Fingerprint scanning on blue technology illustration
Fingerprint scanning on blue technology illustration
Fingerprint scanning on blue technology illustration

PRIVACY & DATA PROTECTION

Privacy and Data Protection are interrelated concepts that involve complex statutory, regulatory and common law requirements and restrictions. Privacy and data breaches – whether accidental or intentional – are frequent front-page news stories that damage corporate reputations and have led to an increasing number of class action lawsuits. Our privacy and data protection lawyers help clients examine the impact of privacy and data protection laws and regulatory requirements upon their businesses and implement measures to reduce risks.

Canada has a complex network of laws governing privacy and data protection compliance, including private-sector, health-sector and public sector statutes, sector-specific privacy obligations, statutory privacy torts, and evolving common law torts such as “intrusion upon seclusion” and “publicity given to private life.” To provide support to our client, our lawyers routinely prepare and adopt practices and procedures that ensure compliance We advise clients on establishing a comprehensive privacy compliance infrastructure, so that they can reduce the risk of privacy complaints, investigations by privacy commissioners and other regulatory bodies, and privacy-related litigation. An effective compliance infrastructure can also help clients to mitigate the damage of any risks that may materialize.

Our lawyers regularly develop organizational and employee privacy policies and function-specific documents, such as Internet privacy policies, acceptable use policies, and cookies policies. Among other things, McMillan’s data privacy lawyers provide guidance on the application of privacy laws; draft and review privacy policies, consent provisions and information collection procedures; advise on cases of privacy or security breaches; advise on issues related to cross-border transfers of information, including cloud computing; represent clients in privacy-related litigation; and CASL compliance.

Workplace privacy also presents unique issues and challenges. The sheer volume of personal employee information companies handle is just one of the reasons why privacy laws in the workplace are taking centre stage of late. Another emergent workplace privacy issue concerns medical privacy laws in the workplace, which have come to the fore as businesses navigate the legalities of workplace drug testing since Canada legalized marijuana and COVID testing came into play.

McMillan’s workplace privacy lawyers draft and review employee privacy policies, and advise corporations on the application of privacy laws, privacy issues related to searching employees and their property, collection of biometric information, privacy issues unique to unionized workforces, and more.

McMillan’s team also has valuable experience interpreting and applying Canada’s Anti-Spam Legislation (CASL) across organizations, reviewing CASL compliance and training client teams, and dealing with the CRTC and the Privacy Commissioner on CASL compliance matters. Our expertise extends to publication of a legal text, Internet Law Essentials: Canada’s Anti-Spam Law.

Essentially we help clients understand how they can balance compliance with innovation, employer rights, and business needs.

Cybersecurity is no longer solely an issue for IT or technical staff. An effective plan to protect the organization against cyber threats requires insight into both the technical threats and the many and varied ways in which those threats can manifest in personal, physical, and financial damage. Understanding and responding effectively to those threats requires a comprehensive understanding of legal and regulatory obligations and risks, all of which are rapidly evolving.

Among other things, McMillan’s cybersecurity lawyers draft security and data protection policies and protocols; advise on compliance with applicable privacy laws and other legislation; educate managers and directors on the risks associated with a data breach; prepare and implement  a notice strategy to respond to data breaches; advise on dealing with the public and regulators following a breach; and assist with internal investigations and obtaining court orders for timely disclosure of necessary information from third parties.

Although organizations may use their best efforts to develop and implement policies and procedures to comply with Canada’s complex and rapidly evolving privacy and data protection regime, disputes regarding breach of privacy and mishandling of personal information are often unavoidable. McMillan helps organizations manage the risk of being drawn into litigation through, for example, inadvertent disclosure of customer information, employee misconduct, or even external hacking of their information systems.

The importance of an immediate and effective response is underscored by the recent wave of reported class actions relating to privacy and data breaches, many of which allege that the organization did not promptly notify individuals who were at risk of harm.

McMillan’s Privacy Group is experienced at resolving disputes in a client-focused way. We pair specialized privacy expertise with McMillan’s renowned Litigation Group to provide a comprehensive team that can advise and represent clients in all types of privacy litigation.

Primary Contacts

View All Contacts

Kristen Pennington

Partner, Privacy & Data Protection | Employment & Labour Relations

Deals and Cases

Insights (183 Posts)

Featured Insight

Clocking In and Opting Out: Quebec CAI Issues Warning About Biometric Time Clocks in the Workplace

Following CAI's recent observations, this bulletin provides guidance to comply with the applicable requirements to implement biometric time clocks in Quebec.

Read More
May 24, 2023
Featured Insight

Unpacking Bill C-27 – How Organizations Can Prepare for Potential Changes to Canada’s Federal Privacy Laws

Bill C-27 – also known as the Digital Charter Implementation Act, 2022 – completed its second reading in Canada’s House of Commons, bringing Canada one step closer to privacy law reform. Join our discussion on these significant potential developments and what they may mean for your organization.

Details
Thursday, May 18, 2023
Featured Insight

AI Regulatory Roundup – International Developments in AI Law and Policy

An overview of recent Canadian and international developments related to the regulation of artificial intelligence technologies.

Read More
May 2, 2023
Featured Insight

ISED Releases Companion to Proposed AI Law: Timelines, Guidelines, and Enforcement

Summary of ISED's AIDA companion policy and key takeaways for business involved in developing and using artificial intelligence (AI) systems

Read More
Apr 17, 2023
Featured Insight

Privacy Breaches in M&A Deals and the Importance of Data Security Diligence

Data security issues pose risks to a transaction, but can be mitigated with effective data security diligence, and other contractual strategies.

Read More
Apr 3, 2023
Featured Insight

British Columbia’s Privacy Regulator Issues New Privacy Breach Guidance: Here’s What You Need to Know

BC Privacy Commissioner's recent guidance relating to privacy breaches acknowledges that breach notification can be a useful tool to mitigate harm.

