


Privacy & Data Protection
PRIVACY & DATA PROTECTION
Privacy and Data Protection are interrelated concepts that involve complex statutory, regulatory and common law requirements and restrictions. Privacy and data breaches – whether accidental or intentional – are frequent front-page news stories that damage corporate reputations and have led to an increasing number of class action lawsuits. Our privacy and data protection lawyers help clients examine the impact of privacy and data protection laws and regulatory requirements upon their businesses and implement measures to reduce risks.
Canada has a complex network of laws governing privacy and data protection compliance, including private-sector, health-sector and public sector statutes, sector-specific privacy obligations, statutory privacy torts, and evolving common law torts such as “intrusion upon seclusion” and “publicity given to private life.” To provide support to our client, our lawyers routinely prepare and adopt practices and procedures that ensure compliance We advise clients on establishing a comprehensive privacy compliance infrastructure, so that they can reduce the risk of privacy complaints, investigations by privacy commissioners and other regulatory bodies, and privacy-related litigation. An effective compliance infrastructure can also help clients to mitigate the damage of any risks that may materialize.
Our lawyers regularly develop organizational and employee privacy policies and function-specific documents, such as Internet privacy policies, acceptable use policies, and cookies policies. Among other things, McMillan’s data privacy lawyers provide guidance on the application of privacy laws; draft and review privacy policies, consent provisions and information collection procedures; advise on cases of privacy or security breaches; advise on issues related to cross-border transfers of information, including cloud computing; represent clients in privacy-related litigation; and CASL compliance.
Workplace privacy also presents unique issues and challenges. The sheer volume of personal employee information companies handle is just one of the reasons why privacy laws in the workplace are taking centre stage of late. Another emergent workplace privacy issue concerns medical privacy laws in the workplace, which have come to the fore as businesses navigate the legalities of workplace drug testing since Canada legalized marijuana and COVID testing came into play.
McMillan’s workplace privacy lawyers draft and review employee privacy policies, and advise corporations on the application of privacy laws, privacy issues related to searching employees and their property, collection of biometric information, privacy issues unique to unionized workforces, and more.
McMillan’s team also has valuable experience interpreting and applying Canada’s Anti-Spam Legislation (CASL) across organizations, reviewing CASL compliance and training client teams, and dealing with the CRTC and the Privacy Commissioner on CASL compliance matters. Our expertise extends to publication of a legal text, Internet Law Essentials: Canada’s Anti-Spam Law.
Essentially we help clients understand how they can balance compliance with innovation, employer rights, and business needs.
Cybersecurity is no longer solely an issue for IT or technical staff. An effective plan to protect the organization against cyber threats requires insight into both the technical threats and the many and varied ways in which those threats can manifest in personal, physical, and financial damage. Understanding and responding effectively to those threats requires a comprehensive understanding of legal and regulatory obligations and risks, all of which are rapidly evolving.
Among other things, McMillan’s cybersecurity lawyers draft security and data protection policies and protocols; advise on compliance with applicable privacy laws and other legislation; educate managers and directors on the risks associated with a data breach; prepare and implement a notice strategy to respond to data breaches; advise on dealing with the public and regulators following a breach; and assist with internal investigations and obtaining court orders for timely disclosure of necessary information from third parties.
Although organizations may use their best efforts to develop and implement policies and procedures to comply with Canada’s complex and rapidly evolving privacy and data protection regime, disputes regarding breach of privacy and mishandling of personal information are often unavoidable. McMillan helps organizations manage the risk of being drawn into litigation through, for example, inadvertent disclosure of customer information, employee misconduct, or even external hacking of their information systems.
The importance of an immediate and effective response is underscored by the recent wave of reported class actions relating to privacy and data breaches, many of which allege that the organization did not promptly notify individuals who were at risk of harm.
McMillan’s Privacy Group is experienced at resolving disputes in a client-focused way. We pair specialized privacy expertise with McMillan’s renowned Litigation Group to provide a comprehensive team that can advise and represent clients in all types of privacy litigation.
Primary Contacts
View All ContactsDeals and Cases
Downloads
Data Protection 2021, Canada Chapter
International Comparative Legal Guides, 8th Edition Download FileInsights (183 Posts)
Clocking In and Opting Out: Quebec CAI Issues Warning About Biometric Time Clocks in the Workplace
Following CAI's recent observations, this bulletin provides guidance to comply with the applicable requirements to implement biometric time clocks in Quebec.
Read More
May 24, 2023
×
Unpacking Bill C-27 – How Organizations Can Prepare for Potential Changes to Canada’s Federal Privacy Laws
Bill C-27 – also known as the Digital Charter Implementation Act, 2022 – completed its second reading in Canada’s House of Commons, bringing Canada one step closer to privacy law reform. Join our discussion on these significant potential developments and what they may mean for your organization.
Details
Thursday, May 18, 2023
×
AI Regulatory Roundup – International Developments in AI Law and Policy
An overview of recent Canadian and international developments related to the regulation of artificial intelligence technologies.
Read More
May 2, 2023
×
ISED Releases Companion to Proposed AI Law: Timelines, Guidelines, and Enforcement
Summary of ISED's AIDA companion policy and key takeaways for business involved in developing and using artificial intelligence (AI) systems
Read More
Apr 17, 2023
×
Privacy Breaches in M&A Deals and the Importance of Data Security Diligence
Data security issues pose risks to a transaction, but can be mitigated with effective data security diligence, and other contractual strategies.
