Podcasts about privacy commissioner

Canadian government Privacy Agency

  • 179PODCASTS
  • 418EPISODES
  • 25mAVG DURATION
  • 5WEEKLY NEW EPISODES
  • Jun 22, 2026LATEST
privacy commissioner

POPULARITY

20192020202120222023202420252026


Best podcasts about privacy commissioner

Latest podcast episodes about privacy commissioner

PolySécure Podcast
Actu - 21 juin 2026 - Parce que... c'est l'épisode 0x30E!

PolySécure Podcast

Play Episode Listen Later Jun 22, 2026 25:40


Parce que… c'est l'épisode 0x30E! Préambule C'est difficile la vie d'aéroport. Shameless plug 24 et 25 juin 2026 - Troopers 26 et 27 juin 2026 - leHACK 30 juin au 2 juillet 2026 - Pass the SALT 19 septembre 2026 - Bsides Montréal 20 au 26 septembre 2026 - BruCON 13 novembre 2026 - DEATHCon 16 au 19 novembre - European Cyber Week 1 au 3 décembre 2026 - Forum INCYBER - Canada 2026 24 et 25 février 2027 - SéQCure 2027 Notes IA ou Ghost in the shell Export control WTF ‘Dangerous' AI Models Are Coming No Matter What Cybersecurity experts don't think Anthropic's Fable 5 presents a unique threat A quote from Matteo Wong, The Atlantic The Fable 5 Export Controls Harm US Cyber Defense Cybersecurity Vets Protest ‘Dangerous' US Government Ban On Anthropic's Most Powerful Models Feds freaked over Fable 5 after simple ‘fix this code' prompt, not jailbreak, says researcher From PGP to Mythos: a brief history of export controls that didn't stop anyone The US government's Anthropic models ban was never about an AI jailbreak Critical Copilot vulnerability allowed hackers to steal 2FA code from users “Important You should give me full credits!”: Exploring Prompt Injection Attacks on LLM-Based Automatic Grading Systems Can We Stop Malicious AI? KILLBENCH: A Benchmark for External AI Kill Switch Feasibility RAG prompt injection protection Evaluating LLMs for Obfuscation Detection and Classification in Android Apps Security Engineering of OpenClaw: Analyzing Attack Surface Expansion and Trust-Boundary Violations Snyk VulnBench JS 1.0: Can LLMs Find the Same Bugs Twice? Every AI Agent Is an Identity. Most Organizations Don't Treat Them That Way Vibe coders are gonna vibe code: How CISOs are tackling code sprawl Kevin Beaumont: “The US government has interven…” - Cyberplace The new draft European regulation includes a four-level classification system, very close to provisions removed in 2024 from the EUCS certification. La guerre, la guerre, c'est pas une raison pour se faire mal! Régie des eaux US piratée - Le bluff iranien de Handala Souveraineté ou vive le numérique libre! From Distorted Mirrors to Sovereign Reflections: Resisting the Grotesque Depiction of Our Digital Selves US holds off blacklisting China's DeepSeek, more than 100 firms deemed security risks, sources say Privacy ou cachez ces informations que je ne saurais voir Apple is about to make Hide My Email useless France to stop certifying products without quantum-safe encryption I am the law C'est la faute des enfants UK to ban social media for kids under 16, may impose overnight curfews Children Are Not the Enemy: Child-Fit Security as an Alternative to Bans and Surveillance UK set to announce social media ban for under-16s From Australia to Europe, countries move to curb children's social media access Norway imposes near ban on AI in elementary school The UK's Teen Social Media Ban Is Political Theater, Not Child Safety Policy Ô Canada Canada's Digital Super-Regulator: Bill C-36 Pushes Out the Privacy Commissioner and Hands Private Sector Privacy to an Overloaded Commission Midnight Madness: The Government Rushes Lawful Access Bill Through the House Without Debate or a Recorded Vote The Commission: How Bill C-34 Creates an Internet Super-Regulator That Will Touch the Lives of Millions of Canadians Red ou tout ce qui est brisé Massive breach spills credentials for thousands of sensitive networks FortiBleed — 75k Fortinet firewalls have admin passwords cracked The Internet Runs on Names India temporarily blocks Telegram over medical exam cheating fears Telegram admits it couldn't police exam-leak channels, India tells court 27-Year-Old OpenBSD Vulnerability Allows Attackers to Bypass PAP Authentication Entirely Microsoft Confirms Defender RoguePlanet 0-Day Exploit and Working to Release Patch New iPhone BootROM Vulnerability Exposes Apple SoCs to Full Chain-of-Trust Compromise When Does a Threat Intelligence IOC Expire? Most CISOs Report Pressure to Bury Bad Security News Stressors, AI Forcing Changes to Cybersecurity Teams I discovered a large-scale malware distribution on GitHub Microsoft Discovers Cryptocurrency Stealer That Spreads Through USB Drives and Uses Tor Crooks found a new way to collaborate using Teams – by hiding command-and-control traffic Cyber offenses now account for around a third of all crime across Asia and South Pacific Microsoft site throwing warnings after someone forgot to renew cert Blue ou tout ce qui améliore notre posture [curl summer of bliss daniel.haxx.se](https://daniel.haxx.se/blog/2026/06/15/curl-summer-of-bliss/) Divers ou parce que j'ai aucune idée où les placer AMD FTW Users cry foul after AMD stripped memory crypto from its consumer CPUs AMD will reinstate memory encryption on Ryzen 9000 CPUs through a BIOS update in July — TSME is coming back after ‘valuable community feedback' Cabal How the Peter Thiel-Linked Dialog Club Secretly Ranks Its Members Leak Exposes Members of Peter Thiel's Secretive ‘Dialog' Society Collaborateurs Nicolas-Loïc Fortin Crédits Montage par Intrasecure inc Locaux réels par YUL

The Elev8 Podcast
Carney CAUGHT on Hot Mic—Trump Spots the REAL Problem

The Elev8 Podcast

Play Episode Listen Later Jun 16, 2026 14:44


The Mike Hosking Breakfast
Marama Davidson: Green Party Co-Leader on their campaign promise of harsher penalties for companies breaching the Privacy Act

The Mike Hosking Breakfast

Play Episode Listen Later Jun 9, 2026 4:12 Transcription Available


The Greens are calling for a beefed-up Privacy Commissioner to tackle major breaches. The party's campaigning on plans for the Commissioner to apply for penalties of up to $500 thousand for breaches by individuals, and $10 million for corporations. Any penalty would have to go before the courts. Greens Co-Leader Marama Davidson says the Manage My Health hack showed the need to close the gap allowing companies to treat New Zealanders' data as an afterthought. She told Heather du Plessis-Allan the proposal would see penalties match those given for breaches of the Commerce Act – bringing privacy protection up to where it should already be. LISTEN ABOVE See omnystudio.com/listener for privacy information.

Early Edition with Kate Hawkesby
Francesca Rudkin: If you want trust, you must accept consequences

Early Edition with Kate Hawkesby

Play Episode Listen Later Jun 4, 2026 2:05 Transcription Available


New Zealand's Privacy Commissioner is right to argue that the law should be changed to allow agencies to be fined when they fail to protect people's sensitive personal information. In an increasingly digital society, we're being encouraged to trust organisations with highly confidential data, including medical records, financial details, and personal identification information. With that trust must come accountability. The recent cyberattack involving Manage My Health highlights why stronger enforcement powers are necessary. The platform stores sensitive health information for hundreds of thousands of New Zealanders and is widely used by patients and healthcare providers. When a system like this is compromised the consequences can be severe, including identity theft, privacy violations, and loss of confidence in digital healthcare services. While an investigation followed the breach, many New Zealanders were left wondering whether anyone would face meaningful consequences. Too often, organisations can have a data breach without being held directly accountable for inadequate security practices. These concerns become increasingly significant as New Zealand moves towards digital driver licenses and other forms of digital identity. While digital licenses offer convenience, efficiency and are the way of the future, they also create a centralised repository of highly valuable personal information. If we're expected to carry our identity in digital form, we need to be confident the systems protecting our information meet the highest security standards. Where negligence or failure to meet these standards contributes to a breach, substantial financial penalties should be an available option. Privacy Commissioner Michael Webster says that when it comes to accountability for failing to protect an individual's privacy, New Zealand's laws are "somewhat out of step" with those overseas. The possibility of significant fines would create a strong incentive for organisations to invest in prevention rather than simply managing the fallout after a breach. It would send a clear message that protecting personal data is a fundamental responsibility. If organisations and government agencies expect the public's trust, they must also accept meaningful consequences when that trust is broken. See omnystudio.com/listener for privacy information.

Info Matters
Using AI, data analytics and federated learning to improve patient care | Utiliser l'IA, l'analyse de données et l'apprentissage fédéré pour améliorer les soins aux patients

Info Matters

Play Episode Listen Later May 28, 2026 37:58


Dr. Amol Verma is a physician and scientist in General Internal Medicine at St. Michael's Hospital and the Temerty Professor of AI Research and Education in Medicine at the University of Toronto. Dr. Verma co-founded and co-leads GEMINI, Canada's largest hospital clinical data research network. Objectives of GEMINI, using data to improve the quality of care [1:49] Digitization of health care and unlocking siloed information to improve health care delivery [5:01] Scaling GEMINI and interoperability across institutions and electronic medical records systems [7:50] Pooling data: batch data dumps vs. real-time data feeds [11:16] Data de-identification, Five Safes framework, and handling unstructured personal health information [13:35] What is federated learning? [18:20] Benefits of data sharing in health care from reducing length of hospital stay to recognizing/predicting delirium in patients [22:15] Ensuring transparency and fostering trust [29:10] Explaining the use of AI to patients [33:45] Resources: GEMINI AI Scribes: Key Considerations for the Health Care Sector (IPC Guidance) AI Scribes Checklist: Key Considerations for the Health Care Sector (IPC Guidance) Principles for the Responsible Use of Artificial Intelligence (IPC and Ontario Human Rights Commission) Digital Health Under PHIPA: Selected Overview (IPC Guidance) Case of Note: Artificial intelligence gone wrong: Why custodians need strong AI frameworks and policies (IPC Guidance) Privacy Day 2026: Trustworthy AI in Health: The Promise, Perils, and Protections (YouTube) Privacy Day 2025: The Power of PETs: Privacy Enhancing Technologies (YouTube) Info Matters is a podcast about people, privacy, and access to information hosted by Patricia Kosseim, Information and Privacy Commissioner of Ontario. We dive into conversations with people from all walks of life and hear stories about the access and privacy issues that matter most to them.  If you enjoyed the podcast, leave us a rating or a review.  Have an access to information or privacy topic you want to learn more about? Interested in being a guest on the show? Comment on our posts on BlueSky and LinkedIn or email your ideas to podcast@ipc.on.ca. The information, opinions, and recommendations presented in this podcast are for general information only. It should not be relied upon as a substitute for legal advice. Unless specifically stated otherwise, the IPC does not endorse, approve, recommend, or certify any information, product, process, service, or organization presented or mentioned in this podcast, and information from this podcast should not be used or reproduced in any way to imply such approval or endorsement. None of the information, opinions and recommendations presented in this podcast bind the IPC's Tribunal that may be called upon to independently investigate and decide upon an individual complaint or appeal based on the specific facts and unique circumstances of a given case.

RNZ: Morning Report
Damning report into Manage My Health data breach

RNZ: Morning Report

Play Episode Listen Later May 26, 2026 6:36


The Privacy Commissioner has issued a damning report into the hacking of the Manage My Health app - private information of almost 100-thousand New Zealanders was stolen in the breach in December last year. The Commissioner highlighed significant failures by Health New Zealand and Manage My Health, issuing both with compliance notices .. and recommending law changes to strengthen accountability. Health NZ Chief Financial Officer Bevan McKenzie spoke to Ingrid Hipkiss.

The Mike Hosking Breakfast
Michael Webster: Privacy Commissioner on the inquiry finding Health NZ and Manage My Health breached privacy code

The Mike Hosking Breakfast

Play Episode Listen Later May 26, 2026 2:45 Transcription Available


Both Manage My Health and Health NZ are vowing they've made big changes following last year's cyber-attack on 100 thousand patients. The Privacy Commissioner has found both failed to protect patient data. Phase Two of his review will ask whether people actually knew their data was being held in the health portal. Michael Webster told Mike Hosking we can't afford to be lax when it comes to private data. He says health information is highly sensitive, and there needs to be a greater commitment to protecting it on such platforms. LISTEN ABOVE See omnystudio.com/listener for privacy information.

code manage commissioners inquiry phase two breached privacy commissioner health nz mike hosking michael webster listen abovesee
Early Edition with Kate Hawkesby
Full Show Podcast: 27 May 2026

Early Edition with Kate Hawkesby

Play Episode Listen Later May 26, 2026 34:31 Transcription Available


On the Early Edition with Ryan Bridge Full Show Podcast Wednesday the 27th of May 2026, Co-operative Bank CEO Mark Wilkshire tells Ryan what we can expect from the OCR ahead of Thursday's Budget. Remand numbers dropped in 2025 as prisoner numbers reached record high and no one knows why, criminal lawyer Steve Cullen shares his thoughts. The Privacy Commissioner says Health NZ and Manage My Health failed to protect out data, Health NZ Chief Financial Officer Bevan McKenzie tells Ryan what Health NZ will do moving forward. Plus UK/Europe Correspondent Gavin Grey has the latest on four people killed in a collision between a train and a school minibus in Belgium and two aid workers have brought suspected cases of Ebola to Europe. Get the Early Edition Full Show Podcast every weekday on iHeartRadio, or wherever you get your podcasts. LISTEN ABOVE See omnystudio.com/listener for privacy information.

europe budget belgium ebola ocr early edition privacy commissioner remand health nz listen abovesee steve cullen
Early Edition with Kate Hawkesby
Bevan McKenzie: Health NZ Chief Financial Officer on the inquiry into the Manage My Health cyber-attack

Early Edition with Kate Hawkesby

Play Episode Listen Later May 26, 2026 4:48 Transcription Available


Health NZ is apologising for the Manage My Health cyber-attack. The Privacy Commissioner has found both failed to protect sensitive patient information. Over 90% of the 100 thousand patients affected late last year were Northlanders. Health NZ says it's working on a response plan after commissioning its own report from Deloitte. Chief Financial Officer Bevan McKenzie told Ryan Bridge cyber risks are something to be highly aware of, and people themselves need to be vigilant as well. LISTEN ABOVE See omnystudio.com/listener for privacy information.

manage deloitte inquiry chief financial officers bevan privacy commissioner health nz northlanders health new zealand listen abovesee
The Vassy Kapelos Show
Free For All Friday

The Vassy Kapelos Show

Play Episode Listen Later May 8, 2026 75:18


Free For All Friday - Hour 1 Amanda Galbraith breaks down the biggest stories of the day with Canada's top newsmakers. Alberta Premier Danielle Smith and Prime Minister Mark Carney gathered together in Ottawa, as both leaders face pressure to show progress on a new pipeline. Conservative MP Garnett Genuis outlines the party’s proposal to reform the E.I. system for more flexible parental leave. In a new report, Canada’s Privacy Commissioner says there have been over 42,000 data breaches at the CRA since 2020. Amanda chats with Claudiu Popa, a certified security and privacy expert. Tonight marks another watershed moment for Canadian basketball, as the WNBA's Toronto Tempo will hit the court for the first time. We go 1-on-1 with Toronto Tempo President Teresa Resch. Free For All Friday - Hour 2 Contributors from all over the country join The Roundtable to discuss the top stories of the week. Today’s edition features Strategy Corp vice-president Garry Keller and Enterprise Canada vice-president of national strategy Laura D’Angelo. Topic 1: Prime Minister Carney meets with the Premier of Alberta, as pressure mounts to show progress on the Alberta MOU. Topic 2: The separatist group Stay Free Alberta has collected enough signatures to potentially force a referendum. Jason Kenney, a former Premier of Alberta, says the pro-federalist voices need to step up. Topic 3: Do Canada's parental leave guidelines leave parents behind? Topic 4: The WNBA comes to Canada, and it's not for a quick promo. We have a team to cheer for! Will you be going to any Toronto Tempo games this season? Which matchup is on your calendar already? Topic 5: Is it worth the cost to save Canada's Snowbirds?

