Legislators and organizations should pay close attention to recent decisions from the BC Court of Appeal (“BCCA”) in Campbell v. Capital One (“Capital One”)[1] and G.D. v. South Coast British Columbia Transportation Authority (“TransLink”).[2]  In these decisions, it appears that the BCCA is asking whether the existing legal regime, including regulatory ...

Share

The BC Court of Appeal (“BCCA”) has indicated a clear shift in its approach to cyber-breach cases that will encourage class-action litigation.

Until now, plaintiffs in British Columbia were generally precluded from advancing privacy tort claims against custodians of personal information that were victims of a criminal cyber attack because the Privacy Act required ...

Share

Employers sometimes discover evidence that a former employee may be or have been in breach of their obligations to the employer. Sometimes the employee’s own direct messages on social media accounts corroborate wrongdoing. Is it a privacy breach if an employer accesses the social media direct messages, and can the employee sue them for breach of privacy?

A recent ...

Share
Posted in Privacy

Facebook admitted in Federal Court that Cambridge Analytica accessed personal information of over 600,000 Canadian Facebook users through a third party application without permission and in breach of Facebook policies.  Nevertheless, the Federal Court decided Facebook did not breach the Personal Information Protection and Electronic Documents Act (“PIPEDA”).

Share
Posted in Privacy

The proposed Consumer Privacy Protection Act (“CPPA”) is intended to replace the Personal Information Protection and Electronic Documents Act. The current text of the CPPA introduces the new concept of “service providers,” and may require organizations to take a different approach to their vendor and service provider agreements.

See our previous blogs about ...

Share
Posted in Privacy

The proposed Consumer Privacy Protection Act (“CPPA”) is intended to replace the Personal Information and Electronic Documents Act (“PIPEDA”). The current text of the CPPA will make a number of significant changes to some of the consent requirements Canadian private sector organizations must obtain.

See our previous blog about CPPA’s proposed privacy ...

Share
Posted in Privacy

Introduction to the CPPA

In June 2022, the federal government introduced Bill C-27, which proposes significant updates to Canada’s federal private sector privacy framework. Bill C-27 is currently in its second reading in the House of Commons. If passed, Bill C-27 would replace the Personal Information and Electronic Documents Act with the Consumer Privacy Protection ...

Share
Posted in Privacy

Big changes are coming to B.C.’s privacy laws. Effective February 1, 2023, new Freedom of Information and Protection of Privacy Act (“FIPPA”) sections (36.2 and 36.3) and regulations will come into force. For the first time, a B.C. privacy law will require breach reporting and the implementation of a privacy management program.

Breach Notification

B.C. public ...

Share
Posted in Privacy

Your employees are probably engaging in risky online behaviour while at work. With a view to helping with your cyber-hygiene and legal compliance, we have set out a few reasons we know this and some tips to address it.

We routinely see cyber incidents, big and small, arise from employee behaviour. Sometimes, they are intentional acts of a rogue employee. Often, employees are ...

Share

A majority of the updates to Québec’s private sector privacy law in Law 25, also known as Bill 64, An Act to modernize legislative provisions as regards the protection of personal information (Bill 64), will come into force on September 22, 2023. Some provisions will come into effect on September 22, 2022. We have outlined a few of the significant upcoming changes ...

Share

About Us

Lawson Lundell's Privacy and Data Management Blog provides updates on the most recent issues emerging in the legal and business communities. We cover a range of issues, legal developments, and new technology as they impact privacy and data management. We will focus on how organizations can protect, manage and innovate with information considering the various risks, regulatory and governance requirements.

Legal Disclaimer: The information made available on this webpage is for information purposes only. It does not constitute legal advice, and should not be relied on as such. Please contact our firm if you need legal advice or have questions about the content of this webpage. 

Editors

Authors

Topics

Recent Posts

Archives

Blogs

Jump to Page