Osgoode Alumnus Archives - IPOsgoode /osgoode/iposgoode/category/osgoode-alumnus/ An Authoritive Leader in IP Mon, 09 May 2022 16:00:41 +0000 en-CA hourly 1 https://wordpress.org/?v=6.9.4 European Parliament and Council Reach Digital Regulation First with Provisional Agreement on The Digital Services Act /osgoode/iposgoode/2022/05/09/european-parliament-and-council-reach-digital-regulation-first-with-provisional-agreement-on-the-digital-services-act/ Mon, 09 May 2022 16:00:41 +0000 https://www.iposgoode.ca/?p=39533 The post European Parliament and Council Reach Digital Regulation First with Provisional Agreement on The Digital Services Act appeared first on IPOsgoode.

]]>
M. Imtiaz Karamat is an IP Osgoode Alumnus and Associate Lawyer at Deeth Williams Wall LLP. This article was originally posted on on May 4, 2022.

On April 23, 2022, the European Parliament and Council reached a provisional politicalĚýĚýon the Digital Services Act (DSA). Based on the principle that what is illegal offline should be illegal online, the DSA imposes digital regulations with the goal of stopping the spread of illegal content and ensuring the protection of users’ rights.

The rules set out in the DSA primarily apply to online intermediaries and platforms providing services in the European Union (EU), including online marketplaces, social networks, content-sharing platforms, and app stores. The legislation will impose obligations on regulated entities that are proportionate to the nature of their services and size of their user-base. For example, very large online platforms (VLOPs) and very large online search engines (VLOSEs) with more than 45 million active monthly users will have more stringent responsibilities than micro and small enterprises.

The DSA is set to impose a series of new requirements that will have a significant impact on online business:

  1. Online Marketplaces: The DSA will impose a duty of care on online marketplaces in relation to the sellers who list items or services for sale on the platforms. These marketplaces will also have to collect and display certain information in association with listings to better inform consumers.
  2. Risk Management: VLOPs and VLOSEs will be obligated to carry out an annual risk reduction analysis aimed at reducing risks associated with (i) the dissemination of illegal content; (ii) adverse effect on fundamental rights; (iii) the manipulation of services that affect democratic processes or public security; and (iv) adverse effects on gender-based violence, minors, and users’ health.
  3. Dark Patterns: The DSA will prohibit the use of confusing or deceptive user interfaces and practices that are aimed at misleading users.
  4. Recommendation Systems: To improve transparency, the DSA will mandate that VLOPs and VLOSEs offer systems for recommending content to users that is not based on their profiling.Ěý
  5. Crisis Response Mechanism: Influenced by the conflict in Ukraine, the DSA allows the European Commission to analyze the impact of VLOPs and VLOSEs on a crisis that is affecting public health or security. Based on this analysis, the European Commission may put in place select measures for the respect of fundamental rights.
  6. Minors: Platforms will have to implement protection measures to ensure the online safety of minors, including prohibitions against targeted advertisements based on minors’ personal data.

The provisional agreement is subject to approval by the European Council and Parliament. Once adopted, the DSA will apply 15 months or from January 1, 2024, whichever is later, after entry into force. For the VLOPs and VLOSEs, the DSA will apply four months after their designation.

The post European Parliament and Council Reach Digital Regulation First with Provisional Agreement on The Digital Services Act appeared first on IPOsgoode.

]]>
Hackers aren't only in Movies?! The Rise of Ransomware Incidents in Canada and what Canadians can do about it /osgoode/iposgoode/2022/03/17/hackers-arent-only-in-movies-the-rise-of-ransomware-incidents-in-canada-and-what-canadians-can-do-about-it/ Thu, 17 Mar 2022 16:00:59 +0000 https://www.iposgoode.ca/?p=39290 The post Hackers aren't only in Movies?! The Rise of Ransomware Incidents in Canada and what Canadians can do about it appeared first on IPOsgoode.

