The federal government s planned private sector privacy law reforms, promised to give Canadians more control over how companies handle their personal information online, need to be amended or privacy protections will take a step back, according to Federal Privacy Commissioner Daniel Therrien.
Infosec experts say CISOs must add multifactor authentication for logins to better protect their organizations against credentials theft.
But there’s also another reason. As of Jan. 1, many North American cyber insurers have a new rule: Without MFA organizations won’t get coverage.
That was one of the messages that came out of a panel on cyber insurance and cyber law at the Vancouver International Privacy and Cybersecurity Summit, which started Wednesday.
Derek May, a Vancouver-based account executive and cyber specialist at HUB International Insurance Brokers, said insurers are tired of paying claims for data breaches and have toughened their requirements for coverage.
Privacy trends to watch in 2021: Canada modernizes its private-sector privacy laws | Dentons jdsupra.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from jdsupra.com Daily Mail and Mail on Sunday newspapers.
To print this article, all you need is to be registered or login on Mondaq.com.
In a previous life, I sat in on a data governance meeting as a
consultant. During the conversation, the team was discussing an
automated decision-making process where one of the pieces of
information collected was an individual s age. Where an
individual was under a certain age, they were disqualified and
pre-screened out of using a product. Then, one of the team members
spoke up and raised a concern about using this automated decision
factor, and even whether we should collect this information at all.
[co-author: Tawanna Lee]
On November 17, 2020, the Canadian Minister of Innovation, Science and Industry introduced Bill C-11, the Digital Charter Implementation Act, which proposes a new privacy law called the Consumer Privacy Protection Act (CPPA). The CPPA would overhaul Canadian privacy law and heighten the privacy obligations for businesses, including U.S.-based business, that are engaged in commercial activity in Canada and collect, use, or disclose the personal information of individuals in Canada. Canadian government officials estimate 18 months for the CPPA to make its way through committee and become law. While there may be changes to the proposed legislation as it works its way through committee, businesses with Canadian-based customers will need to carefully assess their privacy compliance programs to account for proposed changes in the law.