BC Today from CBC Radio British Columbia
Latest on hantavirus | Privacy commissioner AI findings

BC Today from CBC Radio British Columbia

Play Episode Listen Later May 6, 2026 25:07


The World Health Organization has confirmed three people were evacuated from a cruise ship in the Atlantic Ocean off Cape Verde amid a hantavirus outbreak. We heard what people need to know about the virus.Federal and provincial watchdogs say OpanAI failed to respect Canadian privacy laws when training ChatGPT in Canada. We asked our audience to share their questions about online privacy and security.

Info Matters
Data regulation then and now: A conversation with Elizabeth Denham | La réglementation des données, d'hier à aujourd'hui : entretien avec Elizabeth Denham

Info Matters

Play Episode Listen Later Apr 23, 2026 40:57


Elizabeth Denham is an internationally recognized leader in privacy and data protection. She served as the UK Information Commissioner from 2016 to 2021, seeing the office through a period of significant technological and regulatory change, including the implementation of modern data protection laws. Earlier in her career, she served as Information and Privacy Commissioner of British Columbia. She is currently chair of the Jersey Data Protection Authority. Progress in harmonizing privacy laws across Canada [2:56] Shifts in the data landscape over the past two decades [6:38] Affirming the right to privacy in Canada [10:47] Events that have led to heightened public awareness of privacy [9:36] Canada's role in global data protection [10:32] Artificial intelligence and modern regulation, the need for cooperation and collaboration among regulators [15:03] Challenges and opportunities of a dual mandate overseeing both freedom of information and privacy [28:57] The importance of retaining strong freedom of information rights to hold governments accountable and uphold democratic values [32:00] Motivation and optimism for the future [23:14] Resources: Personal Information Protection and Electronic Documents Act (PIPEDA) General Data Protection Regulation (GDPR) R. v. Bykovets (Supreme Court of Canada) Facebook Inc. v. Privacy Commissioner of Canada (Supreme Court of Canada) Enhancing Digital Security and Trust Act Principles for the Responsible Use of Artificial Intelligence (IPC-OHRC) Digital Regulation Cooperation Forum IPC Scholar-in-Residence IPC Youth Advisory Council Info Matters is a podcast about people, privacy, and access to information hosted by Patricia Kosseim, Information and Privacy Commissioner of Ontario. We dive into conversations with people from all walks of life and hear stories about the access and privacy issues that matter most to them. If you enjoyed the podcast, leave us a rating or a review. Have an access to information or privacy topic you want to learn more about? Interested in being a guest on the show? Comment on our posts on BlueSky and LinkedIn or email your ideas to podcast@ipc.on.ca. --- Elizabeth Denham est une autorité reconnue à l'échelle internationale dans les domaines de la protection de la vie privée et des données. Elle a été commissaire à l'information du Royaume-Uni de 2016 à 2021, période pendant laquelle son bureau a connu des changements importants sur le plan technologique et réglementaire, notamment l'entrée en vigueur de lois modernes sur la protection des données. Plus tôt dans sa carrière, elle a été commissaire à l'information et à la protection de la vie privée de la Colombie-Britannique. Elle est actuellement présidente de la Jersey Data Protection Authority.  Les progrès réalisés en vue d'harmoniser les lois sur la protection de la vie privée au Canada [2:56] L'évolution du contexte des données au cours des 20 dernières années [6:38] L'affirmation du droit à la vie privée au Canada [10:47]  Événements ayant sensibilisé le public à la protection de la vie privée [9:36] Le rôle du Canada dans la protection des données à l'échelle mondiale [10:32] L'intelligence artificielle et la réglementation moderne; la nécessité pour les autorités de réglementation de collaborer [15:03] Les défis et les possibilités que présente le double mandat de surveiller l'accès à l'information et la protection de la vie privée [28:57] L'importance d'un droit à l'information solide pour assurer la reddition de comptes des gouvernements et défendre les valeurs démocratiques [32:00] Sources de motivation et motifs d'optimisme [23:14]  Ressources Loi sur la protection des renseignements personnels et les documents électroniques (LPRPDE) Règlement général sur la protection des données (RGPD) R. c. Bykovets (Cour suprême du Canada) Facebook Inc. c. Commissaire à la protection de la vie privée du Canada (Cour suprême du Canada) Loi de 2024 visant à renforcer la sécurité et la confiance en matière de numérique Principes pour l'utilisation responsable de l'intelligence artificielle (CIPVP-CODP) Digital Regulation Cooperation Forum Programme des chercheurs résidents du CIPVP Conseil consultatif de la jeunesse du CIPVP L'info, ça compte est un balado sur les gens, la protection de la vie privée et l'accès à l'information animé par Patricia Kosseim, commissaire à l'information et à la protection de la vie privée de l'Ontario. Avec des invités de tous les milieux, nous parlons des questions qui les intéressent le plus sur la protection de la vie privée et l'accès à l'information.  Si vous avez aimé cet épisode, laissez-nous une note ou un commentaire.  Vous aimeriez en savoir plus sur un sujet lié à l'accès à l'information ou à la protection de la vie privée? Vous aimeriez être invité à notre balado? Commentez une de nos publications sur BlueSky et LinkedIn ou écrivez-nous à podcast@ipc.on.ca. The information, opinions, and recommendations presented in this podcast are for general information only. It should not be relied upon as a substitute for legal advice. Unless specifically stated otherwise, the IPC does not endorse, approve, recommend, or certify any information, product, process, service, or organization presented or mentioned in this podcast, and information from this podcast should not be used or reproduced in any way to imply such approval or endorsement. None of the information, opinions and recommendations presented in this podcast bind the IPC's Tribunal that may be called upon to independently investigate and decide upon an individual complaint or appeal based on the specific facts and unique circumstances of a given case.

Kerre McIvor Mornings Podcast
Andrew Dickens: Facial recognition – the rise of Big Brother or a necessary tool?

Kerre McIvor Mornings Podcast

Play Episode Listen Later Apr 16, 2026 4:17 Transcription Available


Bunnings have begun rolling out facial recognition technology in its New Zealand stores, saying it's needed to protect staff and customers because violent incidents continue to rise, despite the fact we've got tough on crime, and we've had a bit of a crackdown. The first two stores to switch on the facial recognition technology are in Te Rapa and Hamilton South, both in the Waikato, but a nationwide rollout is planned. The company says the technology will help identify serious repeat offenders, it will reduce theft, and they do this after what they say is a sharp increase in threatening behaviour. Now this whole thing has taken forever for Bunnings. In Australia, Bunnings fought for four years to get permission to do this. There were courts involved, there were tribunals involved, there was a lot of controversy, and a four-year battle. Here, for Bunnings, it's only taken six months because Foodstuffs had already got approval from the Privacy Commissioner, so the hard work was done. But even so, six months for Bunnings to finally roll out a little bit of facial recognition in their stores. They worked hard at it, they've been taking privacy guidance. The Foodstuffs trial last year scanned 225 million faces and they deleted all the images within a minute, but there were concerns at the time about misidentification and bias and the need for strong safeguards, so Bunnings worked away at all of this. They hired a Māori digital sovereignty expert —who knew such a thing existed or was even needed— to make sure cultural considerations are built in. There is bilingual signage for the facial recognition, and if you think you've been wrongly identified as a bad guy, there are clear pathways for you to object to all of this. But you know, all this kafuffle about getting the permission shows all of us that there are still a load of people in this world who do not like the idea. There's more issues to come, but are you worried about the rise and rise and rise of facial recognition technology? Or do you have no problem with it because it's a tool to fight crime? Now all of this reminds me of debates I used to listen to on when Leighton Smith used to do this show. And he would do a show and it's all about freedom and liberty, and people would come on and say, “Oh, there's no problem, no problem at all, mate. If you've got nothing to hide, you've got nothing to fear." And Leighton would say, “Yes, but bit by bit, little by little, our personal freedom and liberty is being stripped and replaced by an all-powerful state monitoring our every step and then controlling the way we behave. It's the threat of Big Brother." But the difference now that time has passed, it's not actually the state that's doing all the facial recognition, it's the corporate world. So it's not the state, it's the corporates, and the corporates seem to want to know every little thing about us. Your phone is monitoring where you are, what you do, what you look at, it's telling you what to think. And I get tired of being told what I should be listening to next by Spotify because they've looked at what I've listened to before and said, “well, this is you," and I go, “well, actually, I'm a broader, wider person than that, and stop bothering me." I'm tired of my car telling me how to drive, “your tyres are a little flat, would you like to check into the service centre?" No, I would not. I don't have the time right now. Would you shut up, car? I'm trying to drive. Facial recognition technology, do you have any problem with it? And I know you do because look how long it's taken to get approval and how many people have had conniptions about it and had worries about it, and the Privacy Commissioner has spent millions on it just investigating this sort of thing. Is this the rise and rise of Big Brother, or is this necessary as we fight crime? See omnystudio.com/listener for privacy information.

Heather du Plessis-Allan Drive
Perspective with Heather du Plessis-Allan: Bunnings needed to prioritise staff safety here

Heather du Plessis-Allan Drive

Play Episode Listen Later Apr 15, 2026 2:10 Transcription Available


If you haven't watched the Bunnings video yet showing its staff being attacked, I recommend you go and watch it - especially if you feel uneasy about the company using CCTV for facial recognition. It's a compilation of incidents that have occurred in its stores. The first incident shows a man pulling a knife on a staff member and threatening them so he can walk out the door with two trolleys' worth of stolen goods. That happened at the Porirua store. The next incident shows a man holding a box who runs at and knocks over a staff member, while another man behind him tries to steal a second box. That happened at the Takanini store. The incident I found hardest to watch is a man approaching a staff member at their car in a mostly empty car park. He sidles up to them, then smacks them in the head when they're not expecting it. He then chases the staff member as they run away and trip because they are so frightened. Now, let's be clear about what's going on here - Bunnings is releasing this video as part of a PR campaign. It's trying to convince us that it needs to use facial recognition technology in two of its Hamilton stores. What blows my mind is that it has to go to these lengths. It's been trialling facial recognition since 2018. It's fought its way through a tribunal process in Australia. It's had the Privacy Commissioner here, and the equivalent over the ditch, watching them. It's engaged a Māori digital sovereignty expert. It's released at least two of these video compilations. And all of this, so far in New Zealand, is just for permission to operate in two stores. Not all stores - just two. Two Hamilton stores. That's because there are still enough people worried that Bunnings will take our biometric data and sell it, lose it or wrongly deny entry to some innocent person. I would have thought this was a slam dunk. I would have thought the answer would be: yes, absolutely - go ahead and use facial recognition if that's what you need to do to keep your staff safe. Because sure, something might go wrong one day with the CCTV. But go and watch those videos. Things are going wrong right now. LISTEN ABOVESee omnystudio.com/listener for privacy information.

Best of Business
Perspective with Heather du Plessis-Allan: Bunnings needed to prioritise staff safety here

Best of Business

Play Episode Listen Later Apr 15, 2026 2:18 Transcription Available


If you haven't watched the Bunnings video yet showing its staff being attacked, I recommend you go and watch it - especially if you feel uneasy about the company using CCTV for facial recognition. It's a compilation of incidents that have occurred in its stores. The first incident shows a man pulling a knife on a staff member and threatening them so he can walk out the door with two trolleys' worth of stolen goods. That happened at the Porirua store. The next incident shows a man holding a box who runs at and knocks over a staff member, while another man behind him tries to steal a second box. That happened at the Takanini store. The incident I found hardest to watch is a man approaching a staff member at their car in a mostly empty car park. He sidles up to them, then smacks them in the head when they're not expecting it. He then chases the staff member as they run away and trip because they are so frightened. Now, let's be clear about what's going on here - Bunnings is releasing this video as part of a PR campaign. It's trying to convince us that it needs to use facial recognition technology in two of its Hamilton stores. What blows my mind is that it has to go to these lengths. It's been trialling facial recognition since 2018. It's fought its way through a tribunal process in Australia. It's had the Privacy Commissioner here, and the equivalent over the ditch, watching them. It's engaged a Māori digital sovereignty expert. It's released at least two of these video compilations. And all of this, so far in New Zealand, is just for permission to operate in two stores. Not all stores - just two. Two Hamilton stores. That's because there are still enough people worried that Bunnings will take our biometric data and sell it, lose it or wrongly deny entry to some innocent person. I would have thought this was a slam dunk. I would have thought the answer would be: yes, absolutely - go ahead and use facial recognition if that's what you need to do to keep your staff safe. Because sure, something might go wrong one day with the CCTV. But go and watch those videos. Things are going wrong right now. LISTEN ABOVESee omnystudio.com/listener for privacy information.

ChannelBuzz.ca
Canada’s data sovereignty moment: why partners who move first will own the space