Read More
Apr 3, 2023
×
British Columbia’s Privacy Regulator Issues New Privacy Breach Guidance: Here’s What You Need to Know
BC Privacy Commissioner's recent guidance relating to privacy breaches acknowledges that breach notification can be a useful tool to mitigate harm.
Read More
Feb 16, 2023
×
Quebec Superior Court Orders That Corporations Must Provide Information to Police – Even Where Data Stored Abroad
The Quebec Superior Court rules the American companies may have to produce documents stored abroad to aid in Canadian criminal investigations.
Read More
Jan 24, 2023
×
Employment and Privacy Implications of Recent BC Time Theft Case
A recent BC decision has affirmed the position that employee Time Theft is just cause for dismissal.
Read More
Jan 23, 2023
×
Cybersecurity Threats to the Canadian Mining Industry: Is your Business Ready?
Mining firms are vulnerable to cybersecurity attacks but through incident response planning can minimize the risk of exposure.
Read More
Jan 10, 2023
×
Modernization of the Investment Canada Act is Underway
The Canadian federal government introduced Bill C-34, An Act to Amend the Investment Canada Act, to modernize Canada’s national security regime.
Read More
Dec 12, 2022
×
Privacy, Technology and Cybersecurity Issues in Tech Transactions
Full evaluation of a target's privacy, technology and cybersecurity compliance in due diligence is critical for transactions involving technology companies.
Read More
Dec 6, 2022
×
The Exclusion of Intrusion Upon Seclusion: Ontario Court of Appeal definitively determines that “Database Defendants” cannot be held liable for intrusions committed by third-party hackers
The Court of Appeal for Ontario released a trio of decisions that materially impact the viability of class actions following a data breach.
Read More
Dec 1, 2022
×
McMillan’s Annual Privacy, Data Protection and Cybersecurity Client Seminar
Join McMillan's Privacy & Data Protection Group on Wednesday, December 7th for an overview of recent significant legal developments, tips on complying with new and forthcoming obligations under Quebec’s Bill 64, and discussions about hot topics in data management.
Details
Wednesday, December 7, 2022
×
Act 25 and Confidentiality Incidents – The first Draft Regulations… remain a draft!
Draft regulation under Act 25 regarding protection of personal information, confidentiality incidents and register of confidential incidents are not in force.
Read More
Nov 15, 2022
×
The Road to Canada’s Open Banking Framework: Updates from the Working Group Meetings
Four working groups have been working to develop common rules, accreditation criteria, and technical standards for open banking in Canada.
Read More
Nov 2, 2022
×
Let’s Get Digital – Canadian Government Consults on Model Digital Trade Policy
The Canadian government develops Model International Digital Trade Policy and requests to join the Digital Economic Partnership Agreement.
Read More
Nov 1, 2022
×
British Columbia Privacy Commissioner Releases Guidance on Collecting Personal Information for Political Activities
BC Privacy Commissioner releases guidance on how federal and provincial political organizations can conform to BC's privacy legislation when campaigning.
Read More
Nov 1, 2022
×
Stop Snooping: Alberta Privacy Commissioner Finds Employee Snooping Results in Real Risk of Harm
An overview of a recent Alberta Privacy Commissioner breach notification decision relevant to employee snooping.
Read More
Sep 21, 2022
×
Lessons learned from Alberta’s Office of the Information and Privacy Commissioner (OIPC) 11-Year Report
An overview of Alberta's Office of the Information and Privacy Commissioner 11-Year Report.
Read More
Sep 21, 2022
×
The Case of the Missing Computers: Lessons Learned from Health Canada
A look at the takeaways from the recent audit of Health Canada's IT systems.
Read More
Sep 21, 2022
×
Data Security – The Increasing Danger of Vishing Attacks
This bulletin provides guidance regarding voice phishing, or "vishing" attacks. As they rise in popularity, companies must take action to protect their assets.
Read More
Sep 16, 2022
×
New Guidance on Ontario’s Workplace Monitoring Disclosure Regime
This bulletin provides guidance regarding Ontario's new electronic monitoring disclosure obligations for employers under the Employment Standards Act.
Read More
Sep 15, 2022
×
Part 3 | Privacy 101 – Obligations Under Québec’s New Act 25: How to ensure your business’ biometric data complies with the law
If you do business in Québec, even though you are outside the province, this podcast explains why its new Act 25, in force on September 22, 2022, affects your operations. Discover your responsibilities surrounding biometric data and disclosure obligations to the Québec privacy regulator.
Read More
Sep 15, 2022
×
Part 2 | Privacy 101 – Obligations Under Québec’s New Act 25: Why you must now record and report privacy violations
If you do business in Québec, even though you are outside the province, this podcast explains why its new Act 25, in force on September 22, 2022, affects your operations. Discover why your business needs to develop, implement and maintain a register of confidentiality incidents and what your reporting obligations responsibilities are surrounding breach reporting.
Read More
Sep 15, 2022
×
Part 1 | Privacy 101 – Obligations Under Québec’s New Act 25: Why your business needs a privacy officer now
If you do business in Québec, even though you are outside the province, this podcast explains why its new Act 25, in force on September 22, 2022, affects your operations. Learn why you need a privacy officer, how to properly delegate this role, and what can happen if you don’t comply.
Read More
Sep 15, 2022
×
Avoiding the Perils of a Connected World: New Best Practices for Risk Mitigation
Recently announced updated guidance from the Canadian Center for Cyber Security provides new and important considerations for business activity.
Read More
Aug 31, 2022
×
Act 25 – First Draft Regulation, On Your Marks, Get Set, Go!
