Author Archives

• Three questions that Waterfront Toronto should ask Sidewalk Labs

  By Timothy on November 19, 2018 • ( 2 )

  Google-affiliate Sidewalk Labs continues to press its vision for a “civic data trust” to govern data collected from its Sidewalk Toronto project (assuming the project goes ahead). Here are three questions, Waterfront Toronto should be asking Sidewalk Labs. 1. Why… Read More ›

• Outsourcing and criminal record check requirements

  By Timothy on November 9, 2018 • ( 0 )

  Earlier this week, I posted an update about the coming into force of the Ontario Police Record Checks Reform Act. With increasing frequency, Canadian employers are conducting criminal records checks on job applicants. There are numerous reasons why employers conduct… Read More ›

• Police records check law now in force in Ontario with last-minute changes

  By Timothy on November 6, 2018 • ( 1 )

  On November 1, 2018, the Police Record Checks Reform Act, 2015 (Ontario) came into force with little fanfare. There was a last-minute change that has important procedural implications and limits the situations in which “double consent” is required from the… Read More ›

• Statistics Canada – A failure of contextual integrity

  By Timothy on November 1, 2018 • ( 0 )

  It isn’t about whether Statistics Canada has a legal right to compel data about Canadians from financial institutions and credit reporting agencies. It isn’t about whether Statistics Canada has a good cybersecurity track record. It isn’t about whether the data… Read More ›

• Will Sidewalk Labs’ civic data trust hush critics of Waterfront Toronto?

  By Timothy on October 23, 2018 • ( 3 )

  On October 18, 2018, Sidewalk Labs (a Google affiliate) proposed its vision for digital governance of the data created through the implementation of a Master Innovation and Development Plan with Waterfront Toronto for a mixed-use community along the Lakeshore in… Read More ›

• Scrutiny of security measures following a breach report under PIPEDA

  By Timothy on October 16, 2018 • ( 0 )

  Starting November 1, 2018, it will no longer be optional to report breaches to the Office of the Privacy Commissioner of Canada (OPC) for organizations subject to the Personal Information Protection and Electronic Documents Act (PIPEDA). Organizations must report breaches… Read More ›

• Privacy, data localization and the USMCA

  By Timothy on October 11, 2018 • ( 0 )

  Any hopes by privacy advocates of stronger data localization requirements for Canada have been dashed by the United States Mexico Canada Agreement (USMCA). The U.S. Trade Representative (USTR) achieved its objectives on data localization for the renegotiation of the North… Read More ›

• IoT security defects – are stronger consumer protection remedies required?

  By Timothy on October 9, 2018 • ( 0 )

  October is cybersecurity awareness month. So where are we in Canada on IoT security? The answer is that legal requirements are lagging technological developments. Although there have been some regulatory activity, it is slow-moving and consumers still do not have… Read More ›

• From medical paternalism to engagement

  By Timothy on October 7, 2018 • ( 0 )

  The Alzheimer’s Foundation of America has warned of medical paternalism in a September 27, 2018 editorial comment in the Journal of Alzheimer’s Disease. Discussing the availability of at-home genetic tests that include screening for an individual’s APOE status (a gene… Read More ›

• IoT Security – Should consumers bear any responsibility?

  By Timothy on September 11, 2018

  A recent article in CSO (Australia edition) advised data security executives that “Users’ poor home IoT security could become your next headache”. This raises and interesting question. Where should we draw the line between a consumer’s responsibility  to become technologically… Read More ›