Lisa R. Lifshitz

Lisa R. Lifshitz

Column: The IT Girl

Lisa R. Lifshitz is a partner in Torkin Manes’ Business Law Group, specializing in technology and privacy law, and is the leader of the firm’s Technology, Privacy and Data Management Group. She has been nationally and internationally recognized for her technology law expertise and enjoys writing and speaking on technology law issues. She is the immediate past president of the Canadian IT Law Association. The views presented here are the author's alone.

She can be reached by email.


  • Dark Cloud

    You could well be excused for not noticing the recent passage of the U.S. Clarifying Lawful Overseas Use of Data Act on March 23, 2018. Better known by its catchy acronym, the Cloud Act, the law was tacked on to the 2,232-page, US$1.3-trillion omnibus budget bill one day ahead of its vote and was signed into law by President Donald Trump without the benefit of the usual congressional scrutiny, hearings or significant public debate.
  • Time to say goodbye: Dealing with legacy software

    Whether because of nostalgia, a desire to save costs, ignorance, concerns of business interruption or sheer laziness, there have been countless stories in the press demonstrating that companies and individuals continue to use outdated versions of various critical software programs, including those that connect to the internet.
  • Lesson from VTech

    A recent decision from the Office of the Privacy Commissioner of Canada has provided some useful guidance in connection with minimum security standards required for Internet of Things/web-connected devices, particularly those that collect personal information and data from children.
  • And the nominees are . . . reviewing statements of work, part II

    Well, it’s awards season again. With the Golden Globes just passed and the Oscars to come, I present to you my nominations for the most egregious practices that I have observed in technology vendors’ statements of work in 2017.
  • Cracking down on a bad coin offering

    Recently, the freshly minted Cyber Unit of the United States Securities and Exchange Commission showed its teeth when it obtained an emergency court order to stop an allegedly fraudulent Initial Coin Offering involving a Quebec-based company, PlexCorps, its founder Dominic Lacroix and his partner, Sabrina Paradis-Royer.
  • How to design a privacy-compliant autonomous vehicle

    As autonomous car technology advances, privacy concerns relating to these vehicles are also growing given that these cars will be capable of recording a tremendous amount of data about (and from) their users and the environment around them.
  • Dark cloud: the threat of ransomware

    Ramsomware is not new — it has been around since the early 1990s — but what is new is the increasing threat posed by the efficiencies of a cloud-based delivery system known as ransomware as a service.
  • Ottawa’s draft PIPEDA amendments highlight the importance of security safeguards

    It’s been a long wait. More than two years have passed since Ottawa amended Canada’s federal private sector privacy law, the Personal Information Protection and Electronic Documents Act, by enacting Bill S-4, the Digital Privacy Act, to establish mandatory data breach reporting requirements. Yet, ss. 10.1 through 10.3, the provisions outlining the obligations for breach reporting and notification, still are not in force pending the creation of necessary regulations.
  • (Ain’t) gonna fly now: European court rejects EU-Canadian PNR deal

    In a decisive victory for privacy rights and a clear rejection of broad anti-terrorism legislation, the Court of Justice of the European Union on July 26 quashed the pending agreement between Canada and the European Union on the transfer and processing of passenger name record data as providing insufficient protection and inadequate safeguards for Europeans.
  • Statements of what? Reviewing SOWs

    As a technology lawyer, I am often asked by clients to review the statements of work that accompany the technology contract that I have drafted.