]]>
Emily Xiang is an is an IPilogue Writer, President of the Intellectual Property Society of Osgoode (IPSO), and a 2L JD Candidate at Osgoode Hall Law School.

Ěý

Imtiaz Karamat is an IP Osgoode Alumnus and Associate Lawyer at Deeth Williams Wall LLPĚýwhoĚýpractices in the areas of intellectual property and information technology law.

This article was on the OBA’s Information Technology and Intellectual Property Law Section’s .Ěý

The threat of cyber attacks is no longer restricted to TV shows and movies, with cyber security incidents like ransomware attacks becoming far more frequent in daily life. While the COVID-19 pandemic may have slowed many aspects of society, ransomware has seen a marked increase in recent years around the globe – and Canada is no exception.

THE GROWING RANSOMWARE THREAT

Ransomware incidents involve threat actors infiltrating an organization’s defenses and deploying malware to prevent the company from accessing its information. Though the specific tactic may differ between threat actors, users will ultimately find themselves unable to access vital data and key systems unless the organization pays a ransom to the threat actors, usually in the form of digital currency. During the incident, threat actors may also extract data from the company’s network, which can have serious privacy consequences for the organization and its customers. Not only will their data be in the hands of an unknown party, but in many cases, threat actors may threaten to publish the exfiltrated information online if the organization refuses to provide them with payment. Ěý

Ransomware saw record-breaking numbers last year. By the end of the first half of 2021, global ransomware attacks hadĚýĚýby 151% as compared to the previous year, with ransom payments of up to CAD$48.4M being paid out to hackers. In Canada, the Canadian Centre for Cyber Security (the Cyber Centre) has knowledge of at leastĚýĚýthat occurred over the course of 2021 (though, it is important to note that the majority of ransomware attacks go unreported). Out of the known ransomware incidents that were reported to the Cyber Centre, more than half involved critical infrastructure providers. However, the Office of the Privacy Commissioner of Canada (the OPC) stressesĚýĚýfrom an attack, as incidents of ransomware have occurred indiscriminately since 2020 in not-for-profit, professional, financial, transportation, manufacturing, and retail sectors.

The increase in ransomware incidence and scope in recent years is partly attributed to the growing sophistication with which cyberattacks may now be conducted. A number ofĚýĚýin ransomware have arisen, and are rapidly changing the cybercrime landscape. For instance, ransomware-as-a-service (RaaS) is a model that allows developers to sell and/or lease ransomware to cybercriminals whilst being paid a percentage of the profit. These kinds of schemes allow an increased number of unskilled threat actors to get a hold of sophisticated ransomware technology, while providing skilled attackers the opportunity to profit from the mass distribution of their work. The world has also seen an increase in victims of high-impact targeting, wherein more targeted attacks are being launched at supply chains and essential services in order to maximize potential victims and profits. For instance, many threat actors have leveraged the COVID-19 pandemic to aim at high-impact targets that have become especially vital in current circumstances, such as emergency medical services and law enforcement agencies. As stated by chief information officerĚýĚýat UTHealth in Houston, “[a]ttackers [targeting hospitals] understand that we’re talking about life and death. There’s a great incentive to just pay and get the thing unlocked so we can treat patients.” In finding more opportune ways to breach vulnerable organizations, threat actors are demonstrating that their targeting schemes are becoming increasingly sophisticated, as well as strategic.

SEVERE FALLOUT FROM ATTACKS

Ransomware attacks may have far-reaching implications on company operations. On May 7th, 2021, American oil companyĚýĚýfell victim to a ransomware attack that immobilised several of its computerized equipment systems. As a result, operations for the largest fuel pipeline in the US were temporarily suspended, resulting in price spikes and fuel shortages for millions of Americans. Even more recently, global human resources company Ultimate Kronos Groups (UKG) was also hit with a ransomware attack on December 11th, 2021, resulting in a worldwide shutdown of their cloud services. The incident impacted millions of users, with employees who relied on UKG’s cloud system reporting paychecks short byĚý, as their employers struggled to find alternative means for managing payroll. Kronos is known toĚýĚýtens of thousands of organizations – including half of the Fortune 100 – and more than 40 million people in over 100 countries everyday, including businesses in Canada.

