With security breaches regularly affecting millions (or even billions) of people, effective security breach disclosure rules are an essential part of a modern privacy law framework. It may surprise many to learn that Canada still does not have mandatory security breach disclosure rules that require companies to notify affected individuals in effect. Rules were passed in 2015, but the accompanying regulations were puzzlingly slow to emerge. The government finally released proposed regulations late in the summer with a consultation that closed earlier this week. My submission, which focused on implementation, content of notices, and proposed “indirect” notification, is posted below.
Archive for October 4th, 2017
Law Bytes
Episode 196: Vibert Jack on the Supreme Court's Landmark Bykovets Internet Privacy Ruling
byMichael Geist
March 18, 2024
Michael Geist
March 11, 2024
Michael Geist
February 26, 2024
Michael Geist
February 12, 2024
Michael Geist
Search Results placeholder
Recent Posts
- The Law Bytes Podcast, Episode 196: Vibert Jack on the Supreme Court’s Landmark Bykovets Internet Privacy Ruling
- Better Laws, Not Bans: Why a TikTok Ban is a Bad Idea
- Government Gaslighting Again?: Unpacking the Uncomfortable Reality of the Online Harms Act
- The Law Bytes Podcast, Episode 195: Vivek Krishnamurthy on What You Need to Know About the Online Harms Act
- Taking Action Against Antisemitic Hate: When Content Moderation, Self-Regulation, and Legislation Fail