snIP/ITs Insights on Canadian Technology and Intellectual Property Law

Tag Archives: compliance

European Banking Authority Publishes Draft Recommendations for Cloud Computing

Posted in Fintech, Regulatory Compliance

In March 2017, the European Commission (EC) issued a public consultation document on Fintech. Cloud computing is a major area covered by the EC request for comment and requires delicate balancing between innovation and risk minimization. On one hand, cloud is an easily scalable and cost effective way for financial institutions to manage their data storage and processing.  However, cloud also presents major banks with increased cybersecurity and compliance risk.  The topic of cloud is particularly relevant because certain Fintech enterprises may not be subject to the same regulatory constraints as major financial institutions.

The European Banking Authority (EBA) published … Continue Reading

CRTC CASL Compliance and Enforcement Update

Posted in Anti-Spam, Regulatory Compliance

On February 10, 2016, Lynne Perrault and Dana-Lynn Wood of the CRTC provided the latest in what is becoming a series of CASL briefings, which the presenters described as part of an “on-going dialogue” with industry. The CRTC now has a year and a half of enforcement experience under its belt for the Commercial Electronic Messages (CEMs) provisions of CASL, so this presentation focused on patterns and issues that have emerged in that period, and some guidance in response to those issues.  However, the presenters took some pains to note that the guidance offered was not intended to be prescriptive … Continue Reading

The Fintech Frontier: Insights from Money20/20

Posted in M&A/Finance, Regulatory Compliance

We recently had the pleasure of attending the Money20/20 fintech conference in Las Vegas. It was an immersive and incredibly informative event, featuring speakers and thought leaders from many of the major U.S. and Canadian financial institutions, fintech innovators, major retailers, e-commerce and social media platforms and investors. Money20/20 is described as the largest global event focused on payments and financial services innovation for connected commerce at the intersection of mobile, retail, marketing services, data and technology.… Continue Reading

Lapse of Alberta PIPA Thwarted

Posted in Privacy

In my blog dated October 17, 2014, titled, “Impending Lapse of PIPA Creates Uncertainty”, I explored the consequences of PIPA being struck had the Alberta government failed to amend PIPA to comply with the Canadian Charter of Rights and Freedom (the “Charter”) and meet the November 15, 2014 deadline.

Since my October 17, 2014 blog, I have had the opportunity to meet Jill Clayton, the Alberta Information and Privacy Commissioner. In my discussion with Jill Clayton, she advised me that, on October 31, 2014, the Alberta government was granted a 6 month extension to amend PIPA and ensure compliance. … Continue Reading

Notice and notice regime under C-11 coming into force

Posted in Copyright, Privacy

The Government announced today that the notice and notice regime established under C-11 is coming into force. The delay in bringing these provisions into force was a consultations on possible regulations that the regime permitted. The Government announced that the provisions are coming into force without regulations.

The regime permits copyright owners to send notices to internet service providers and other internet intermediaries claiming infringement of copyright. The notices must be passed on by these service providers to their users. Because there are no regulations, the notices must be processed and passed on by the internet intermediaries without any fees … Continue Reading

Big Data – Big Problem? The FTC Recommends the US Congress Reign in Data Brokers

Posted in Privacy

Big Data is the term used to describe the enormous datasets that are beyond the ability of most software to process. Statistical analysis of these giant data sets can allow the holder to predict baseball outcomes (think Moneyball), pregnancy  and, apparently, the stock market.

These enormous data sets however, are made up of data pertaining to individuals and the data brokers who amass these data sets have been less than forthcoming about the personal information they hold, raising privacy concerns.

This is the conclusion of a U.S. Federal Trade Commission (“FTC”) report last week which found “data brokers … Continue Reading

Compliance with CAN-SPAM Does Not Equal Compliance with CASL

Posted in Anti-Spam

We are approximately a month away from the effective date of Canada’s Anti-Spam Legislation (CASL), July 1, 2014.  CASL is widely considered to be among the toughest anti-spam legislation in the world and will have significant implications for businesses.  All commercial electronic messages sent (i) by any person within Canada, or (ii) by any person outside of Canada to a person within Canada are captured by CASL, meaning it applies to international senders who send commercial electronic messages to Canada.  Those who violate CASL could face significant fines and potential civil action.

We have received many questions related to the … Continue Reading

OIPC Cloud Computing Guidelines for BC Public Bodies

Posted in Contracting/Outsourcing, Privacy, Regulatory Compliance

Recently, the Office of the Information and Privacy Commissioner for British Columbia published cloud computing guidelines for public bodies in British Columbia. The purpose of the guidelines is to provide information to public bodies about how BC’s Freedom of Information and Protection of Privacy Act (BC FIPPA) applies to cloud computing.

What is Cloud Computing?

Cloud computing is an increasingly popular on-demand service model for IT provision, often based on virtualization and distributed computing technologies. It typically involves the provision of web-based services, such as online file storage and applications, using hardware and software managed by the service provider. For

Continue Reading

Do Not Track – Recent Developments in the World of Online Behavioural Advertising

Posted in E-Commerce, Privacy

Last week was a big week for “Do Not Track” (DNT) developments:

  1. Google officially joined company with a coalition of big internet players for voluntary controls on Online Behavioural Advertising (OBA). The controls take the form of an industry spanning self-regulatory program, backed by the Digital Advertising Alliance (DAA), that aims to provide a consistent and clear approach to OBA. The Council of Better Business Bureaus (CBBB) and the Direct Marketing Association (DMA) have agreed to monitor participants and enforce compliance.
  2. Google announced that it will add support for DNT to its Chrome browser by the end of the
Continue Reading