The reports from @PrivacyPrivee ( https://priv.gc.ca/en/opc-actions-and-decisions/investigations/investigations-into-businesses/2020/pipeda-2020-005/) and @CAI_Quebec ( https://www.cai.gouv.qc.ca/communique-cai-decision-enquete-desjardins/) into the #Desjardins data breach were released today. Bottom line - a major failure or internal security safeguards. @uOttawaTechLaw
What might be different if #BillC11 were in effect? The Commissioner could recommend the imposition of a monetary penalty. The new Data Tribunal would hold a hearing to decide if a penalty should be imposed - and penalties can be substantial. But...
Penalties are "to promote compliance with the Act and not to punish" (s. 94(6)), and the Findings say the complaint is conditionally resolved by the company's willingness to comply with the Comm'r's recommendations.
So this may not be the type of conduct for which penalties were intended. Of course, the class action lawsuits will be brutal - with or without C-11.
You can follow @TeresaScassa.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.