R. v. Jarvis: privacy is not an “all-or-nothing” concept May 02, 2019 Stacey Reisman, Jon Silver, and Ronak Shah In R v. Jarvis, the Supreme Court of Canada established a robust approach to individual privacy rights thereby opening the door for courts to apply Canada’s constitutional privacy framework to alleged invasions of privacy between individuals. The decision has implications in the criminal law context, and beyond.
Protecting Against Developer Error: Addressing Appropriate Data Management Procedures and Measures for Developers Today… and Tomorrow April 17, 2019 William Lim Facebook discovered a data breach in 2013 due to the inadvertent interaction between two of its features. The Privacy Commissioner of Canada (“Commissioner”) investigated the cause and aftermath of the breach and decided that the remedial measures Facebook implemented following this breach was sufficient. Would that decision be upheld by a Court in a claim for negligence? What additional but practical technical measures could Facebook have implemented to avoid being found negligent?
Canada’s Anti-Spam Legislation: Compliance and Enforcement Update From the Regulators February 25, 2019 Amanda Branch An overview of the “Canada’s Anti-Spam Legislation (CASL): A Joint Presentation on Compliance and Enforcement” program hosted by the Ontario Bar Association in November 2018.
Privacy Commissioner’s Consent Guidelines Come Into Force February 24, 2019 Imran Ahmad, Wendy Mee, and Amir Eftekharpour How can organizations ensure that they are obtaining meaningful consent to the collection, use, and disclosure of personal information? The Office of the Privacy Commissioner of Canada weighs in with a guidance document outlining guiding principles and a checklist of "Must-do" and "Should-do" items.
All Eyes on Consequences of Facial Recognition Technology January 21, 2019 Mark Hayes and Adam Jacobs While facial recognition technology is increasingly prevalent in our day-to-day lives, the authors highlight concerns regarding compliance with applicable privacy laws.
Allocating Risk and Preparing For a Data Breach January 21, 2019 Shan Alavi All organizations, large or small, are prone to privacy breaches, the cost of which can cripple an organization that is not prepared to handle such threats. No organization is immune, but every organization can mitigate the risks.
The New and Improved PIPEDA: What you need to know and what you need to do December 11, 2018 Stanislav Bodrov and Logan Wolfe, Strigberger Brown Armstrong LLP and Gearhead Software, With the advent of the GDPR and the amendments to PIPEDA, data breach response plans are no longer optional – they are mandatory - and a misstep could be costly.
Decision Narrows Definition of Facebook Privacy November 20, 2018 Mark Hayes and Adam Jacobs, The Ontario Superior Court recently differentiated between the reasonable expectation of privacy associated with Facebook Messenger and text messages. This article explores whether that distinction was justified.
Privacy Commissioner Says Public Profiles Are Private October 22, 2018 Imran Ahmad, Katherine Barbacki, and Alexia Magneron Report from the Office of the Privacy Commissioner of Canada sheds light on the limits that Canadian privacy regulators can impose on the use of publicly available personal information on social networking platforms.
Migilalo v Royal Bank of Canada: Evaluating the Avenues for Recovering Damages for a Breach of Privacy October 04, 2018 William Lim In Migilalo v Royal Bank of Canada, 2018 FC 525, Ms. Migilalo discovered that there had been an unauthorized access to her private financial information with her Royal Bank of Canada accounts. She opted to seek damages pursuant to the provisions of the Personal Information Protection and Information Act. Was it the appropriate choice given her circumstances?