Read More
Feb 16, 2023
Featured Insight

Quebec Superior Court Orders That Corporations Must Provide Information to Police – Even Where Data Stored Abroad

The Quebec Superior Court rules the American companies may have to produce documents stored abroad to aid in Canadian criminal investigations.

Read More
Jan 24, 2023
Featured Insight

Employment and Privacy Implications of Recent BC Time Theft Case

A recent BC decision has affirmed the position that employee Time Theft is just cause for dismissal.

Read More
Jan 23, 2023
Featured Insight

Cybersecurity Threats to the Canadian Mining Industry: Is your Business Ready?

Mining firms are vulnerable to cybersecurity attacks but through incident response planning can minimize the risk of exposure.

Read More
Jan 10, 2023
Featured Insight

Modernization of the Investment Canada Act is Underway

The Canadian federal government introduced Bill C-34, An Act to Amend the Investment Canada Act, to modernize Canada’s national security regime.

Read More
Dec 12, 2022
Featured Insight

Privacy, Technology and Cybersecurity Issues in Tech Transactions

Full evaluation of a target's privacy, technology and cybersecurity compliance in due diligence is critical for transactions involving technology companies.

Read More
Dec 6, 2022
Featured Insight

The Exclusion of Intrusion Upon Seclusion: Ontario Court of Appeal definitively determines that “Database Defendants” cannot be held liable for intrusions committed by third-party hackers

The Court of Appeal for Ontario released a trio of decisions that materially impact the viability of class actions following a data breach.

Read More
Dec 1, 2022
Featured Insight

McMillan’s Annual Privacy, Data Protection and Cybersecurity Client Seminar

Join McMillan's Privacy & Data Protection Group on Wednesday, December 7th for an overview of recent significant legal developments, tips on complying with new and forthcoming obligations under Quebec’s Bill 64, and discussions about hot topics in data management.

Details
Wednesday, December 7, 2022
Featured Insight

Act 25 and Confidentiality Incidents – The first Draft Regulations… remain a draft!

Draft regulation under Act 25 regarding protection of personal information, confidentiality incidents and register of confidential incidents are not in force.

Read More
Nov 15, 2022
Featured Insight

The Road to Canada’s Open Banking Framework: Updates from the Working Group Meetings

Four working groups have been working to develop common rules, accreditation criteria, and technical standards for open banking in Canada.

Read More
Nov 2, 2022
Featured Insight

Let’s Get Digital – Canadian Government Consults on Model Digital Trade Policy

The Canadian government develops Model International Digital Trade Policy and requests to join the Digital Economic Partnership Agreement.

Read More
Nov 1, 2022
Featured Insight

British Columbia Privacy Commissioner Releases Guidance on Collecting Personal Information for Political Activities

BC Privacy Commissioner releases guidance on how federal and provincial political organizations can conform to BC's privacy legislation when campaigning.

Read More
Nov 1, 2022
Featured Insight

Stop Snooping: Alberta Privacy Commissioner Finds Employee Snooping Results in Real Risk of Harm

An overview of a recent Alberta Privacy Commissioner breach notification decision relevant to employee snooping.

Read More
Sep 21, 2022
Featured Insight

Lessons learned from Alberta’s Office of the Information and Privacy Commissioner (OIPC) 11-Year Report

An overview of Alberta's Office of the Information and Privacy Commissioner 11-Year Report.

Read More
Sep 21, 2022
Featured Insight

The Case of the Missing Computers: Lessons Learned from Health Canada

A look at the takeaways from the recent audit of Health Canada's IT systems.

Read More
Sep 21, 2022
Featured Insight

Data Security – The Increasing Danger of Vishing Attacks

This bulletin provides guidance regarding voice phishing, or "vishing" attacks. As they rise in popularity, companies must take action to protect their assets.

Read More
Sep 16, 2022
Featured Insight

New Guidance on Ontario’s Workplace Monitoring Disclosure Regime

This bulletin provides guidance regarding Ontario's new electronic monitoring disclosure obligations for employers under the Employment Standards Act.

Read More
Sep 15, 2022
Featured Insight

Part 3 | Privacy 101 – Obligations Under Québec’s New Act 25: How to ensure your business’ biometric data complies with the law

If you do business in Québec, even though you are outside the province, this podcast explains why its new Act 25, in force on September 22, 2022, affects your operations. Discover your responsibilities surrounding biometric data and disclosure obligations to the Québec privacy regulator.

Read More
Sep 15, 2022
Featured Insight

Part 2 | Privacy 101 – Obligations Under Québec’s New Act 25: Why you must now record and report privacy violations

If you do business in Québec, even though you are outside the province, this podcast explains why its new Act 25, in force on September 22, 2022, affects your operations. Discover why your business needs to develop, implement and maintain a register of confidentiality incidents and what your reporting obligations responsibilities are surrounding breach reporting.

Read More
Sep 15, 2022
Featured Insight

Part 1 | Privacy 101 – Obligations Under Québec’s New Act 25: Why your business needs a privacy officer now

If you do business in Québec, even though you are outside the province, this podcast explains why its new Act 25, in force on September 22, 2022, affects your operations. Learn why you need a privacy officer, how to properly delegate this role, and what can happen if you don’t comply.

Read More
Sep 15, 2022
Featured Insight

Avoiding the Perils of a Connected World: New Best Practices for Risk Mitigation

Recently announced updated guidance from the Canadian Center for Cyber Security provides new and important considerations for business activity.

Read More
Aug 31, 2022
Featured Insight

Act 25 – First Draft Regulation, On Your Marks, Get Set, Go!

First draft regulation under Act 25 regarding the protection of personal information and confidentiality incidents.

Read More
Jul 27, 2022
Featured Insight

OSFI Adds to its Existing Technology and Cyber Risk Requirements with Guideline B-13

OSFI issued final Guideline B-13 – Technology and Cyber Risk Management, key takeaways summarized.