ChannelBuzz.ca

Play Episode Listen Later Apr 15, 2026 26:55


Rob Falzon, Head of Engineering in the Office of the CTO at Check Point Software Technologies Canada’s data sovereignty landscape is shifting faster than most organizations realize – and according to Rob Falzon, Head of Engineering in the Office of the CTO at Check Point Software Technologies, the conversation isn’t happening early enough. In this episode, Falzon breaks down the regulatory pressure building around Canadian data – including Quebec’s Law 25, Bill C-8, and new federal PIPEDA reform expected this spring that is expected to include data sovereignty provisions. He draws a sharp distinction between data residency (where data sits at rest) and data sovereignty (control over the entire processing chain) that many partners and their customers are still conflating – and explains why contracts alone can’t solve the problem. Falzon unpacks the CLOUD Act dimension: if data lives in the U.S., it is accessible to the U.S. government regardless of where your company is headquartered or what your service agreement says. For MSPs, the conversation turns to opportunity. Recent research from Kiteworks found that 23% of Canadian organizations experienced a data sovereignty incident last year, and mid-market firms lag enterprise by 15 to 25 percentage points in sovereignty maturity – despite facing the same penalties. Falzon’s advice: lead with risk, not product. He also raises a recent U.S. legal judgment holding that all data entered into ChatGPT belongs to OpenAI – and asks whether organizations using AI services even know where that data is going. Check Point launched a dedicated Canadian data region for CloudGuard WAF in March, opening doors to government and regulated-sector contracts that were previously unavailable to partners. But Falzon’s bigger point is this: the regulatory picture is still coming into focus, and MSPs who get educated now – before the legislation fully lands – have a real chance to stake out expertise and become the trusted voice in the room when urgency hits. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca and your host for the show. There’s a phrase you’re probably hearing more and more in customer conversations: data sovereignty. And if you’re not hearing it yet, you probably will soon. Canada’s regulatory landscape around data is shifting fast. Quebec’s Law 25 is already in force with real financial penalties. Bill C-8, the Critical Cyber Systems Protection Act, is working its way through committee. New federal privacy reform is expected this spring, and underneath all of that, there’s a growing realization that the old assumption—that if it’s okay for the U.S., it’s okay for us—may not hold up much longer. My guest today is Rob Falzon, Head of Engineering in the Office of the CTO at Check Point Software Technologies. Rob has spent over 30 years in large-scale security architecture, including government work, and he’s been with Check Point for over two decades. He’s based here in Canada and has a front-row seat to how this market handles security and compliance differently from the rest of the world. We’re going to talk about what’s driving the urgency around data sovereignty in Canada right now, the distinction between data residency and data sovereignty that a lot of partners are still conflating, and what it all means practically for MSPs serving the Canadian mid-market. Let’s get right into it—my chat with Rob Falzon. Rob, thanks for taking the time. I appreciate it. Robert Falzon: No trouble. Robert Dutt: You’ve been in the industry a long time, with Check Point for two decades, and you’ve had a front-row seat to how the Canadian market specifically handles security and compliance. For an audience of Canadian VARs and MSPs, how has the data conversation in Canada changed over, say, the last 18 months or so? It feels like something’s shifted in that discussion. Robert Falzon: Yeah, there’s been a significant shift. In the past, obviously, we’ve seen the changes that have happened with our neighbors to the south and how the climate and atmosphere have changed. It’s caused folks in Canada to have a closer look at what their various different arrangements are from a trust perspective, and what their comfort level might be in where they store their data and how they manage that data—and where their customers are based as well. I think that’s been the primary change in the last few months specifically. For a long time, we’ve had this feeling that Canada and the U.S. have been sort of the same. There wasn’t really a big concern because we have agreements back and forth. A lot of the recent changes have forced us to really revisit those arrangements and see: are we actually making sure that the information is safe and protected? As a result of that, we’ve been getting those questions at Check Point, and it’s incumbent upon us to manage it in such a way that our customers get the security and safety they need while meeting their business requirements. Robert Dutt: From the regulatory side of things, there’s a lot going on. We have Quebec’s Law 25 in place with real penalties behind it. We have Bill C-8 working its way through committee. There’s going to be PIPEDA reform coming up sometime fairly soon, which is rumored to include data sovereignty provisions. Back in November, the government introduced the Digital Sovereignty Framework. For a Canadian MSP who hasn’t been tracking all of this closely, what’s the picture they need to have in their head right now of the regulatory scene? Robert Falzon: Well, like you pointed out, there’s no comprehensive federal law just yet. As you mentioned, there are a number of things on the table and we have some direct focus now from the federal government. There’s a minister assigned specifically for AI that’s taking a very close look at how Canada is managing that. We also have this provincial patchwork. Ontario probably has the most established AI-specific roles so far. Alberta’s Privacy Commissioner also has a report they released last year talking about Alberta creating its own AI law and updating its privacy legislation. All of these changes are happening fairly quickly right now, and it’s incumbent upon MSPs to make sure they’re aware of what these changes are and where they are operating their businesses. There are two aspects to this. The first is the business side: if you have customers that want to consume your services, you need to make sure your services are consumable by them—that you are meeting their data regulation requirements and that the residency and sovereignty requirements these new pieces of legislation introduce are met by whatever services you’re providing. The challenge is that there’s not a lot of clarity right now around what these actual services are. Maybe AI is touching it, or some security component is touching it, but maybe it’s a different type of service related to marketing. This is going to be a challenge for MSPs to make sure they understand their compliance obligations and to closely look at their service offerings. They need to start to decouple what we used to think was an accepted understanding—that if it was okay for the U.S., it was okay for us. It’s not going to be the same anymore. Robert Dutt: There’s another piece of legislation, not necessarily on our side, but the CLOUD Act hanging over all this. Can you walk us through how the CLOUD Act changes the calculus for Canadian organizations using a U.S.-headquartered cloud or security provider? Robert Falzon: There are a few things here to unpack. First of all, it’s not finalized; there are still a lot of negotiations underway. This started back in 2021 or 2022, and obviously, when that started, we were in a completely different geopolitical context than we have today. That’s transformed things into a more complex policy debate and even, to some degree, a national security debate. For us, we’re going to have to start looking very carefully about what regulations we put in place at the federal level that impact us from a legal compliance perspective. Is your CISO well aware of what your obligations are under this? I think if I look at what’s going to change, we’re still going to have to start hosting much of the information we work with in Canada. Anything related to security rule sets, business transaction information—all of this is going to have to be stored in Canada. If you are still leveraging contracts that you might have in the U.S., you’re going to have to look at how you separate out those specific types of data that are protected by law and have them processed and stored in Canada. You may not be able to get out of some of these hosting contracts in the U.S., but the fact is, if that data is in the U.S., it’s going to be available to the U.S. government. If that availability contravenes any legislation we have here, it’s something you’re going to be liable for. Robert Dutt: A lot of times, maybe at the customer level and the partner level, there’s some conflation between data residency and data sovereignty. Can you break that apart? I think when a lot of people hear, “We have a Canadian data center,” they assume the compliance checkbox is checked. Robert Falzon: Yeah. The difference fundamentally is essentially data at rest versus data in motion. If you are storing databases or static information about customers, that data must be resident in Canada. Data sovereignty is essentially the entire chain. Any processing has to be done in Canada, storage has to be done in Canada—the data cannot leave the country or its control sphere the entire time it’s in your possession. I think that’s a critical differentiation because they are often, as you say, conflated to be the same thing. Robert Dutt: What does a sovereignty-defensible architecture actually look like? What are the non-negotiables to make sure you’re covered off there, especially as a service provider? Robert Falzon: You have to look at all of your vendors. You have to make sure that not only are you managing your data effectively yourself, but that all of the vendors you interact with are also following the same guidelines. The challenge here is that we are so integrated with U.S. providers—cloud providers, data center providers. All of those things need to come together, and we need to be aware at all times where this information is stored. Our understanding of where that data is has to improve, so we need better tools to manage that visibility. But we also need to start making actual changes in our infrastructure to make sure it physically resides in Canada. And then we need to look at the rule sets you’re using to manage that data. Do you have the proper security context to store and manipulate that information strictly in Canada as per data sovereignty regulations? Robert Dutt: Let’s bring this to the partner level. There’s a recent survey from Kiteworks that shows 23% of Canadian organizations experienced a data sovereignty incident last year. Mid-market firms lag enterprise by 15 to 25 percentage points in maturity, but they face the same penalties. For an MSP serving that mid-market space, where’s the actual opportunity in terms of educating and compliance? Robert Falzon: Well, if MSPs are at the stage where they’re concerned and trying to get information, imagine where many of our customers are standing. Customers are trusting their partners to provide them with guidance and leadership. If we think about verticals like healthcare, financial services, or the public sector—these are not organizations that typically have heavy internal services or the skill sets to make these decisions about where their cloud data is processed. They’re relying on partners for that. If there are issues, the buck stops with the customer themselves. By helping to educate their customers—making them aware of coming changes, understanding the differences between sovereignty and residency, and looking at their other vendors—partners can take a leadership position. There’s a bit of a vacuum right now in speaking with both partners and customers, where everybody’s just going, “I wonder what’s going to happen next? Am I even ready for this?” It’s a great opportunity to improve their business. Robert Dutt: Is the first question to that customer the general, “Do you know where your data is living and who has access to it?” Or what’s the first concrete question an MSP can take to their customers? Robert Falzon: Well, there are a whole lot of things. First, partners are going to have a better understanding of their customer profile. If they have customers with significant multi-cloud complexity or exposure to the CLOUD Act, they’ll want to start by talking to them about their immediate risk. The challenge we often have is that we want to go in and talk about how a product or service is going to make a difference. Ultimately, what we really need to do is share the conversation about risk. The risk conversation is often overlooked in favor of saying, “I’d like this customer to buy some more Check Point.” But at the end of the day, all of that comes back to their understanding of what the risk is. I would start with risk: talk about what’s in the CLOUD Act, talk about complexity, and talk to them about AI data exfiltration and how that impacts leakage from a legal perspective. Stay away from conversations about specific products and focus on the business outcomes for the customers. That’s what’s going to get you the traction. Robert Dutt: Check Point launched a dedicated Canadian region for CloudGuard Web Application Firewall in March at the Victoria Privacy Summit. What’s driving security vendors specifically to put in infrastructure in Canada right now? Robert Falzon: This is an interesting question because it’s really not a “right now” thing. This is something we’ve been actively looking at for some time. It’s not as easy as just saying, “I’m going to do this in Canada only.” There’s a lot of backend stuff that has to happen. Five years ago, the technology and infrastructure available were somewhat limited. You have to be able to trust the infrastructure you’re placed in. It’s taken years to get here, and we’re quite confident in our ability to deliver the exact same level of quality as we did when it was solely based in the U.S. Countries around the world are starting to take a close look at their most important assets—data and intellectual property—and seeing how easily technology is being used to gain access to private information. Companies would be well-served to understand that this has been a long cycle; it’s not something that just happened overnight. Robert Dutt: For a partner who’s already selling Check Point solutions, what practically changes for them now that this Canadian data region is in place? What deals or conversations does it unlock? Robert Falzon: Certainly anywhere where privacy is paramount, it’s going to have a huge impact because you can start the conversation with the understanding that anything we’re talking about today is going to be data resident and data sovereign to your Canadian customers. That immediately sets you apart from many other vendors who cannot make that claim. If you can address the concern of privacy legislation right out of the gate, then you can focus on the actual business outcomes. It’s going to open doors with agencies very sensitive to this—government entities at the municipal, federal, and provincial levels that might have been off-the-table to a partner that didn’t have solutions meeting those criteria. Robert Dutt: For the MSP who’s a little earlier in the process, what’s the first practical step internally to make sure you’re building this out as an opportunity? Robert Falzon: You have to be extremely well-educated in the legal aspects because you’re going to want to make sure you have a compliance story and accountability you can speak to with your customers. But looking at all the uncertainty relating to AI and machine learning, being able to tie data residency and sovereignty into how that impacts their ability to utilize these new technologies would be a real door opener. There’s a tremendous amount of misunderstanding and lack of information available to customers currently running these solutions. If I were a partner today, I’d be looking at how I have the conversation about security, privacy, and data sovereignty in terms of their ability to be more competitive in the future by leveraging these advanced technologies in a secure way. Robert Dutt: What’s the risk of doing nothing? If I’m a partner and I decide to just keep selling the same way and assume data sovereignty is someone else’s problem, what does that look like 12 months from now? Robert Falzon: Hopefully your customers are already taking a zero-trust approach, so it might be easy to say, “I’ll wait until this settles a bit.” It’s not crazy to think that could still be effective. But if one waits too long and it becomes legislation, now you’re playing catch-up. You won’t be perceived as a leader in the space, and as we know, it’s much harder to win business away from someone else than it is to keep business you already have. Robert Dutt: Last question: what’s the thing about data sovereignty in Canada right now that you think isn’t getting enough attention? Robert Falzon: I think honestly, the conversation about data sovereignty and residency itself is not mentioned enough. It seems to be addressed after the fact. I’m starting to see it come to the forefront, but I still don’t have conversations on a daily basis about this. Even though this announcement was made, I’m still not getting a lot of phone calls about what this means for me, and I would have expected to get a lot more. If we look forward five years, we’ll look back at this and go, “Wow, I can’t believe we only just got that then.” Things are moving so rapidly. If we look at the adoption of AI internal to large corporations—I’ll ask them if they are using AI services, where those services are based, and what the legal ramifications are. Nobody is talking about where the data from ChatGPT lives. There was a legal judgment in the U.S. a couple of weeks back where it was agreed that all data entered into ChatGPT belongs to them—it belongs to OpenAI. Imagine if that’s your company’s data, and you don’t even know it’s leaving because the services you’ve invested in are hosting data all over the world and not in Canada. That’s a risk that’s really not being discussed in an appropriate way. Robert Dutt: It’s an interesting indicator. If the conversation isn’t happening early, it suggests we’re still early in the cycle, and that’s an opportunity for an MSP to stake out a brand in this space. Robert Falzon: Exactly. At this very moment, anyone in the partner ecosystem should be looking at their internal systems and processes and finding out how compliant they are personally. If you don’t understand your internal architecture and what partnerships you have in your own pipeline, you’re going to be well behind when it actually comes to implementation. Robert Dutt: Great insights. Thank you very much for your time, Rob. Robert Falzon: Thank you so much. Robert Dutt: There you have it, Rob Falzon from Check Point Software Technologies. I’d like to thank Rob for his time and for a conversation that I think went well beyond the usual talking points. Thank you for listening. Here’s a few things that stood out for me from this conversation. First, there’s a really important distinction between data residency and data sovereignty that Rob laid out cleanly. Residency is about where the data sits at rest. Sovereignty is about the entire chain—processing, storage, the works—and making sure none of it leaves the country’s control sphere. If your customers think having a Canadian data center checks the compliance box, that’s a conversation worth having with them. Second, there was that striking point about AI data exfiltration. A recent U.S. legal judgment held that all data entered into ChatGPT belongs to OpenAI. If your customers are using AI services and don’t know where that data is going and who owns it once it gets there, that’s a risk that most people simply aren’t talking about yet. And that brings me to what I think was the most telling moment: Rob’s candid admission that even after Check Point’s Canada data region announcement, he’s not getting a lot of calls about data residency. That tells me we’re still early. The regulatory picture is coming into focus, but it’s not fully formed yet, and a lot of partners and customers are in wait-and-see mode. That’s actually an opportunity. If you’re an MSP who moves now—gets educated on the regulatory landscape, audits your own internal compliance, and starts leading the sovereignty conversation with your customers—you have a chance to stake out real expertise and become the trusted voice before this becomes urgent and everyone’s scrambling. Follow or subscribe to the show. You can find In The Channel on Apple Podcasts, Spotify, YouTube, and most podcast directories. Ratings and reviews are always appreciated—they help other folks in the channel find us. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Supreme Court of Canada Hearings (English Audio)
Facebook Inc. v. Privacy Commissioner of Canada (41538)

Supreme Court of Canada Hearings (English Audio)

Play Episode Listen Later Mar 20, 2026 194:10


On March 19, 2019, the respondent, the Privacy Commissioner of Canada received a complaint under s. 11(1) of the Personal Information Protection and Electronic Documents Act, S.C. 2000, c. 5 (“PIPEDA”) which raised concerns about the appellant Facebook's compliance with the PIPEDA. The concerns were related to Facebook's practice of sharing Facebook users' personal information with third-party applications hosted on its platform. The complaint was filed in the context of reports related to a professor at the University of Cambridge, U.K., Dr. Aleksandr Kogan, who launched an application through Facebook's Platform titled “thisisyourdigitallife” (“TYDL”) in November 2013. Presented to users as a personality quiz, Dr. Kogan could access the personal information of installing users and installing users' friends. In December 2015, it was reported that user data obtained by TYDL was sold to a corporation named Cambridge Analytica and a related entity, Strategic Communication Laboratories Elections Ltd. (SCL), who, in turn, used the data purchased from Dr. Kogan to help their clients target political messaging to potential voters in the then upcoming presidential election in the United States. When TYDL was launched in 2013, it agreed to Facebook's Platform Policy and Terms of Service. In 2014, Facebook issued a version 2 (v.2) of its communication protocol, Graph API, under which third party developers could no longer request permission to access installing users' friends unless the app developer, through an expanded access to additional personal information request, can demonstrate that the data would be used to “enhance the user's in-app experience”. The process for consideration of expanded access requests was introduced alongside Graph API v.2 as “App Review.” Although Graph API v.2 took effect in 2014, existing apps were given a one-year grace period before complying with the new iteration. When Graph API v.2 was announced, Dr. Kogan's request for expanded access to additional personal information was denied by Facebook because his intended use, research, would not enhance user experience. Nonetheless, Dr. Kogan continued to collect data under Graph API v.1 with no additional scrutiny from Facebook. As a result, though only 272 Canadians ever installed the TYDL app, Facebook estimates that these installations lead to the potential disclosure of the data of over 600,000 Canadians. In 2015, when the reports became public, Facebook removed TYDL from Platform and asked Cambridge Analytica to delete the user data it had obtained. Facebook did not notify the affected users that their Facebook data had been collected and sold. It was not until 2018 that Facebook suspended Dr. Kogan and Cambridge Analytica from Platform. After receiving the complaint, the Privacy Commissioner investigated and concluded that Facebook failed to obtain valid and meaningful consent for its disclosures to applications and failed to safeguard its users' information. As a result, in February 2020, the Privacy Commissioner filed a notice of application in the Federal Court claiming that Facebook was in breach of its obligations set out in Schedule 1 pursuant to s. 5(1)(a) of PIPEDA through its practice of sharing Facebook users' personal information with third-party applications hosted on the Facebook Platform.The Federal Court dismissed the application. The Federal Court of Appeal allowed the appeal and granted the Privacy Commissioner's application in part. Argued Date 2026-03-19 Keywords Privacy — Online social media platform — Obligation to safeguard users' data — Obligation to obtain meaningful consent from users for disclosure of personal data — Whether application judge erred in finding Privacy Commissioner of Canada did not prove that Facebook failed to get meaningful consent to disclose personal information to third-party apps — Whether application judge erred in finding Privacy Commissioner did not prove that Facebook failed to maintain adequate security safeguards to protect personal information in its possession or custody? — Personal Information Protection and Electronic Documents Act, S.C. 2000, c. 5, ss. 3, 5(1), 6.1 and ss. 4.3 (principle 3) and 4.7 (principle 7) of schedule 1. Notes (Federal) (Civil) (By Leave) Language English Audio Disclaimers This podcast is created as a public service to promote public access and awareness of the workings of Canada's highest court. It is not affiliated with or endorsed by the Court. The original version of this hearing may be found on the Supreme Court of Canada's website. The above case summary was prepared by the Office of the Registrar of the Supreme Court of Canada (Law Branch).

