Canada's Privacy Breach Notification Requirements Coming into Force
Canada’s Privacy Breach Notification Requirements Coming into Force
The provisions of Canada’s Digital Privacy Act dealing with privacy breach notification and breach record keeping (the “Provisions”) will come into force on November 1, 2018. Once in force, these Provisions will constitute a major change to Canada’s privacy law. For unknown reasons, the federal government made this announcement without fanfare or even a government press release.
The Digital Privacy Act was enacted in 2015, but the Provisions remained in limbo, not having been brought into force with the balance of the statute.
Summary of Provisions
In summary, the Provisions address several subjects:
Breach Notification
- Each organization will be required to report to the Privacy Commissioner of Canada any breach of security safeguards involving personal information under its control, if it is reasonable in the circumstances to believe the breach creates a real risk of significant harm to an individual.
- If this same test is met and unless otherwise prohibited by law, an organization will be required to notify an individual of any breach of security safeguards involving the individual’s personal information under the organization’s control.
- If an individual must be given such notice, the organization will also have to notify any other organization or government of the breach if the notifying organization believes the other organization or government may be able to reduce the risk of harm that could result from the breach or mitigate that harm.
- The form and content of such notices are to be prescribed in future regulations.
- These notifications must be given as soon as feasible after the organization determines the breach has occurred. The Canadian statute does not name a specific timeline, unlike the new European privacy regulation due to come into effect in May 2018.
Breach Record Keeping
- An organization will be required to keep and maintain a record of every breach of security safeguards involving personal information under its control, in accordance with regulations to be released in the future. Importantly, a record of all such breaches of security safeguards involving personal information will have to be made, not only those where there is a real risk of significant harm to an individual.
Whistleblowing
- Enhanced whistleblowing provisions will apply.
Authors
Insights
-
Financial Services Regulatory
FINTRAC Advisory Concerning Financial Transactions Related to High-Risk Countries Identified by FATF
On March 20, 2023, the Financial Transactions and Reports Analysis Centre (FINTRAC) issued an advisory (the “Advisory”) concerning financial transactions related to countries identified by the… -
Technology
U.S. District Court Finds NBA Top Shot Moments may be Subject to U.S. Securities Laws
On May 12, 2021, a class action law suit was filed against Dapper Labs, Inc. in the U.S. District Court for the Southern District of New York (the “Court”) alleging that Dapper Labs violated U.S… -
Technology
Canadian Securities Administrators Announce Enhanced Pre-Registration Undertaking Requirements for Crypto Trading Platforms
Further to its December 12, 2022 announcement, the Canadian Securities Administrators (CSA) published Staff Notice 21-332 – Crypto Asset Trading Platforms: Pre-Registration Undertakings (“SN… -
Financial Services Regulatory
Non-Financial Institution Mortgage Lenders May Soon Become Subject to Anti-Money Laundering/Anti-Terrorist Financing Regime
Proposed amendments to certain regulations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) purport to subject non-financial institution mortgage lenders to the… -
Financial Services Regulatory
FINTRAC Publishes Terrorist Activity Financing Indicators for Suspicious Transactions
On December 15, the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) published an Operational Alert: Terrorist Activity Financing (the “Alert”). The Alert identifies terrorist… -
Banking and Financial Services
The Acquisition and Leveraged Finance Review 9th Edition - Canada Chapter
Jean Anderson, David Nadler, Carrie Smit, David Wiseman, Caroline Descours and Cathy Costa-Faria co-authored the Canada Chapter of The Law Reviews' Acquisition and Leveraged Finance Review 9th Edition…
Featured Work
-
Restructuring
Sherritt International Corporation Completes $90 Million Notes Purchase Transaction
Goodmans LLP represented Sherritt International Corporation in its $90 Million Notes Purchase Transaction Pursuant to Oversubscribed Offers… -
Banking and Financial Services
Argonaut Gold Inc. Announces Successful Completion of Magino Financing Package
Goodmans LLP represented Macquarie Bank Limited and a syndicate of lenders in connection with a financing provided to Argonaut Gold Inc. ("Argonaut… -
Banking and Financial Services
Colbeck Capital Management LLC US$70 Million Term Loan
Goodmans LLP acted for Colbeck Capital Management LLC (“Colbeck”) in connection with a US$70 million term loan to finance the acquisition and combination of Berlitz Corporation, ELS and The ILSC… -
Banking and Financial Services
Oxford and CPPIB Joint Sale of Royal Bank Plaza
Goodmans LLP acted for Oxford and CPPIB in connection with their joint sale of Royal Bank Plaza, an iconic, two-tower office plaza in the heart of downtown Toronto, to a Spanish investment firm… -
Mergers and Acquisitions
Amp Energy’s Innovative $350 Million Cross-Jurisdictional Credit Facility
Goodmans LLP acted for Amp Solar Group in connection with Amp Energy’s innovative $350 million cross-jurisdictional credit facility with a consortium of leading institutional investors including… -
Mergers and Acquisitions
Fiera Private Debt Construction, Acquisition and Term Loan Facility to BioNorth Energy
Goodmans acted as lead counsel to Fiera Private Debt on a construction, acquisition and term loan facility to BioNorth Energy to finance the acquisition of a 36.8 MW biomass-fired power generation…
News & Events
-
- 06:30 PM Financial Services Regulatory
Francesca Guolo at Joint Staff Notice 23-329 on Short Selling in Canada
On the 8th of December 2022, The Canadian Securities Administrators (CSA) and the Investment Industry Regulatory Organization of Canada (IIROC) published a Joint Staff Notice 23-329 on Short Selling… -
Banking and Financial Services
The Canadian Legal Lexpert Directory 2023 Continues to Recognize Goodmans
We are proud to announce we have once again been recognized in The Canadian Legal Lexpert Directory 2023.85 Goodmans lawyers have been recognized as top-tier in their fields and leaders across… -
Banking and Financial Services
Chambers and Partners Continues to Honour Goodmans with Global Recognition
We are proud to announce Goodmans LLP has once again received top tier recognition from Chambers and Partners in the Chambers Global 2023 Guide released today. Recognition from Chambers and…