Read More
Jul 26, 2022
Featured Insight

Canadian Privacy Regulators Clarify Requirements for Mobile Apps

A recent joint investigation of Canadian privacy commissioners provides guidance for organizations using mobile apps.

Read More
Jul 5, 2022
Featured Insight

Federal Government Proposes New Act to Reinforce Critical Cyber Security in Canada

Bill C-26, An Act respecting cyber security, would do two things: amend the Telecommunications Act and enact the Critical Cyber Systems Protection Act.

Read More
Jul 5, 2022
Featured Insight

Privacy Reform is on the Table Once More: Canada Introduces the Digital Charter Implementation Act, 2022

New federal privacy legislation has been introduced. If passed, Bill C-27 will materially change the legal landscape for privacy and data protection in Canada.

Read More
Jun 22, 2022
Featured Insight

The Anti-Racism Data Act

BC Government passed the Anti-Racism Data Act to safely collect demographic information to address gaps in BC programs and services.

Read More
Jun 15, 2022
Featured Insight

Legislative Amendments Affecting Québec’s Employers

The webinar discusses the rigorous language obligations imposed by Bill 96 on businesses and its significant impact on employers, as well as the recent significant changes to both Québec’s occupational health and safety legislation and Québec’s privacy legislation which employers should be aware of.

Details
Wednesday, June 29, 2022
Featured Insight

Taking Control: Proactive Data Breach Preparedness and Responsible Incident Management

Join us on Tuesday, June 21st as members of our Privacy and Technology Groups discuss how your organization can proactively prepare in order to be in control if and when an incident occurs and to take measured and responsible steps to prevent and manage the associated legal and business risks.

Details
Tuesday, June 21, 2022
Featured Insight

Federal Privacy Commissioner Releases Key Recommendations for a New Federal Private Sector Privacy Law

The Office of the Privacy Commissioner of Canada released a summary of its key recommendations for a new federal private sector privacy law in Canada

Read More
May 17, 2022
Featured Insight

Open Banking: What it is and what it means for you

As we have received a number of questions from clients regarding our open banking bulletins, we are putting together an interdisciplinary panel of experts to take a deep dive into the implications of an open banking system in Canada, exciting developments & expectations for further progression.

Details
Thursday, June 2, 2022
Featured Insight

Cybersecurity Webinar: A New World Order – Cybersecurity Risks, Mitigation Strategies and Opportunities for Canadians in a Rapidly Changing Global Environment

We are more reliant on technology today than ever before. It impacts all facets of modern life, including by enabling communication, automation, transportation and analytics. While technology offers powerful solutions to facilitate and expedite our daily routines, it can also be a key vulnerability with respect to the protection of sensitive data including personal, professional and/or proprietary information.

In this webinar, we are privileged to hear from experts with an array of professional backgrounds as they offer insight into the macro and micro implications of cybersecurity and discuss best practices for protecting private information.

Details
Tuesday, April 26, 2022
Featured Insight

Data Collection and Protection in the Automotive Sector

Join us on Thursday, April 28, 2022 as members of McMillan's Privacy & Data Protection Group discuss privacy and data protection issues relevant to the automotive industry.

Details
Thursday, April 28, 2022
Featured Insight

Federal Government Appoints Open Banking Lead

The federal government has named Abraham Tachjian to lead the development of open banking in Canada, following an open letter from prominent fintech executives.

Read More
Mar 23, 2022
Featured Insight

Pay No Attention to the Blinking Red Light: Employee Monitoring Laws Announced in Ontario

The Ontario Ministry of Labour has released Bill 88, the Working for Workers Act, 2022, requiring employers to disclose digital employee monitoring practices.

Read More
Mar 3, 2022
Featured Insight

Couldn’t Scrape By: BC Court Rejects Certification of Class Action against Facebook

BC Court dismisses certification application for class action against Facebook for allegedly scraping user data from their messenger app.

Read More
Feb 17, 2022
Featured Insight

Privacy, Please: Firm that Breached Instagram’s Privacy Policies Loses Class Action Ruling

A discussion of the recent B.C. Supreme Court decision certifying a class action against a U.S.-based marketing firm that breached Instagram privacy rules.

Read More
Feb 15, 2022
Featured Insight

PropTech: Property Technology, the New Frontier in Real Property, Part 2: Benefits

In this bulletin, we discuss the benefits of using PropTech for businesses in the real estate space and for consumers of such products.

Read More
Jan 11, 2022
Featured Insight

PropTech: Property Technology, the New Frontier in Real Property, Part 1: Introduction

In this 3-part series, we explain the concept of PropTech, highlight its benefits and outline associated risks.

Read More
Jan 11, 2022
Featured Insight

Clearview AI Ordered to Comply with Provincial Regulators’ Privacy Recommendations

Canada’s provincial privacy regulators have issued orders against Clearview AI forcing it comply with the
recommendations of a 2020 joint investigation.

Read More
Jan 5, 2022
Featured Insight

Canadian Centre for Cyber Security Releases Ransomware Playbook

Ransomware attacks are on the rise. The Canadian Centre for Cyber Security released a ransomware playbook to help companies prepare for and respond to attacks.

Read More
Dec 21, 2021
Featured Insight

Smartphone Apps Beware – Babylon Health investigation provides insight into compliance with Alberta privacy laws

Key takeaways from the Office of the Information and Privacy Commissioner of Alberta (OIPC)s report re: investigation of the Babylon by Telus Health app.

Read More
Dec 15, 2021
Featured Insight

Special Committee Releases Report Suggesting Changes to Modernize BC’s Private Sector Privacy Law

We will touch on a few notable recommendations to amend PIPA that may affect the processes and procedures of businesses governed by PIPA.

Read More
Dec 15, 2021
Featured Insight

Urgent Cybersecurity Alert Regarding Apache Log4j

Canada’s Minister of National Defence has issued a statement regarding a recently identified critical vulnerability in the Apache Log4j logging product.

