Hong Kong’s data privacy law reform may come in 2023
Posted in GeneralTag archives: technology
Posted in GeneralHong Kong: Data Security Measures Guidance published by the PCPD
Posted in Cybersecurity
As data breaches and cyber attacks continue to surge and attackers become more sophisticated, organisations are well aware that the need for robust data security measures is becoming increasingly important. In Hong Kong, the Office of the Privacy Commissioner for Personal Data (the PCPD) recently published a Guidance Note on Data Security Measures for Information … Continue reading
Bring-Your-Own-Device Programs: A Balance Between Privacy and Cybersecurity
Posted in Cybersecurity, Privacy law
A ”bring your own device” (BYOD) program is a popular arrangement used by employers, whereby employees use their personal devices (e.g., smartphones, laptops, or tablets) for both personal and business purposes. Last year, about two-thirds of Canadian private sector employers had at least one employee using personal devices for business-related activities.[1] While the BYOD approach … Continue reading
A Look Back On Five Key Developments in Cybersecurity and Data Protection in Southeast Asia in 2022
Posted in Data ProtectionAutonomous Vehicles – Canada’s Current Legal Framework: Liability in Motor Vehicle Accidents (Part 3)
Posted in Cybersecurity, Data Protection
As autonomous vehicle (AV) technology continues to grow in functionality and sophistication, it is only a matter of time before AVs become commercially available across Canada. The arrival of autonomous vehicles in Canada will raise a number of liability-related questions that touch on the areas of owner liability, product liability, and auto insurance. In this … Continue reading
Autonomous Vehicles – Canada’s Current Legal Framework: Cybersecurity Considerations (Part 2)
Posted in Cybersecurity, Data Protection
The emergence of autonomous vehicles (AVs) in Canada will present a number of cybersecurity challenges and risks. AV manufacturers will need to consider these risks and address them early in the design and development process of their products. In this post, we discuss some of the key cybersecurity risks associated with AVs, strategies to mitigate … Continue reading
Contracting for Cybersecurity Risks: Mitigating Weak Links
Posted in Cybersecurity, Data breach, Data Protection
Managing vendor risks includes putting pen to paper. Organizations are increasingly susceptible to risks outside their controlled IT infrastructure as they engage third-party vendors to manage online platforms and process data. Even though an organization may have little to no control over a vendor’s security practices, it bears the ultimate responsibility for safeguarding its own … Continue reading
Privacy and Cybersecurity Due Diligence Considerations in M&A Transactions
Privacy and cybersecurity practices of target companies are being increasingly scrutinized throughout the due diligence process in M&A transactions. Particularly, buyers want to understand the risk and value inherent in sellers’ data assets and sellers want to manage transactional and post-closing risks. In the course of their privacy and cybersecurity due diligence, buyers should consider … Continue reading
OSFI’s Technology and Cyber Risk Management Guideline: Part 2
Posted in Cybersecurity, Privacy law
In July of this year, the Office of the Superintendent of Financial Institutions (OSFI) released the final version of its Guideline B-13 (the Guideline), setting out technology and cyber risk management expectations for all federally regulated financial institutions (FRFIs), such as banks, insurance and trust companies. FRFIs will need to ensure that they have taken steps to … Continue reading
Autonomous Vehicles – Canada’s Current Legal Framework: A Primer (Part 1)
Posted in Cybersecurity, Privacy law
In recent years, autonomous vehicle (AV) technology has undergone rapid development and it is predicted that AVs may soon be in a state to displace human driving altogether. In Ontario, the Automated Vehicle Pilot Program is currently in place to permit the testing of certain AVs by vehicle manufacturers. As AV technology continues to develop, however, … Continue reading
OSFI’s Technology and Cyber Risk Management Guideline: Part 1
Posted in Compliance and risk management, Cybersecurity
On July 13, 2022, the Office of the Superintendent of Financial Institutions (OSFI) released its final Guideline B-13 (the Guideline), setting out technology and cyber risk management expectations for all federally regulated financial institutions (FRFIs), such as banks, insurance and trust companies. FRFIs will need ensure that they have taken steps to comply with the requirements … Continue reading
Canada’s artificial intelligence legislation is here
Posted in GeneralAre you critical? Amendments to the Security of Critical Infrastructure Act (2018) dramatically expand its scope and impact across Australian industry
Posted in GeneralIntroduction Significant changes to the law with respect to security of critical infrastructure in Australia, including enhanced cybersecurity incident reporting requirements and the inclusion of further asset classes have been passed. On 22 November 2021, the Security Legislation Amendment (Critical Infrastructure) Bill 2021 (Bill) passed both houses of the federal parliament of Australia and will … Continue reading
Hong Kong: Bill to combat doxxing acts passed
Posted in Cybercrime, Cybersecurity, Privacy law
The Personal Data (Privacy) (Amendment) Bill 2021 (the Bill) aimed at combatting doxxing in Hong Kong was passed on 29 September 2021. As discussed in our earlier post, the Bill amends the Personal Data (Privacy) Ordinance (PDPO) by: introducing offences to criminalize doxxing acts; empowering the Privacy Commissioner for Personal Data (the Commissioner) to conduct … Continue reading
Singapore’s Public Consultation on proposed changes to the Singapore Personal Data Protection Act
Posted in GeneralChallenges to banking and tech: data and cybercrime
Posted in Cybercrime, General
