On November 17, 2020, the federal government introduced Bill C-11, An Act to enact the Consumer Privacy Protection Act and the Personal Information and Data Protection Tribunal Act and to make consequential and related amendments to other Acts.
Tag: Personal Information Protection and Electronic Documents Act (PIPEDA)
Reminder: Mandatory Data Breach Notification in Force on November 1, 2018
As we previously reported, as of November 1, 2018, the Personal Information Protection and Electronic Documents Act (PIPEDA) will require notification to affected individuals and the federal Office of the Privacy Commissioner (OPC) when a security incident involving personal information results in a “real risk of significant harm.” The supporting regulations published March 27, 2018…
Shivani Chopra Featured in Benefits and Pensions Monitor Daily News Alerts
Benefits and Pensions Monitor has mentioned Hicks Morley lawyers in a daily news alerts on June 21, 2018…
PIPEDA Breach of Security Safeguards Regulations Published
Beginning November 1, 2018, the Personal Information Protection and Electronic Documents Act (PIPEDA) will require private sector organizations to provide notice to affected individuals and the federal Office of the Privacy Commissioner (OPC) when a security incident involving personal information results in a “real risk of significant harm.” The supporting regulations, Breach of Security Safeguards…
Mandatory Breach Notification Comes to Canada: What To Do About It
It’s been a long time coming, but we finally know that mandatory breach notification is coming to Canada. Beginning November 1, 2018, the Personal Information Protection and Electronic Documents Act (PIPEDA) will require notification to affected individuals and the federal Privacy Commissioner when a security incident involving personal information results in a “real risk of significant…
The Right to Be Forgotten Comes to Canada
On January 26, 2018, the Office of the Privacy Commissioner of Canada issued a new position on the protection of online reputation. In doing so the OPC recognized a right to have personal information de-indexed from search engine results if it is inaccurate, incomplete or out-of-date. Although the position is in draft, is nonetheless of…
Procedural Power of Courts Not Constrained by PIPEDA
In Royal Bank of Canada v. Trang, the Supreme Court of Canada held that the Personal Information Protection and Electronic Documents Act (PIPEDA) does not interfere with the procedural powers of a court. The decision arose out of a situation in which past judicial interpretation and application of PIPEDA had impeded the ability of the…
Federal Privacy Commissioner Uses Ashley Madison Incident to Promote Good Information Governance
Organizations subject to Canadian privacy law should be aware that the Office of the Privacy Commissioner of Canada (together with the Australian Information Commissioner) recently issued a report on the 2015 breach of the Ashley Madison website – a breach that affected nearly 35 million individuals who had used the online dating site for adults…
Federal Privacy Commissioner Weighs In Against Sharing Details of Employee Discipline
In a recently released decision summary, the Office of the Privacy Commissioner of Canada (OPC) held that a bank acted properly in deciding not to tell the victim of unauthorized access precisely how it had punished its offending employee (Employee). The victim, the complainant in this case, was a neighbour of the Employee who happened…
Federal Government Consults on PIPEDA Data Breach Regulations
On March 4, 2016, the federal government posted Data Breach Notification and Reporting Regulations (Regulations) for public discussion. Amendments to the Personal Information Protection and Electronic Documents Act (PIPEDA) enacted by the Digital Privacy Act (Bill S-4) will, upon proclamation, require private sector organizations to notify the public in circumstances where security safeguards involving their…