This year was a tremendously active year for Fintech in Canada and internationally, and 2017 promises to be even more so. In the Fall of 2016, we co-authored a comprehensive report together with the Digital Finance Institute, “FinTech in Canada: British Columbia Edition” on the state of the Canadian Fintech ecosystem, highlighting a number of the then-current industry and regulatory developments. As we head into 2017, we provide a brief summary of some of last year’s Fintech regulatory developments in Canada and globally, and some developments to watch for in the upcoming year.… Continue Reading
On December 6, 2016, Bill 47 – Protecting Rewards Points Act (the “Act”), amending Ontario’s Consumer Protection Act, 2002 (the “CPA”), received Royal Assent. The Act was first introduced on October 20 as a private member’s bill.
The primary effect – and stated purpose – of the Act is to prohibit the expiry of rewards points under consumer agreement due to the passage of time. Any provision to the contrary in any consumer agreement will be rendered void, with retroactive effect to October 1, 2016, such that all points purporting to expire after October 1, 2016, will need to be … Continue Reading
In December 2015, over 50 WTO members, including Canada, gathered at the Nairobi Ministerial Conference, and agreed to the expansion of the Information Technology Agreement (ITA), a WTO agreement that aims to eliminate tariffs on IT products. The ITA was originally concluded by 29 participants in 1996. It now has over 82 participants, representing around 97 per cent of world trade in IT products.
On July 1, 2016, the expanded ITA finally came into effect, eliminating tariffs on 201 tech and information-related products valued at over $1.3 trillion per year. An expansion of the agreement was necessary given recent … Continue Reading
On June 1st, 2016, the new Regulation respecting contracting by public bodies in the field of information technologies (the “Regulation”), which now allows Quebec public bodies greater flexibility to negotiate complex Information Technologies (“IT”) service agreements, came into force . It supplements the Act respecting contracting by public bodies (the “Act” which establishes the legal framework for contracting with public bodies in Québec, including among others the Québec government and its departments, certain Crown corporations, universities, hospitals, towns and municipalities. It applies to contracts and sub-contracts of a value of $1M or above.
The coming into force … Continue Reading
In response to the U.S. Department of the Treasury’s (“Treasury”) July 20, 2015 request for information on online marketplace lending (the “RFI”), Treasury issued its white paper on marketplace lending “Opportunities and Challenges in Online Marketplace Lending” (the “White Paper”) on May 10, 2016. The White Paper outlines the risks and potential of this emerging form of credit, makes specific policy recommendations and identifies certain trends for future monitoring.
The White Paper defines marketplace lending as financial services that use “investment capital and data-driven online platforms to lend either directly or indirectly … Continue Reading
The Competition Bureau announced on May 19, 2016 that it will launch a market study focused on how innovation in the fintech sector is impacting consumers and businesses, with the results intended to be published in the spring of 2017, seeking to determine whether there is a need for “regulatory reform to promote greater competition while maintaining consumer confidence in the sector.”
