It’s fair to say that new breach-reporting requirements represent a sea change in how many organizations will manage their unauthorized disclosures of personal information.
As the use of AI proliferates and as the systems themselves become more autonomous, the risk that they will cause harm to property or individuals naturally increases. It is now unclear how and if the existing Canadian legal framework will apply to damages or losses resulting from AI use or operation.
A recent decision of the Federal Court has confirmed that, under its existing legislation, the Canadian Security Intelligence Service cannot obtain warrants to collect information or intelligence if the requested warrant has extraterritorial effect.
On July 11, the Canadian Radio-television and Telecommunications Commission issued its first notices of violation to two Canadian companies that allegedly contravened the installation of computer program prohibitions under Canada's anti-spam legislation.
On May 24, Canada’s federal privacy regulator, the Office of the Privacy Commissioner, released a critical interpretation document intended to guide how companies subject to the federal private sector privacy act, the Personal Information Protection and Electronic Documents Act, will be allowed to collect, use and disclose personal information, as viewed from the perspective of the reasonable person.
Artificial intelligence and the Internet of Things are hot subjects (and buzzwords) for lawyers in 2018. Beyond the hype, however, lies a plethora of legal and business issues.
You could well be excused for not noticing the recent passage of the U.S. Clarifying Lawful Overseas Use of Data Act on March 23, 2018. Better known by its catchy acronym, the Cloud Act, the law was tacked on to the 2,232-page, US$1.3-trillion omnibus budget bill one day ahead of its vote and was signed into law by President Donald Trump without the benefit of the usual congressional scrutiny, hearings or significant public debate.
Whether because of nostalgia, a desire to save costs, ignorance, concerns of business interruption or sheer laziness, there have been countless stories in the press demonstrating that companies and individuals continue to use outdated versions of various critical software programs, including those that connect to the internet.
A recent decision from the Office of the Privacy Commissioner of Canada has provided some useful guidance in connection with minimum security standards required for Internet of Things/web-connected devices, particularly those that collect personal information and data from children.
Well, it’s awards season again. With the Golden Globes just passed and the Oscars to come, I present to you my nominations for the most egregious practices that I have observed in technology vendors’ statements of work in 2017.