Intellectual Property and Information Technology

By Paul K. Grower

On July 1, 2017, Canada will be “celebrating” the third anniversary of Canada’s Anti-Spam Legislation—generally known as CASL.

Whether a celebration is warranted is questionable. While the legislation was purportedly designed to protect Canadians from spam, its actual effect on what we would all term “spam” is arguably negligible. Rather, it has created a tremendous amount of work for legitimate Canadian businesses in an effort to comply with a very difficult law.

Furthermore, with a private right of action scheduled to become available on July 1, 2017, contraventions of CASL will most certainly result in businesses (and in the case of corporations, also their directors and officers) being sued for damages. While CASL provides for compensatory damages, it also provides for statutory damages of $200 for each contravention of CASL to a maximum of $1 million per day, making such CASL claims rife for class actions.

Read more: Is your business ready for CASL’s private right of action?

In 2016, a General Regulation on personal data protection was adopted – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR). The regulation introduces new obligations for personal data controllers and processors. By 25 May 2018 all controllers should bring their personal data processing activities in conformity with the regulation. The Regulation significantly increases the maximum fines and pecuniary sanctions imposed for violations of data protection legislation -upto 20.000.000 euroor upto 4 % ofthe total worldwide annual turnover of the preceding financial year, whichever is higher.

Read more: New regulations on personal data protection in the EU

Tough new EU laws mean businesses could be liable for fines of up to 20 million euros (£17m) or 4% of their worldwide turnover, warns leading law firm Blake Morgan.

The law firm warns that many organisations across the public and private sectors are not prepared for the changes as it launches a free guide on its website to mark the one-year countdown to General Data Protection Regulation (GDPR).

GDPR comes into force on May 25 next year and all organisations which retain or process personal information will need to comply. 

Read more: Leading law firm Blake Morgan advises firms to act now to avoid multi-million pound fines under...

By: Kevin D. Pomfret, Anthony H. Anikeeff & Kelsey S. Farbotko

Many companies from around the globe are continuing their recovery efforts after a massive ransomware attack affected hundreds of thousands of computers across various industries and throughout several nations.  Ransomware is a type of malware that encrypts files on infected networks, rendering them useless, and then issues a ransom demand, often in Bitcoin, for the decryption of the data.[i]  On Friday, a ransomware variant known as “WannaCry,” which was purportedly generated and disseminated using a stolen National Security Agency toolkit, spread rapidly throughout approximately 150 countries, affecting organizations such as the British National Health Service, Federal Express, and Nissan.[ii]  The National Health Service in Britain was particularly hard hit with at least 40 organizations affected, leaving critical data such as patient and scheduling data and email unavailable.[iii]

Read the entire article.

Many key players in the global hospitality industry have fallen victim to cyber-attacks over recent years, including the Hilton, the Trump Hotels and the Mandarin Oriental.

Why are these businesses such tasty targets?

We’re talking about hotels, restaurants and other retail outlets which process (and store) customer data all day, every day.

Read more: Hospitality industry – Don’t be Hospitable to Cyber Attackers