First draft regulation under Act 25 regarding the protection of personal information and confidentiality incidents.
Read More
Jul 27, 2022
×
OSFI Adds to its Existing Technology and Cyber Risk Requirements with Guideline B-13
OSFI issued final Guideline B-13 – Technology and Cyber Risk Management, key takeaways summarized.
Read More
Jul 26, 2022
×
Canadian Privacy Regulators Clarify Requirements for Mobile Apps
A recent joint investigation of Canadian privacy commissioners provides guidance for organizations using mobile apps.
Read More
Jul 5, 2022
×
Federal Government Proposes New Act to Reinforce Critical Cyber Security in Canada
Bill C-26, An Act respecting cyber security, would do two things: amend the Telecommunications Act and enact the Critical Cyber Systems Protection Act.
Read More
Jul 5, 2022
×
Privacy Reform is on the Table Once More: Canada Introduces the Digital Charter Implementation Act, 2022
New federal privacy legislation has been introduced. If passed, Bill C-27 will materially change the legal landscape for privacy and data protection in Canada.
Read More
Jun 22, 2022
×
The Anti-Racism Data Act
BC Government passed the Anti-Racism Data Act to safely collect demographic information to address gaps in BC programs and services.
Read More
Jun 15, 2022
×
Legislative Amendments Affecting Québec’s Employers
The webinar discusses the rigorous language obligations imposed by Bill 96 on businesses and its significant impact on employers, as well as the recent significant changes to both Québec’s occupational health and safety legislation and Québec’s privacy legislation which employers should be aware of.
Details
Wednesday, June 29, 2022
×
Taking Control: Proactive Data Breach Preparedness and Responsible Incident Management
Join us on Tuesday, June 21st as members of our Privacy and Technology Groups discuss how your organization can proactively prepare in order to be in control if and when an incident occurs and to take measured and responsible steps to prevent and manage the associated legal and business risks.
Details
Tuesday, June 21, 2022
×
Federal Privacy Commissioner Releases Key Recommendations for a New Federal Private Sector Privacy Law
The Office of the Privacy Commissioner of Canada released a summary of its key recommendations for a new federal private sector privacy law in Canada
Read More
May 17, 2022
×
Open Banking: What it is and what it means for you
As we have received a number of questions from clients regarding our open banking bulletins, we are putting together an interdisciplinary panel of experts to take a deep dive into the implications of an open banking system in Canada, exciting developments & expectations for further progression.
Details
Thursday, June 2, 2022
×
Cybersecurity Webinar: A New World Order – Cybersecurity Risks, Mitigation Strategies and Opportunities for Canadians in a Rapidly Changing Global Environment
We are more reliant on technology today than ever before. It impacts all facets of modern life, including by enabling communication, automation, transportation and analytics. While technology offers powerful solutions to facilitate and expedite our daily routines, it can also be a key vulnerability with respect to the protection of sensitive data including personal, professional and/or proprietary information.
In this webinar, we are privileged to hear from experts with an array of professional backgrounds as they offer insight into the macro and micro implications of cybersecurity and discuss best practices for protecting private information.
Details
Tuesday, April 26, 2022
×
Data Collection and Protection in the Automotive Sector
Join us on Thursday, April 28, 2022 as members of McMillan's Privacy & Data Protection Group discuss privacy and data protection issues relevant to the automotive industry.
Details
Thursday, April 28, 2022
×
Federal Government Appoints Open Banking Lead
The federal government has named Abraham Tachjian to lead the development of open banking in Canada, following an open letter from prominent fintech executives.
Read More
Mar 23, 2022
×
Pay No Attention to the Blinking Red Light: Employee Monitoring Laws Announced in Ontario
The Ontario Ministry of Labour has released Bill 88, the Working for Workers Act, 2022, requiring employers to disclose digital employee monitoring practices.
Read More
Mar 3, 2022
×
Couldn’t Scrape By: BC Court Rejects Certification of Class Action against Facebook
BC Court dismisses certification application for class action against Facebook for allegedly scraping user data from their messenger app.
Read More
Feb 17, 2022
×
Privacy, Please: Firm that Breached Instagram’s Privacy Policies Loses Class Action Ruling
A discussion of the recent B.C. Supreme Court decision certifying a class action against a U.S.-based marketing firm that breached Instagram privacy rules.
Read More
Feb 15, 2022
×
PropTech: Property Technology, the New Frontier in Real Property, Part 2: Benefits
In this bulletin, we discuss the benefits of using PropTech for businesses in the real estate space and for consumers of such products.
Read More
Jan 11, 2022
×
PropTech: Property Technology, the New Frontier in Real Property, Part 1: Introduction
In this 3-part series, we explain the concept of PropTech, highlight its benefits and outline associated risks.
Read More
Jan 11, 2022
×
Clearview AI Ordered to Comply with Provincial Regulators’ Privacy Recommendations
Canada’s provincial privacy regulators have issued orders against Clearview AI forcing it comply with the
recommendations of a 2020 joint investigation.
Read More
Jan 5, 2022
×
Canadian Centre for Cyber Security Releases Ransomware Playbook
Ransomware attacks are on the rise. The Canadian Centre for Cyber Security released a ransomware playbook to help companies prepare for and respond to attacks.
Read More
Dec 21, 2021
×
Smartphone Apps Beware – Babylon Health investigation provides insight into compliance with Alberta privacy laws
Key takeaways from the Office of the Information and Privacy Commissioner of Alberta (OIPC)s report re: investigation of the Babylon by Telus Health app.
Read More
Dec 15, 2021
×
Special Committee Releases Report Suggesting Changes to Modernize BC’s Private Sector Privacy Law
We will touch on a few notable recommendations to amend PIPA that may affect the processes and procedures of businesses governed by PIPA.
Read More
Dec 15, 2021
×
Urgent Cybersecurity Alert Regarding Apache Log4j
Canada’s Minister of National Defence has issued a statement regarding a recently identified critical vulnerability in the Apache Log4j logging product.
Read More
Dec 13, 2021
×
Canada Partners with the European Commission to Examine Use of Digital Credentials
Increased standards for digital credentials improve privacy and global functionality - but what does this mean for businesses who use them?
Read More
Dec 7, 2021
×
Bill 64: A Checklist to Help Businesses Comply with Modern Privacy Requirements in Québec
The new changes to Quebec's privacy legislation usher in the modern era of privacy laws. This checklist establishes priorities and timelines for companies.
Read More
Dec 1, 2021
×
Risks of Anonymized and Aggregated Data
This article discusses how the anonymized and aggregated data poses risks to businesses, and how to stay compliant with the applicable privacy requirements.
Read More
Dec 1, 2021
×
Proposed Changes to FIPPA: Two Steps Forward, One Step Back
The BC government recently introduced a bill to amend FIPPA that introduces new requirements for managing and protecting privacy.
Read More
Nov 5, 2021
×
Privacy Commissioner Releases More Guidance for Video Teleconferencing Companies
Video teleconferencing companies face unique cybersecurity and data privacy risks. The OPC has new guidance on how these companies can best address them.
Read More
Nov 3, 2021
×
McMillan’s Annual Privacy, Data Protection and Cybersecurity Webinar
Our lawyers will provide an overview of important case law developments, regulatory guidance, upcoming statutory changes, and hot topics in Privacy, Data Protection & Cybersecurity
Details
Wednesday, November 10, 2021
×
Bill 64 Enacted: Québec’s Modern Privacy Regime
An in-depth analysis of Quebec's 2021 modernization of its private-sector privacy legislation.
Read More
Oct 15, 2021
×
Privacy Implications of an Open Banking System in Canada
Canada’s Advisory Committee on Open Banking's final report- the privacy and data security implications of an open banking system in Canada.
Read More
Oct 12, 2021
×
Alberta Recognizes Privacy Tort of Public Disclosure of Private Facts
The Alberta Court of Queen’s Bench recognized the tort of public disclosure of private facts for the first time; In deciding the recognize the tort...
Read More
Sep 27, 2021
×
Open Banking in Canada: Could 2023 be the Year?
An overview of the Advisory Committee on Open Banking's final report on bringing open banking to Canada.
Read More
Aug 11, 2021
×
Is Private Sector Privacy Legislation Looming in Ontario?
Ontario government seeks input on privacy policy proposals, signaling that Ontario private sector privacy legislation may be on the horizon
Read More
Jul 5, 2021
×
The Balancing of Privacy Rights and the Open Court Principle: Disclosure of Private Information in Litigation
The Supreme Court of Canada’s decision in Sherman Estate v Donovan offers clarity on when the open court principle will give ground to the right to privacy.
Read More
Jun 23, 2021
×
No Damages for Minor Stress and Inconvenience: Quebec Court Dismisses Data Breach Class Action
In March, the Québec Superior Court released a rare decision in which it dismissed a privacy class action on the merits.
Read More
Jun 9, 2021
×
Canadian Privacy Commissioners Issue Joint Guidance on Vaccine Passports
Commissioners warn that privacy considerations must be “front and centre” as organizations develop and implement vaccine passports in the coming months
Read More
May 25, 2021
×
FCAC’s Submission on Open Banking: Finding the Right Balance to Achieve Consumer Protection and Broad Financial Sector Participation
The authors discuss the Financial Consumer Agency of Canada's submission to the Advisory Committee on Open Banking.
Read More
Mar 30, 2021
×
Big Brother’s Access Limited – Canadian Privacy Commissioners Rule Clearview AI’s Facial Recognition Tool in Breach of Canadian Privacy Laws
Privacy Commissioners find Clearview AI's use of facial recognition software on images it scraped from the Internet to be in breach of privacy laws.
Read More
Feb 17, 2021
×
Potential Overhaul of Canadian Privacy Law – Is Your Organization Ready?
Potential Overhaul of Canadian Privacy Law – Is Your Organization Ready?
Details
January 20, 2021 - 11:00 pm to 2:00 pm ET
×
International Comparative Legal Guide (ICLG) – Cybersecurity Canada 2021
The International Comparative Legal Guide (ICLG) - Cybersecurity Canada 2021 guide covers common issues in cybersecurity laws and regulations.
Read More
Dec 3, 2020
×
Another Leap Forward for Canadian Privacy Laws
The Digital Charter Implementation Act, 2020 received its first reading in the House of Commons. If passed, the Act will radically change Canadian Privacy Law.
Read More
Nov 19, 2020
×
Canada’s New Cybersecurity Certification Goes Live
The federal government has launched a voluntary CyberSecure program to help small and medium-sized organizations protect against cybersecurity threats
Read More
Oct 13, 2020
×
Reporting and Recording Breaches of Security Safeguards – The OPC releases new resources for businesses
Office of the Privacy Commissioner of Canada ("OPC") released a number of new resources to assist organizations with their breach assessment, reporting and recording obligations.
Read More
Sep 28, 2020
×
COVID-19 Realities Push Ontario Government to Launch Public Consultation to Improve the Province’s Privacy Laws
The Ontario government launched public consultations to guide their modernization of private-sector privacy laws within the province.
Read More
Aug 19, 2020
×
Alberta’s New Liability Management Framework: A Teaser of What’s Coming
Government of Alberta announces changes to the regulatory regime that governs oil and gas liabilities.
Read More
Aug 4, 2020
×
Global Privacy Authorities Remind Video Teleconferencing Companies of Privacy Expectations
Global privacy authorities published a letter to remind video teleconferencing companies of their obligations regarding user's privacy.
Read More
Jul 29, 2020
×
Bill 64: Modernizing Québec’s Privacy Regime
Bill 64: Modernizing Québec's Privacy Regime
Read More
Jul 23, 2020
×
Supreme Court of Canada Affirms the Genetic Non-Discrimination Act, Weighing Autonomy, Privacy, and Accessibility of Insurance
Impacts on insurers from recent decision in which SCC upholds protections for privacy and autonomy through the Genetic Non-Discrimination Act
Read More
Jul 22, 2020
×
Significant Expansion of Ontario’s Personal Health Information Protections amid COVID-19: What you need to know
Bill 188 made significant amendments to PHIPA, which affect technology companies, and potentially insurers, who provide access to personal health information.
Read More
Jul 15, 2020
×
The Road to a “New Normal”: Contact Tracing and Privacy Considerations in Canada
Provinces across Canada are starting to lift COVID-19 restrictions and resume some economic and other activities.
Read More
Jun 1, 2020
×
Privacy Penalties – Canadian Competition Bureau Wades Into Privacy Enforcement
Organizations operating in Canada are advised to immediately review their privacy-related policies and marketing to avoid false or misleading representations
Read More
May 26, 2020
×
Privacy Commissioner Releases Tips for Secure Videoconferencing
It goes without saying that organizations’ use of videoconferencing is at an all-time high as many businesses have converted to remote work.
Read More
May 5, 2020
×
Shedding “Light” on a New Privacy Tort
An Ontario court has recently recognized the privacy tort of "false light publicity".
Read More
Mar 3, 2020
×
Consumer-Directed Finance: Canada’s Answer to Open Banking
An overview of the Advisory Committee on Open Banking's recent report entitled Consumer-directed finance: the future of financial services.
Read More
Feb 26, 2020
×
As the “New NAFTA” Approaches Ratification, Regulated Foreign Entities Should Anticipate Stricter Record-Keeping Requirements
A summary of notable amendments to the federal Bank Act and Insurance Companies Act that Bill C-4 (CUSMA) will bring into force.
Read More
Feb 25, 2020
×
How Should AI be Regulated in Canada? Speak now, or forever hold your peace!
Many organizations recognize the potential benefits that artificial intelligence can bring to their business. Canadian regulations coming sooner than later.
Read More
Feb 24, 2020
×
2019 Year in Review: Privacy, Data Protection & Cybersecurity
Focusing our discussion on significant advancements, findings and key takeaways, we will present a “Year in Review” session that will cover many of the notable developments that occurred in 2019.
Feb 4, 2020
×
New Transparency Requirements: Private Companies in British Columbia Now Required to Collect and Disclose Shareholder Information
Amendments to British Columbia Business Corporations Act require all privately held companies to maintain transparency registers of all significant individuals.
Read More
Jan 31, 2020
×
New Year, New Laws? Canada Sets its Privacy Law Resolutions
A number of recent developments suggest that momentum for significant reform to Canadian privacy and data protection laws is building.
Read More
Jan 28, 2020
×
Keepin’ It “Real”: OPC Finds that PIPEDA Applies to Foreign-Incorporated Business
Keepin' It "Real": OPC Finds that PIPEDA Applies to Foreign-Incorporated Business
Read More
Jan 15, 2020
×
Under the Influence: The Canadian Competition Bureau’s Stand on Misleading Product Endorsements
The Competition Bureau has sent letters to advertisers and advertising agencies warning them to ensure that their Influencer advertising complies with the law.
Read More
Dec 30, 2019
×
Contact Information Posted on Websites Not Necessarily Up for Grabs
Investigation findings of the Office of the Privacy Commissioner highlight issues surrounding the use of personal contact information posted on websites
Read More
Dec 19, 2019
×
IIROC Introduces Mandatory Reporting of Cybersecurity Incidents for Dealers
On November 14, 2019, IIROC amended its Dealer Member Rules to require mandatory reporting by dealer members that suffer a cybersecurity incident or breach.
Read More
Dec 9, 2019
×
One-Year Anniversary of Mandatory Data Breach Reporting: Lessons the OPC Has Learned and What Businesses Need to Know
November 1st, 2018 marked a year since reporting data breaches became mandatory under the Personal Information Protection and Electronic Documents Act ("PIPEDA")
Read More
Nov 11, 2019
×
OPC Maintains Status Quo on Transborder Data Flows…At Least for Now!
Feedback from stakeholders regarding its consultation on transfers for processing and transborder data flows, Office of the Privacy Commissioner of Canada has decided to maintain the status quo.
Read More
Sep 23, 2019
×
Top of the Class: New Cybersecurity Program to Certify Privacy-Minded Businesses
The federal government has launched a new cybersecurity certification program aimed at helping small and medium-sized businesses protect against cyber threats.
Read More
Aug 14, 2019
×
Last Chance for Late National Phase Entry into Canada
It is official - Canada's new Patent Rules will come into force on October 30, 2019.
Read More
Aug 9, 2019
×
“Gonna stand my ground; And I won’t back down”¹ – The OPC charges forward with its controversial consultation on transborder dataflows/transfers for processing
On June 11, 2019, the Office of the Privacy Commissioner of Canada (“OPC”) published a reframed discussion document (the “Reframed Discussion”)
Read More
Jun 24, 2019
×
TOP TWELVE THINGS TO KNOW – New Canadian Trademarks Act June 17, 2019
On June 17, 2019 major changes to Canada’s Trademarks Act will come into force.
Read More
Jun 4, 2019
×
Proposed Digital Charter Could Bring Sweeping Changes to Canadian Privacy Laws
On May 21, 2019, the Canadian federal government released a proposed Digital Charter
Read More
May 23, 2019
×
Is Data Residency Coming to Canada? The OPC Signals a Major Change to its Policy Position on Transborder Dataflows
On April 9, 2019, the Office of the Privacy Commissioner of Canada (“OPC”) initiated a consultation on transborder dataflows under the Personal Information Protection and Electronic Documents Act (“PIPEDA”) (the “Consultation”).
Read More
Apr 15, 2019
×
Financial Institutions: OSFI’s Heightened Cyber Security Incident Reporting Obligations Now In Effect
OSFI published the Technology and Cyber Security Incident Reporting Advisory, which sets out OSFI's expectations for reporting technology and cyber security incidents.
Read More
Apr 8, 2019
×
OSFI Boots Up Cyber Safety with its New Advisory on Technology and Cyber Security Incident Reporting
On January 24, 2019, the Office of the Superintendent of Financial Institutions (“OSFI”) published the Technology and Cyber Security Incident Reporting Advisory (the “Advisory”), which sets out OSFI’s expectations for reporting technology and cyber security incidents.
Read More
Feb 6, 2019
×
The Privacy Commissioner’s Guide to Protecting Personal Information in Cannabis Transactions
The Office of the Privacy Commissioner of Canada recently released a guidance document for Canadian private sector cannabis retailers who collect personal information from their customers.
Read More
Jan 30, 2019
×
Consent Unnecessary to Disclose Credit File to Statistics Canada
A recent OPC investigation highlights the need to proceed with caution when asked to disclose personal information to a government institution.
Read More
Dec 30, 2018
×
What Can and Should the Law Do About ‘Deepfake’: An Update
This update looks at several additional causes of action and discusses how we can limit the deleterious social consequences of deepfake videos.
Read More
Dec 5, 2018
×
Will my Securities Investigation Evidence be Subject to FIPPA?
It is generally safe to assume that records given to government institutions will be subject to freedom of information/access to information legislation.
Read More
Nov 26, 2018
×
Privacy, Data Protection & Cybersecurity Seminar
McMillan is pleased to host its third annual Privacy, Data Protection & Cybersecurity Seminar in Toronto.
Details
November 13, 2018 - 8:30 am to 12:15 pm
×
Is your Privilege Protected? Ontario Court Revisits Doctrine of “Implied Waiver of Privilege” in Recent Decision
Recent case law from Ontario confirms that a party seeking to rely on parts of privileged document cannot simultaneously claim privilege over the same document.
Read More
Aug 23, 2018
×
A $250,000 Reminder that “CASL” is Not Just an Anti-Spam Law
July, 2018, the CRTC announced it took enforcement action against Datablocks and Sunlight Media - the first time action is taken under Canada's "Anti-Spam Law"
Read More
Jul 16, 2018
×
PIPEDA’s Breach Reporting Requirements Finalized, to Come Into Force November 1, 2018
Personal information where it is reasonable in the circumstances to believe that the breach creates a "real risk of significant harm"[1] to affected individuals
Read More
May 15, 2018
×
Recent Privacy Concerns Call for Increased Transparency and Control
In the midst of the Cambridge Analytica data scandal, businesses should consider whether their data handling practices are consistent with user expectations
Read More
Apr 26, 2018
×
Practicing Safe Text: Drafting Tips from the Stormy Daniels NDA
Stormy Daniels launches complaint asking a California court to find the NDA invalid and confirm she was free to speak publicly about an alleged 2006 sexual affair with Mr. Trump
Read More
Mar 22, 2018
×
If Online Reputation is Everything, Who Wants a Do-Over?
The Office of the Privacy Commissioner of Canada recently released a draft policy position regarding the protection of online reputation.
Read More
Mar 16, 2018
×
BC Court of Appeal Rules Absolute Privilege Precludes Claim for Breach of Privacy
The British Columbia Court of Appeal rules that absolute privilege precludes claim for breach of privacy.
Read More
Mar 8, 2018
×
Canadian Anti-Spam Law: What you still need to know about CASL
Join the discussion where legal and industry leaders will provide the latest updates on CASL and how organizations are rising to the compliance challenge.
Details
November 30, 2017 - 3:30 pm to 5:00 pm
×
McMillan’s Second Annual Privacy, Cybersecurity and Data Protection Seminar
Members of McMillan’s Privacy, Cybersecurity, Data Protection groups will be discussing, for the second year running, how client and in-house counsel can educate their firms on how to navigate through privacy in the workplace, cyber security risks and data protection issues on Tuesday Nov 14, 2017.
Details
November 14, 2017
×
Prying Eyes: Risk of Employee ‘Snooping’ and How to Reduce it
Prying Eyes: Risk of Employee ‘Snooping' and How to Reduce it
Read More
Nov 7, 2017
×
CSA Provides Guidance to Registrants on Cyber Security and Social Media
CSA Provides Guidance to Registrants on Cyber Security and Social Media
Read More
Nov 1, 2017
×
Cybersecurity – The Legal Landscape in Canada
Cybersecurity – The Legal Landscape in Canada
Read More
Oct 25, 2017
×
McMillan’s Employment & Labour Relations Group Seminar
Please join us for a practical and in-depth discussion aimed at HR professionals, in-house counsel and operations managers, who want to prepare and better understand how Bill1 48 will impact their business.
Details
September 28, 2017
×
Sneak Peek at PIPEDA’s Breach Reporting Requirements – Proposed Regulations Released for Comment
Sneak Peek at PIPEDA's Breach Reporting Requirements - Proposed Regulations Released for Comment
Read More
Sep 8, 2017
×
Server Location Not Definitive in Determining Jurisdiction Over Foreign Defendant
Server Location Not Definitive in Determining Jurisdiction Over Foreign Defendant
Read More
Aug 31, 2017
×
Cybercrime Insurance Coverage Caselaw: Welcome to Canada?
Cybercrime Insurance Coverage Caselaw: Welcome to Canada?
Read More
Aug 21, 2017
×
Supreme Court of Canada Turns the Other Cheek: Facebook’s “Terms and Conditions” – Forum Selection Clause Unenforceable
Supreme Court of Canada Turns the Other Cheek: Facebook's "Terms and Conditions" – Forum Selection Clause Unenforceable
Read More
Jun 29, 2017
×
Taking CASL by Storm: Compliance Tips for Investment Fund Managers
Taking CASL by Storm: Compliance Tips for Investment Fund Managers
Read More
Jun 15, 2017
×
CASL Private Right of Action Delayed; Enforcement by CRTC Continues
CASL Private Right of Action Delayed; Enforcement by CRTC Continues
Read More
Jun 7, 2017
×
Know your Obligations: Workplace Privacy in BC
Know your Obligations: Workplace Privacy in BC
Read More
Jun 6, 2017
×
Data protection in the field of employment in Canada
Employee personal information handled by an organization is far greater than the personal information collected by the organization about customers and third parties
Read More
Jun 6, 2017
×
The tides are changing for cyber regulation, and you may need to take action in order to stay afloat
The tides are changing for cyber regulation, and you may need to take action in order to stay afloat
Read More
Apr 5, 2017
×
Are Canadian Businesses Ready For a Cyber Attack?
Are Canadian Businesses Ready For a Cyber Attack?
Read More
Apr 3, 2017
×
We’ve Overpaid, Now What? OLRB Confirms Employers’ Obligations in Addressing Pension Overpayments
We've Overpaid, Now What? OLRB Confirms Employers' Obligations in Addressing Pension Overpayments
Read More
Mar 3, 2017
×
Are You Ready for CASL’s Private Right of Action?
Are You Ready for CASL's Private Right of Action?
Read More
Jan 30, 2017
×
CSA Provides Cybersecurity Risk Disclosure Guidance and Best Practices for Reporting Issuers
CSA Provides Cybersecurity Risk Disclosure Guidance and Best Practices for Reporting Issuers
Read More
Jan 6, 2017
×
The Cybersecurity Implications of Driverless Cars
The Cybersecurity Implications of Driverless Cars
Read More
Dec 14, 2016
×
Privilege wins out over Document Production Requests, Orders and FOI Legislation – SCC Confirms Status of Solicitor-Client Privilege and Litigation Privilege
Privilege wins out over Document Production Requests, Orders and FOI Legislation - SCC Confirms Status of Solicitor-Client Privilege and Litigation Privilege
Read More
Nov 30, 2016
×
McMillan Cybersecurity Article Series
Cybersecurity and cyber risk are growing areas of concern for businesses, governments and individuals.
Read More
Nov 8, 2016
×
“Going Dark” – No Easy Answers on the Cybersecurity Horizon
"Going Dark" – No Easy Answers on the Cybersecurity Horizon
Read More
Nov 8, 2016
×
Privacy, Data Protection and Cybersecurity Seminar
As organizations are increasing their investment in data safeguards, McMillan’s Privacy Group would like to help our clients understand their core privacy, data protection and cybersecurity obligations and related legal issues.
Details
November 3, 2016 - 7:30 am to 12:30 pm EST
×
2016 Annual Employment and Labour Seminar
McMillan's Labour and Employment Group invites you to join us at our annual employment and labour seminar.
