A recent decision from the Office of the Privacy Commissioner of Canada has provided some useful guidance in connection with minimum security standards required for Internet of Things/web-connected devices, particularly those that collect personal information and data from children.
Well, it’s awards season again. With the Golden Globes just passed and the Oscars to come, I present to you my nominations for the most egregious practices that I have observed in technology vendors’ statements of work in 2017.
Recently, the freshly minted Cyber Unit of the United States Securities and Exchange Commission showed its teeth when it obtained an emergency court order to stop an allegedly fraudulent Initial Coin Offering involving a Quebec-based company, PlexCorps, its founder Dominic Lacroix and his partner, Sabrina Paradis-Royer.
As autonomous car technology advances, privacy concerns relating to these vehicles are also growing given that these cars will be capable of recording a tremendous amount of data about (and from) their users and the environment around them.
Ramsomware is not new — it has been around since the early 1990s — but what is new is the increasing threat posed by the efficiencies of a cloud-based delivery system known as ransomware as a service.
It’s been a long wait. More than two years have passed since Ottawa amended Canada’s federal private sector privacy law, the Personal Information Protection and Electronic Documents Act, by enacting Bill S-4, the Digital Privacy Act, to establish mandatory data breach reporting requirements. Yet, ss. 10.1 through 10.3, the provisions outlining the obligations for breach reporting and notification, still are not in force pending the creation of necessary regulations.
In a decisive victory for privacy rights and a clear rejection of broad anti-terrorism legislation, the Court of Justice of the European Union on July 26 quashed the pending agreement between Canada and the European Union on the transfer and processing of passenger name record data as providing insufficient protection and inadequate safeguards for Europeans.
July 17, 2017|Web exclusive
As a technology lawyer, I am often asked by clients to review the statements of work that accompany the technology contract that I have drafted.
June 19, 2017|Web exclusive
Sometimes even when you do things right, things can go horribly wrong.
This was never more true than in the recent Ontario case of Business Development Bank of Canada v. Experian Canada Inc. where the Business Development Bank learned the hard way that even the most well-run procurement process cannot prevent fraud.
May 15, 2017|Web exclusive
Sellers of circumvention devices beware!
On March 1, the Federal Court of Canada awarded Nintendo of America Inc. $12,760,000 in damages for copyright infringement and the circumvention of technological protection measures, or TPMs.