On November 1, 2018, mandatory breach reporting rules under the Personal Information Protection and Electronic Documents Act (PIPEDA) came into effect (reported by the E-TIPS® Newsletter here). Since then, the Office of the Privacy Commissioner of Canada (OPC) has received over 680 breach reports affecting more than 28 million Canadians.
The OPC assessed its first year of mandatory breach reporting under PIPEDA in a blog post on its website. In those first 12 months, the OPC received 680 breach reports, an increase of six times the number of breach reports received by the OPC from voluntary disclosure. With respect to the reported breaches, the OPC noted the following trends:
The OPC’s full assessment of its first year of mandatory breach reporting can be found here.
Summary By: Jae S. Morris
Disclaimer: This Newsletter is intended to provide readers with general information on legal developments in the areas of e-commerce, information technology and intellectual property. It is not intended to be a complete statement of the law, nor is it intended to provide legal advice. No person should act or rely upon the information contained in this newsletter without seeking legal advice.
E-TIPS is a registered trade-mark of Deeth Williams Wall LLP.