The announcement cites a report indicating that Canada appears to be lagging other countries in adoption of fintech as one of the reasons for deciding to study the financial services industry.… Continue Reading
We recently attended the 18th Biennial National Conference: New Developments in Communications Law and Policy, a national symposium of the Law Society of Upper Canada and the Entertainment Media and Communications Law section of the Canadian Bar Association. This conference is always a stimulating and fascinating opportunity to share thoughts with colleagues in the Canadian communications sector. This year’s event was no exception.… Continue Reading
On March 31, 2016, the Competition Bureau (Bureau) released revised Intellectual Property Enforcement Guidelines (IPEGs). These IPEGs reflect incremental changes to the draft version released for consultation last year. Most notably the new IPEGs provide further guidance on (i) pharmaceutical patent litigation settlements, (ii) product switching (also known as “product hopping”), (iii) collaborative standard setting and standard essential patents, and (iv) patent assertion entities.… Continue Reading
On March 24, 2016, the Canadian Radio-television and Telecommunications Commission (“CRTC”) signed a memorandum of understanding (“MOU”) with the United States Federal Trade Commission. This MOU is an effort by Canada and the United States to work together on anti-spam enforcement measures, and expressly refers to unsolicited telecommunications, unsolicited commercial electronic messages (spam), and other unlawful electronic threats (e.g., malware and botnets).… Continue Reading
On February 10, 2016, Lynne Perrault and Dana-Lynn Wood of the CRTC provided the latest in what is becoming a series of CASL briefings, which the presenters described as part of an “on-going dialogue” with industry. The CRTC now has a year and a half of enforcement experience under its belt for the Commercial Electronic Messages (CEMs) provisions of CASL, so this presentation focused on patterns and issues that have emerged in that period, and some guidance in response to those issues. However, the presenters took some pains to note that the guidance offered was not intended to be prescriptive … Continue Reading
Throughout 2015, the Online Trust Alliance (“OTA”) (a U.S.-based non-profit organization which originated in 2005 as an informal industry working group drawn largely from the technology and marketing communities) has been working on a so-called “Trust Framework” for the Internet of Things. An earlier post covered the release of the first discussion draft in August.
Although this draft is described as “pre-release”, the OTA’s consultation process for the framework appears to be over now. … Continue Reading
We recently had the pleasure of attending the Money20/20 fintech conference in Las Vegas. It was an immersive and incredibly informative event, featuring speakers and thought leaders from many of the major U.S. and Canadian financial institutions, fintech innovators, major retailers, e-commerce and social media platforms and investors. Money20/20 is described as the largest global event focused on payments and financial services innovation for connected commerce at the intersection of mobile, retail, marketing services, data and technology.… Continue Reading
European Union member states have a new net neutrality framework that will allow service providers to offer specialized services – such as improved internet quality for IPTV – where the upgrades do not impact general Internet quality for other end-users.
On October 27 the European Parliament passed a new electronic communications Regulation, with a view to protecting net neutrality. Broadly speaking, net neutrality is the principle that all Internet traffic should be treated equally regardless of content or volume. The European Parliament adopted a Regulation laying down measures concerning open access. The new Regulation also amends Directive 2002/22/EC on universal … Continue Reading
On October 6, 2015, the Court of Justice of the European Union (“CJEU”) declared that the US-EU Safe Harbour framework is invalid, striking it down in the highly anticipated case of Schrems v. Data Protection Commissioner. The decision is effective immediately, with far-reaching and widespread implications for entities with multinational data flows.
Since EU data protection laws purport to apply to the processing of personal data regardless of whether the individuals affected are EU citizens or not, or are physically present in the EU or not, the potential impacts of this decision go beyond those organizations with … Continue Reading
Many businesses have harnessed cloud computing to improve the way they manage and deliver computing resources. The benefits of cloud computing include cost effectiveness, scalability and accessibility. However, since cloud computing services are provided through a shared pool of computing resources, which often includes the storage and processing of data in third-party data centres, the cloud computing model has inherent risks related to service uptime, records retention, and data privacy and security. Lawyers should approach cloud computing with caution because of these risks, the highly confidential information they hold on behalf of their clients, and their professional responsibilities.
This … Continue Reading
By some estimates, there were more than 2 wireless networked devices for every person on the planet in 2014. The multiplier is expected to reach 5 by the year 2020.
This explosive proliferation of networked technology offers remarkable opportunities, but also inspires concern that the connected future may result in ubiquitous, inescapable, surveillance of every aspect of our lives. Legislators and regulators around the world are grappling with the implications of this technology for the ability to protect personal privacy interests and the practical problems of applying legal regimes originally developed in a very different era.
Against this backdrop, … Continue Reading
Companies in early and growth stages often need significant funding to achieve their business goals but can have difficulties finding potential investors. Until recently, Canadian regulatory rules prohibited companies in Canada from raising financing by issuing shares and other securities to the general public unless they either (i) filed a qualifying prospectus; or (ii) relied on an exemption from the requirement to file a prospectus under securities laws, which limited the pool of potential investors to people such as friends & family, business associates and accredited investors.