A CALL FOR ACTION

The Cyber CentreĚýĚýthat ransomware will continue to pose a threat to national security and economic prosperity in 2022. They also predict that threat actors utilizing ransomware will likely become increasingly aggressive in their operations and targeting schemes. Similarly, the OPCĚýĚýthe potential harm that can result from this type of attack and considers such incidents to meet the real risk of significant harm threshold under theĚýPersonal Information Protection and Electronic Documents Act. As part of an ongoing, national effort to mitigate the effects of ransomware and related cyber threats, theĚýĚýto take this matter seriously and address it head-on through adopting proper security measures.

PREPARING FOR RANSOMWARE ATTACKS

Cyber Security Preparations

To assist organizations in their cybersecurity preparation, the Cyber Centre recently released aĚýĚý(the Playbook) with guidance on how to defend against and recover from cyberattacks. It recommends that businesses implement cyber defence planning strategies, such as preparing multiple backup systems ahead of time. Backup systems provide organizations with a copy of their data, which can then be used for restoration activities in the wake of a ransomware attack. When developing a plan for implementing backup systems, it may be useful to contemplate the frequency and extent that the data should be backed up and storage considerations for the backup systems. The Cyber Centre advises that backups stored online within the organization or on a cloud platform are more commonly susceptible to ransomware attack, while backup systems stored offline, in a separate physical location from the main business site and disconnected from its networks, offer the most protection against ransomware incidents.

In addition to preparing backups, the Playbook has details on different cyber security controls that can be implemented as part of the organization’s defenses. For example, having multi-factor authentication (MFA) in place on company devices may assist in thwarting off threat actors. It may also serve to hinder threat actors from gaining full access to target systems in the event thatĚýtheyĚýareĚýsuccessful in getting past initial IT defenses. In addition to MFA, businesses may want to consider having a system that can continuously monitor their network and establish an acceptable baseline of activity. This can be used to flag anomalies in activity patterns and sound the alarm when there is a potential risk to the organization.

Planning Ahead

Apart from having technical controls, it may be prudent to consider creating plans that serve as reference guides during ransomware incidents. The Cyber CentreĚýĚýcreating an incident response plan that is geared towards cyber defense strategy, including detecting and responding to an attack. The incident response plan can include the objectives, stakeholders, responsibilities, communication methods, and escalation processes that are involved in the response strategy. To formulate this plan, organizations may want to conduct a risk assessment of their assets and identify the potential consequences that would result from them being compromised, so as to discern the business’ response priorities. When drafting the incident response plan, it may be beneficial to keep the plan simple and flexible, so that it can be easily adapted to the circumstances of the actual event.

To compliment the incident response plan, businesses could consider developing a disaster recovery plan that focuses on resuming operations after a ransomware incident. The Cyber CentreĚýĚýthat an effective plan should identify the entity’s critical information (e.g. financial records, proprietary assets, etc.), their most essential systems that are required for business continuity, and their most vital business functions. Once a plan is formulated, multiple trial runs should be conducted to determine potential areas for improvement.

More Options

In addition to the above ransomware-specific guidance, theĚýĚýmay offer insight for organizations looking to improve their cybersecurity foundation. This program is mainly aimed at small and medium-sized businesses, but welcomes enrolment from all organizations in Canada. As part of the program, businesses are required to adopt measures in certain baselineĚýĚýthat reflect industry-accepted best practices and target key considerations for the organization’s systems and employees. Furthermore, implementing these controls has the added benefit of fulfilling prerequisites for the Government of Canada’sĚý. The certification is valid for two years and can beĚýĚýat the organization’s physical location and on its website to let others know that their business has met the standard.

