OBA Program: Blockchain & Artificial Intelligence Meet Privacy Law October 09, 2019 Amanda Branch A summary of the "Blockchain & Artificial Intelligence Meet Privacy Law: An Interactive Conversation on Strategizing for Clients" program that was jointly hosted by the Information Technology and Intellectual Property Law Section and the Privacy and Access to Information Law Section in September 2019.
What You Need to Know In Privacy Case Law and Litigation: Summary of Panel Discussion June 27, 2019 Sarah Nasrullah The OBA hosted another Privacy Summit in 2019. This article provides an overview of the developments in privacy jurisprudence, as discussed during a 3-member panel presentation at the Summit.
Smart Cities: An Opportunity for Engagement on Big Data Governance June 14, 2019 Steve Tenai Smart city initiatives provide a welcome opportunity for public engagement about data governance and privacy in Ontario and beyond.
2019 Privacy Class Actions Update: Why did Casino Rama fail and Bell Mobility succeed? May 31, 2019 Avi Sharabi Why did the Ontario Superior Court of Justice refuse to certify the Casino Rama privacy breach class action, but then certified the Bell Mobility class action less than a week later? This piece offers a few theories explaining the opposing outcomes.
R. v. Jarvis: privacy is not an “all-or-nothing” concept May 02, 2019 Stacey Reisman, Jon Silver, and Ronak Shah In R v. Jarvis, the Supreme Court of Canada established a robust approach to individual privacy rights thereby opening the door for courts to apply Canada’s constitutional privacy framework to alleged invasions of privacy between individuals. The decision has implications in the criminal law context, and beyond.
Protecting Against Developer Error: Addressing Appropriate Data Management Procedures and Measures for Developers Today… and Tomorrow April 17, 2019 William Lim Facebook discovered a data breach in 2013 due to the inadvertent interaction between two of its features. The Privacy Commissioner of Canada (“Commissioner”) investigated the cause and aftermath of the breach and decided that the remedial measures Facebook implemented following this breach was sufficient. Would that decision be upheld by a Court in a claim for negligence? What additional but practical technical measures could Facebook have implemented to avoid being found negligent?
Canada’s Anti-Spam Legislation: Compliance and Enforcement Update From the Regulators February 25, 2019 Amanda Branch An overview of the “Canada’s Anti-Spam Legislation (CASL): A Joint Presentation on Compliance and Enforcement” program hosted by the Ontario Bar Association in November 2018.
Privacy Commissioner’s Consent Guidelines Come Into Force February 24, 2019 Imran Ahmad, Wendy Mee, and Amir Eftekharpour How can organizations ensure that they are obtaining meaningful consent to the collection, use, and disclosure of personal information? The Office of the Privacy Commissioner of Canada weighs in with a guidance document outlining guiding principles and a checklist of "Must-do" and "Should-do" items.
All Eyes on Consequences of Facial Recognition Technology January 21, 2019 Mark Hayes and Adam Jacobs While facial recognition technology is increasingly prevalent in our day-to-day lives, the authors highlight concerns regarding compliance with applicable privacy laws.
Allocating Risk and Preparing For a Data Breach January 21, 2019 Shan Alavi All organizations, large or small, are prone to privacy breaches, the cost of which can cripple an organization that is not prepared to handle such threats. No organization is immune, but every organization can mitigate the risks.