Supreme Court of Canada Hearings (English Audio)
Facebook Inc. v. Privacy Commissioner of Canada (41538)

Supreme Court of Canada Hearings (English Audio)

Play Episode Listen Later Mar 20, 2026 191:27


On March 19, 2019, the respondent, the Privacy Commissioner of Canada received a complaint under s. 11(1) of the Personal Information Protection and Electronic Documents Act, S.C. 2000, c. 5 (“PIPEDA”) which raised concerns about the appellant Facebook's compliance with the PIPEDA. The concerns were related to Facebook's practice of sharing Facebook users' personal information with third-party applications hosted on its platform. The complaint was filed in the context of reports related to a professor at the University of Cambridge, U.K., Dr. Aleksandr Kogan, who launched an application through Facebook's Platform titled “thisisyourdigitallife” (“TYDL”) in November 2013. Presented to users as a personality quiz, Dr. Kogan could access the personal information of installing users and installing users' friends. In December 2015, it was reported that user data obtained by TYDL was sold to a corporation named Cambridge Analytica and a related entity, Strategic Communication Laboratories Elections Ltd. (SCL), who, in turn, used the data purchased from Dr. Kogan to help their clients target political messaging to potential voters in the then upcoming presidential election in the United States. When TYDL was launched in 2013, it agreed to Facebook's Platform Policy and Terms of Service. In 2014, Facebook issued a version 2 (v.2) of its communication protocol, Graph API, under which third party developers could no longer request permission to access installing users' friends unless the app developer, through an expanded access to additional personal information request, can demonstrate that the data would be used to “enhance the user's in-app experience”. The process for consideration of expanded access requests was introduced alongside Graph API v.2 as “App Review.” Although Graph API v.2 took effect in 2014, existing apps were given a one-year grace period before complying with the new iteration. When Graph API v.2 was announced, Dr. Kogan's request for expanded access to additional personal information was denied by Facebook because his intended use, research, would not enhance user experience. Nonetheless, Dr. Kogan continued to collect data under Graph API v.1 with no additional scrutiny from Facebook. As a result, though only 272 Canadians ever installed the TYDL app, Facebook estimates that these installations lead to the potential disclosure of the data of over 600,000 Canadians. In 2015, when the reports became public, Facebook removed TYDL from Platform and asked Cambridge Analytica to delete the user data it had obtained. Facebook did not notify the affected users that their Facebook data had been collected and sold. It was not until 2018 that Facebook suspended Dr. Kogan and Cambridge Analytica from Platform. After receiving the complaint, the Privacy Commissioner investigated and concluded that Facebook failed to obtain valid and meaningful consent for its disclosures to applications and failed to safeguard its users' information. As a result, in February 2020, the Privacy Commissioner filed a notice of application in the Federal Court claiming that Facebook was in breach of its obligations set out in Schedule 1 pursuant to s. 5(1)(a) of PIPEDA through its practice of sharing Facebook users' personal information with third-party applications hosted on the Facebook Platform.The Federal Court dismissed the application. The Federal Court of Appeal allowed the appeal and granted the Privacy Commissioner's application in part. Argued Date 2026-03-19 Keywords Privacy — Online social media platform — Obligation to safeguard users' data — Obligation to obtain meaningful consent from users for disclosure of personal data — Whether application judge erred in finding Privacy Commissioner of Canada did not prove that Facebook failed to get meaningful consent to disclose personal information to third-party apps — Whether application judge erred in finding Privacy Commissioner did not prove that Facebook failed to maintain adequate security safeguards to protect personal information in its possession or custody? — Personal Information Protection and Electronic Documents Act, S.C. 2000, c. 5, ss. 3, 5(1), 6.1 and ss. 4.3 (principle 3) and 4.7 (principle 7) of schedule 1. Notes (Federal) (Civil) (By Leave) Language Floor Audio Disclaimers This podcast is created as a public service to promote public access and awareness of the workings of Canada's highest court. It is not affiliated with or endorsed by the Court. The original version of this hearing may be found on the Supreme Court of Canada's website. The above case summary was prepared by the Office of the Registrar of the Supreme Court of Canada (Law Branch).

Inside the Village - A weekly podcast featuring newsmakers in Ontario
What is Doug Ford trying to hide? More than ever before

Inside the Village - A weekly podcast featuring newsmakers in Ontario

Play Episode Listen Later Mar 13, 2026 22:42 Transcription Available


"Shocking announcement.""A recipe for a more corrupt government."A "bullshit" move that will "gut public trust."That was just some of the reaction to today's sudden news that the Ford government plans to overhaul the province's freedom-of-information law to deny the public access to documents held by the offices of the premier and his ministers, and their parliamentary assistants and staff.The change would undo more than 35 years of lawful access to those records — and apply retroactively, which means it would impact all in-process requests, including FOIs for documents related the Greenbelt scandal, the Skills Development Fund controversy and Ford's personal cellphone records.In a statement released late this afternoon, Patricia Kosseim, Ontario's Information and Privacy Commissioner, called on the government to withdraw the proposed changes.“Freedom of information laws exist to provide Ontarians with vital information about how government decisions are made, on what basis, who influenced them, and whether the public interest is being served,” Kosseim said. “If records about government business can be shielded from scrutiny simply because they sit in a minister's office, on a staffer's device, or within a political account, public accountability is eviscerated.”Our guest on tonight's episode of Closer Look is Jessica Smith Cross, editor-in-chief of The Trillium, Village Media's news source at Queen's Park.

Early Edition with Kate Hawkesby
Ryan Bridge: Businesses should be scared to take our data

Early Edition with Kate Hawkesby

Play Episode Listen Later Feb 24, 2026 3:12 Transcription Available


This Government has made fast-track a buzzword. After yet another massive hack of private information on Sunday, it needs to put that buzzword into action and sharpen up our privacy laws. Like, yesterday. Especially if we're talking about your health information getting stolen and potentially posted online by hackers for a ransom. The hackers it seems, are pretty much a mystery and never get caught. That ship seems to have sailed, and we can, at least for now, put that in the too hard basket. But the folks we can fine, which we currently don't, are the businesses asking for our information and not doing enough to protect it in the first place. If there was ever a need for better regulation and harsher penalties, it's with cases like this - what should be your private data. In New Zealand, Consumer says there is no express penalty or fine for a breach. The Privacy Commissioner has the power to issue a fine of $10k. Yes, just $10k. And that's only if a company doesn't report a breach of tries to hide it. The Aussies will whack you with a fine of up to AU$50 million. That makes ours look like a slap with a wet bus ticket. Companies should be scared to ask for your private information because the risk of it being nicked is evidently very high. In two months, we're had the largest ever hack in our history, through Manage My Health, and now this MediMap breach. Last week I went shopping for some new clothes, a few t-shirts and some shorts. I was asked for my name and email and address. Why? A mailing list no doubt. I didn't have to provide this data, but if I did, I'd pay 10% less for the clothes. I paid full price but couldn't leave with a receipt unless I handed over my email. Businesses want our information because they can sell us more stuff, but it should be illegal to ask unless the law requires it. And if the data they do have is stolen, that should be their problem under the law. The fines ought to reflect how serious the breach is. With health, it ought to be millions. They should be scared, like with health and safety laws, to even ask for your personal information. It's not like this problem has suddenly sailed into port. That's why the legislation should be fast-tracked, bipartisan, and tough as nails. Otherwise, we can all look forward to another data breach coming to a town near you soon. See omnystudio.com/listener for privacy information.

Driving Law
Episode 441: Supreme Court Right to Silence Case, Clearview AI Banned & Privacy Breaches

Driving Law

Play Episode Listen Later Feb 20, 2026 22:09


This week on Driving Law, Kyla Lee discusses appearing at the Supreme Court of Canada on behalf of Women in Canadian Criminal Defence (WiCCD) in a case about compelled accident statements and the right to silence. The episode explores how roadside detention laws disproportionately impact women and marginalized people. Kyla and Paul also break down a major B.C. Court of Appeal decision upholding the Privacy Commissioner's authority to ban Clearview AI's facial recognition scraping in British Columbia, and discuss privacy breaches connected to the Lapu-Lapu Day tragedy. Plus, a Florida Jaguar driver wedges a convertible under a school bus and somehow survives — Ridiculous Driver of the Week. Check out the "Lawyer Told Me Not To Talk To You" T-shirts and hoodies at Lawyertoldme.com and "Sit Still Jackson" at sitstilljackson.com.

The Jill Bennett Show
Looking deeper at property tax deferrals outlined in the B.C. budget

The Jill Bennett Show

Play Episode Listen Later Feb 19, 2026 37:39


We take a closer look at the province's changes to the property tax deferral program and how property owners might be impacted. What does the B.C. Information and Privacy Commissioner have to say regarding recent reports of privacy breaches at hospitals following the Lapu Lapu Day tragedy? And more analysis on the arrest of Andrew Mountbatten‑Windsor by a royal commentator.  Learn more about your ad choices. Visit megaphone.fm/adchoices

The Data Diva E274 - Liz MacPherson and Debbie Reynolds

"The Data Diva" Talks Privacy Podcast

Play Episode Listen Later Feb 3, 2026 41:17 Transcription Available


Send us a textEpisode 274 – Liz MacPherson, Deputy Privacy Commissioner, Office of the Privacy Commissioner, New ZealandIn Episode 274 of The Data Diva Talks Privacy Podcast, Debbie Reynolds, The Data Diva, talks with Liz MacPherson, Deputy Privacy Commissioner at the Office of the Privacy Commissioner of New Zealand, about how privacy functions as a critical guardrail for innovation rather than a barrier to progress. The discussion focuses on New Zealand's purpose and context-based privacy framework and why strong privacy foundations enable faster, safer, and more trustworthy data use across government and industry. The conversation explores a landmark case involving the use of facial recognition technology in supermarkets, where regulators, businesses, and independent evaluators worked together to test effectiveness, necessity, and proportionality before deployment. Debbie and Liz unpack why biometric data demands heightened scrutiny, how privacy impact assessments and real-world trials can reduce risk, and why facial recognition is not a plug-and-play technology. They also discuss the importance of human oversight, data quality, access controls, transparency to the public, and the risks of bias and misidentification when systems are poorly governed. Debbie and Liz also examine New Zealand's Biometric Processing Privacy Code and its role in setting clear thresholds for biometric use, including limits on categorization and inference. The episode highlights why data retention is one of the most overlooked sources of organizational risk, how unnecessary data creates downstream harm, and why treating personal information as a treasure rather than an asset to be exploited builds long-term trust. Liz emphasizes that organizations succeed when they place people at the center of data decisions and design privacy as part of the full information lifecycle.Support the showBecome an insider, join Data Diva Confidential for data strategy and data privacy insights delivered to your inbox.

The Healthier Tech Podcast
Why the Delete Button Is Broken: Staples Canada's $500K Privacy Fail

The Healthier Tech Podcast

Play Episode Listen Later Jan 29, 2026 4:17


Think hitting "delete" actually removes your personal data? Staples Canada just learned otherwise in a costly privacy investigation that should make every tech user rethink digital deletion. In this eye-opening episode, we dive into Canada's Privacy Commissioner investigation that exposed how one of the country's largest retailers failed to properly delete customer personal information despite explicit deletion requests. Key revelations from the investigation: Customer names, addresses, and purchase histories remained accessible after "deletion" Staples lacked proper data deletion procedures and verification systems Personal information was scattered across multiple systems without tracking The delete button often just removes catalog entries, not actual data We explore the concept of "data sprawl" and why most companies struggle with true data deletion. More importantly, we break down what this means for your personal privacy and digital security. This isn't just about one retailer's mistakes. It's about understanding how digital deletion really works and why your personal information is more persistent and valuable than you realize. Perfect for anyone concerned about digital privacy, data security, or understanding how their personal information is really handled by major corporations. Found this episode helpful? Subscribe to The Healthier Tech Podcast for more insights into digital wellness and technology's impact on our daily lives.

Early Edition with Kate Hawkesby
Ryan Bridge: Here we go again with privacy breaches

Early Edition with Kate Hawkesby

Play Episode Listen Later Jan 29, 2026 2:34 Transcription Available


This week we've heard about another privacy breach. We don't tell strangers on the street everything about ourselves but for some reason, when a business does it online, who we also don't know or trust, you just cannot shut us up. Name and address? Sure. Phone number? Why not. Signature? Fill ya boots. Don't even get me started credit cards and debit cards. I was talking to tech expert this week on the show. What he said has been playing on my mind for two reasons. 1. We've lost trust and faith in companies to manage our data now, I reckon. Trust is dead, and it's very hard to earn back. And nothing's sacred - we know that after the health hack. In Finland, a psychologist's notes were hacked so patients had all their secrets out there for ransom online. 2. The penalties for businesses leaving the backdoor open for scammers is very low - the maximum fine is apparently just $10,000. So if a business gets your data stolen and then doesn't tell you, the maximum fine is $10,000. The Privacy Commissioner can also get involved and award compensation of up to $350k, but that's for a serious breach which causes serious harm. Whatever that means. But I reckon they should make the fine so massive, so enormous, so crippling, that businesses just stop asking for all your information. Let it all be anonymous. Assign people a number. You don't need all the information you collect, so just don't. If the fines don't deter the behaviour and behaviour doesn't stop, trust will further erode and nobody will be handing over their data anyway. The internet's just one big funnel collecting and spitting your privacy. Now, I don't mean to just pick on the businesses here, of course the scammers are the real jerks, but they're too hard to chase down. Although I note this morning that China executed 11 scammers from Myanmar, which even though I'm against it, may put people off doing it more than a fine? See omnystudio.com/listener for privacy information.

The Mike Hosking Breakfast
Michael Webster: Privacy Commissioner on the Terms of Reference for the Inquiry into the Manage My Health data breach

The Mike Hosking Breakfast

Play Episode Listen Later Jan 27, 2026 2:45 Transcription Available


The Privacy Commissioner's pushing for strong incentives against cyber criminals in the Manage My Health data breach. Michael Webster's unveiled the initial Terms of Reference for his inquiry into the data breach affecting 127 thousand users that came to light early this month. The first phase will focus on the scale of the breach, its impacts, and Manage My Health's responsibilities and safeguards. Webster told Mike Hosking he's concerned nothing will come from his recommendations on how to prevent this from happening again. He says unlike other privacy regulators around the world, we don't have the ability to seek financial penalties or fines for those who don't do enough to protect our personal information. LISTEN ABOVE See omnystudio.com/listener for privacy information.