CYBER INSURANCE

When preparing for ransomware attacks, organizations may want to consider how they would fund response efforts in the event that a threat actor manages to get through their defences. Though a business is already insured, traditional insurance policies may provide limited or no coverage for cyber attacks. Reviewing one’s current insurance policy and acquiring adequate cyber coverage where it is lacking is a crucial step that should not be left out of any discussion on ransomware preparation.

MOVING FORWARD

In our current technological landscape, ransomware attacks and other cyber security incidents have unfortunately become a daily reality of doing business in Canada and around the world. In light of the rising threat, organizations are encouraged to approach the matter with equal tenacity. By taking the appropriate proactive measures, we can better safeguard our activities and mitigate the impact of ransomware attacks on our businesses.

The post Hackers aren't only in Movies?! The Rise of Ransomware Incidents in Canada and what Canadians can do about it appeared first on IPOsgoode.

]]>
OSFI Launches Consultation On Draft Technology And Cyber Risk Management Guideline /osgoode/iposgoode/2021/11/26/osfi-launches-consultation-on-draft-technology-and-cyber-risk-management-guideline/ Fri, 26 Nov 2021 17:00:00 +0000 https://www.iposgoode.ca/?p=38698 The post OSFI Launches Consultation On Draft Technology And Cyber Risk Management Guideline appeared first on IPOsgoode.

]]>
M. Imtiaz Karamat is an IP Osgoode Alumnus and Associate Lawyer at Deeth Williams Wall LLP. This article was originally posted on .

On November 9, 2021, the Office of the Superintendent of Financial Institutions (OSFI)ĚýĚýa public consultation on Draft Guideline B‑13: Technology and Cyber Risk Management (the Guideline). It applies to federally regulated financial institutions (FRFIs) and addresses OSFI’s expectations in relation to technology and cyber risks.

The Guideline is organized into five domains, with each domain describing OSFI’s desired outcome for FRFIs in a certain aspect of technology and cyber risk management:

  1. Governance and Risk Management:Ěýthe FRFI has a clear framework and comprehensive strategy to govern technology and cyber risks.
  2. Technology Operations:Ěýthere isĚýa resilient and scalable technology environment in place that is kept up-to-date by robust operating processes.
  3. Cyber Security:Ěýthe FRFI is able to maintain the confidentiality, integrity, and availability of technology assets.
  4. Third-Party Provider Technology and Cyber Risk:Ěýthird-party providers deliver reliable and secure technology and cyber operations to the FRFI.
  5. Technology Resilience:Ěýthe FRFI has proper disaster recovery capabilities that allows the delivery of technology services through operational disruption.

In its announcement of the consultation, OSFI commented on the importance of stakeholder engagement to strike the appropriate balance between its prudential objectives, while still allowing financial institutions to compete. Accordingly, OSFI welcomes public feedback on the Guideline and is especially interested in feedback that addresses the clarity and application of their outlined expectations, the balance between principles and prescriptiveness in these expectations, and other suggestions that relate to OSFI’s mandate.

The consultation is open until February 9, 2022 and comments can be submitted atĚýTech.Cyber@osfi-bsif.gc.ca.

The post OSFI Launches Consultation On Draft Technology And Cyber Risk Management Guideline appeared first on IPOsgoode.

]]>
Office Of The Privacy Commissioner Of Canada Releases Observations Following Global Initiative On Privacy Expectations For Video Teleconferencing Companies /osgoode/iposgoode/2021/11/12/office-of-the-privacy-commissioner-of-canada-releases-observations-following-global-initiative-on-privacy-expectations-for-video-teleconferencing-companies/ Fri, 12 Nov 2021 17:00:28 +0000 https://www.iposgoode.ca/?p=38626 The post Office Of The Privacy Commissioner Of Canada Releases Observations Following Global Initiative On Privacy Expectations For Video Teleconferencing Companies appeared first on IPOsgoode.