Read More
Dec 13, 2021
Featured Insight

Canada Partners with the European Commission to Examine Use of Digital Credentials

Increased standards for digital credentials improve privacy and global functionality - but what does this mean for businesses who use them?

Read More
Dec 7, 2021
Featured Insight

Bill 64: A Checklist to Help Businesses Comply with Modern Privacy Requirements in Québec

The new changes to Quebec's privacy legislation usher in the modern era of privacy laws. This checklist establishes priorities and timelines for companies.

Read More
Dec 1, 2021
Featured Insight

Risks of Anonymized and Aggregated Data

This article discusses how the anonymized and aggregated data poses risks to businesses, and how to stay compliant with the applicable privacy requirements.

Read More
Dec 1, 2021
Featured Insight

Proposed Changes to FIPPA: Two Steps Forward, One Step Back

The BC government recently introduced a bill to amend FIPPA that introduces new requirements for managing and protecting privacy.

Read More
Nov 5, 2021
Featured Insight

Privacy Commissioner Releases More Guidance for Video Teleconferencing Companies

Video teleconferencing companies face unique cybersecurity and data privacy risks. The OPC has new guidance on how these companies can best address them.

Read More
Nov 3, 2021
Featured Insight

McMillan’s Annual Privacy, Data Protection and Cybersecurity Webinar

Our lawyers will provide an overview of important case law developments, regulatory guidance, upcoming statutory changes, and hot topics in Privacy, Data Protection & Cybersecurity

Details
Wednesday, November 10, 2021
Featured Insight

Bill 64 Enacted: Québec’s Modern Privacy Regime

An in-depth analysis of Quebec's 2021 modernization of its private-sector privacy legislation.

Read More
Oct 15, 2021
Featured Insight

Privacy Implications of an Open Banking System in Canada

Canada’s Advisory Committee on Open Banking's final report- the privacy and data security implications of an open banking system in Canada.

Read More
Oct 12, 2021
Featured Insight

Alberta Recognizes Privacy Tort of Public Disclosure of Private Facts

The Alberta Court of Queen’s Bench recognized the tort of public disclosure of private facts for the first time; In deciding the recognize the tort...

Read More
Sep 27, 2021
Featured Insight

Open Banking in Canada: Could 2023 be the Year?

An overview of the Advisory Committee on Open Banking's final report on bringing open banking to Canada.

Read More
Aug 11, 2021
Featured Insight

Is Private Sector Privacy Legislation Looming in Ontario?

Ontario government seeks input on privacy policy proposals, signaling that Ontario private sector privacy legislation may be on the horizon

Read More
Jul 5, 2021
Featured Insight

The Balancing of Privacy Rights and the Open Court Principle: Disclosure of Private Information in Litigation

The Supreme Court of Canada’s decision in Sherman Estate v Donovan offers clarity on when the open court principle will give ground to the right to privacy.

Read More
Jun 23, 2021
Featured Insight

No Damages for Minor Stress and Inconvenience: Quebec Court Dismisses Data Breach Class Action

In March, the Québec Superior Court released a rare decision in which it dismissed a privacy class action on the merits.

Read More
Jun 9, 2021
Featured Insight

Canadian Privacy Commissioners Issue Joint Guidance on Vaccine Passports

Commissioners warn that privacy considerations must be “front and centre” as organizations develop and implement vaccine passports in the coming months

Read More
May 25, 2021
Featured Insight

FCAC’s Submission on Open Banking: Finding the Right Balance to Achieve Consumer Protection and Broad Financial Sector Participation

The authors discuss the Financial Consumer Agency of Canada's submission to the Advisory Committee on Open Banking.

Read More
Mar 30, 2021
Featured Insight

Big Brother’s Access Limited – Canadian Privacy Commissioners Rule Clearview AI’s Facial Recognition Tool in Breach of Canadian Privacy Laws

Privacy Commissioners find Clearview AI's use of facial recognition software on images it scraped from the Internet to be in breach of privacy laws.

Read More
Feb 17, 2021
Featured Insight

Potential Overhaul of Canadian Privacy Law – Is Your Organization Ready?

Potential Overhaul of Canadian Privacy Law – Is Your Organization Ready?

Details
January 20, 2021 - 11:00 pm to 2:00 pm ET
Featured Insight

International Comparative Legal Guide (ICLG) – Cybersecurity Canada 2021

The International Comparative Legal Guide (ICLG) - Cybersecurity Canada 2021 guide covers common issues in cybersecurity laws and regulations.

Read More
Dec 3, 2020
Featured Insight

Another Leap Forward for Canadian Privacy Laws

The Digital Charter Implementation Act, 2020 received its first reading in the House of Commons. If passed, the Act will radically change Canadian Privacy Law.

Read More
Nov 19, 2020
Featured Insight

Canada’s New Cybersecurity Certification Goes Live

The federal government has launched a voluntary CyberSecure program to help small and medium-sized organizations protect against cybersecurity threats

Read More
Oct 13, 2020
Featured Insight

Reporting and Recording Breaches of Security Safeguards – The OPC releases new resources for businesses

Office of the Privacy Commissioner of Canada ("OPC") released a number of new resources to assist organizations with their breach assessment, reporting and recording obligations.

Read More
Sep 28, 2020
Featured Insight

COVID-19 Realities Push Ontario Government to Launch Public Consultation to Improve the Province’s Privacy Laws

The Ontario government launched public consultations to guide their modernization of private-sector privacy laws within the province.

Read More
Aug 19, 2020
Featured Insight

Alberta’s New Liability Management Framework: A Teaser of What’s Coming

Government of Alberta announces changes to the regulatory regime that governs oil and gas liabilities.

Read More
Aug 4, 2020
Featured Insight

Global Privacy Authorities Remind Video Teleconferencing Companies of Privacy Expectations

Global privacy authorities published a letter to remind video teleconferencing companies of their obligations regarding user's privacy.

