Today, the Supreme Court of Canada rendered a significant decision in Alberta (Information and Privacy Commissioner) v. United Food and Commercial Workers, Local 401. The unanimous Court held that the Alberta Personal Information Protection Act (“PIPA”) infringes a union’s right of expression under section 2(b) of the Canadian Charter of Rights and Freedoms (“Charter“). In…
Practice Area: Information, Data Security & Privacy
Manitoba Passes Private Sector Privacy Legislation
On September 12, 2013, Bill 211 The Personal Information Protection and Identity Theft Prevention Act, a Private Member’s Bill, passed Third Reading in the Manitoba Legislature. It received Royal Assent on September 13, 2013. Subject to specified exemptions, Bill 211 will apply to all organizations in the province (including private sector organizations) and will govern…
New Privacy Legislation in Manitoba
Organizations with operations in Manitoba need to be aware that the Manitoba Legislature has recently passed new privacy legislation that will apply to the private sector and, to a lesser degree, to the not-for-profit sector – The Personal Information Protection and Identity Theft Prevention Act (“PIPITPA” or the “Act”). PIPITPA will establish rules for the…
Regulatory Amendments made under Immunization of School Pupils Act
On September 18, 2013, two regulations were filed under the Immunization of School Pupils Act (“Act”). O. Reg. 260/13 amends Regulation 645 of R.R.O. 1990 (General). It includes, among other things, a requirement that schools provide reports containing records for each pupil in the school to the medical officer of health for the health unit…
Access to Information Act/Privacy Act Regulatory Amendments Update Schedules of Designated Investigative Bodies
On May 31, 2013, the federal government registered Regulations Amending the Access to Information Regulations made under the Access to Information Act. These Regulations amend Schedule I (Investigative Bodies) of the Access to Information Regulations to delete the names of investigative bodies that are no longer in existence and to replace the name of one…
Ontario Introduces Electronic Personal Health Information Protection Bill
On May 29, 2013, the Ontario government introduced Bill 78, Electronic Personal Health Information Protection Act, 2013. If passed, Bill 78 would amend certain statutes with respect to electronic health records. Such amendments would, among other things, add Part V.1, “Electronic Health Records” to the Personal Health Information Protection Act, 2004 (“PHIPA”) which includes: requiring…
Schedule to General FIPPA Regulation Amended
On May 17, 2013, the Ontario government filed O. Reg. 157/13 amending Regulation 460 (General) made under the Freedom of Information and Protection of Privacy Act (“FIPPA”). O. Reg. 157/13 amends the Schedule to Regulation 460 by revoking and/or adding certain entities as designated institutions under FIPPA. With one exception, O. Reg. 157/13 came into…
The Science of Data Breach Prevention and the Art of Breach Response
Organizations should be paying close attention to data loss prevention and response in light of recent developments. Recent media frenzies over the loss of portable storage devices illustrate that individuals’ fears and perceptions can cause great pressure on organizations even when the risk of real harm to individuals is remote. In addition, the risk of…
Preparing for Canada’s New Anti-Spam Legislation
Canada’s new anti-spam legislation is coming soon. Commonly referred to as “CASL”, the new legislation will impose strict obligations that apply to a range of business emails and other electronic communications that you might not consider to be “spam”. All businesses, even those without formal email marketing programs, should assess their potential exposure to CASL…
Proposed Anti-spam Regulations Published
On January 5, 2013, Electronic Commerce Protection Regulations (“ECP Regulations”), proposed under Canada’s Anti-spam Legislation (“CASL”*), were published. As previously reported, the CASL enacts comprehensive anti-spam legislation relating to the sending of commercial electronic messages (“CEMs”). The CASL has not yet been proclaimed into force, with the exception of certain Personal Information Protection and Electronic…