Over the last two decades, British Columbia’s courts have consistently held that there is no common law tort for breach of privacy (or intrusion upon seclusion) in British Columbia because of the similar statutory cause of action under the Privacy Act, R.S.B.C. 1996, c. 373.
This year has seen a number of interesting developments in Canadian cyber security. While the first wave of data breach cases slowly work their way through the court system, guidance for Canadian businesses has come from many other sources, including the federal government and regulators.
On October 31, 2019, the Office of the Privacy Commissioner of Canada shared what has been learned and what businesses need to know with respect to mandatory data breach reporting under Canada’s federal private sector privacy law, the Personal Information Protection and Electronic Documents Act (PIPEDA).