Driving Law
Episode 436: Supreme Court to Hear Impaired Driving Death Case, Fines, and Surveillance

Driving Law

Play Episode Listen Later Jan 16, 2026 27:27


The Supreme Court of Canada has granted leave in a major impaired-driving case that could reshape how “causing death” offences are interpreted. This week on Driving Law, Kyla Lee and Paul Doroshenko break down why the case matters, how Parliament rewrote the offence, and why the absence of a causation requirement raises serious fairness concerns. The episode also looks at a Saskatchewan decision on mandatory victim fine surcharges, why courts say they're constitutional despite harsh outcomes, and a key privacy update after the Information and Privacy Commissioner ordered Richmond to shut down traffic-camera surveillance. The Ridiculous Driver of the Week heads to Georgia, where a suspect thought a golf cart was the perfect getaway vehicle. Listen now on all streaming platforms. Check out the “Lawyer Told Me Not To Talk To You” T-shirts and hoodies at lawyertoldme.com and “Sit Still Jackson” at sitstilljackson.com.

Defence Connect Podcast
CYBER UNCUT: The Pentagon's new AI platform, SafePay ransomware scores a hat-trick, and social media ban

Defence Connect Podcast

Play Episode Listen Later Dec 15, 2025 34:47


This episode discusses the US Department of War's AI "Manifest Destiny", hackers going hard on Aussie victims, and Australia bringing in its brand new social media ban. Hosts David Hollingworth and Daniel Croft kick things off with artificial intelligence, with CommBank trialling a new DevOps agent and the Pentagon launching its new GenAI.mil platform to "dominate" its adversaries. The pair move on to cyber crime, and the SafePay ransomware gang strikes at three Australian victims in a single week. Hollingworth and Croft also discuss the social media ban, which came into effect this week. Finally, the pair look at the Privacy Commissioner's new compliance crusade and a warning that scammers are posing as charities this Christmas season. Enjoy, The Cyber Uncut team

SBS Bangla - এসবিএস বাংলা
Regulator says Kmart's use of facial recognition technology breached privacy laws - নিয়ন্ত্রক সংস্থা জানিয়েছে, কেমার্টের চেহারা শনাক্তকরণ প্রযুক্

SBS Bangla - এসবিএস বাংলা

Play Episode Listen Later Nov 27, 2025 6:44


Retail giant Kmart has been accused of violating customers' privacy with its use of facial recognition. The company says it trialled the technology to tackle increased theft and fraud and is considering appealing the Privacy Commissioner's ruling. - রিটেইল জায়ান্ট কেমার্টের বিরুদ্ধে অভিযোগ উঠেছে, তারা চেহারা শনাক্তকরণ প্রযুক্তি ব্যবহার করে গ্রাহকদের গোপনীয়তা লঙ্ঘন করেছে। কোম্পানিটি জানিয়েছে, চুরি ও প্রতারণা বেড়ে যাওয়ায় তা মোকাবিলার জন্য তারা পরীক্ষামূলকভাবে এই প্রযুক্তি ব্যবহার করেছিল। এছাড়া, তারা প্রাইভেসি কমিশনারের রায়ের বিরুদ্ধে আপিল করার বিষয়টি বিবেচনা করছে।

Public Sector Podcast
Trust, Technology & Rights in the Digital Age - Michael Harvey - Episode 160

Public Sector Podcast

Play Episode Listen Later Nov 23, 2025 38:02


In this episode, we are joined by Michael Harvey, Information and Privacy Commissioner, Government of British Columbia. Commissioner Harvey shares his insights on what it means to take a rights-first approach to innovation — exploring how embedding privacy from the outset can strengthen public trust, enhance digital service delivery, and ensure that innovation in government remains both responsible and citizen-centered. Michael Harvey, Information and Privacy Commissioner, Government of British Columbia For more great insights head to www.PublicSectorNetwork.co      

Tech Mirror
Part 4: Implementation

Tech Mirror

Play Episode Listen Later Nov 21, 2025 38:50


This is episode 4 of TPDi’s 5-part Tech Mirror mini-series, Australia vs Social Media: Inside the world-first online safety experiment. In this episode, we do a deep dive into the practicalities of implementing the Social Media Minimum Age legislation. What is likely to happen on 10th December when the law comes into effect? We answer some of the main questions that Australian young people and their parents and carers might have. We hear from the eSafety Commissioner Julie Inman Grant, Privacy Commissioner Carly Kind, deputy program director of the Age Assurance Technology Trial Andrew Hammond, clinical psychologist Dr Danielle Einstein, Professor Amanda Third, co-director of the Young and Resilient Research Centre at Western Sydney University, and Minh Hoang, a member of the eSafety Commissioner’s Youth Advisory Council. Links: eSafety Commissioner’s Social Media age restrictions hub https://www.esafety.gov.au/about-us/industry-regulation/social-media-age-restrictions-hub eSafety appoints Stanford University-led academic advisory group to assess the impacts of the Social Media Minimum Age obligation (September 2025) https://www.esafety.gov.au/newsroom/media-releases/esafety-appoints-stanford-university-led-academic-advisory-group-to-assess-the-impacts-of-the-social-media-minimum-age-obligation Office of the Australian Information Commissioner (OAIC) resources on the social media minimum age https://www.oaic.gov.au/privacy/your-privacy-rights/social-media-minimum-age The Dip, founded by Dr Danielle Einstein https://www.thedip.com/ Young Men Online https://www.esafety.gov.au/research/young-men-online Cyberbullying https://www.esafety.gov.au/key-topics/cyberbullying Sextortion https://www.esafety.gov.au/key-topics/image-based-abuse/deal-with-sextortion Parental Controls https://www.esafety.gov.au/parents/issues-and-advice/parental-controls Press Conference: Social Media minimum Age Platform Assessments, Minister for Communications media release (November 2025) https://www.youtube.com/watch?v=b9CIZK_12Zc Meta announces it will begin implementing required changes from 4 December https://www.abc.net.au/news/2025-11-19/meta-to-block-teens-from-instagram-facebook-week-early/106028014 Family Tech Agreement Template (eSaftey, good for younger children): https://www.esafety.gov.au/parents/resources/family-tech-agreement Family Tech Contract (Think you know, good for teenagers): https://www.thinkuknow.org.au/find-advice/building-safe-online-habits Headspace guide to the social media ban https://headspace.org.au/our-impact/campaigns/social-media-ban/ ReachOut https://about.au.reachout.com/home Kids Helpline https://kidshelpline.com.au/ Lode a complaint with the Privacy Commissioner https://www.oaic.gov.au/privacy/your-privacy-rights/social-media-minimum-age Credits Written and narrated by Johanna Weaver, Executive Director, Tech Policy Design Institute. Produced by Olivia O’Flynn & Kate Montague, Audiocraft. Research by Amy Denmeade. Original music by Thalia Skopellos. Created on the lands of the Ngunnawal, Ngambri people and the Gadigal people of the Eora Nation. Special thanks to all the team at the Tech Policy Design Institute, without whom the pod would not be possible, especially Zoe Hawkins, Meredith Hodgman, and Dorina Wittmann. See omnystudio.com/listener for privacy information.

Tech Mirror
Part 2: The Politics

Tech Mirror

Play Episode Listen Later Nov 13, 2025 35:11


This is episode 2 of a special 5-part Tech Mirror mini-series, Australia vs Social Media: Inside the world-first online safety experiment. In this episode, we discuss how the issue of social media harms and the idea of a minimum age restriction became such a political hot topic in the lead up to the 2024 Federal election. We explore the political, social and media forces that lead to the law passing Parliament, notwithstanding reservations of experts. We speak to Cam Wilson, a technology reporter from Crikey, Lizzie O’Shea (founder and chair of Digital Rights Watch), Professor Amanda Third (co-director of the Young and Resilient Research Centre at Western Sydney University), Australia’s eSafety Commissioner Julie Inman Grant, and Australia's Privacy Commissioner, Carly Kind. Links: Cam Wilson, Crikey https://www.crikey.com.au/author/cam-wilson/ Lizzie O’Shea https://lizzieoshea.com/ Digital Rights Watch https://digitalrightswatch.org.au/ Amanda Third https://www.westernsydney.edu.au/young-and-resilient/people/directors/amanda_third Julie Inman Grant https://www.esafety.gov.au/about-us/about-the-commissioner Carly Kind https://www.oaic.gov.au/ Minister Wells Speaking during Parliament House Question Time (31 July 2025) https://www.youtube.com/watch?v=kcLpm9SbOrk ABC News Breakfast (29 November 2024) https://www.youtube.com/watch?v=niaeYxdlvkw The Project, 10X Media Group/Network Ten (19 May 2024) https://www.youtube.com/watch?v=525CiA19WPI 36 Months campaign https://www.36months.com/ Let Them Be Kids campaign https://www.dailytelegraph.com.au/topics/let-them-be-kids Social Media Summit, NSW & South Australia, October 2024 https://www.nsw.gov.au/nsw-government/social-media-summit & https://www.dpc.sa.gov.au/responsibilities/social-media-summit Report by Chief Justice Robert French, Legal Examination into Social Media Access for Children https://www.premier.sa.gov.au/media-releases/news-archive/banning-social-media-for-children Government response to the Privacy Act Review Report (September 2023) https://www.ag.gov.au/rights-and-protections/publications/government-response-privacy-act-review-report eSafety Commissioner Julie Inman Grant’s speech at the Royal Society of NSW, W x 3 — The World Wide Web (we weaved)! (July 2024) https://www.youtube.com/watch?v=nSFVrIugy3E Laws not bans can make kids safer online, Carly Kind, Privacy Commissioner (November 2024) https://www.oaic.gov.au/news/blog/laws-not-bans-can-make-kids-safer-online Prime Minister and Minister for Communications media conference (November 2024) https://minister.infrastructure.gov.au/rowland/speech/press-conference-parliament-house Social Media Age Limit, Office of Impact Analysis (November 2024) https://oia.pmc.gov.au/published-impact-analyses-and-reports/social-media-age-limit Social media: the good, the bad, and the ugly – Final report, from the Joint Select Committee on Social Media and Australian Society (November 2024) https://www.aph.gov.au/Parliamentary_Business/Committees/Joint/Social_Media_and_Australian_Society/SocialMedia Statutory Review of the Online Safety Act 2021, led by Delia Rickard, released February 2025 https://minister.infrastructure.gov.au/rowland/media-release/report-online-safety-act-review-released Environment and Communications Legislation Committee inquiry into the Online Safety Amendment (Social Media Minimum Age) Bill 2024 [Provisions] (November 2025) https://www.aph.gov.au/Parliamentary_Business/Committees/Senate/Environment_and_Communications/SocialMediaMinimumAge Online Safety Amendment (Social Media Minimum Age) Bill 2024, including the explanatory memorandum and transcripts of all second reading speeches https://www.aph.gov.au/Parliamentary_Business/Bills_Legislation/Bills_Search_Results/Result?bId=r7284 Credits Written and narrated by Johanna Weaver, Executive Director, Tech Policy Design Institute. Produced by Olivia O’Flynn & Kate Montague, Audiocraft. Research by Amy Denmeade. Original music by Thalia Skopellos. Created on the lands of the Ngunnawal, Ngambri people and the Gadigal people of the Eora Nation. Special thanks to all the team at the Tech Policy Design Institute, without whom the pod would not be possible, especially Zoe Hawkins, Meredith Hodgman, and Dorina Wittmann. See omnystudio.com/listener for privacy information.

Uncommons with Nate Erskine-Smith
The Strong Borders Act? with Kate Robertson and Adam Sadinsky

