“Supply chain” issues in the Cloud

The use of software as a service (SaaS) is pervasive among businesses. Some of the key characteristics of SaaS are: the software application is hosted on third-party servers the software application is accessed via the internet the software code itself… Read More ›

Hey Commish, Who is the Individual in Privacy Impact Assessments?

Almost a year ago, the Government of Canada released its privacy impact assessment of the COVID Alert App and the Commissioners responded with their assessment of the PIA. What was striking to me was that nowhere in the PIA or… Read More ›

Proposed Ontario Private Sector Privacy Law

On June 17, 2021, the Ontario government has released a white paper with proposals for a new private sector privacy laws. The white papers follows an initial consultation process that began in August 2020. Comments on the white paper are… Read More ›

Contact-tracing app guidance from “Privacy Guardians”

On May 7, 2020, the Office of the Privacy Commissioner of Canada (OPC) and the provincial and territorial Information and Privacy Commissioners issued a joint statement on privacy principles for contact tracing and similar apps. (Aside: yes, not to be… Read More ›

Quebec court refuses to certify Equifax class action

It is proving difficult for plaintiffs to get a data breach class action certified in Quebec. The latest attempt in Li c. Equifax inc., 2019 QCCS 4340 fell flat. The Quebec Superior Court refused to certify a class action arising… Read More ›

Settlement of $2.25 million approved in breach of PIPEDA case

On October 16, 2019, the Ontario Superior Court of Justice approved a settlement in Haikola v. The Personal Insurance Company, 2019 ONSC 5982. The case arose out of a complaint that the insurer was inappropriately collecting credit scores as part… Read More ›

Genetic non-discrimination as a privacy issue

The Supreme Court of Canada will hear an appeal regarding the constitutionality of Canada’s Genetic Non-Discrimination Act (GNDA) on October 10, 2019. The GNDA was one of the rare private members’ bills to be passed by Parliament with support across… Read More ›

Does your cloud contract meet Canadian data breach standards?

Canada’s federal data breach reporting law has been in force for almost 6 months. Do the major multi-national cloud infrastructure as a service firms contractually commit to help their Canadian customers comply with data breach reporting obligations? Or, do they… Read More ›

News media denied participation in Google vs. Canada, for now

The Federal Court recently refused a request, made by CBC and a group of media organizations, to intervene in a case involving the Office of the Privacy Commissioner of Canada (OPC) and Google. The OPC brought a reference to the… Read More ›

Rights, remedies and the means to pursue them: Rouge Valley Health System case goes to appeal

Enthusiasts for the tort of intrusion upon seclusion as the new frontier for holding organizations and their employees to account for privacy-related wrongs were forced to step back and regroup after the Ontario Superior Court of Justice’s decision in Broutzas… Read More ›

%d bloggers like this: