With security breaches regularly affecting millions (or even billions) of people, effective security breach disclosure rules are an essential part of a modern privacy law framework. It may surprise many to learn that Canada still does not have mandatory security breach disclosure rules that require companies to notify affected individuals in effect. Rules were passed in 2015, but the accompanying regulations were puzzlingly slow to emerge. The government finally released proposed regulations late in the summer with a consultation that closed earlier this week. My submission, which focused on implementation, content of notices, and proposed “indirect” notification, is posted below.
Archive for October 4th, 2017
Recent Posts
Grocery Shopping While Jewish 
Privacy Lost: How the Government Deleted Bill C-11’s Key Privacy Principle Just Two Months After Passing it Into Law 
Out of Nowhere: TIFF Undermines Artistic Freedom of Expression With Forced Name Change of October 7th Documentary 
TIFF Removes October 7th Documentary Film From Schedule Citing Implausible Copyright Clearance Concerns From Hamas Terror Footage 
Carney’s Digital Recalibration: How the Government is Trending Away from Justin Trudeau’s Digital Policy