Uncommons with Nate Erskine-Smith

Play Episode Listen Later Oct 1, 2025 52:41


** There are less than 10 tickets remaining for the live recording of Uncommons with Catherine McKenna on Thursday Oct 2nd. Register for free here. **On this two-part episode of Uncommons, Nate digs into Bill C-2 and potential impacts on privacy, data surveillance and sharing with US authorities, and asylum claims and refugee protections.In the first half, Nate is joined by Kate Robertson, senior researcher at the University of Toronto's Citizen Lab. Kate's career has spanned criminal prosecutions, regulatory investigations, and international human rights work with the United Nations in Cambodia. She has advocated at every level of court in Canada, clerked at the Supreme Court, and has provided pro bono services through organizations like Human Rights Watch Canada. Her current research at Citizen Lab examines the intersection of technology, privacy, and the law.In part two, Nate is joined by Adam Sadinsky, a Toronto-based immigration and refugee lawyer and co-chair of the Canadian Association of Refugee Lawyers' Advocacy Committee. Adam has represented clients at every level of court in Canada, including the Supreme Court, and was co-counsel in M.A.A. v. D.E.M.E. (2020 ONCA 486) and Canadian Council for Refugees v. Canada (2023 SCC 17).Further Reading:Unspoken Implications A Preliminary Analysis of Bill C-2 and Canada's Potential Data-Sharing Obligations Towards the United States and Other Countries - Kate Robertson, Citizen LabKate Robertson Chapters:00:00 Introduction & Citizen Lab03:00 Bill C-2 and the Strong Borders Act08:00 Data Sharing and Human Rights Concerns15:00 The Cloud Act & International Agreements22:00 Real-World Examples & Privacy Risks28:00 Parliamentary Process & Fixing the BillAdam Sadinsky Chapters:33:33 Concerns Over Asylum Eligibility in Canada36:30 Government Goals and Fairness for Refugee Claimants39:00 Changing Country Conditions and New Risks41:30 The Niagara Falls Example & Other Unfair Exclusions44:00 Frivolous vs. Legitimate Claims in the Refugee System47:00 Clearing the Backlog with Fair Pathways50:00 Broad Powers Granted to the Government52:00 Privacy Concerns and Closing ReflectionsPart 1: Kate RobertsonNate Erskine-Smith00:00-00:01Kate, thanks for joining me.Kate Robertson00:01-00:01Thanks for having me.Nate Erskine-Smith00:02-00:15So I have had Ron Debert on the podcast before. So for people who really want to go back into the archive, they can learn a little bit about what the Citizen Lab is. But for those who are not that interested, you're a senior researcher there. What is the Citizen Lab?Kate Robertson00:16-01:00Well, it's an interdisciplinary research lab based at University of Toronto. It brings together researchers from a technology standpoint, political science, lawyers like myself and other disciplines to examine the intersection between information and communication technologies, law, human rights, and global security. And over time, it's published human rights reports about some of the controversial and emerging surveillance technologies of our time, including spyware or AI-driven technologies. And it's also really attempted to produce a thoughtful research that helps policymakers navigate some of these challenges and threats.Nate Erskine-Smith01:01-02:50That's a very good lead into this conversation because here we have Bill C-2 coming before Parliament for debate this fall, introduced in June, at the beginning of June. And it's called the Strong Borders Act in short, but it touches, I started counting, it's 15 different acts that are touched by this omnibus legislation. The government has laid out a rationale around strengthening our borders, keeping our borders secure, combating transnational organized crime, stopping the flow of illegal fentanyl, cracking down on money laundering, a litany of things that I think most people would look at and say broadly supportive of stopping these things from happening and making sure we're enhancing our security and the integrity of our immigration system and on. You, though, have provided some pretty thoughtful and detailed rational legal advice around some of the challenges you see in the bill. You're not the only one. There are other challenges on the asylum changes we're making. There are other challenges on lawful access and privacy. You've, though, highlighted, in keeping with the work of the Citizen Lab, the cross-border data sharing, the challenges with those data sharing provisions in the bill. It is a bit of a deep dive and a little wonky, but you've written a preliminary analysis of C2 and Canada's potential data sharing obligations towards the U.S. and other countries, unspoken implications, and you published it mid-June. It is incredibly relevant given the conversation we're having this fall. So if you were to at a high level, and we'll go ahead and some of the weeds, but at a high level articulate the main challenges you see in the legislation from the standpoint that you wrote in unspoken implications. Walk us through them.Kate Robertson02:51-06:15Well, before C2 was tabled for a number of years now, myself and other colleagues at the lab have been studying new and evolving ways that we're seeing law enforcement data sharing and cross-border cooperation mechanisms being put to use in new ways. We have seen within this realm some controversial data sharing frameworks under treaty protocols or bilateral agreement mechanisms with the United States and others, which reshape how information is shared with law enforcement in foreign jurisdictions and what kinds of safeguards and mechanisms are applied to that framework to protect human rights. And I think as a really broad trend, what is probably most, the simplest way to put it is that what we're really seeing is a growing number of ways that borders are actually being exploited to the detriment of human rights standards. Rights are essentially falling through the cracks. This can happen either through cross-border joint investigations between agencies in multiple states in ways that essentially go forum shopping for the laws and the most locks, that's right. You can also see foreign states that seek to leverage cooperation tools in democratic states in order to track, surveil, or potentially even extradite human rights activists and dissidents, journalists that are living in exile outside their borders. And what this has really come out of is a discussion point that has been made really around the world that if crime is going to become more transient across borders, that law enforcement also needs to have a greater freedom to move more seamlessly across borders. But what often is left out of that framing is that human rights standards that are really deeply entrenched in our domestic law systems, they would also need to be concurrently meaningful across borders. And unfortunately, that's not what we're seeing. Canada is going to be facing decisions around this, both within the context of C2 and around it in the coming months and beyond, as we know that it has been considering and in negotiation around a couple of very controversial agreements. One of those, the sort of elephant in the room, so to speak, is that the legislation has been tabled at a time where we know that Canada and the United States have been in negotiations for actually a couple of years around a potential agreement called the CLOUD Act, which would quite literally cede Canada's sovereignty to the United States and law enforcement authorities and give them really a blanket opportunity to directly apply surveillance orders onto entities, both public and private in Canada?Nate Erskine-Smith06:16-07:46Well, so years in the making negotiations, but we are in a very different world with the United States today than we were two years ago. And I was just in, I was in Mexico City for a conference with parliamentarians across the Americas, and there were six Democratic congressmen and women there. One, Chuy Garcia represents Chicago district. He was telling me that he went up to ICE officials and they're masked and he is saying, identify yourself. And he's a congressman. He's saying, identify yourself. What's your ID? What's your badge number? They're hiding their ID and maintaining masks and they're refusing to identify who they are as law enforcement officials, ostensibly refusing to identify who they are to an American congressman. And if they're willing to refuse to identify themselves in that manner to a congressman. I can only imagine what is happening to people who don't have that kind of authority and standing in American life. And that's the context that I see this in now. I would have probably still been troubled to a degree with open data sharing and laxer standards on the human rights side, but all the more troubling, you talk about less democratic jurisdictions and authoritarian regimes. Well, isn't the U.S. itself a challenge today more than ever has been? And then shouldn't we maybe slam the pause button on negotiations like this? Well, you raise a number of really important points. And I think thatKate Robertson07:47-09:54there have been warning signs and worse that have long preceded the current administration and the backsliding that you're commenting upon since the beginning of 2025. Certainly, I spoke about the increasing trend of the exploitation of borders. I mean, I think we're seeing signs that really borders are actually, in essence, being used as a form of punishment, even in some respects, which I would say it is when you say to someone who would potentially exercise due process rights against deportation and say if you exercise those rights, you'll be deported to a different continent from your home country where your rights are perhaps less. And that's something that UN human rights authorities have been raising alarm bells about around the deportation of persons to third countries, potentially where they'll face risks of torture even. But these patterns are all too reminiscent of what we saw in the wake of 9-11 and the creation of black sites where individuals, including Canadian persons, were detained or even tortured. And really, this stems from a number of issues. But what we have identified in analyzing potential cloud agreement is really just the momentous decision that the Canadian government would have to make to concede sovereignty to a country which is in many ways a pariah for refusing to acknowledge extraterritorial international human rights obligations to persons outside of its borders. And so to invite that type of direct surveillance and exercise of authority within Canada's borders was a country who has refused for a very long time, unlike Canada and many other countries around the world, has refused to recognize through its courts and through its government any obligation to protect the international human rights of people in Canada.Nate Erskine-Smith09:56-10:21And yet, you wrote, some of the data and surveillance powers in Bill C-2 read like they could have been drafted by U.S. officials. So you take the frame that you're just articulating around with what the U.S. worldview is on this and has been and exacerbated by obviously the current administration. But I don't love the sound of it reading like it was drafted by AmericanKate Robertson10:22-12:43officials. Well, you know, it's always struck me as a really remarkable story, to be frank. You know, to borrow Dickens' tale of two countries, which is that since the 1990s, Canada's Supreme Court has been charting a fundamentally different course from the constitutional approach that's taken the United States around privacy and surveillance. And it really started with persons looking at what's happening and the way that technology evolves and how much insecurity people feel when they believe that surveillance is happening without any judicial oversight. And looking ahead and saying, you know what, if we take this approach, it's not going to go anywhere good. And that's a really remarkable decision that was made and has continued to be made by the court time and time again, even as recently as last year, the court has said we take a distinct approach from the United States. And it had a lot of foresight given, you know, in the 1990s, technology is nowhere near what it is today. Of course. And yet in the text of C2, we see provisions that, you know, I struggle when I hear proponents of the legislation describe it as balanced and in keeping with the Charter, when actually they're proposing to essentially flip the table on principles that have been enshrined for decades to protect Canadians, including, for example, the notion that third parties like private companies have the authority to voluntarily share our own. information with the police without any warrant. And that's actually the crux of what has become a fundamentally different approach that I think has really led Canada to be a more resilient country when it comes to technological change. And I sometimes describe us as a country that is showing the world that, you know, it's possible to do both. You can judicially supervise investigations that are effective and protect the public. And the sky does not fall if you do so. And right now we're literally seeing and see to something that I think is really unique and important made in Canada approach being potentially put on the chopping block.Nate Erskine-Smith12:44-13:29And for those listening who might think, okay, well, at a high level, I don't love expansive data sharing and reduced human rights protections, but practically, are there examples? And you pointed to in your writing right from the hop, the Arar case, and you mentioned the Supreme Court, but they, you know, they noted that it's a chilling example of the dangers of unconditional information sharing. And the commission noted to the potentially risky exercise of open ended, unconditional data sharing as well. But that's a real life example, a real life Canadian example of what can go wrong in a really horrible, tragic way when you don't have guardrails that focus and protect human rights.Kate Robertson13:31-14:56You're right to raise that example. I raise it. It's a really important one. It's one that is, I think, part of, you know, Canada has many commendable and important features to its framework, but it's not a perfect country by any means. That was an example of just information sharing with the United States itself that led to a Canadian citizen being rendered and tortured in a foreign country. Even a more recent example, we are not the only country that's received requests for cooperation from a foreign state in circumstances where a person's life is quite literally in jeopardy. We have known from public reporting that in the case of Hardeep Najjar, before he was ultimately assassinated on Canadian soil, an Interpol Red Notice had been issued about him at the request of the government of India. And the government had also requested his extradition. And we know that there's a number of important circumstances that have been commented upon by the federal government in the wake of those revelations. And it's provoked a really important discussion around the risks of foreign interference. But it is certainly an example where we know that cooperation requests have been made in respect of someone who's quite literally and tragically at risk of loss of life.Nate Erskine-Smith14:57-16:07And when it comes to the, what we're really talking about is, you mentioned the Cloud Act. There's also, I got to go to the notes because it's so arcane, but the second additional protocol to the Budapest Convention. These are, in that case, it's a treaty that Canada would ratify. And then this piece of legislation would in some way create implementing authorities for. I didn't fully appreciate this until going through that. And I'd be interested in your thoughts just in terms of the details of these. And we can make it as wonky as you like in terms of the challenges that these treaties offer. I think you've already articulated the watering down of traditional human rights protections and privacy protections we would understand in Canadian law. But the transparency piece, I didn't fully appreciate either. And as a parliamentarian, I probably should have because there's... Until reading your paper, I didn't know that there was a policy on tabling of treaties That really directs a process for introducing treaty implementing legislation. And this process also gets that entirely backwards.Kate Robertson16:09-17:01That's right. And, you know, in researching and studying what to do with, you know, what I foresee is potentially quite a mess if we were to enter into a treaty that binds us to standards that are unconstitutional. You know, that is a diplomatic nightmare of sorts, but it's also one that would create, you know, a constitutional entanglement of that's really, I think, unprecedented in Canada. But nevertheless, that problem is foreseen if one or both of these were to go ahead. And I refer to that in the cloud agreement or the 2AP. But this policy, as I understand it, I believe it was tabled by then Foreign Affairs Minister Maxime Bernier, as he was at the time, by Prime Minister Harper's government.Nate Erskine-Smith17:02-17:04He's come a long way.Kate Robertson17:07-18:12I believe that the rationale for the policy was quite self-evident at the time. I mean, if you think about the discussions that are happening right now, for example, in Quebec around digital sovereignty and the types of entanglements that U.S. legal process might impact around Quebec privacy legislation. Other issues around the AI space in Ontario or our health sector in terms of technology companies in Ontario. These treaties really have profound implications at a much broader scale than the federal government and law enforcement. And that's not even getting to Indigenous sovereignty issues. And so the policy is really trying to give a greater voice to the range of perspectives that a federal government would consider before binding Canada internationally on behalf of all of these layers of decision making without perhaps even consulting with Parliament First.Nate Erskine-Smith18:12-19:15So this is, I guess, one struggle. There's the specific concerns around watering down protections, but just on process. This just bothered me in particular because we're going to undergo this process in the fall. And so I printed out the Strong Borders Act, Government of Canada Strengthens Border Security and the backgrounder to the law. And going through it, it's six pages when I print it out. And it doesn't make mention of the Budapest Convention. It doesn't make mention of the Cloud Act. It doesn't make mention of any number of rationales for this legislation. But it doesn't make mention that this is in part, at least, to help implement treaties that are under active negotiation. not only gets backwards the policy, but one would have thought, especially I took from your paper, that the Department has subsequently, the Justice Department has subsequently acknowledged that this would in fact help the government implement these treaties. So surely it shouldKate Robertson19:15-19:57be in the background. I would have thought so. As someone that has been studying these treaty frameworks very carefully, it was immediately apparent to me that they're at least relevant. It was put in the briefing as a question as to whether or not the actual intent of some of these new proposed powers is to put Canada in a position to ratify this treaty. And the answer at that time was yes, that that is the intent of them. And it was also stated that other cooperation frameworks were foreseeable.Nate Erskine-Smith19:59-20:57What next? So here I am, one member of parliament, and oftentimes through these processes, we're going to, there's the objective of the bill, and then there's the details of the bill, and we're going to get this bill to a committee process. I understand the intention is for it to be a pretty fulsome committee hearing, and it's an omnibus bill. So what should happen is the asylum components should get kicked to the immigration committee. The pieces around national security should obviously get kicked to public safety committee, and there should be different committees that deal with their different constituent elements that are relevant to those committees. I don't know if it will work that way, but that would be a more rational way of engaging with a really broad ranging bill. Is there a fix for this though? So are there amendments that could cure it or is it foundationally a problem that is incurable?Kate Robertson20:58-21:59Well, I mean, I think that for myself as someone studying this area, it's obvious to me that what agreements may be struck would profoundly alter the implications of pretty much every aspect of this legislation. And that stems in part from just how fundamental it would be if Canada were to cede its sovereignty to US law enforcement agencies and potentially even national security agencies as well. But obviously, the provisions themselves are quite relevant to these frameworks. And so it's clear that Parliament needs to have the opportunity to study how these provisions would actually be used. And I am still left on knowing how that would be possible without transparencyNate Erskine-Smith22:00-22:05about what is at stake in terms of potential agreements. Right. What have we agreed to? If thisKate Robertson22:05-24:57is implementing legislation what are we implementing certainly it's a significantly different proposition now even parking the international data sharing context the constitutional issues that are raised in the parts of the bill that i'm able to study within my realm of expertise which is in the context of omnibus legislation not the entire bill of course yeah um but it's hard to even know where to begin um the the the powers that are being put forward you know i kind of have to set the table a bit to understand to explain why the table is being flipped yeah yeah we're at a time where um you know a number of years ago i published about the growing use of algorithms and AI and surveillance systems in Canada and gaps in the law and the need to bring Canada's oversight into the 21st century. Those gaps now, even five years later, are growing into chasms. And we've also had multiple investigative reports by the Privacy Commissioner of Canada being sent to Parliament about difficulties it's had reviewing the activities of law enforcement agencies, difficulties it's had with private sector companies who've been non-compliant with privacy legislation, and cooperating at all with the regulator. And we now have powers being put forward that would essentially say, for greater certainty, it's finders keepers rules. Anything in the public domain can be obtained and used by police without warrant. And while this has been put forward as a balancing of constitutional norms, the Supreme Court has said the opposite. It's not an all or nothing field. And in the context of commercial data brokers that are harvesting and selling our data, including mental health care that we might seek online, AI-fueled surveillance tools that are otherwise unchecked in the Canadian domain. I think this is a frankly stunning response to the context of the threats that we face. And I really think it sends and creates really problematic questions around what law enforcement and other government agencies are expected to do in the context of future privacy reviews when essentially everything that's been happening is supposedly being green lit with this new completely un-nuanced power. I should note you are certainly not alone in theseNate Erskine-Smith24:57-27:07concerns. I mean, in addition to the paper that I was talking about at the outset that you've written as an analyst that alongside Ron Deaver in the Citizen Lab. But there's another open letter you've signed that's called for the withdrawal of C2, but it's led by open media. I mean, BCCLA, British Columbia Civil Liberties Association, the Canadian Civil Liberties Association, the Canadian Council for Refugees, QP, International Civil Liberties Monitoring Group, Penn Canada, the Center for Free Expression, privacy experts like Colin Bennett, who I used be on the Privacy Committee and that were pretty regular witnesses. You mentioned the Privacy Commissioner has not signed the open letter, but the Privacy Commissioner of both Canada and the Information Commissioner of Ontario, who's also responsible for privacy. In the context of the treaties that you were mentioning, the Budapest Convention in particular, they had highlighted concerns absent updated, modernized legislation. And at the federal level, we have had in fits and starts attempts to modernize