On September 2, 2017, the Government of Canada published the proposed Breach of Security Safeguards Regulations (“Regulations”). The proposed Regulations provide additional clarity and substance to the mandatory requirements for breaches of security safeguards which were added to Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) in June 2015 but have yet to be declared into force. The Government of Canada will be accepting comments on the proposed Regulations until October 2, 2017.
The new breach notification requirements will add significant financial and administrative burdens for organizations handling personal information regulated by PIPEDA, including organizations located outside of Canada which collect, use or disclose personal information about Canadian individuals.
This morning, the Supreme Court of Canada released its decision in Royal Bank of Canada v. Trang, 2016 SCC 50 (Trang), overturning the reasoning of two decisions of the Ontario Court of Appeal. In the SCC’s view, thePersonal Information Protection and Electronic Documents Act, S.C. 2000 c. 5 (“PIPEDA”) does not preclude a mortgagee from producing a mortgage discharge statement to a judgment creditor. The unanimous decision, written by Justice Côté, concluded that such disclosure was in accordance with an order made by a court or, alternatively, that the mortgagors had provided implied consent.
Two recent articles have highlighted a novel privacy issue regarding the legal implications of wearable technologies in Major League Baseball (MLB). Rian Watt first addressed the issue for Vice Sports, and Associate Professor Nathaniel Grow followed up with a post on Fangraphs about the American implications of MLB franchises collecting biometric data about their players. However, given that the Toronto Blue Jays operate in Canada, a perspective on this from north of the border is warranted.