With security breaches regularly affecting millions (or even billions) of people, effective security breach disclosure rules are an essential part of a modern privacy law framework. It may surprise many to learn that Canada still does not have mandatory security breach disclosure rules that require companies to notify affected individuals in effect. Rules were passed in 2015, but the accompanying regulations were puzzlingly slow to emerge. The government finally released proposed regulations late in the summer with a consultation that closed earlier this week. My submission, which focused on implementation, content of notices, and proposed “indirect” notification, is posted below.
Archive for October 4th, 2017

Law Bytes
Episode 161: Canadian Chamber of Commerce President Perrin Beatty on Why the Government’s Bill C-18 Motion Establishes a Dangerous, Undemocratic Precedent
byMichael Geist

March 20, 2023
Michael Geist
March 13, 2023
Michael Geist
March 6, 2023
Michael Geist
February 27, 2023
Michael Geist
Search Results placeholder
Recent Posts
Competition in Canada Takes Another Hit: Government Gives Go Ahead for Rogers – Shaw Merger
The Dongle Budget: What Prioritizing a Common Cell Phone Charging Port Says About Canadian Digital Policy
The Latest Bill C-11 Debate: Sacrificing Freedom of Expression for Quebec Culture Lobby Support
The Law Bytes Podcast, Episode 161: Canadian Chamber of Commerce President Perrin Beatty on Why the Government’s Bill C-18 Motion Establishes a Dangerous, Undemocratic Precedent
The Biden Visit to Canada: Why Digital Policy is Emerging as a Serious Trade Tension