Guidance
New CASL Ruling: CRTC Provides Guidance on B2B Messaging and the Due Diligence Defence
On October 19, 2017, the Canadian Radio-television and Telecommunications Commission (CRTC) issued two key decisions in a contested enforcement proceeding brought by Compu.Finder. These recent decisions stem from an earlier CRTC enforcement proceeding against Compu.Finder, which resulted in the first administrative monetary penalty (AMP) issued under Canada’s anti-spam legislation (commonly…
Read More »The 5 Stages of CASL Compliance
Understanding the law is a good start. Knowing what consent you are claiming, being fully compliant when sending messages and respecting individual’s right to chose – these are all solid foundations for a CASL compliant program. It is NOT CRTC’s place to tell you what to do in order to…
Read More »PIPEDA: Guidelines for obtaining meaningful consent
Overview Meaningful consent is an essential element of Canadian private sector privacy legislation. Under privacy laws, organizations are generally required to obtain meaningful consent for the collection, use and disclosure of personal information. However, advances in technology and the use of lengthy, legalistic privacy policies have too often served to…
Read More »GDPR: What is Personal Data?
Due to the many enquires we receive regarding clarity around what is personal data under the GDPR, we captured this from the document: ICO: Guide to the General Data Protection Regulation (GDPR), August 2, 2018What is personal data?At a glanceUnderstanding whether you are processing personal data is critical to understanding whether the…
Read More »Freedom and democracy cannot exist without privacy
On this international Data Privacy Day, and after a year of severe abuses, it is worth reflecting on why it is essential to protect privacy. Privacy is often cast as an abstract or undervalued concept associated with a desire to keep secret certain aspects of our activities or our…
Read More »The Canadian Centre for Cyber Security Releases Baseline Controls
The Canadian government’s Canadian Centre for Cyber Security (“CCCS”) has released Baseline cybersecurity controls for small and medium organizations in an effort to help small and medium-sized businesses improve their cybersecurity practices and their overall resiliency to cybersecurity threats. Small and medium-sized businesses face a range of cyber threats in the form…
Read More »GDPR: Anonymisation and pseudonymisation
European Citizens have a fundamental right to privacy, it is important for organisations which process personal data to be cognisant of this right. When carried out effectively, anonymisation and pseudonymisation can be used to protect the privacy rights of individual data subjects and allow organisations to balance this right to…
Read More »
Schrems II Judgment Day
The Court of Justice of the European Union (“CJEU“) issued its judgment today in …
