First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Privacy Compliance and Management

COVID-19: key issues every organization should consider

Competition law

The COVID-19 pandemic raises critical and unprecedented issues for all organizations. How an enterprise responds to these challenges will influence how it fares through the crisis and its positioning for recovery afterwards. We believe that the issues below warrant special attention by senior management and directors.

 

, , , , , , , , ,

COVID-19 – Managing privacy and cyber issues

Privacy laws require that personal information is at all times protected by appropriate security safeguards, and this requirement will continue to apply in connection with COVID-19 work-from-home arrangements

 

, , , , , ,

Consumer directed finance: Open banking in Canada

On January 31, 2020, Canada’s Advisory Committee on Open Banking (the Committee) released its report, “Consumer-directed finance: the future of financial services” (the Report), moving Canada towards the next phase in its process of implementing open banking legislation.

 

, , , , , , ,

Advisory committee on open banking releases report on consumer-directed finance

On January 31, 2020, the Advisory Committee on Open Banking (the “Committee”) issued its first report (the “Report”) in connection with the Department of Finance Canada’s (“Finance Canada”) consultation process on open banking.

 

, , , ,

Privacy Commissioner of Canada argues for rights-based privacy laws in annual report

In this note, we focus on one aspect of the Report: the Commissioner’s argument that federal privacy laws should explicitly recognize privacy as a human right and give greater priority to individual privacy rights.

 

, , , , , , , , ,

Understanding the differences between GDPR, CCPA, and PIPEDA – a guide for Canadian businesses

Gone are days of unregulated and untethered data gathering. With the rolling out of the California Consumer Privacy Act, Canadian businesses are now finding themselves navigating a sea awash with a patchwork of extraterritorial legislation

 

, , , , , ,

Barker v. IPC: Weighing the public interest in freedom of information requests

Ontario’s freedom of information laws permit an institution to publicly disclose sensitive personal information if there is a “compelling public interest” that outweighs the individual’s privacy. But is this balancing analysis undertaken for each tidbit of personal information, or is the public interest provision considered with a view to the totality of the records?

 

, , , ,

Mandatory cybersecurity incident reporting for IIROC investment firms

In November 2019, the Investment Industry Regulatory Organization of Canada released new mandatory reporting requirements for cybersecurity incidents, per IIROC Notice 19-0194. What are the new requirements?

 

, , , , , ,

2019 brings guidance on cyber in Canada

This year has seen a number of interesting developments in Canadian cyber security. While the first wave of data breach cases slowly work their way through the court system, guidance for Canadian businesses has come from many other sources, including the federal government and regulators.

 

, , , , ,

Competition Tribunal confirms business justification is the paramount consideration in an abuse of dominance case

Competition law

On October 17, 2019, the Competition Tribunal (Tribunal) rendered its decision in CT-2016-015 Commissioner of Competition v. Vancouver Airport Authority (Decision) [PDF], dismissing the Commissioner of Competition’s (Commissioner) application.

 

, , , ,

Not-for-profits should leverage information technology, safely

Not-for-profits have numerous opportunities to leverage information technology (IT), from social media to cloud computing and beyond.

 

, , , , , , , ,

Amazing insights on cyber

A couple of recent pieces shed some light, some amazing light, on how cyber-related risk is perceived by executives and the board.

 

, , , , , ,

When copyright in a work transfers to the Crown: Keatley v. Teranet

When does copyright transfer to the Crown under the Copyright Act? The Supreme Court clarified this in a landmark ruling released earlier today in Keatley Surveying Ltd. v. Teranet Inc., 2019 SCC 43, authoritatively interpreting Section 12 of the Act.

 

, , , , , , , , , ,

The rising tide of global whistleblower regulations

The whistleblowing landscape has changed substantially over the past few years. High profile cases have spurred new whistleblower protection regulations across the globe.

 

, , , , , ,

Allegations and investigations

What we should all note from the news is that a failure to perform an appropriate investigation is a serious source of risk to any organization.

 

, , , , , ,

Previous Posts