Tag archives: technology

Autonomous Vehicles – Canada’s Current Legal Framework: Cybersecurity Considerations (Part 2)

Norton Rose Fulbright - Data Protection Report blogThe emergence of autonomous vehicles (AVs) in Canada will present a number of cybersecurity challenges and risks.  AV manufacturers will need to consider these risks and address them early in the design and development process of their products. In this post, we discuss some of the key cybersecurity risks associated with AVs, strategies to mitigate … Continue reading

Contracting for Cybersecurity Risks: Mitigating Weak Links

Managing vendor risks includes putting pen to paper. Organizations are increasingly susceptible to risks outside their controlled IT infrastructure as they engage third-party vendors to manage online platforms and process data. Even though an organization may have little to no control over a vendor’s security practices, it bears the ultimate responsibility for safeguarding its own … Continue reading

Privacy and Cybersecurity Due Diligence Considerations in M&A Transactions

Data Protection Report - Norton Rose FulbrightPrivacy and cybersecurity practices of target companies are being increasingly scrutinized throughout the due diligence process in M&A transactions. Particularly, buyers want to understand the risk and value inherent in sellers’ data assets and sellers want to manage transactional and post-closing risks. In the course of their privacy and cybersecurity due diligence, buyers should consider … Continue reading

OSFI’s Technology and Cyber Risk Management Guideline: Part 2

In July of this year, the Office of the Superintendent of Financial Institutions (OSFI) released the final version of its Guideline B-13 (the Guideline), setting out technology and cyber risk management expectations for all federally regulated financial institutions (FRFIs), such as banks, insurance and trust companies. FRFIs will need to ensure that they have taken steps to … Continue reading

Autonomous Vehicles – Canada’s Current Legal Framework: A Primer (Part 1)

US banking regulators propose a rule for 36-hour notice of breachIn recent years, autonomous vehicle (AV) technology has undergone rapid development and it is predicted that AVs may soon be in a state to displace human driving altogether. In Ontario, the Automated Vehicle Pilot Program is currently in place to permit the testing of certain AVs by vehicle manufacturers. As AV technology continues to develop, however, … Continue reading

OSFI’s Technology and Cyber Risk Management Guideline: Part 1

innovation circuit boardOn July 13, 2022, the Office of the Superintendent of Financial Institutions (OSFI) released its final Guideline B-13 (the Guideline), setting out technology and cyber risk management expectations for all federally regulated financial institutions (FRFIs), such as banks, insurance and trust companies. FRFIs will need ensure that they have taken steps to comply with the requirements … Continue reading

Canada’s artificial intelligence legislation is here

On 16 June 2022 the Canadian federal government introduced Bill C-27, also known as the Digital Charter Implementation Act 2022. If passed, this package of laws will: Implement Canada’s first artificial intelligence (AI) legislation, the Artificial Intelligence and Data Act (AIDA). Reform Canadian privacy law, replacing the Personal Information Protection and Electronic Documents Act with … Continue reading

Are you critical? Amendments to the Security of Critical Infrastructure Act (2018) dramatically expand its scope and impact across Australian industry

Data Protection Report - Norton Rose FulbrightIntroduction Significant changes to the law with respect to security of critical infrastructure in Australia, including enhanced cybersecurity incident reporting requirements and the inclusion of further asset classes have been passed. On 22 November 2021, the Security Legislation Amendment (Critical Infrastructure) Bill 2021 (Bill) passed both houses of the federal parliament of Australia and will … Continue reading

Hong Kong: Bill to combat doxxing acts passed

Data Protection Report - Norton Rose FulbrightThe Personal Data (Privacy) (Amendment) Bill 2021 (the Bill) aimed at combatting doxxing in Hong Kong was passed on 29 September 2021. As discussed in our earlier post, the Bill amends the Personal Data (Privacy) Ordinance (PDPO) by: introducing offences to criminalize doxxing acts; empowering the Privacy Commissioner for Personal Data (the Commissioner) to conduct … Continue reading

Singapore’s Public Consultation on proposed changes to the Singapore Personal Data Protection Act

On 14 May 2020, the Singapore Ministry of Communications and Information (MCI) and the Personal Data Protection Commission of Singapore (PDPC) announced a public consultation (the Public Consultation) on the draft Personal Data Protection (Amendment) Bill (the Draft Bill) and related amendments to the Spam Control Act (SCA). The Public Consultation will take place from … Continue reading
LexBlog