Lexpert quotes Toronto and Quebec City lawyers Daniel Fabiano and Kateri-Anne Grenier in an article on federal government proposed privacy legislation.
And although the proposed changes are described as “momentous” for business — with some anticipating pushback due to potential fines in the millions or billions of dollars for data breaches — the modernization is “sorely needed,” says Daniel Fabiano, a partner at Fasken Martineau DuMoulin LLP in Toronto.
“Quebec privacy law is a creature of the 1990s; it does not speak in the language of today’s economy. PIPEDA [the federal Personal Information Protection and Electronic Documents Act] is a creature of 2000, and the British Columbia and Alberta equivalents to PIPEDA came into force a few years after that. So, we’re overdue for some reform and some modernization,” he says.
For smaller companies, the cost of these attacks is proportionately very high, says Fabiano’s colleague Kateri-Anne Grenier, a partner at Fasken in Quebec City. The loss of business, reputation and providing compensatory credit monitoring to perhaps 100,000 people can be pricey, she notes, and today even smaller companies are purchasing cyber-insurance.