Read More
Jul 29, 2020
Featured Insight

Bill 64: Modernizing Québec’s Privacy Regime

Bill 64: Modernizing Québec's Privacy Regime

Read More
Jul 23, 2020
Featured Insight

Supreme Court of Canada Affirms the Genetic Non-Discrimination Act, Weighing Autonomy, Privacy, and Accessibility of Insurance

Impacts on insurers from recent decision in which SCC upholds protections for privacy and autonomy through the Genetic Non-Discrimination Act

Read More
Jul 22, 2020
Featured Insight

Significant Expansion of Ontario’s Personal Health Information Protections amid COVID-19: What you need to know

Bill 188 made significant amendments to PHIPA, which affect technology companies, and potentially insurers, who provide access to personal health information.

Read More
Jul 15, 2020
Featured Insight

The Road to a “New Normal”: Contact Tracing and Privacy Considerations in Canada

Provinces across Canada are starting to lift COVID-19 restrictions and resume some economic and other activities.

Read More
Jun 1, 2020
Featured Insight

Privacy Penalties – Canadian Competition Bureau Wades Into Privacy Enforcement

Organizations operating in Canada are advised to immediately review their privacy-related policies and marketing to avoid false or misleading representations

Read More
May 26, 2020
Featured Insight

Privacy Commissioner Releases Tips for Secure Videoconferencing

It goes without saying that organizations’ use of videoconferencing is at an all-time high as many businesses have converted to remote work.

Read More
May 5, 2020
Featured Insight

Shedding “Light” on a New Privacy Tort

An Ontario court has recently recognized the privacy tort of "false light publicity".

Read More
Mar 3, 2020
Featured Insight

Consumer-Directed Finance: Canada’s Answer to Open Banking

An overview of the Advisory Committee on Open Banking's recent report entitled Consumer-directed finance: the future of financial services.

Read More
Feb 26, 2020
Featured Insight

As the “New NAFTA” Approaches Ratification, Regulated Foreign Entities Should Anticipate Stricter Record-Keeping Requirements

A summary of notable amendments to the federal Bank Act and Insurance Companies Act that Bill C-4 (CUSMA) will bring into force.

Read More
Feb 25, 2020
Featured Insight

How Should AI be Regulated in Canada? Speak now, or forever hold your peace!

Many organizations recognize the potential benefits that artificial intelligence can bring to their business. Canadian regulations coming sooner than later.

Read More
Feb 24, 2020
Featured Insight

2019 Year in Review: Privacy, Data Protection & Cybersecurity

Focusing our discussion on significant advancements, findings and key takeaways, we will present a “Year in Review” session that will cover many of the notable developments that occurred in 2019.

Feb 4, 2020
Featured Insight

New Transparency Requirements: Private Companies in British Columbia Now Required to Collect and Disclose Shareholder Information

Amendments to British Columbia Business Corporations Act require all privately held companies to maintain transparency registers of all significant individuals.

Read More
Jan 31, 2020
Featured Insight

New Year, New Laws? Canada Sets its Privacy Law Resolutions

A number of recent developments suggest that momentum for significant reform to Canadian privacy and data protection laws is building.

Read More
Jan 28, 2020
Featured Insight

Keepin’ It “Real”: OPC Finds that PIPEDA Applies to Foreign-Incorporated Business

Keepin' It "Real": OPC Finds that PIPEDA Applies to Foreign-Incorporated Business

Read More
Jan 15, 2020
Featured Insight

Under the Influence: The Canadian Competition Bureau’s Stand on Misleading Product Endorsements

The Competition Bureau has sent letters to advertisers and advertising agencies warning them to ensure that their Influencer advertising complies with the law.

Read More
Dec 30, 2019
Featured Insight

Contact Information Posted on Websites Not Necessarily Up for Grabs

Investigation findings of the Office of the Privacy Commissioner highlight issues surrounding the use of personal contact information posted on websites

Read More
Dec 19, 2019
Featured Insight

IIROC Introduces Mandatory Reporting of Cybersecurity Incidents for Dealers

On November 14, 2019, IIROC amended its Dealer Member Rules to require mandatory reporting by dealer members that suffer a cybersecurity incident or breach.

Read More
Dec 9, 2019
Featured Insight

One-Year Anniversary of Mandatory Data Breach Reporting: Lessons the OPC Has Learned and What Businesses Need to Know

November 1st, 2018 marked a year since reporting data breaches became mandatory under the Personal Information Protection and Electronic Documents Act ("PIPEDA")

Read More
Nov 11, 2019
Featured Insight

OPC Maintains Status Quo on Transborder Data Flows…At Least for Now!

Feedback from stakeholders regarding its consultation on transfers for processing and transborder data flows, Office of the Privacy Commissioner of Canada has decided to maintain the status quo.

Read More
Sep 23, 2019
Featured Insight

Top of the Class: New Cybersecurity Program to Certify Privacy-Minded Businesses

The federal government has launched a new cybersecurity certification program aimed at helping small and medium-sized businesses protect against cyber threats.

Read More
Aug 14, 2019
Featured Insight

Last Chance for Late National Phase Entry into Canada

It is official - Canada's new Patent Rules will come into force on October 30, 2019.

Read More
Aug 9, 2019
Featured Insight

“Gonna stand my ground; And I won’t back down”¹ – The OPC charges forward with its controversial consultation on transborder dataflows/transfers for processing

On June 11, 2019, the Office of the Privacy Commissioner of Canada (“OPC”) published a reframed discussion document (the “Reframed Discussion”)

Read More
Jun 24, 2019
Featured Insight

TOP TWELVE THINGS TO KNOW – New Canadian Trademarks Act June 17, 2019

On June 17, 2019 major changes to Canada’s Trademarks Act will come into force.

