Bill C-26: A strengthening of Canada’s cyber security through mandatory reporting of cyber incidents
With the continuing threats posed by cyber criminals, state sponsored attacks, and other cybersecurity issues, the Canadian government has taken steps in line with those recently taken by the US government in order to protect and maintain oversight over critical […]
Federal Commissioner tables recommendations for privacy law reform
In the context of the Canadian Government’s plans to replace the current federal private sector privacy legislation in Canada – The Personal Information Protection and Electronic Documents Act (the « PIPEDA« ), the Office of the Privacy Commissioner of Canada (the « OPC« ) has […]
L’autorité française de protection des données impose une amende de 1,5 million d’euros à un fournisseur de logiciels de santé pour manquement à la protection des renseignements personnels
Les cyberattaques, la sécurité des données et les atteintes à la vie privée ne sont pas des sujets traités uniquement dans les discussions techniques et ésotériques des avocats, des spécialistes des TI et des communautés de la protection des renseignements […]
Privacy Commissioners take stance against collection of biometric data
The collection (and over collection) of personal information, cybersecurity incidents, and data breaches have never been more topical. Advancements in technology have led to greater global interaction and allowed for commercial efficiency in a time of limited connection. With advancements […]
La nouvelle loi québécoise sur la protection de la vie privée (projet de loi 64) est arrivée – Les entreprises canadiennes doivent en prendre note!
Alors que les tentatives du gouvernement fédéral de moderniser la loi canadienne, par le biais du projet de loi C-11, font du surplace dans le champ miné de la protection de la vie privée, le Québec a franchi la première […]
OSFI updates cybersecurity breach notification requirements
The Office of the Superintendent of Financial Institutions (“OSFI”) released a new Advisory on Technology and Cyber Security Incident Reporting, effective August 13, 2021 (the “Advisory”) which seeks to govern how federally-regulated financial institutions (“FRFIs”) should disclose and report technology […]
David Krebs quoted in National Magazine article on paying cyber ransoms
National Magazine, "The price of paying cyber ransoms"
Big game hunting. That’s what the cybersecurity industry calls targeting large enterprises that cannot tolerate sustained disruptions to their networks, and who are willing to pay large sums of money to quickly see their operations quickly restored following a major […]
Ransomware trickles down into your supply chain – Kaseya cyberattack highlights cybersecurity risks and business impact
Over the July long weekend, Canadian, American, and other international businesses were victims of a far-reaching ransomware attack. The REvil group, a ransomware syndicate also known as Sodin or Sodinokibi, are believed to be behind the attack. This gang’s most prominent […]
Cyberattacks in your supply chain – Canada Post data breach highlights risks
Over the past twelve months, we have seen more and more clients experiencing a variety of cybersecurity incidents. Most prominently, these have been “business email compromise” incidents as well as malware deployments, such as ransomware attacks. The latter have received […]
Canadian organizations take note – Data Protection Authority fines foreign-based business under GDPR for not having “Article 27” representative
As we have discussed in several previous articles, Canadian businesses and other organizations can be subject to the European General Data Protection Regulation (“GDPR”) for a number of reasons and in a number of different contexts, be it as a […]