]]>
M. Imtiaz Karamat is an IP Osgoode Alumnus and Associate Lawyer at Deeth Williams Wall LLP. This article was Originally posted on E-TIPS™ For Deeth Williams Wall LLP on November 10, 2021.

On October 27, 2021, the Office of the Privacy Commissioner of Canada (the OPC)ĚýĚýobservations following a series of international engagements between data protection and privacy authorities around the world and four of the biggest video teleconferencing (VTC) companies: Microsoft, Cisco, Zoom, and Google (the Organizations).

Earlier this year, the OPC, along with privacy authorities from Australia, Gibraltar, Hong Kong SAR, China, Switzerland and the United Kingdom (the Joint Signatories), sent anĚýĚýto several VTC companies commenting on the rapid recent expansion of VTC services and highlighting their concerns about whether the companies were implementing appropriate privacy safeguards in their platforms. The Organizations responded to the Joint Signatories’ open letter and described how they account for privacy principles in the design and development of their VTC services. This initial response led to a series of video calls between the Joint Signatories and the Organizations to discuss how the Organizations implement, monitor, and validate their privacy and security measures.

In its observations, the OPC discusses key areas that the Joint Signatories recognized as examples of good practice and recommended for adoption by the broader VTC industry. These areas include:

  1. security, such as implementing a regular security testing schedule and ensuring employees and third-party sub-processors comply with privacy obligations;
  2. privacy-by-design by adopting an overarching privacy program and placing all VTC settings at the most privacy protective by default;
  3. audience-specific resources, including providing enhanced VTC safeguard features for parties that share sensitive information and custom-guidance documents to assist different groups to choose the VTC settings that suit them;
  4. transparency through the use of layered notices and informing users of any sharing of their information with third parties; and
  5. end-user control to enable VTC customers to decide what information they share when accessing VTC services and provide alerts when there is a danger that meeting information may become publicly available.

In addition to recognizing good practices, the Joint Signatures also identified the following areas for improvement:

  1. making end-to-end encryption available to users;
  2. clearly identifying any secondary use of users’ data and providing an option for users to opt-in to such processing; and
  3. informing users and, if possible, providing them with the option to choose their data storage location and jurisdictions in which their personal information may be routed through by the VTC company.

Based on the success of the Joint Signatories’ discussions with the Organizations, the Joint Signatories expressed that the engagement process used in this instance may prove valuable in future circumstances where dialogue would assist in clarifying regulatory obligations, identifying good practices, and increasing public trust in emerging technologies.

The post Office Of The Privacy Commissioner Of Canada Releases Observations Following Global Initiative On Privacy Expectations For Video Teleconferencing Companies appeared first on IPOsgoode.

]]>
The U.S. Department Of The Treasury’s Office Of Foreign Assets Control Releases Updated Advisory On Sanctions Regarding Ransomware Payments /osgoode/iposgoode/2021/10/14/the-u-s-department-of-the-treasurys-office-of-foreign-assets-control-releases-updated-advisory-on-sanctions-regarding-ransomware-payments/ Thu, 14 Oct 2021 16:00:12 +0000 https://www.iposgoode.ca/?p=38414 The post The U.S. Department Of The Treasury’s Office Of Foreign Assets Control Releases Updated Advisory On Sanctions Regarding Ransomware Payments appeared first on IPOsgoode.

]]>
M. Imtiaz Karamat is an IP Osgoode Alumnus and Associate Lawyer at Deeth Williams Wall LLP. This article was originally posted on on October 13, 2021.

Ransomware attacks are on the rise, with the Federal Bureau of Investigation reporting a nearly 21% increase in reported ransomware cases and a 225% growth in associated losses from 2019-2020. ĚýOn September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued anĚýĚýto highlight the sanctions risks associated with ransomware payments to malicious cyber actors and proactive steps that companies can take to mitigate those risks.