Read More
Jun 4, 2019
Featured Insight

Proposed Digital Charter Could Bring Sweeping Changes to Canadian Privacy Laws

On May 21, 2019, the Canadian federal government released a proposed Digital Charter

Read More
May 23, 2019
Featured Insight

Is Data Residency Coming to Canada? The OPC Signals a Major Change to its Policy Position on Transborder Dataflows

On April 9, 2019, the Office of the Privacy Commissioner of Canada (“OPC”) initiated a consultation on transborder dataflows under the Personal Information Protection and Electronic Documents Act (“PIPEDA”) (the “Consultation”).

Read More
Apr 15, 2019
Featured Insight

Financial Institutions: OSFI’s Heightened Cyber Security Incident Reporting Obligations Now In Effect

OSFI published the Technology and Cyber Security Incident Reporting Advisory, which sets out OSFI's expectations for reporting technology and cyber security incidents.

Read More
Apr 8, 2019
Featured Insight

OSFI Boots Up Cyber Safety with its New Advisory on Technology and Cyber Security Incident Reporting

On January 24, 2019, the Office of the Superintendent of Financial Institutions (“OSFI”) published the Technology and Cyber Security Incident Reporting Advisory (the “Advisory”), which sets out OSFI’s expectations for reporting technology and cyber security incidents.

Read More
Feb 6, 2019
Featured Insight

The Privacy Commissioner’s Guide to Protecting Personal Information in Cannabis Transactions

The Office of the Privacy Commissioner of Canada recently released a guidance document for Canadian private sector cannabis retailers who collect personal information from their customers.

Read More
Jan 30, 2019
Featured Insight

Consent Unnecessary to Disclose Credit File to Statistics Canada

A recent OPC investigation highlights the need to proceed with caution when asked to disclose personal information to a government institution.

Read More
Dec 30, 2018
Featured Insight

What Can and Should the Law Do About ‘Deepfake’: An Update

This update looks at several additional causes of action and discusses how we can limit the deleterious social consequences of deepfake videos.

Read More
Dec 5, 2018
Featured Insight

Will my Securities Investigation Evidence be Subject to FIPPA?

It is generally safe to assume that records given to government institutions will be subject to freedom of information/access to information legislation.

Read More
Nov 26, 2018
Featured Insight

Privacy, Data Protection & Cybersecurity Seminar

McMillan is pleased to host its third annual Privacy, Data Protection & Cybersecurity Seminar in Toronto.

Details
November 13, 2018 - 8:30 am to 12:15 pm
Featured Insight

Is your Privilege Protected? Ontario Court Revisits Doctrine of “Implied Waiver of Privilege” in Recent Decision

Recent case law from Ontario confirms that a party seeking to rely on parts of privileged document cannot simultaneously claim privilege over the same document.

Read More
Aug 23, 2018
Featured Insight

A $250,000 Reminder that “CASL” is Not Just an Anti-Spam Law

July, 2018, the CRTC announced it took enforcement action against Datablocks and Sunlight Media - the first time action is taken under Canada's "Anti-Spam Law"

Read More
Jul 16, 2018
Featured Insight

PIPEDA’s Breach Reporting Requirements Finalized, to Come Into Force November 1, 2018

Personal information where it is reasonable in the circumstances to believe that the breach creates a "real risk of significant harm"[1] to affected individuals

Read More
May 15, 2018
Featured Insight

Recent Privacy Concerns Call for Increased Transparency and Control

In the midst of the Cambridge Analytica data scandal, businesses should consider whether their data handling practices are consistent with user expectations

Read More
Apr 26, 2018
Featured Insight

Practicing Safe Text: Drafting Tips from the Stormy Daniels NDA

Stormy Daniels launches complaint asking a California court to find the NDA invalid and confirm she was free to speak publicly about an alleged 2006 sexual affair with Mr. Trump

Read More
Mar 22, 2018
Featured Insight

If Online Reputation is Everything, Who Wants a Do-Over?

The Office of the Privacy Commissioner of Canada recently released a draft policy position regarding the protection of online reputation.

Read More
Mar 16, 2018
Featured Insight

BC Court of Appeal Rules Absolute Privilege Precludes Claim for Breach of Privacy

The British Columbia Court of Appeal rules that absolute privilege precludes claim for breach of privacy.

Read More
Mar 8, 2018
Featured Insight

Canadian Anti-Spam Law: What you still need to know about CASL

Join the discussion where legal and industry leaders will provide the latest updates on CASL and how organizations are rising to the compliance challenge.

Details
November 30, 2017 - 3:30 pm to 5:00 pm
Featured Insight

Ransomware and its Spawns

Ransomware and its Spawns

Read More
Nov 29, 2017
Featured Insight

McMillan’s Second Annual Privacy, Cybersecurity and Data Protection Seminar

Members of McMillan’s Privacy, Cybersecurity, Data Protection groups will be discussing, for the second year running, how client and in-house counsel can educate their firms on how to navigate through privacy in the workplace, cyber security risks and data protection issues on Tuesday Nov 14, 2017.

Details
November 14, 2017
Featured Insight

Prying Eyes: Risk of Employee ‘Snooping’ and How to Reduce it

Prying Eyes: Risk of Employee ‘Snooping' and How to Reduce it

Read More
Nov 7, 2017
Featured Insight

CSA Provides Guidance to Registrants on Cyber Security and Social Media

CSA Provides Guidance to Registrants on Cyber Security and Social Media

Read More
Nov 1, 2017
Featured Insight

Cybersecurity – The Legal Landscape in Canada

Cybersecurity – The Legal Landscape in Canada

Read More
Oct 25, 2017
Featured Insight

McMillan’s Employment & Labour Relations Group Seminar

Please join us for a practical and in-depth discussion aimed at HR professionals, in-house counsel and operations managers, who want to prepare and better understand how Bill1 48 will impact their business.