our private sector privacy legislation. But apart from a consultation paper at one point around the Privacy Act, which would apply to public sector organizations, there's really been no serious effort to table legislation or otherwise modernize that. So am I right to say, you know, we are creating a myriad number of problems with respect to watering down privacy and human rights protections domestically and especially in relation to foreign governments with relation to data of our citizens here. And we could potentially cure those problems, at least in part, if we modernize our privacy legislation and our privacy protections and human rights protections here at home. But we are, as you say, a gap to chasm. We are so woefully behind in that conversation. It's a bit of an odd thing to pass the open-ended data sharing and surveillance piece before you even have a conversation around updating your privacy protections.Kate Robertson27:07-28:13Yeah, I mean, frankly, odd, I would use the word irresponsible. We know that these tools, it's becoming increasingly well documented how impactful they are for communities and individuals, whether it's wrongful arrests, whether it's discriminatory algorithms. really fraught tools to say the least. And it's not as if Parliament does not have a critical role here. You know, in decades past, to use the example of surveillance within Quebec, which was ultimately found to have involved, you know, years of illegal activity and surveillance activities focused on political organizing in Quebec. And that led to Parliament striking an inquiry and ultimately overhauling the mandate of the RCMP. There were recommendations made that the RCMP needs to follow the law. That was an actual recommendation.Nate Erskine-Smith28:14-28:16I'm sorry that it needs to be said, but yeah.Kate Robertson28:16-29:05The safeguards around surveillance are about ensuring that when we use these powers, they're being used appropriately. And, you know, there isn't even, frankly, a guarantee that judicial oversight will enable this to happen. And it certainly provides comfort to many Canadians. But we know, for example, that there were phones being watched of journalists in Montreal with, unfortunately, judicial oversight not even that many years ago. So this is something that certainly is capable of leading to more abuses in Canada around political speech and online activity. And it's something that we need to be protective against and forward thinking about.Nate Erskine-Smith29:05-29:58Yeah, and the conversation has to hold at the same time considerations of public safety, of course, but also considerations for due process and privacy and human rights protections. These things, we have to do both. If we don't do both, then we're not the democratic society we hold ourselves out as. I said odd, you said irresponsible. You were forceful in your commentary, but the open letter that had a number of civil society organizations, I mentioned a few, was pretty clear to say the proposed legislation reflects little more than shameful appeasement of the dangerous rhetoric and false claims about our country emanating from the United States. It's a multi-pronged assault on the basic human rights and freedoms Canada holds dear. Got anything else to add?Kate Robertson30:00-30:56I mean, the elephant in the room is the context in which the legislation has been tabled within. And I do think that we're at a time where we are seeing democratic backsliding around the world, of course, and rising digital authoritarianism. And these standards really don't come out of the air. They're ones that need to be protected. And I do find myself, when I look at some of the really un-nuanced powers that are being put forward, I do find myself asking whether or not those risks are really front and center when we're proposing to move forward in this way. And I can only defer to experts from, as you said, hundreds of organizations that have called attention towards pretty much every aspect of this legislation.Nate Erskine-Smith30:57-31:44And I will have the benefit of engaging folks on the privacy side around lawful access and around concerns around changes to the asylum claim and due process from the Canadian Association of Refugee Lawyers. But as we do see this move its way through Parliament, if we see it move its way through Parliament in the fall, if they're recognizing that the call was for withdrawal, but also recognizing a political reality where if it is to pass, we want to make sure we are improving it as much as possible. If there are amendments along the way, if there are other people you think that I should engage with, please do let me know because this is before us. It's an important piece of legislation. And if it's not to be withdrawn, we better improve it as much as possible.Kate Robertson31:46-32:02I appreciate that offer and really commend you for covering the issue carefully. And I really look forward to more engagement from yourself and other colleagues in parliament as legislation is considered further. I expect you will be a witness at committee,Nate Erskine-Smith32:02-32:06but thanks very much for the time. I really appreciate it. Thanks for having me.Part 2: Adam SadinskyChapters:33:33 Concerns Over Asylum Eligibility in Canada36:30 Government Goals and Fairness for Refugee Claimants39:00 Changing Country Conditions and New Risks41:30 The Niagara Falls Example & Other Unfair Exclusions44:00 Frivolous vs. Legitimate Claims in the Refugee System47:00 Clearing the Backlog with Fair Pathways50:00 Broad Powers Granted to the Government52:00 Privacy Concerns and Closing ReflectionsNate Erskine-Smith33:33-33:35Adam, thanks for joining me.Adam Sadinsky33:35-33:36Thanks for having me, Nate.Nate Erskine-Smith33:36-33:57We've had a brief discussion about this, by way of my role as an MP, but, for those who are listening in, they'll have just heard a rundown of all the concerns that the Citizen Lab has with data surveillance and data sharing with law enforcement around the world. You've got different concerns about C2 and you represent the Canadian Association of Refugee Lawyers. What are your concerns here?Adam Sadinsky33:57-35:31I mean, our biggest concern with this bill is new provisions that create additional categories of folks ineligible to claim asylum in Canada. And specifically to have their hearings heard at the Immigration and Refugee Board. The biggest one of those categories is definitely, a bar on individuals making refugee claims in Canada one year after they have arrived in Canada, and that's one year, whether they have been in Canada for that whole year or they left at some point and came back. Those folks who have been here, who came more than a year ago, if they now fear persecution and want to make a claim for refugee protection, this bill would shunt them into an inferior system where rather than having a full hearing in their day in court.Their application will be decided by an officer of immigration, alone, sitting in the cubicle, probably, with some papers in front of them. That person is going to make an enormous decision about whether to send that person back home where they feared persecution, torture, death. Our position is that this new form of ineligibility. Is unfair. it doesn't meet the government's goals, as we understand them, and we share, we share the views of organizations like, Citizen Lab, that the bill should be withdrawn. There are other ways to do this, but this bill is fundamentally flawed.Nate Erskine-Smith35:31-35:57Let's talk about government goals. Those looking at the influx of temporary residents in Canada specifically, and I don't, and I don't wanna pick on international students, but we've seen a huge influx of international students just as one category example. And they've said, well, if someone's been here for a year and they didn't claim right away, they didn't come here to claim asylum. Because they would've claimed within that first year, presumably, you know, what's the problem with, uh, with a rule that is really trying to tackle this problem.Adam Sadinsky35:57-38:33The issue is, I mean, Nate, you had mentioned, you know, people who had come to Canada, they didn't initially claim and it didn't initially claim asylum, temporary residents. What do we do about it? I wanna give a couple of examples of people who would be caught by this provision, who fall into that category. But there's legitimate reasons why they might claim more than a year after arriving in Canada. The first is someone who came to Canada, student worker, whatever. At the time they came to Canada, they would've been safe going back home they didn't have a fear of returning back home. But country conditions change and they can change quickly. The Taliban takeover of Afghanistan in 2021, was a stark example there may have been people who came to Canada as students planning to go back to Afghanistan and rebuild their country. As the bill is currently written. If there were to be a situation like that, and there will be some other Afghanistan, there will be some other situation down the line. Those people who weren't afraid when they originally came to Canada and now have a legitimate claim, will have an inferior, process that they go through, one that is riddled with issues, examples of unfairness compared to the refugee, the regular refugee system, and a lack of protection from deportation, pending any appeal.So that's one category. A second category is people who were afraid of going back home when they came to Canada but didn't need to claim asylum because they had another avenue to remain in Canada. So the government advertised, Minister Frazier was saying this often come to Canada, come as a student and there's a well-established pathway. You'll have a study permit, you'll get a post-graduation work permit. This is what the government wanted. The rug has been pulled out from under many of those people. Towards the end of last year when Canada said, okay, it's enough, too many temporary residents. But what about the temporary residents who had a fear of returning home when they came? They went through the system the “right way,” quote unquote. They didn't go to the asylum system. they went through another path. And now they're looking at it. They say, well, you know, I came to Canada to study, but also I'm gay and I'm from a country where, if people know about that, you know, I'll be tortured. Maybe since they've been in Canada, that person in that example, they've been in a relationship, they've been posting on social media with their partner. It is very dangerous so why, why shouldn't that person claim refugee protection through regular means?Nate Erskine-Smith38:33-39:06Is this right on your read of the law as it is written right now, if someone were to come with their family when they're a kid and they were to be in Canada for over a year and then their family were to move back to either the home country or to a different country, and, they wake up as a teenager many years later, they wake up as an adult many years later and their country's falling apart, and they were to flee and come to Canada. By virtue of the fact they've been here for a year as a kid, would that preclude them from making a claim?Adam Sadinsky39:06-39:10It's even worse than that, Nate.Nate Erskine-Smith39:09-39:10Oh, great.Adam Sadinsky39:10-39:47In your example, the family stayed in Canada for more than a year. Yes, absolutely. That person is caught by this provision. But here's who else would be someone comes when they're five years old with their family, on a trip to the United States. during that trip, they decide we want to see the Canadian side of Niagara Falls. They either have a visa or get whatever visa they need, or don't need one. They visit the falls, and at that point that they enter Canada, a clock starts ticking. That never stops ticking. So maybe they came to Canada for two hours.Nate Erskine-Smith39:44-39:45Two hours and you're outta luck.Adam Sadinsky39:45-39:47They go back to the USNate Erskine-Smith39:47-39:47Oh man.Adam Sadinsky39:47-40:09They never come back to Canada again. The way that the bill is written, that clock never stops ticking, right? Their country falls apart. They come back 15 years later. That person is going to have a very different kind of process that they go through, to get protection in Canada, than someone who wouldn't be caught by this bill.Nate Erskine-Smith40:09-40:34Say those are the facts as they are, that's one category. There's another category where I've come as a student, I thought there would be a pathway. I don't really fear persecution in my home country, but I want to stay in Canada we see in this constituency office, as other constituency offices do people come with immigration help or they've got legitimate claims. We see some people come with help with illegitimate claimsAdam Sadinsky40:34-42:46We have to be very careful when we talk about categorizing claims as frivolous. There is no question people make refugee claims in Canada that have no merit. You'll not hear from me, you'll not hear from our organization saying that every 100% of refugee claims made in Canada, are with merit. The issue is how we determine. At that initial stage that you're saying, oh, let's, let's deal quickly with frivolous claims. How do you determine if a claim is frivolous? What if someone, you know, I do a lot of appeal work, we get appeals of claims prepared by immigration consultants, or not even immigration consultants. And, you know, there's a core of a very strong refugee claim there that wasn't prepared properly.Nate Erskine-Smith42:46-42:46Yeah, we see it too. That's a good point.Adam Sadinsky42:46-42:46How that claim was prepared has nothing to do with what the person actually faces back home. We have to be very careful in terms of, quick negative claims, and clearing the decks of what some might think are frivolous claims. But there may be some legitimate and very strong core there. What could be done, and you alluded to this, is there are significant claims in the refugee board's backlog that are very, very strong just based on the countries they come from or the profiles of the individuals who have made those claims, where there are countries that have 99% success rate. And that's not because the board is super generous. It's because the conditions in those countries are very, very bad. And so the government could implement policies and this would be done without legislation to grant pathways for folks from, for example, Eritrea 99ish percent success rate. However, the government wants to deal with that in terms of numbers, but there's no need for the board to spend time determining whether this claim is in the 1%, that doesn't deserve to be accepted. Our view is that 1% being accepted is, a trade off for, a more efficient system.Nate Erskine-Smith42:46-43:30Similarly though, individuals who come into my office and they've been here for more than five years. They have been strong contributors to the community. They have jobs. They're oftentimes connected to a faith organization. They're certainly connected to a community based organization that is going to bat for them. There's, you know, obviously no criminal record in many cases they have other family here. And they've gone through so many appeals at different times. I look at that and I go, throughout Canadian history, there have been different regularization programs. Couldn't you kick a ton of people not a country specific basis, but a category specific basis of over five years, economic contributions, community contributions, no criminal record, you're approved.Adam Sadinsky43:30-44:20Yeah, I'd add to your list of categories, folks who are working in, professions, that Canada needs workers in. give the example of construction. We are facing a housing crisis. So many construction workers are not Canadian. Many of my clients who are refugee claimants waiting for their hearings are working in the construction industry. And the government did that, back in the COVID pandemic, creating what was, what became known as the Guardian Angels Program, where folks who were working in the healthcare sector, on the front lines, combating the pandemic, supporting, folks who needed it, that they were allowed to be taken again out of the refugee queue with a designated, pathway to permanent residents on the basis of the work and the contribution they were doing. All of these could be done.Adam Sadinsky44:20-45:05The refugee system is built on Canada's international obligations under the refugee convention, to claim refugee protection, to claim asylum is a human right. Every person in the world has the right to claim asylum. Individuals who are claiming asylum in Canada are exercising that right. Each individual has their own claim, and that's the real value that the refugee board brings to bear and why Canada has had a gold standard. The refugee system, replicated, around the world, every individual has their day in court, to explain to an expert tribunal why they face persecution. This bill would take that away.Nate Erskine-Smith45:05-46:18Yeah, I can't put my finger on what the other rationale would be though, because why the, why this change now? Well, we have right now, a huge number over a million people who are going to eventually be without status because they're not gonna have a pathway that was originally, that they originally thought would be there. The one frustration I have sometimes in the system is there are people who have come into my office with, the original claim, being unfounded. But then I look at it, and they've been here partly because the process took so long, they've been here for over five years. If you've been here for over five years and you're contributing and you're a member of the community, and now we're gonna kick you out. Like your original claim might have been unfounded, but this is insane. Now you're contributing to this country, and what a broken system. So I guess I'm sympathetic to the need for speed at the front end to ensure that unfounded claims are deemed unfounded and people are deported and legitimate claims are deemed founded, and they can be welcomed. So cases don't continue to come into my office that are over five or over six years long where I go, I don't even care if it was originally unfounded or not. Welcome to Canada. You've been contributing here for six years anyway.Adam Sadinsky46:18-46:33But if I can interject? Even if the bill passes as written, each of these individuals is still going to have what's called a pre-removal risk assessment.Nate Erskine-Smith46:31-46:33They're still gonna have a process. Yeah, exactly.Adam Sadinsky46:33-46:55They're still gonna have a process, and they're still going to wait time. All these people are still in the system. The bill is a bit of a shell game where folks are being just transferred from one process to another and say, oh, wow. Great. Look, we've reduced the backlog at the IRB by however many thousand claims,Nate Erskine-Smith46:53-46:55And we've increased the backlog in the process.Adam Sadinsky46:55-48:25Oh, look at the wait time at IRCC, and I'm sure you have constituents who come into your office and say, I filed a spousal sponsorship application two and a half years ago. I'm waiting for my spouse to come and it's taking so long. IRCC is not immune from processing delays. There doesn't seem to be, along with this bill, a corresponding hiring of hundreds and hundreds more pro officers. So, this backlog and this number of claims is shifting from one place to another. And another point I mentioned earlier within the refugee system within the board, when a person appeals a negative decision, right? Because, humans make decisions and humans make mistakes. And that's why we have legislative appeal processes in the system to allow for mistakes to be corrected. That appeal process happens within the board, and a person is protected from deportation while they're appealing with a pro. With this other system, it's different. The moment that an officer makes a negative decision on a pro that person is now eligible to be deported. CBSA can ask them to show up the next day and get on a plane and go home. Yes, a person can apply for judicial review in the federal court that does not stop their deportation. If they can bring a motion to the court for a stay of removal.Nate Erskine-Smith48:19-48:25You're gonna see a ton of new work for the federal court. You are gonna see double the work for the federal courtAdam Sadinsky48:25-48:39Which is already overburdened. So unless the government is also appointing many, many new judges, and probably hiring more Council Department of Justice, this backlog is going to move from one place to another.Nate Erskine-Smith48:39-48:41It's just gonna be industry whack-a-mole with the backlog.Adam Sadinsky48:41-48:52The only way to clear the backlog is to clear people out of it. There's no fair way to clear folks out of it in a negative way. So the only way to do that is positively.Nate Erskine-Smith48:52-49:37In the limited time we got left, the bill also empowers the governor and council of the cabinet to cancel documents, to suspend documents. And just so I've got this clearer in my mind, so if, for example: say one is a say, one is a student on campus, or say one is on a, on a work permit and one is involved in a protest, and that protest the government deems to be something they don't like. The government could cancel the student's permit on the basis that they were involved in the protest. Is that right? The law? Not to say that this government would do that. But this would allow the government to legally do just that. Am I reading it wrong?Adam Sadinsky49:37-50:46The bill gives broad powers to the government to cancel documents. I think you're reading it correctly. To me, when I read the bill, I don't particularly understand exactly what is envisioned. Where it would, where the government would do this, why a government would want to put this in. But you are right. I would hope this government would not do that, but this government is not going to be in power forever. When you put laws on the books, they can be used by whomever for whatever reason they can they want, that's within how that law is drafted. You know, we saw down south, you know, the secretary of State a few months ago said, okay, we're gonna cancel the permits of everyone from South Sudan, in the US because they're not taking back people being deported. It's hugely problematic. It's a complete overreach. It seems like there could be regulations that are brought in. But the power is so broad as written in this law, that it could definitely be used, for purposes most Canadians would not support.Nate Erskine-Smith50:46-51:07And, obviously that's a worst case scenario when we think about the United States in today's political climate. But, it's not clear to your point what the powers are necessary for. If we are to provide additional powers, we should only provide power as much as necessary and proportionate to the goal we want to achieve. Is there anything else you want to add?Adam Sadinsky51:07-51:43I just wanna touch, and I'm sure you got into a lot of these issues, on the privacy side but. The privacy issues in this bill bleed over into the refugee system with broad search powers, um, particularly requiring service providers to provide information, we are concerned these powers could be used by CBSA, for example, to ask a women's shelter, to hand over information about a woman claiming refugee protection or who's undocumented, living in a shelter, we have huge concerns that, you know, these powers will not just be used by police, but also by Canada Border Services and immigration enforcement. I'm not the expert on privacy issues, but we see it we see the specter of those issues as well.Nate Erskine-Smith51:43-52:22That's all the time we got, but in terms of what would help me to inform my own advocacy going forward is, this bill is gonna get to committee. I'm gonna support the bill in committee and see if we can amend it. I know, the position of CARL is withdraw. The position of a number of civil society organizations is to withdraw it. I think it's constructive to have your voice and others at committee, and to make the same arguments you made today with me. Where you have. I know your argument's gonna be withdrawn, you'll say then in the alternative, here are changes that should be made. When you've got a list of those changes in detailed, legislative amendment form, flip them to me and I'll share the ideas around the ministry and around with colleagues, and I appreciate the time. Appreciate the advocacy.Adam Sadinsky52:22-52:24Absolutely. Thank you. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.uncommons.ca