OFAC has designated some malicious cyber actors in its cyber-related sanctions program and other sanctions programs to discourage payments of cyber ransom or extortion demands to these parties.

According to the advisory, U.S. persons are generally prohibited from engaging in transactions with those on OFAC’s Specially Designated Nationals and Blocked Persons List (SDN List), other blocked persons, and those covered by country or region embargoes. Furthermore, any transaction that may violate the International Emergency Economic Powers Act (IEEPA), including a transaction by a non-U.S. person that causes a U.S. person to violate an IEEPA-based sanction prohibition, is also banned.

In response to sanctions violations, OFAC may hold such persons civilly liable even if they were unaware that the transaction was prohibited under sanctions laws and OFAC’s regulations at the time. The OFAC’s Economic Sanctions Enforcement Guidelines describe the department’s enforcement policies, as well as mitigating factors that may be considered by OFAC, including:

  1. meaningful measures taken to improve cybersecurity practices and reduce the risk of extortion by sanctioned actors; and
  2. the reporting of ransomware attacks to government agencies and cooperation with law enforcement.

If those factors are present, OFAC’s resolution could be limited to a “no action” or a “cautionary” letter, rather than a public response. Businesses that fall under OFAC’s regulation should aim to revise their cybersecurity incident response plans to better align with the recommendations in the updated advisory.Ěý

The post The U.S. Department Of The Treasury’s Office Of Foreign Assets Control Releases Updated Advisory On Sanctions Regarding Ransomware Payments appeared first on IPOsgoode.

]]>
The Office Of The Information And Privacy Commissioner Of Ontario Responds To The Province’s Proposal For Private Sector Privacy Law Reform /osgoode/iposgoode/2021/09/21/the-office-of-the-information-and-privacy-commissioner-of-ontario-responds-to-the-provinces-proposal-for-private-sector-privacy-law-reform/ Tue, 21 Sep 2021 16:00:00 +0000 https://www.iposgoode.ca/?p=38253 The post The Office Of The Information And Privacy Commissioner Of Ontario Responds To The Province’s Proposal For Private Sector Privacy Law Reform appeared first on IPOsgoode.

]]>
M. Imtiaz Karamat is an IP Osgoode Alumnus and Associate Lawyer at Deeth Williams Wall LLP. This article was originally posted on .

On September 7, 2021, the Office of the Information and Privacy Commissioner of Ontario (IPC)ĚýĚýits response to the Ontario government’s white paper on proposals for a provincial private sector privacy law, as previously reported by the E-TIPS® NewsletterĚý.

In its response, the IPC applauded the provincial government for taking a principles-based, flexible, pragmatic, and proportionate approach in its proposal that is consistent with the IPC’s response to the province’s previous consultation document,Ěý. It also commended the province’s decision to base its legislative proposals on the federal government’s Bill C-11, which would assist in giving the proposed legislation “substantially similar” status and exempt organizations conducting commercial activity in Ontario from regulation under the federal regime.

The IPC stressed the need for Ontario to push forward with its plans for modernizing its privacy laws regardless of the fate of Bill C-11. With the upcoming federal election, the fate of Bill C-11 is unclear and the IPC predicts that Bill C-11 “is destined to die on the order paper”. However, it believes that a provincial statute would be beneficial to Ontarians and that Ontario should proceed irrespective of the final decision on Bill C-11. The IPC states that provincial legislation would expand privacy protections to those who are not currently covered by federal privacy laws and fill constitutional gaps for charities, unions, professional associations, and political parties in Ontario. It also believes that a law that is tailored to Ontarians will better assist the province’s small and medium-sized businesses by being geared to the unique experiences that they face in their trade.

Although the response was generally positive, the IPC mentioned key gaps in the provincial government’s proposal that would need to be addressed in an implemented statute. According to the IPC, the white paper failed to raise important measures, such as mandatory breach notification, provisions that discuss conflicts between laws, and transitory provisions. Furthermore, it stated that while the white paper raised certain measures, it sometimes failed to provide detailed drafting language for those matters. Ultimately, these drawbacks did not have a major impact on the IPC’s overall opinion, for it assumed that the missing details would be included in a future bill.