Details
September 28, 2017
Featured Insight

Sneak Peek at PIPEDA’s Breach Reporting Requirements – Proposed Regulations Released for Comment

Sneak Peek at PIPEDA's Breach Reporting Requirements - Proposed Regulations Released for Comment

Read More
Sep 8, 2017
Featured Insight

Server Location Not Definitive in Determining Jurisdiction Over Foreign Defendant

Server Location Not Definitive in Determining Jurisdiction Over Foreign Defendant

Read More
Aug 31, 2017
Featured Insight

Cybercrime Insurance Coverage Caselaw: Welcome to Canada?

Cybercrime Insurance Coverage Caselaw: Welcome to Canada?

Read More
Aug 21, 2017
Featured Insight

Supreme Court of Canada Turns the Other Cheek: Facebook’s “Terms and Conditions” – Forum Selection Clause Unenforceable

Supreme Court of Canada Turns the Other Cheek: Facebook's "Terms and Conditions" – Forum Selection Clause Unenforceable

Read More
Jun 29, 2017
Featured Insight

Taking CASL by Storm: Compliance Tips for Investment Fund Managers

Taking CASL by Storm: Compliance Tips for Investment Fund Managers

Read More
Jun 15, 2017
Featured Insight

CASL Private Right of Action Delayed; Enforcement by CRTC Continues

CASL Private Right of Action Delayed; Enforcement by CRTC Continues

Read More
Jun 7, 2017
Featured Insight

Know your Obligations: Workplace Privacy in BC

Know your Obligations: Workplace Privacy in BC

Read More
Jun 6, 2017
Featured Insight

Data protection in the field of employment in Canada

Employee personal information handled by an organization is far greater than the personal information collected by the organization about customers and third parties

Read More
Jun 6, 2017
Featured Insight

Privacy in the Workplace, 4rd Edition

Privacy in the Workplace 3rd Edition

Read More
May 17, 2017
Featured Insight

The tides are changing for cyber regulation, and you may need to take action in order to stay afloat

The tides are changing for cyber regulation, and you may need to take action in order to stay afloat

Read More
Apr 5, 2017
Featured Insight

Are Canadian Businesses Ready For a Cyber Attack?

Are Canadian Businesses Ready For a Cyber Attack?

Read More
Apr 3, 2017
Featured Insight

We’ve Overpaid, Now What? OLRB Confirms Employers’ Obligations in Addressing Pension Overpayments

We've Overpaid, Now What? OLRB Confirms Employers' Obligations in Addressing Pension Overpayments

Read More
Mar 3, 2017
Featured Insight

Are You Ready for CASL’s Private Right of Action?

Are You Ready for CASL's Private Right of Action?

Read More
Jan 30, 2017
Featured Insight

CSA Provides Cybersecurity Risk Disclosure Guidance and Best Practices for Reporting Issuers

CSA Provides Cybersecurity Risk Disclosure Guidance and Best Practices for Reporting Issuers

Read More
Jan 6, 2017
Featured Insight

The Cybersecurity Implications of Driverless Cars

The Cybersecurity Implications of Driverless Cars

Read More
Dec 14, 2016
Featured Insight

Privilege wins out over Document Production Requests, Orders and FOI Legislation – SCC Confirms Status of Solicitor-Client Privilege and Litigation Privilege

Privilege wins out over Document Production Requests, Orders and FOI Legislation - SCC Confirms Status of Solicitor-Client Privilege and Litigation Privilege

Read More
Nov 30, 2016
Featured Insight

McMillan Cybersecurity Article Series

Cybersecurity and cyber risk are growing areas of concern for businesses, governments and individuals.

Read More
Nov 8, 2016
Featured Insight

“Going Dark” – No Easy Answers on the Cybersecurity Horizon

"Going Dark" – No Easy Answers on the Cybersecurity Horizon

Read More
Nov 8, 2016
Featured Insight

Privacy, Data Protection and Cybersecurity Seminar

As organizations are increasing their investment in data safeguards, McMillan’s Privacy Group would like to help our clients understand their core privacy, data protection and cybersecurity obligations and related legal issues.

Details
November 3, 2016 - 7:30 am to 12:30 pm EST
Featured Insight

2016 Annual Employment and Labour Seminar

McMillan's Labour and Employment Group invites you to join us at our annual employment and labour seminar.

Details
8:00 AM - 11:30 AM
Featured Insight

CSA Publish Update on Cybersecurity for Market Participants

CSA Publish Update on Cybersecurity for Market Participants

Read More
Oct 6, 2016
Featured Insight

International Data Transfers to and from Canada

International Data Transfers to and from Canada

Read More
Sep 20, 2016
Featured Insight

The GDPR – Key Points for Canadian Businesses

The GDPR – Key Points for Canadian Businesses

Read More
Aug 5, 2016
Featured Insight

It’s Time for Your Company’s Cyber-health Check-up

It's Time for Your Company's Cyber-health Check-up

Read More
Jul 12, 2016
Featured Insight

Privacy Alert: Proliferation of Access Requests as New Tools Automate Request Generation and Distribution

Privacy Alert: Proliferation of Access Requests as New Tools Automate Request Generation and Distribution

Read More
Jun 23, 2016
Featured Insight

Mitigating Cyber Risk and Cybersecurity Insurance

Mitigating Cyber Risk and Cybersecurity Insurance

Read More
May 3, 2016
Featured Insight

Safeguarding Data Transfers of Federally Regulated Entities: Within Canada and Beyond

Safeguarding Data Transfers of Federally Regulated Entities: Within Canada and Beyond

Read More
Apr 26, 2016
Featured Insight

Privacy and Cybersecurity Issues in Canadian M&A Transactions

Privacy and Cybersecurity Issues in Canadian M&A Transactions

Read More
Apr 4, 2016
Featured Insight

Decrypting the iPhone – Everybody’s Got Something to Hide, Except Me and My Monkey

Decrypting the iPhone - Everybodys Got Something to Hide, Except Me and My Monkey

Read More
Mar 10, 2016
Featured Insight

Introducing Safe Harbour 2.0: the EU-US Privacy Shield

Introducing Safe Harbour 2.0: the EU-US Privacy Shield

Read More
Feb 16, 2016
Featured Insight

The Privacy Commissioner’s Annual Report on the Privacy Act

The Privacy Commissioners Annual Report on the Privacy Act

Read More
Feb 3, 2016
Featured Insight

Can you keep a secret? The courts recognize a new tort for public disclosure of private facts

Can you keep a secret? The courts recognize a new tort for public disclosure of private facts

Read More
Feb 1, 2016
Featured Insight

When Does Access Become Frivolous?

