CBA Members


CBA Privacy and Access Law Section

CBA Privacy and Access Law Section articles are published under the banner Privacy Pages. Members interested in posting articles are encouraged to send them to the Section at:


Privacy breach litigation: Understanding the consequences for your organization

  • July 04, 2017
  • Howard Simkevitz and Danielle Wolfenden

Most organizations in the Digital Age find themselves the custodians of an increasing amount of personal information and/or personal health information. At the same time, privacy breaches are on the rise, and there is a growing number of potential plaintiffs seeking to recoup damages through what is an evolving area of tort law. Not surprisingly, therefore, privacy has become a hot topic on many organizations’ risk management agendas.

Privacy and Access

Words truly matter

  • April 10, 2017
  • Gary Dickson

A recent investigation report issued by the Saskatchewan Information and Privacy Commissioner draws attention again to the sloppy use of terminology in health organization policies and procedures. The Investigation Report 269-2016 & 303-2016 underscores a recommendation made by that oversight office in an earlier report relating to reliance on the non-statutory term “circle-of care” when discussing the collection, use and disclosure of personal health information.

Privacy and Access

CSA guidance for the disclosure of cyber security risks and incidents

  • March 09, 2017
  • Roland Hung and Corinne Xu

Staff from the British Columbia Securities Commission, the Ontario Securities Commission, and the Autorité des marchés financiers recently reviewed disclosure documents provided by 240 issuers of the S&P/TSX Composite Index.

Privacy and Access

Intrusion upon seclusion: The camera in the boudoir

  • February 02, 2017
  • Roland Hung and Lucas Versteegh

On Dec. 9, 2016, the Ontario Superior Court of Justice released Patel v. Sheth, the latest in a series of cases sprouting from the 2012 recognition of a tort of intrusion upon seclusion in Jones v. Tsige.

Privacy and Access

Privacy enforcement over borders

  • November 29, 2016
  • Gary Dickson, Q.C.

It has long been apparent that, given the ease with which data moves over borders, privacy enforcement must contemplate enforcement action that goes beyond any single state’s borders. The office of the Privacy Commissioner of Canada has been an effective leader in promoting greater international cooperation.

Privacy and Access

Personal information in the sharing economy

  • November 21, 2016
  • Sujoy Chatterjee

Some of the largest figures in the sharing economy, such as Uber and Airbnb, have been in existence for close to a decade. Governments have been slow to regulate these industries, particularly with regard to privacy and data protection.

Privacy and Access

Lessons from privacy breach class action settlement in Canada

  • October 12, 2016
  • Roland Hung and Natasha Chin

Class actions are emerging as a potential venue for litigants to seek compensation for privacy breaches. The recent approval of a class action settlement in Lozanski v The Home Depot, Inc. by the Ontario Superior Court of Justice is notable as one of the few privacy breach class action settlements in Canada.

Privacy and Access

Is PIPEDA up to the challenge?

  • September 14, 2016
  • Sabrina Anzini, Anick Fortin-Cousens, Amanda Maltby, Suzanne Morin, Stephanie Rich, John Russo and Pamela Snively

In-house counsel together pose the question “is PIPEDA up to the challenge?” And, collectively, the authors of this article answer “yes.” Canada’s privacy legislation has strong bones and is able to grow with and adapt to changes in the way personal information is collected and used.

Privacy and Access