An ambitious overhaul of Quebec’s privacy law would introduce new privacy rights, new accountability and governance requirements, new obligations, and hefty monetary penalties.
The majority of European and American firms are not yet ready to comply with the European Union’s General Data Protection Regulation (GDPR), reveals a recent report.
You can still download the application if you want. But if you believe what Kyle Zak has to say about it, it’s not something you would do. Not unless you don’t mind the trade-off between ease-of-use and the reams of information you will allegedly provide to the popular audio maker Bose Corp.
The lawsuit filed by Zak against Bose is the latest to allege companies of surreptitiously tracking consumers, without their consent, to collect data and then to either solicit more business or sell it to third parties.
Early this year Ottawa-based sex toy maker We-Vibe settled a privacy lawsuit for $5 million after a line of its vibrators were found to have secretly collected and transmitted “highly sensitive information” about consumers without their knowledge or consent.
A month after the parent company of the controversial adult dating website Ashley Madison settled a complaint with the U.S. Federal Trade Commission and state charges over the 2015 data breach that exposed the personal data of more than 36 million users and highlighted the site’s unfair and deceptive practices, the firm is now trying to thwart 20 class actions against it by invoking online arbitration agreements the plaintiffs signed when they subscribed to its matchmaking services.
Just before the Christmas holidays, Toronto-based Avid Life Media Inc. (ALM) agreed to pay US$1.6 million and implement a comprehensive data-security program, including third-party assessments, to settle claims by the FTC who worked in collaboration with 13 U.S. states. According to the FTC complaint, until August 2014, operators of the site “lured” customers, including 19 million Americans, with fake profiles of women designed to convert them into paid members.
The consent model, the cornerstone behind the federal legislation that governs how private sector organizations may collect, use or disclose personal information in the course of commercial activities, is under the microscope after the Office of the Privacy Commissioner of Canada (OPC) published a consultation paper that examines its viability in today’s digital information ecosystem.
But privacy experts are skeptical that the consultation will lead to any tangible actions in the future. They point to the Digital Privacy Act, which received royal assent more than a year ago, yet is still not in force because the federal government has yet to complete the drafting of data breach notification and reporting regulations.
A call by Canada’s privacy watchdog to the life and health insurance industry to voluntarily refrain from requesting clients for access to existing genetic test results is going to be ignored, setting the stage for a divisive debate over access and the use of such personal information.
After consulting stakeholders, commissioning research papers, and holding roundtables in the area of genomics and privacy, the Office of the Privacy Commissioner of Canada issued an eight-page policy statement asking the health and life insurance industry to extend their decade-long voluntary ban against asking applicants or existing policy holders to undergo genetic testing. More controversially, the OPC is also asking the industry to extend the moratorium to applicants who have already taken genetic tests. But the OPC’s policy statement is not definitive. Recognizing that the state of medical technology is changing rapidly, it admits that its position should be reviewed periodically.
“The thing that really jumped at me is that the OPC’s finding is preliminary, qualified, and based on its own research,” noted privacy lawyer Daniel Michaluk.
Governments are under growing pressure to remove barriers to accessing its public records, and some are embracing the open data movement.
A Quebecer who filmed and took pictures of sexual escapades with a 20-year old woman and then distributed it on the Internet was ordered to pay $39,000 in damages. In a brief four-page ruling, Quebec Superior Court Judge Sylviane Borenstein held that the man breached her fundamental rights by intentionally and illicitly invading her privacy, and that his conduct cannot be tolerated or trivialized by the courts. “The actions were ignoble and the Court expresses its indignation over these actions. One can understand that the woman, who is only 20 years old, feels betrayed and humiliated,” said Justice Borenstein in J.G. c. M.B., 2009 QCCS 2765 The Court issued a publication order that forbids media from identifying the parties in order not to aggravate the harm she has suffered. Judge Borenstein barred the man from communicating, distributing, publishing, reproducing, or transmitting pictures, e-mails or videos of the filmed events as well as prohibited him from reaching her in any way. Further, the Court prohibited him from having in his possession photographs and videos of the …
Corporate lawyers pay little heed to privacy rights in bankruptcy and insolvency proceedings.