When Does Access Become Frivolous?

Read More
Nov 10, 2015
Featured Insight

Bring Your Own Device (“BYOD”) Programs: Strategic Considerations to Reconcile Security and Privacy Issues

A Bring Your Own Device program permits employees to use their own personal electronic devices for both business and personal purposes.

Read More
Nov 10, 2015
Featured Insight

Developments in cyber-risk insurance coverage

Developments in cyber-risk insurance coverage

Read More
Oct 27, 2015
Featured Insight

Cyber risk insurance: driving the risk management process

Insurers and other insurance professionals have traditionally been well positioned to drive improvements in risk management processes.

Read More
Oct 20, 2015
Featured Insight

Cyber risk insurance: driving the risk management process

Cyber risk insurance: driving the risk management process

Read More
Oct 20, 2015
Featured Insight

Safe Harbour Not Safe Enough: Data Transfers From E.U. To U.S. Out To Sea

Safe Harbour Not Safe Enough: Data Transfers From E.U. To U.S. Out To Sea

Read More
Oct 17, 2015
Featured Insight

Ashley Madison – A new era in privacy class actions for Canada?

Ashley Madison – A new era in privacy class actions for Canada?

Read More
Oct 2, 2015
Featured Insight

Security Breach Implicating Personal Information: Which Injuries are Compensable?

Security Breach Implicating Personal Information: Which Injuries are Compensable?

Read More
Sep 15, 2015
Featured Insight

Shining Light in Dark Places: GPEN Sweep Targets Children’s Mobile Applications and Websites

Shining Light in Dark Places: GPEN Sweep Targets Children's Mobile Applications and Websites

Read More
Sep 13, 2015
Featured Insight

Health Privacy Revisited – Upcoming Changes to Ontario’s Health Privacy Laws

Health Privacy Revisited – Upcoming Changes to Ontario's Health Privacy Laws

Read More
Aug 11, 2015
Featured Insight

Online Behavioural Advertising: An Update for Advertisers, Ad Networks and Agencies

Online Behavioural Advertising: An Update for Advertisers, Ad Networks and Agencies

Read More
Aug 10, 2015
Featured Insight

Cloud Computing

Cloud Computing

Read More
Jul 24, 2015
Featured Insight

McMillan Privacy Basics Bulletin Series

McMillan Privacy Basics Bulletin Series

Read More
Jul 17, 2015
Featured Insight

Flag on the Play? Recent Disclosure of NFL Player’s Medical Information Sparks Allegations of Privacy Violations

Flag on the Play? Recent Disclosure of NFL Player's Medical Information Sparks Allegations of Privacy Violations

Read More
Jul 17, 2015
Featured Insight

Data Protection Agreements

Data Protection Agreements

Read More
Jul 16, 2015
Featured Insight

More Changes to Cyber Security Laws on the Horizon?

More Changes to Cyber Security Laws on the Horizon?

Read More
Jul 15, 2015
Featured Insight

Access Requests

Access Requests

Read More
Jul 5, 2015
Featured Insight

Cybersecurity

Cybersecurity Privacy

Read More
Jul 2, 2015
Featured Insight

Privacy Training

Privacy Training

Read More
Jun 28, 2015
Featured Insight

PIPEDA Changes Finally Pass

PIPEDA Changes Finally Pass

Read More
Jun 22, 2015
Featured Insight

Privacy Programs

Privacy Programs

Read More
Jun 19, 2015
Featured Insight

Privacy Policies

Privacy Policies

Read More
Jun 9, 2015
Featured Insight

Bell Gets a Bad Rap for its RAP (Relevant Advertising Program)

Bell Gets a Bad Rap for its RAP (Relevant Advertising Program)

Read More
Jun 2, 2015
Featured Insight

Monitoring the Mayor – B.C. Mayor alleges that computer monitoring violated his privacy

Monitoring the Mayor – B.C. Mayor alleges that computer monitoring violated his privacy

Read More
May 21, 2015
Featured Insight

CRTC Imposes $1.1 Million Penalty for Alleged CASL Violation

CRTC Imposes $1.1 Million Penalty for Alleged CASL Violation

Read More
Mar 7, 2015
Featured Insight

Green Eggs And Spam: The Surprising Side Dish to Canada’s Anti-Spam Law that May Catch Software Businesses Off Guard

Green Eggs And Spam: The Surprising Side Dish to Canadas Anti-Spam Law that May Catch Software Businesses off Guard

Read More
Dec 2, 2014
Featured Insight

Canadian Telcos and Banks Subject to the Quebec Privacy Law

Canadian Telcos and Banks Subject to the Quebec Privacy Law

Read More
Oct 31, 2014
Featured Insight

Limited Protection of Dependents’ Personal Information in Group Insurance Matters

Limited Protection of Dependents Personal Information in Group Insurance Matters

Read More
Aug 15, 2014
Featured Insight

Key Differences between US and Canadian Anti-Spam Laws

Key Differences between US and Canadian Anti-Spam Laws

Read More
Apr 14, 2014
Featured Insight

Top Ten Things You Need to Know About Canada’s Anti-spam Law

Top Ten Things You Need to Know About Canada's Anti-spam Law

Read More
Jan 13, 2014
Featured Insight

CASL update #3 – computer download rules – potential impact for online advertisers

CASL update #3 – computer download rules – potential impact for online advertisers

Read More
Jun 25, 2013