Recently, certain Canadian Securities Administrators introduced a new prospectus exemption, known as the … Continue Reading
In March of 2014, the Minister of Finance tasked the Standing Senate Committee on Banking, Trade and Commerce to examine the use of digital currencies. The Committee pursued an extensive fact-finding mission in Canada and in the United States, speaking with, amongst others, representatives from regulatory bodies, financial institutions, digital currency interest groups, law enforcement, and universities. The long-anticipated, 64-page report was published this month with a clear message: while there are steps to take to address the risks digital currencies could pose in money laundering, terrorist financing, and tax evasion, the federal government should tread carefully in developing regulations … Continue Reading
Earlier this month, the U.S. Securities and Exchange Commission (“SEC”) and the Financial Industry Regulatory Authority (“FINRA”) each released reports addressing cybersecurity. FINRA’s report targeted its broker-dealer members, and the SEC’s report targeted broker-dealers and investment advisers, but the twin reports provide a roadmap to cybersecurity for financial market participants generally, both in the US and Canada.
There can be no doubt that cybersecurity is top-of-mind for those regulating the Canadian financial market. For example, the Canadian Securities Administrators recently published CSA Staff Notice 11-326 – Cyber Security in which it stated “[s]trong and tailored cyber security measures are an … Continue Reading
Last month, in a bombshell decision, the European Union’s Court of Justice (“CJEU”) demanded that Google “forget” certain items. The demand resulted from a CJEU decision that individuals have a right to request that a search engine remove certain webpage links from the search results of a search including the individual’s name. The ruling is, for all intents and purposes, final.
In short, the CJEU decided that Google Inc. is subject to the EU Data Protection Directive 94/46 (“Direction”), even though its servers were located outside the EU. As a result, Google was a data processor and data controller within … Continue Reading
On May 30, 2014, the Supreme Court of British Columbia rendered a judgment certifying a class action against Facebook Inc. (“Facebook”). In Douez v. Facebook Inc., the plaintiff alleges that Facebook used the names or portraits of Facebook users without their consent in advertisements called Sponsored Stories in breach of section 3(2) of the British Columbia’s Privacy Act which creates a statutory tort. This case, in a pre-certification stage, also dealt with the question of whether a court should decline its jurisdiction in presence of a forum selection clause or pursuant to the forum non … Continue Reading
The CRTC just released a new FAQ on CASL, replacing the old one that it released in December 2013 (“December FAQ”). Those hoping the CRTC would take this opportunity to clarify some of the more vexing aspects of CASL and the accompanying Guidelines will be disappointed, as the new FAQ largely incorporates and reiterates material found in the Guidelines and the Regulatory Impact Assessment Statement.
While there are few new tidbits, in some key respects the new FAQ only further muddies the waters. Below are some select issues.… Continue Reading
Canadian organizations with control over personal information should be aware of the privacy vulnerabilities of Heartbleed and their related legal obligations. Below, we have summarized: (1) the risks of Heartbleed; (2) the notification obligations of organizations that have experienced a privacy breach; (3) amendments to those obligations, as proposed by the federal government; and (4) recommendations to protect your organization from privacy breaches and legal liability.
Heartbleed is a serious security vulnerability that exists in certain versions of the OpenSSL software. OpenSSL is an open source software module created to implement certain cryptographic functions and provide various utility functions. … Continue Reading
For any business seeking to sell its products or offer its services in the Province of Québec, the carrying out of such activities and the way in which such businesses operate generally are profoundly affected by the enduring linguistic restrictions imposed by the Québec Charter of the French Language (the “Charter”). Adopted by the Québec National Assembly in 1977, the Charter’s stated objective is to safeguard the quality and influence of the French language in both the workplace and as the language of commerce. In the area of business and commerce, the Charter requires that business names, … Continue Reading