In 2008, the Internet Assigned Numbers Authority (“IANA”), the nonprofit organization overseeing global IP address allocation, began the process of creating and auctioning new top-level domains. Since then, the Internet Corporation for Assigned Names and Numbers (“ICANN”), has confirmed a number of new ‘generic’ top level domains (“gTLD”), including two new “community-based gTLDs” for the financial services community, <.bank> and <.insurance>. “Community-based gTLDs” are top level domain names that are restricted to a specific community. fTLD Registry Services, LLC (“fTLD”), an organization founded and operated by a consortium of banks and insurance companies and their trade associations, was granted the right to operate <.bank>, on September 25, 2014, and <.insurance> on February 19, 2015. Continue Reading
Industry Canada has sponsored proposed amendments to the Patented Medicines (Notice of Compliance) Regulations (the “PM(NOC) Regulations”) that broadens the eligibility to list patents on the Patent Register. These amendments are a direct response to the “perfect match” doctrine recently endorsed by Canadian courts. They reaffirm Health Canada’s long-standing practice regarding patent listing. In so doing, Industry Canada is seeking to restore the balance between innovators and their generic competitors as intended by the PM(NOC) Regulations. Continue Reading
The Federal Court of Appeal has affirmed the stringent product specificity requirements for listing a patent against a drug for purposes of the PM(NOC) Regulations in its recent decision in ViiV Healthcare ULC et al. v. Teva Canada Limited et al., 2015 FCA 93.
In this proceeding, Teva and Apotex brought motions under the PM(NOC) Regulations arguing that a patent listed against ViiV’s KIVEXA drug was not eligible for purposes of paragraph 4(2)(a) of the Regulations. KIVEXA is a combination drug that contains two medicinal ingredients. The patent at issue explicitly claims one of these ingredients. Continue Reading
The relevance of expert evidence in establishing indirect infringement of a pharmaceutical in Canada has been questioned. It is unclear what “facts” a product monograph is to contain that will amount to “instructions” to infringe a patent or how a party is to prove that such “facts” amount to “instructions” or how those “instructions” would be understood. What is clear is that “speculation” will not suffice.
On March 26, 2015, the Federal Court released its decision in Bayer Inc. v. Pharmaceutical Partners of Canada Inc., 2015 FC 388, granting PPC’s motion to strike portions of an application brought by Bayer under the PM(NOC) Regulations. PPC is seeking regulatory approval for a generic version of Bayer’s antibiotic AVELOX® (moxifloxacin hydrochloride intravenous solution for injection). In this proceeding under the PM(NOC) Regulations, Bayer asserts Canadian Patent No. 2,378,424 (the ‘424 Patent), which claims a formulation of moxifloxacin hydrochloride and sodium chloride. PPC alleges non-infringement. Bayer delivered two expert reports in the main proceeding and relied on their evidence to support an argument for indirect infringement (i.e., inducement) based on PPC’s product monograph.
Relying only on this evidence, PPC brought and won a summary dismissal motion under ss. 6(5) of the Regulations. Prothonotary Lafrenière heard the motion and explains in his reasons that dismissal pursuant to ss. 6(5)(b) is an extraordinary remedy that is only granted if the application is “clearly futile” or it is “plain and obvious” that it has no chance of success. Such was his finding on this motion. Continue Reading
As part of its 2015 Q1 Security Threat Report, the network security firm Cloudmark has released an empirical analysis of email traffic in Canada, following the coming-into-force of Canada’s anti-spam law (informally known as “CASL”). The results show that CASL has had a measurable effect on email in Canada, but the effect may not be what the government intended.
Average monthly email volumes received by Cloudmark customers in Canada declined by 29%, but the percentage of received email that Cloudmark assessed as “spam” actually increased, albeit by an insignificant amount (from 16.5% to 16.6%). In other words, the proportionate impact of the legislation for Canadian recipients has been as high or higher on “legitimate” traffic as it has been on true “spam”.
The implication appears to be that some Canadian organizations are abandoning email as a public communication platform instead of attempting to comply with CASL’s stringent consent and content requirements and facing the risk of substantial penalties for non-compliance. [For reference, see previous posts on CASL compliance issues here, here, here, here, and here.] One might wonder whether that was the outcome hoped for, from a law which states its purpose as being to promote the legitimate use of electronic means to carry out commercial activity.
CASL does seem to be having a greater impact on Canadian spam aimed at other countries. Cloudmark’s data indicates that outbound international spam traffic declined by 37%. The report does not suggest any reason for the disproportionate impact on foreign traffic.
In reasons dated February 26, 2015, Justice Barnes dismissed Janssen’s application for an order prohibiting the Minister of Health from issuing a Notice of Compliance to Teva for the compound bortezomib until the expiry of Canadian Letters Patent 2,203,936 (the ‘936 Patent). The ‘936 Patent relates to bortezomib and its use to treat cancer.
The fatal finding for the ‘936 Patent was its characterization by the Court as a selection patent. Justice Barnes held that bortezomib falls within a genus of compounds claimed by an earlier patent, all of which are said to be highly potent in the treatment of cancer. He explained that although a compound falling within a previously claimed genus may be reclaimed as a valid selection, it must not have been made previously and must possess a special property of an unexpected character from those comprising the genus. Continue Reading
On March 24, the BC Freedom of Information and Privacy Association (FIPA) released a report titled, “The Connected Car: Who Is In the Driver’s Seat” (the “Report”). The 123-page Report describes the increasing use of digital features and services in today’s automobiles and, among other things, recommends that the federal government enact data protection regulations aimed specifically at the auto sector. The Report is authored principally by Phillippa Lawson, formerly the Executive Director of the Canadian Internet Policy and Public Interest Clinic.