Details
8:00 AM - 11:30 AM
×
CSA Publish Update on Cybersecurity for Market Participants
CSA Publish Update on Cybersecurity for Market Participants
Read More
Oct 6, 2016
×
International Data Transfers to and from Canada
International Data Transfers to and from Canada
Read More
Sep 20, 2016
×
The GDPR – Key Points for Canadian Businesses
The GDPR – Key Points for Canadian Businesses
Read More
Aug 5, 2016
×
It’s Time for Your Company’s Cyber-health Check-up
It's Time for Your Company's Cyber-health Check-up
Read More
Jul 12, 2016
×
Privacy Alert: Proliferation of Access Requests as New Tools Automate Request Generation and Distribution
Privacy Alert: Proliferation of Access Requests as New Tools Automate Request Generation and Distribution
Read More
Jun 23, 2016
×
Mitigating Cyber Risk and Cybersecurity Insurance
Mitigating Cyber Risk and Cybersecurity Insurance
Read More
May 3, 2016
×
Safeguarding Data Transfers of Federally Regulated Entities: Within Canada and Beyond
Safeguarding Data Transfers of Federally Regulated Entities: Within Canada and Beyond
Read More
Apr 26, 2016
×
Privacy and Cybersecurity Issues in Canadian M&A Transactions
Privacy and Cybersecurity Issues in Canadian M&A Transactions
Read More
Apr 4, 2016
×
Decrypting the iPhone – Everybody’s Got Something to Hide, Except Me and My Monkey
Decrypting the iPhone - Everybodys Got Something to Hide, Except Me and My Monkey
Read More
Mar 10, 2016
×
Introducing Safe Harbour 2.0: the EU-US Privacy Shield
Introducing Safe Harbour 2.0: the EU-US Privacy Shield
Read More
Feb 16, 2016
×
The Privacy Commissioner’s Annual Report on the Privacy Act
The Privacy Commissioners Annual Report on the Privacy Act
Read More
Feb 3, 2016
×
Can you keep a secret? The courts recognize a new tort for public disclosure of private facts
Can you keep a secret? The courts recognize a new tort for public disclosure of private facts
Read More
Feb 1, 2016
×
Bring Your Own Device (“BYOD”) Programs: Strategic Considerations to Reconcile Security and Privacy Issues
A Bring Your Own Device program permits employees to use their own personal electronic devices for both business and personal purposes.
Read More
Nov 10, 2015
×
Developments in cyber-risk insurance coverage
Developments in cyber-risk insurance coverage
Read More
Oct 27, 2015
×
Cyber risk insurance: driving the risk management process
Insurers and other insurance professionals have traditionally been well positioned to drive improvements in risk management processes.
Read More
Oct 20, 2015
×
Cyber risk insurance: driving the risk management process
Cyber risk insurance: driving the risk management process
Read More
Oct 20, 2015
×
Safe Harbour Not Safe Enough: Data Transfers From E.U. To U.S. Out To Sea
Safe Harbour Not Safe Enough: Data Transfers From E.U. To U.S. Out To Sea
Read More
Oct 17, 2015
×
Ashley Madison – A new era in privacy class actions for Canada?
Ashley Madison – A new era in privacy class actions for Canada?
Read More
Oct 2, 2015
×
Security Breach Implicating Personal Information: Which Injuries are Compensable?
Security Breach Implicating Personal Information: Which Injuries are Compensable?
Read More
Sep 15, 2015
×
Shining Light in Dark Places: GPEN Sweep Targets Children’s Mobile Applications and Websites
Shining Light in Dark Places: GPEN Sweep Targets Children's Mobile Applications and Websites
Read More
Sep 13, 2015
×
Health Privacy Revisited – Upcoming Changes to Ontario’s Health Privacy Laws
Health Privacy Revisited – Upcoming Changes to Ontario's Health Privacy Laws
Read More
Aug 11, 2015
×
Online Behavioural Advertising: An Update for Advertisers, Ad Networks and Agencies
Online Behavioural Advertising: An Update for Advertisers, Ad Networks and Agencies
Read More
Aug 10, 2015
×
McMillan Privacy Basics Bulletin Series
McMillan Privacy Basics Bulletin Series
Read More
Jul 17, 2015
×
Flag on the Play? Recent Disclosure of NFL Player’s Medical Information Sparks Allegations of Privacy Violations
Flag on the Play? Recent Disclosure of NFL Player's Medical Information Sparks Allegations of Privacy Violations
Read More
Jul 17, 2015
×
More Changes to Cyber Security Laws on the Horizon?
More Changes to Cyber Security Laws on the Horizon?
Read More
Jul 15, 2015
×
Bell Gets a Bad Rap for its RAP (Relevant Advertising Program)
Bell Gets a Bad Rap for its RAP (Relevant Advertising Program)
Read More
Jun 2, 2015
×
Monitoring the Mayor – B.C. Mayor alleges that computer monitoring violated his privacy
Monitoring the Mayor – B.C. Mayor alleges that computer monitoring violated his privacy
Read More
May 21, 2015
×
CRTC Imposes $1.1 Million Penalty for Alleged CASL Violation
CRTC Imposes $1.1 Million Penalty for Alleged CASL Violation
Read More
Mar 7, 2015
×
Green Eggs And Spam: The Surprising Side Dish to Canada’s Anti-Spam Law that May Catch Software Businesses Off Guard
Green Eggs And Spam: The Surprising Side Dish to Canadas Anti-Spam Law that May Catch Software Businesses off Guard
Read More
Dec 2, 2014
×
Canadian Telcos and Banks Subject to the Quebec Privacy Law
Canadian Telcos and Banks Subject to the Quebec Privacy Law
Read More
Oct 31, 2014
×
Limited Protection of Dependents’ Personal Information in Group Insurance Matters
Limited Protection of Dependents Personal Information in Group Insurance Matters
Read More
Aug 15, 2014
×
Key Differences between US and Canadian Anti-Spam Laws
Key Differences between US and Canadian Anti-Spam Laws
Read More
Apr 14, 2014
×
Top Ten Things You Need to Know About Canada’s Anti-spam Law
Top Ten Things You Need to Know About Canada's Anti-spam Law
Read More
Jan 13, 2014
×
CASL update #3 – computer download rules – potential impact for online advertisers
CASL update #3 – computer download rules – potential impact for online advertisers
Read More
Jun 25, 2013
×
Subscribe for updates
Get updates delivered right to your inbox. You can unsubscribe at any time.
Our website uses cookies that are necessary for site navigation, user input, and security purposes. By continuing to use our website, you are agreeing to our use of cookies as described in our Cookie Policy.
Manage consent
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.