Ahmad (CA)Photo of Miranda SharpeBy John Cassell (CA), Imran Ahmad (CA) and Miranda Sharpe on Posted in Cybersecurity, Data breach
On July 27, 2022, the Office of the Information and Privacy Commissioner of Alberta (OIPC) released its 2022 PIPA Breach Report.[1] The report analyzes the nearly 2,000 breach reports[2] received by the OIPC during   the ten year period since reporting was mandated in Alberta under the Personal Information Protection Act (PIPA)[3]. The PIPA Breach … Continue reading

Federal Privacy Commissioner Published Guidance on What Is “Sensitive” Personal Information

Photo of Tiana Corovic (CA)Photo of Imran Ahmad (CA)Photo of John Cassell (CA)Photo of Katarina DukePhoto of Roohie SharmaBy Tiana Corovic (CA), Imran Ahmad (CA), John Cassell (CA), Katarina Duke and Roohie Sharma on Posted in PIPEDA, Privacy law
Data Protection Report - Norton Rose FulbrightOn May 16, 2022, the Office of the Privacy Commissioner of Canada (the “OPC”) released an Interpretation Bulletin (the “Bulletin”) on what it considers to be “sensitive” personal information under the federal Personal Information Protection and Electronic Documents Act (“PIPEDA”). The Bulletin is  meant to act as a consolidated guide based on jurisprudence, regulatory findings, … Continue reading

Privacy in a Parallel Digital Universe: The Metaverse

Photo of Imran Ahmad (CA)Photo of Tiana Corovic (CA)By Imran Ahmad (CA) and Tiana Corovic (CA) on Posted in General, Metaverse, PIPEDA, Privacy law
Data Protection Report - Norton Rose FulbrightFor many years, the immersive three-dimensional digital world has been left to the cinematic experience. However, the emergence of the metaverse presents an opportunity to translate everyday activities – working, attending a concert, travelling, shopping, socializing – into a parallel digital universe. The metaverse is an abstract concept that uses a digital environment to permeate … Continue reading

Ontario moves towards introducing new privacy law

Photo of Imran Ahmad (CA)Photo of Liana Di Giorgio (CA)By Imran Ahmad (CA) and Liana Di Giorgio (CA) on Posted in General, PHIPA, PIPEDA, Privacy law
Data Protection Report - Norton Rose FulbrightGiven global trends in the development of privacy laws and enforcement, Canada and several provinces are looking at modernizing their respective privacy regimes. Ontario’s new proposed privacy law, which would govern commercial activities more broadly than current legislation (i.e., our federal legislation, the Personal Information Protection and Electronic Documents Act (PIPEDA), and Ontario’s health privacy … Continue reading

Bill C-11: Canada proposes new data privacy legislation

Photo of Colin Hyslop (CA)By Colin Hyslop (CA) on Posted in Enforcement
Norton Rose Fulbright - Data Protection Report blogOn November 17, 2020, the Minister of Innovation, Science and Industry, Navdeep Bains, tabled proposed legislation in Parliament that aims to overhaul Canada’s data privacy law. Bill C-11, entitled An Act to enact the Consumer Privacy Protection Act and the Personal Information and Data Protection Tribunal Act and to make consequential and related amendments to … Continue reading

Office of Privacy Commissioner Says It’s Status Quo on Consent Requirements for Data Processing Transfers

Photo of Ann Henderson (CA)Photo of Julie Himo (CA)Photo of John Cassell (CA)Photo of Alexis Kerr (CA)By Ann Henderson (CA), Julie Himo (CA), John Cassell (CA) and Alexis Kerr (CA) on Posted in Compliance and risk management, Data breach, General
On September 23, the Office of the Privacy Commissioner of Canada (OPC) announced, following consultation with stakeholders, that it will maintain the position set out in its 2009 guidelines that an organization’s transfer of personal information to a third party for processing, including a transfer across the Canadian border, is a “use” of that personal … Continue reading

If you don’t know why November 1 is a big day in Canada, read this!

By on Posted in Compliance and risk management, Data breach
Like many organizations in Canada, yours is probably not fully prepared for the mandatory breach reporting requirements coming into force under the federal Personal Information Protection and Electronic Documents Act (PIPEDA) November 1, 2018. Here are three measures your organization ought to take in preparation for mandatory breach reporting: 1. Implement internal breach reporting and … Continue reading

Canada amends federal data protection law, PIPEDA

By on Posted in Regulatory response
Data Protection Report - Norton Rose FulbrightOn June 18, 2015, Canada’s Senate and House of Commons passed the Digital Privacy Act to amend the country’s federal Personal Information Protection and Electronic Documents Act (PIPEDA). Many of the amendments are scheduled to come into force on a date to be determined by the government. The revised requirements (highlighted below) will have a … Continue reading
LexBlog