Heather du Plessis-Allan Drive
Dame Kerry Prendergast: Former Mayor of Wellington talks about confidential documents being bought at dump sale

Heather du Plessis-Allan Drive

Play Episode Listen Later Sep 26, 2025 1:59 Transcription Available


A former Wellington City Mayor has met with the Council CEO after her private papers were among confidential documents found in a desk bought from a dump sale. A man bought the desk at a city tip-shop and found termination agreements, whistleblower allegations, and staff pay details inside - dating from the 1980s to the 2000s. The council has launched a investigation and contacted the Privacy Commissioner. Dame Kerry Prendergast says it's appalling the documents have gotten out but says the meeting was reassuring. LISTEN ABOVESee omnystudio.com/listener for privacy information.

Communism Exposed:East and West
Canada's Privacy Commissioner Says TikTok Collected Children's Sensitive Data

Communism Exposed:East and West

Play Episode Listen Later Sep 24, 2025 3:36


Heather du Plessis-Allan Drive
Full Show Podcast: 23 September 2025

Heather du Plessis-Allan Drive

Play Episode Listen Later Sep 23, 2025 100:53 Transcription Available


On the Heather du Plessis-Allan Drive with Ryan Bridge Full Show Podcast for Tuesday 23rd September 2025, Workplace Relations Minister Brooke van Velden talks through the changes to our annual and sick leave entitlements. Ryan asks NZ First Deputy Leader Shane Jones whether the party is playing politics by invoking its "agree to disagree" clause over the government's latest immigration changes. We hear Autism New Zealand's reaction to the Trump's administrations "discovery" around the condition. And the Privacy Commissioner has a warning for retailers who post CCTV video and images of apparent shoplifters on social media. Get the Heather du Plessis-Allan Drive Full Show Podcast every weekday evening on iHeartRadio, or wherever you get your podcasts. LISTEN ABOVESee omnystudio.com/listener for privacy information.

Heather du Plessis-Allan Drive
Michael Webster: Privacy Commissioner reveals retailers' use of shoplifters' images may breach privacy law

Heather du Plessis-Allan Drive

Play Episode Listen Later Sep 23, 2025 2:51 Transcription Available


The Privacy Commissioner has issued a warning for retailers who aim to publicly shame shoplifters. The Commissioner says businesses posting CCTV footage and images of crimes on social media causes 'real harm' - and doing so breaks privacy laws. Michael Webster says many of these images are posted to shame the perpetrators as opposed to sharing information - which breaches the Privacy Act. LISTEN ABOVESee omnystudio.com/listener for privacy information.

SBS Urdu - ایس بی ایس اردو
Regulator says Kmart's use of facial recognition technology breached privacy laws - Kmart پر صارفین کی پرائیویسی کی خلاف ورزی کا الزام

SBS Urdu - ایس بی ایس اردو

Play Episode Listen Later Sep 22, 2025 4:37


Retail giant Kmart has been accused of violating customers' privacy with its use of facial recognition. The company says it trialled the technology to tackle increased theft and fraud and is considering appealing the Privacy Commissioner's ruling. - آسٹریلیا ریٹیل کی دنیا کے بڑے نام Kmart پر الزامات لگے ہیں کہ اُس نے فیشل ریکگنیشن ٹیکنالوجی استعمال کر کے اپنے صارفین کی پرائیویسی کی خلاف ورزی کی ہے تاہم کمپنی کا کہنا ہے کہ یہ ٹیکنالوجی صرف چوری اور فراڈ سے نمٹنے کے لیے آزمائشی طور پر استعمال کی گئی تھی، اور وہ اب پرائیویسی کمشنر کے فیصلے کے خلاف اپیل پر غور کر رہی ہے۔

SBS Mandarin - SBS 普通话电台
Regulator says Kmart's use of facial recognition technology breached privacy laws - 零售巨头Kmart使用人脸识别技术采集顾客数据 被指侵犯隐私

SBS Mandarin - SBS 普通话电台

Play Episode Listen Later Sep 19, 2025 4:54


Retail giant Kmart has been accused of violating customers' privacy with its use of facial recognition. The company says it trialled the technology to tackle increased theft and fraud and is considering appealing the Privacy Commissioner's ruling. - 零售巨头Kmart因使用人脸识别技术,被指侵犯顾客隐私。该公司表示,相关技术原为应对日益增加的盗窃与欺诈行为而试行,现正考虑对隐私专员的裁决提出上诉。点击 ▶ 收听完整报道。

SBS World News Radio
Regulator says Kmart's use of facial recognition technology breached privacy laws

SBS World News Radio

Play Episode Listen Later Sep 18, 2025 4:59


Retail giant Kmart has been accused of violating customers' privacy with its use of facial recognition. The company says it trialled the technology to tackle increased theft and fraud and is considering appealing the Privacy Commissioner's ruling.

NZ Tech Podcast
Data Privacy, Biometric Regulations and Telco Competition

NZ Tech Podcast

Play Episode Listen Later Aug 12, 2025 61:35


Listen in with host Paul Spain and tech journalist Bill Bennett for a thought-provoking discussion on the government's proposed road user charges and what data tracking in vehicles really means for privacy and everyday Kiwis. Motorola's One NZ partnership and new Phone lineup, Privacy Commissioner's new rules on biometric data, the challenges of cloud and data centre infrastructure, Spark's recent business shifts, and why satellite broadband is shaking up the telco market. If you care about privacy, tech innovation, or how global giants and local players are shaping the future, this episode is packed with insights you won't want to miss. Thanks to our Partners One NZ, Workday, 2degrees, HP, Spark and Gorilla Technology

PULSE
Bringing Joy to Medicine with Participatory Medicine. Guest: Dr Danny Sands (Part 2)

PULSE

Play Episode Listen Later Aug 7, 2025 71:15


GenAI as Therapist A New York Times op-ed explores how people are using ChatGPT for therapeutic conversations and emotional processing, raising questions about whether AI companions represent innovative digital self-care or a concerning workaround for unmet mental health needs.USA's "Make HealthTech Great Again" Pledge The White House hosted a summit with 60+ tech companies to sign a HealthTech Ecosystem pledge promoting data interoperability and AI in healthcare, though questions remain about whether this represents genuine reform or just encourages data sharing with private platforms while healthcare infrastructure gets decimated.Australia Gets Tough on De-Identification Australia's Privacy Commissioner issued new guidance clarifying that supposedly "de-identified" health data used for AI training may still qualify as personal information, potentially ending the era of inadequately anonymised data sharing and pushing the industry toward synthetic data or on-premise learning.OpenAI's Kenya Study: Clinical Copilot in Action OpenAI's real-world study with Penda Health in Kenya showed their GPT-4o clinical copilot reduced diagnostic errors by 16% and treatment errors by 13% across 40,000 patient visits, demonstrating measurable improvements when AI is properly integrated into clinical workflows.George and Louise chat with Dr Danny Sands - Pioneer of participatory medicine, discusses the origins of the e-patient movement and participatory medicine, from early email communication with patients and exploring how to maintain human connection while embracing technological advancementConnect with Danny on LinkedInResources:NY Times I'm a Therapist. ChatGPT Is Eerily Effective LinkAustralian Privacy Commissioner ruling LinkSands (2025) From Internet to Artificial Intelligence (Al) Bots: Symbiotic Evolutions of Digital Technologies and e-Patients LinkShout outs to: Liz Salmi, ePatientDave, Danny Sands, Ian Opperman, Gavin Andrews, Dr Amit Thacker Africa Health BusinessVisit Pulse+IT.news to subscribe to breaking digital news, weekly newsletters and a rich treasure trove of archival material. People in the know, get their news from Pulse+IT – Your leading voice in digital health news.Follow us on LinkedIn Louise | George | Pulse+ITFollow us on BlueSky Louise | George | Pulse+ITSend us your questions pulsepod@pulseit.newsProduction by Octopod Productions | Ivan Juric

RNZ: Nine To Noon
Stricter rules introduced for using facial recognition tech

RNZ: Nine To Noon

Play Episode Listen Later Aug 5, 2025 24:00


The final biometrics code, which governs how technology such as facial recognition, is collected and used, has just been released by the Office of the Privacy Commissioner. 

#onpoli, a TVO podcast
Project Ontario, Greenbelt Code Words, and the Eglinton LRT

#onpoli, a TVO podcast

Play Episode Listen Later Jun 20, 2025 46:48


Project Ontario is a grassroots organization calling on the Ontario government to adopt more fiscally conservative policies. But how does their charge stand up against Premier Doug Ford's three majority governments? Steve Paikin and John Michael McGrath discuss what conservatives are saying. A new report from the Information and Privacy Commissioner of Ontario revealed that Doug Ford's staff members were using code words to talk about the Greenbelt deal. Steve and John Michael discuss the revelations and the connection to Ford's comments on First Nations relationships surrounding Bill 5. The Toronto Transit Commission has been given the keys to the Eglinton Light Rail Transit line, so does that mean an opening date is in sight? Steve and JMM discuss why people still need to hold their horses as the line heads into a long period of stress testing. Steve's column: https://www.tvo.org/article/analysis-how-the-1985-election-changed-ontario-politics-forever JMM's column: https://www.tvo.org/article/analysis-could-ontarios-recycling-changes-leave-cities-holding-the-bag Credit: T-shirt image of Frank Miller - Anthony Miles/King's Printer for Ontario/wikipedia.orgSee omnystudio.com/listener for privacy information.

RNZ: Morning Report
Privacy Commissioner on facial recognition tech in supermarkets

RNZ: Morning Report

Play Episode Listen Later Jun 3, 2025 5:20


The Privacy Commissioner says facial recognition technology in North Island supermarkets has potential safety benefits, despite raising significant privacy concerns. Commissioner Michael Webster spoke to Corin Dann.

RNZ: Morning Report
Morning Report Essentials for Wednesday 4 June 2025

RNZ: Morning Report

Play Episode Listen Later Jun 3, 2025 29:13


In today's episode, according to results out on Wednesday morning, the left bloc would have enough support to govern, the Privacy Commissioner says facial recognition technology in North Island supermarkets has potential safety benefits, despite raising significant privacy concerns, after a shareholders meeting on Tuesday media company NZME - which owns the New Zealand Herald and Newstalk ZB - has a revamped board and an historic ship at the Paihia waterfront in Northland has been 90 percent destroyed by fire.

Cyber Security Today
FBI Saves Millions and Lives in Cyber Hacking Take Down: Cyber Security Today for February 15, 2025

Cyber Security Today

Play Episode Listen Later Feb 14, 2025 9:51 Transcription Available


Cybersecurity Today: North Korean Hacks, AI Memory Breach, and School Data Comprimise In this episode of Cybersecurity Today, host Jim Love covers a range of crucial topics in the cybersecurity landscape. North Korean hackers are using new social engineering tactics to infiltrate systems by posing as South Korean officials, while prompt injection attacks are compromising the long-term memory of Google's Gemini AI. Canada's Privacy Commissioner is investigating a significant data breach affecting students' personal information in PowerSchool, and the FBI's Operation Level Up is tackling cryptocurrency investment frauds, potentially saving victims millions. Get the latest insights and stay informed on how to protect yourself against these evolving threats. 00:00 Introduction and Headlines 00:23 North Korean Hackers' New Tactics 02:35 Prompt Injection Attacks on AI 04:37 Canada's PowerSchool Data Breach 06:38 FBI's Operation Level Up 09:20 Conclusion and Upcoming AI Show

Dark Poutine - True Crime and Dark History
BONUS. EPISODE — Cybercrime in Canada: Staying Safe Online

Dark Poutine - True Crime and Dark History

Play Episode Listen Later Oct 16, 2024 49:33


This bonus episode of Dark Poutine is brought to you by MasterCard. In this special episode, we're exploring a growing threat hitting more close to home than ever—cybercrime. We've dived deep into all sorts of dark tales before, but this one is a bit different because it's happening right now, affecting people and businesses across Canada.   Sources: Mastercard Trust Centre | Cybersecurity Solutions for Every Business mastercard.ca/trust webcrunchers.com | Wayback Machine Elk Cloner John Draper Michael Calce Mafiaboy's story points to Net weaknesses Meet Mafiaboy, The 'Bratty Kid' Who Took Down The Internet 'Mafiaboy' breaks silence, paints 'portrait of a hacker' | CNN A Q&A with MafiaBoy Canadian Centre for Cyber Security Financial Transactions and Reports Analysis Centre of Canada | FinTRAC Cyber attacks in Canada | Konbriefing.com Why Canada has so many cyberattacks—and why we're all at risk | MacLeans Cyber attacks are getting easier, experts warn after 3rd federal incident | GlobalNews National Equifax hacked: Canadians among those exposed by credit monitoring company's data breach - National PIPEDA Findings #2019-001: Investigation into Equifax Inc. and Equifax Canada Co.'s compliance with PIPEDA in light of the 2017 breach of personal information - Office of the Privacy Commissioner of Canada Am I Impacted? | LifeLabs LifeLabs hack: What Canadians need to know about the health data breach | GlobalNews Privacy breach alerts and information | Province of NS Cyber Incident | ADSC Ticketmaster Data Security Incident Cyber security and cybercrime challenges of Canadian businesses, 2017 The Daily — Impact of cybercrime on Canadian businesses, 2021 Canadian Small Business Cybersecurity Survival Guide - Canadian Chamber of Commerce Nearly half of small businesses have experienced random cyberattacks in the past year | CFIB Ransomware/ Cyber Incident | Toronto Zoo Baseline cyber threat assessment: Cybercrime - Canadian Centre for Cyber Security Cyber Attacks in Canada 2023: A Year in Review Criminal hackers 'very likely' to pose threat to national security, economy in near term: report | CBC News Data Responsibility & Governance Practices | Personal Data Security Cybercrime: an overview of incidents and issues in Canada | RCMP Significant Cyber Incidents | Strategic Technologies Program | CSIS National Cyber Threat Assessment 2023-2024 | Canadian Centre for Cyber Security Learn more about your ad choices. Visit megaphone.fm/adchoices