privacy

  • Collecting employee data

    Collecting employee data

    Jul 15, 2019

    Keyboard stroke and internet monitoring, video surveillance and examining social media postings. These are just a few ways in which employers might legally monitor employees and job candidates, all of which are used.

  • A Fine Mess: the U.K. Information Commissioner's Office's proposed GDPR fines

    Jul 15, 2019

    The calm of the lazy, hazy July summer was recently shattered by two announcements from the U.K. Information Commissioner’s Office that sent a shiver down the spine of many companies. Demonstrating that Europe’s privacy regulators are not afraid to flex their muscles and use their authority to levy significant financial penalties to drive compliance with the EU General Data Protection Regulation, the ICO’s proclamation of its intention to levy significant fines against British Airways and Marriott International, Inc. showcases the truly incredible power of increased financial penalties under this law.

  • Data compliance goes global

    Data compliance goes global

    Jun 24, 2019

    As in-house counsel for Shopify, Vivek Narayanadas has to navigate a constantly changing landscape when it comes to privacy and data protection laws around the world.

  • Map the data

    Map the data

    Apr 30, 2019

    Fitness trackers are just one of the data-gathering devices that we either wear or stare at too many times in a day that have exploded in popularity in recent years. They are also increasingly offered to staff as part of employee wellness programs in large companies.

  • The many lessons of the Equifax data breach

    Apr 15, 2019

    The Equifax decision and related compliance agreement between the OPC and Equifax Canada that that sets out detailed timelines for various corrective measures to be put in place by Equifax Canada regarding consent, safeguards and accountability in addition to six years of third party audits, offers a treasure trove of practical lessons for organizations looking to comply with the Personal Information Protection and Electronic Documents Act (as well as some surprises).

  • United States Federal Trade Commission strikes one for children’s privacy

    Mar 11, 2019

    On Feb. 27, the U.S. Federal Trade Commission announced that operators of the video networking app Musical.ly (now known as TikTok), had agreed to pay US$5.7 million to settle allegations that they had illegally collected personal information from children in violation of the Children’s Online Privacy Act. The order marks the highest civil penalty ever obtained by the FTC in a children’s privacy case.

  • Right to privacy not an all-or-nothing concept, says SCC in voyeurism case

    Right to privacy not an all-or-nothing concept, says SCC in voyeurism case

    Feb 14, 2019

    Videos of female students that a high school teacher surreptitiously recorded breached those students’ reasonable expectation of privacy, and the act constitutes criminal voyeurism, the Supreme Court of Canada ruled today. The decision, penned by the chief justice of the court, also established considerations for circumstances that give rise to a reasonable expectation of privacy.

  • Dude, where’s my data? The OPC’s privacy guidance to cannabis retailers and purchasers

    Jan 14, 2019

    With much fanfare, recreational cannabis became legal in Canada on October 17, 2018. On December 17, 2018, the Office of the Privacy Commissioner of Canada published preliminary guidance for cannabis retailers and customers regarding the protection of personal information collected during such transactions, including online transactions.

  • Reasonable expectation of privacy exists in shared electronic devices: SCC

    Reasonable expectation of privacy exists in shared electronic devices: SCC

    Dec 13, 2018

    In an important case for expectations of privacy in personal data, the Supreme Court of Canada has allowed the appeal of an Ontario man whose shared computer was seized and searched without his consent.

  • Ethics by design: Canada adopts AI ethics and data protection declaration

    Dec 10, 2018

    Canada has added its voice to the global chorus of data protection and privacy commissioners calling for fairness, transparency and privacy by design as 'core values' in the development of artificial intelligence by co-sponsoring the Declaration on Ethics and Data Protection in Artificial Intelligence.

  • OPC understaffed as mandatory data breach reporting comes into effect

    OPC understaffed as mandatory data breach reporting comes into effect

    Nov 1, 2018

    ​Amendments to the Personal Information Protection and Electronic Documents Act, which require mandatory reporting of unauthorized disclosure of personal information by private sector organizations, come into effect today, but federal Privacy Commissioner Daniel Therrien says his office was not given additional resources to handle the data-breach reporting.

  • Credit card purchases for cannabis may not be private

    Credit card purchases for cannabis may not be private

    Oct 24, 2018

    Federal legislation makes it legal for Canadians to enjoy cannabis in the privacy of their homes. That legislation, however, does not necessarily offer privacy protection for cannabis purchasers. Legal experts have raised concerns that credit card data may not be stored in this country and may be accessible to prying eyes in other countries.

  • ONA wins second arbitration against hospitals on ‘vaccinate or mask’ policy

    ONA wins second arbitration against hospitals on ‘vaccinate or mask’ policy

    Sep 13, 2018

    For a second time, an arbitrator has ruled in favour of the Ontario Nurses’ Association, ordering a major hospital group in Toronto to rescind its “vaccinate or mask policy.”

  • Canada's privacy deficit

    Canada's privacy deficit

    Sep 4, 2018

    Privacy Commissioner Daniel Therrien is hamstrung by weak enforcement powers

  • No fly zone- new PIPEDA guidance on inappropriate data practices

    Jun 18, 2018

    On May 24, Canada’s federal privacy regulator, the Office of the Privacy Commissioner, released a critical interpretation document intended to guide how companies subject to the federal private sector privacy act, the Personal Information Protection and Electronic Documents Act, will be allowed to collect, use and disclose personal information, as viewed from the perspective of the reasonable person.

  • Protection against the state: Top 10 Criminal Law Boutiques

    Protection against the state: Top 10 Criminal Law Boutiques

    May 22, 2018

    As police methods continue to evolve, so, too, have the top criminal boutiques.

  • Charging teen is an abuse of power in Nova Scotia privacy breach, say civil liberties groups

    Charging teen is an abuse of power in Nova Scotia privacy breach, say civil liberties groups

    May 1, 2018

    Civil liberties groups are defending a Nova Scotia teen who has been charged with unauthorized use of a computer.

  • Dark Cloud

    Apr 16, 2018

    You could well be excused for not noticing the recent passage of the U.S. Clarifying Lawful Overseas Use of Data Act on March 23, 2018. Better known by its catchy acronym, the Cloud Act, the law was tacked on to the 2,232-page, US$1.3-trillion omnibus budget bill one day ahead of its vote and was signed into law by President Donald Trump without the benefit of the usual congressional scrutiny, hearings or significant public debate.

  • Proposed changes to Canadian privacy laws influenced by changes coming from EU

    Proposed changes to Canadian privacy laws influenced by changes coming from EU

    Mar 6, 2018

    Recommendations from a Parliamentary committee to strengthen the Personal Information Protection and Electronic Documents Act and give more power to the federal privacy commissioner are likely being driven by privacy requirements coming into effect in Europe.

  • Legal Aid Saskatchewan lawyers may have to use cabling for briefcases

    Jan 29, 2018

    Legal Aid Saskatchewan is looking at having lawyers use anti-theft cabling for their briefcases in different court locations after a privacy breach.