There is more and more software being used in vehicles, and there are a growing number of digital services available to owners of cars and trucks, often provided by companies not affiliated with the original equipment manufacturer (OEM) of the vehicle. This trend towards enhanced digitization in the auto sector is not new, and we at McCarthy Tétrault have chronicled it as well, most recently in a comprehensive paper titled: “The Networked Automobile and Legal Liability” (for a copy of this paper, please email us at email@example.com).
Both our paper and the Report discuss the use of in-vehicle digital technologies to support telematics, infotainment services, on-board system and engine monitoring, and other features and services that bring owners of vehicles great benefits. However, these digital trends raise issues with respect to data management and consumer privacy. These concerns are highlighted in the Report, which recommends, as does our paper, that organizations active in the auto sector must, as a consequence of these emerging technologies and as a function of good corporate practice, regularly review their privacy policies to ensure they reflect these new technologies and are compliant with Canadian privacy law.
The Report recommends that OEMs and others in the auto industry establish a Privacy Management Program within their respective organizations that addresses privacy compliance in a meaningful and systematic way. This is all good, common sense, and industries throughout the Canadian economy have been doing this since Canada’s federal privacy law (PIPEDA) came into force in 2000. We wholeheartedly agree with this recommendation of the Report, and have been working with industry players for years in helping to craft, implement and periodically review privacy practices and procedures.
However, the Report seriously overreaches when it recommends that the federal government enact data-protection regulations under PIPEDA, aimed specifically at the auto sector. There are many reasons why industry specific regulation under PIPEDA is a very bad idea.
Before turning to some of those reasons, it should be noted there are serious flaws in the Report that presumably lead it to make this misguided recommendation for industry sector privacy regulation. For example, the Report’s description of Canada’s current privacy laws is not evenhanded and balanced.
As well, and most importantly, in order to make its case in favour of a separate regulatory regime under PIPEDA for the auto sector, the Report analyzes a so-called Automakers Pledge, which is a privacy code established by the US automakers for use in the US. A reader of the Report is led to believe that this Pledge is intended for use in Canada, when it is not.
We are of the view that auto sector specific privacy legislation – indeed any sector specific privacy legislation – is a bad idea, in large part because of the compelling rationale of having a single federal privacy law that is applied uniformally and equally across all provinces and all industries and communities to ensure that everyone is subject to the same rules. This is particularly relevant when considering digital, and especially networked technologies, because the inexorable trend, and consumer demand, is seamless connectivity across a multitude of services and devices, with the result that we increasingly do not have “sectors” any more in our business landscape or in our personal environments. Put another way, the economy’s sectors and consumer practices now overlap through a broad and constantly evolving range of networked connections and services – attempting to regulate that space on a sector or industry basis with overlapping, potentially conflicting standards would create a web of confusion, unnecessarily frustrate business, and likely all without achieving the desired benefit of greater protection for consumers.
For example, the owner of a vehicle may be using an infotainment system operated by a digital music company; the car’s GPS system is supplied by an electronics company; the owner’s telephone contacts and in-home security system sync to and are accessible through the vehicle; the vehicle’s telematic system is installed on behalf of an insurance company; etc. The overwhelming technology trend is to have convergence of all types of service providers on all digital platforms, whether on your phone, or laptop, or, increasingly, your car.
As a result, industry specific privacy legislation makes no sense and would simply create an incredibly complex environment with no appreciable benefit.
Rather, the benefit of our current PIPEDA is that (with some exceptions) it applies to everyone and all businesses, regardless of their digital activity. Thus, you get consistency of regulation, and a common, workable privacy law framework for all organizations.
Presumably, if FIPA is successful convincing the federal government on the merits of auto sector specific privacy laws, then other sectors will be next. The Report itself admits that the same digital, network connectivity trends impacting the auto sector are being experienced by the economy generally. If auto specific rules are enacted, we anticipate a similar process will be proposed for the banks, the telcos, the retailers, etc.
Therefore, not only automakers – but all business and other organizations – should be very concerned about how the Report is received in Ottawa and by provincial privacy regulators.
McCarthy Tétrault has just launched its twelfth blog, CyberLex, at http://www.canadiancybersecuritylaw.com. This blog discusses trends and developments in cybersecurity, privacy and data protection law in Canada and internationally; offers practical suggestions and insights on how these issues affect companies in a wide variety of industries; and provides guidance on how to address various challenges and opportunities created by technology and legislative developments.
Please visit the blog!
Canada’s Anti-Spam Legislation (“CASL”) came into force on July 1, 2014, creating new requirements for sending commercial electronic messages (“CEM”). A non-compliant business risks having “administrative monetary penalties” (or “AMPs,”, which are essentially fines) levied against it by the CRTC. However, until recently, there has been no guidance on how aggressively CASL would be enforced, the scope of Notices of Violations, or how AMPs would be determined, and the scope of such. Businesses were stuck in a murky regulatory regime.
With the recent $48,000 AMP imposed on PlentyOfFish, as part of an undertaking entered into between the company and the CRTC, the water is becoming clearer. Continue Reading
The ‘Safari workaround’ has cost Google millions. In 2012, it paid a civil penalty of US$22.5 million to settle charges brought by the US FTC that Google misrepresented to users of the Safari browser that it would not place tracking cookies or serve targeted advertisements to those users. In 2013 it paid US$17 million to settle US state consumer-based actions brought by State AGs.
Google was also sued over the Safari workaround in the UK by individuals claiming that Google was liable for the tort of misuse of private information and for breach of the UK Data Protection Act 1998 (the DPA). Google tried to deny the plaintiffs their day in court, arguing, among other things, the court should not bother with the claims because they were not serious enough and because the damages claimed by the three claimants were too insignificant for the court to take the time to address it. Continue Reading