At What Point Does the Failure of an Organization’s Security Safeguards Amount to Recklessness?

The tort of intrusion upon seclusion, as set out by the Ontario Court of Appeal in Jones v Tsige, requires the defendant’s conduct to be intentional, or, at a minimum, reckless. The question is: at what point does the failure of an organization’s security safeguards amount to recklessness? This was the question addressed by the Ontario Superior Court of Justice in the recent case, Wilson-Flewelling v Queensway Carleton Hospital, 2019 CanLII 65155 (ON SCSM) (“Queensway Carleton Hospital”).

The facts

The court heard that the Plaintiff, Ms. Wilson-Flewelling, had attended the defendant hospital (“Hospital”) to book a surgical procedure, that the Hospital’s medical office administrator had left a completed surgical booking package in the Hospital’s dedicated, locked drop box, and that the Plaintiff had unexpectedly received the package in the mail a week later.

Read More

Privacy Commissioner Issues Notice of Consultation on Artificial Intelligence

The Office of the Privacy Commissioner of Canada (“OPC“) has released a Consultation Paper on artificial intelligence (“AI“), saying that it is of the opinion that “responsible innovation involving AI systems must take place in a regulatory environment that respects fundamental rights and creates the conditions for trust in the digital economy to flourish. “

The OPC intends to examine AI in the context of the legislative reform policy analysis as it relates specifically to the Personal Information Protection and Electronic Documents Act (“PIPEDA“). The OPC is clear that it has concerns about AI, stating:

“In our view, AI presents fundamental challenges to all PIPEDA principles and we have identified several areas where the Act could be enhanced.”

Read More

Canadian Competition Bureau Calls on Businesses to Provide Information on Anti-competitive Conduct in the Digital Economy

Like regulatory agencies everywhere, Canada’s Competition Bureau (the “Bureau”) is grappling with the fast-changing digital economy and its implications for competition and innovation. The development of new technologies, their rapid uptake by business, and the deployment of new data-driven business models has left regulators – chiefly privacy and competition regulators – examining whether these new types of business models now pose regulatory threats not previously appreciated.

On May 22, 2019 the federal government unveiled a Digital Charter with 10 principles by which the government proposes Canada should adapt to an economy characterized by artificial intelligence and data-driven products and services.

Read More

The Limits of Data Localization Laws: Trade, Investment, and Data

On the 8th and 9th of June, 2019, the G20 Ministerial Meeting on Trade and Digital Economy took place in Tskuba, Japan. In a Ministerial Statement released after the meeting, the Ministers reaffirmed their commitments to transborder data flows noting that it generates higher productivity, greater innovation, and improved sustainable development, while acknowledging certain challenges related to “privacy, data protection, intellectual property rights, and security”.

Indeed, with the increasing importance of data in everything from cloud computing, the internet of things and big data analytics, the free flow of data is essential to unlocking the full potential of global e-commerce and modern business in data driven economy.

Read More

Privacy Commissioner Withdraws Transborder Consultation, Suggests Proactive Audits

On May 22, 2019, the Office of the Privacy Commissioner of Canada (“OPC”) held its annual forum in Toronto, Ontario. Federal Commissioner Daniel Therrien headed the annual forum along with his provincial counterparts Jill Clayton, the Information and Privacy Commissioner of Alberta, and Michael McEvoy, the Information and Privacy Commissioner of British Columbia.

The forum provides the OPC with an opportunity to update practitioners and stakeholders on current and upcoming privacy matters as well provides an opportunity to discuss and share perspectives. Not surprisingly, the topic of transborder data flows dominated the discussion. Here are three key takeaways from the forum.

Read More

New “Digital Charter” Hints at Data Portability, Digital Identity, and Penalties

The federal government announced a new “digital charter” today, emphasizing Canadians’ control over their own personal information and hinting at a “strong enforcement” regime aimed at global internet companies that violate privacy laws.

The digital charter does not have the power of law, but is rather “set of principles that all government policy and legislation will be measured against.” There is no time left in the current federal government’s mandate to reform existing privacy laws and the charter is a halfway measure, signalling to Canadians, and to social media and internet companies especially, that change is coming and what that change might look like.

Read More

Canada Announces Advisory Council on Artificial Intelligence

On May 14, 2019, the Government of Canada announced the creation of its Advisory Council on Artificial Intelligence (“Council”). The objectives of the Council include creating more jobs for Canadians, supporting entrepreneurs, and improving Canada’s global position in artificial intelligence (“AI“) research and development.

The Council will consider and identify: (i) innovative approaches to build on Canada’s current AI strengths and to further develop AI; (ii) opportunities for economic growth in Canada; and (iii) other opportunities in the AI sector that will benefit Canadians.

The Council will also establish working groups, including a working group with respect to commercializing value from Canadian-owned AI and data analytics.

Read More