If the Ontario government decides to proceed with the new privacy legislation, the IPC has pledged to prioritize the development of foundational building blocks and oversight mechanisms to support the successful implementation of the legislation in the province.

The post The Office Of The Information And Privacy Commissioner Of Ontario Responds To The Province’s Proposal For Private Sector Privacy Law Reform appeared first on IPOsgoode.

]]>
Leading Legal Disruption: Artificial Intelligence and A Toolkit for Lawyers and the Law /osgoode/iposgoode/2021/05/28/leading-legal-disruption-artificial-intelligence-and-a-toolkit-for-lawyers-and-the-law/ Fri, 28 May 2021 13:00:00 +0000 https://www.iposgoode.ca/?p=37471 The post Leading Legal Disruption: Artificial Intelligence and A Toolkit for Lawyers and the Law appeared first on IPOsgoode.

]]>
Pina's AI Book

Photo Credit: Prof Pina D'Agostino

Prof Pina D'Agostino

Prof Giuseppina D’Agostino is the Founder & Director of IP Osgoode, the IP Intensive Program, and the IP Innovation Clinic, the Editor-in-Chief for the IPilogue and the Intellectual Property Journal, and an Associate Professor at Osgoode Hall Law School. She is also very proud of her new book!

Ěý

I am excited to share that I just published a collection on Artificial Intelligence (AI) and the law, Leading Legal Disruption: Artificial Intelligence and a Toolkit for Lawyers and the Law (Thomson Reuters 2021). Co-edited with Dr. Aviv Gaon and Carole Piovesan, the book provides a provocative analysis on the emerging terrain of AI and how it interrogates various areas of the law. The book, that features a foreword from the Hon. Marshall Rothstein (formerly of the Supreme Court of Canada), is an international collaboration of thought leaders in AI, with contributors from Canada, the USA, Europe and Israel. Issues discussed include intellectual property, privacy, contract law, regulation, governance, ethics, business and more. Importantly, such issues merit a toolkit of practical and international perspectives as they are increasingly complex and ajurisdictional. ĚýĚý

In many ways this book is also a reflection of Osgoode’s strengths in AI. My co-editors, Dr. Aviv Gaon, Director at IDC Herzliya of Experiential Programs, is a PhD graduate (class of 2019) publishing several other books on AI and emerging technology, and Carole Piovesan (class of 2009) has co-founded her own firm, INQ Law. ĚýI am myself an LL. B graduate from Osgoode (class of 1999), eventually returned as faculty to found and run IP Osgoode and I am currently co-chairing the 91ŃÇÉ« AI & Society Task Force, among many other initiatives in this space.

I am particularly thankful to the Osgoode JD students who provided helpful research assistance: Elif Babaoglu, Daniel Joseph, Joseph Simile, Rachel Marcus, Christopher Tsuji, and Julianna Felendzer.

I am most grateful for the enthusiastic endorsements by Prof David Vaver (Professor of Intellectual Property Law, Osgoode; Emeritus Professor of Intellectual Property & Information Technology Law, University of Oxford), Prof Jane Ginsburg (Morton L. Janklow Professor of Literary and Artistic Property Law, Columbia University School of Law), Justice Michael Manson (Federal Court of Canada), and Dan Bereskin (Partner, Bereskin & Parr LLP) all which can be read on the back cover.

They say you can’t judge a book by its cover, but I particularly like this one, inspired by an AI and suggestive of our youth, our future ultimately grappling with AI and other emerging technology, that will iterate in every generation.

I look forward to hearing from you on your thoughts on the book (and the cover!). You may order your copyĚýhere.

The post Leading Legal Disruption: Artificial Intelligence and A Toolkit for Lawyers and the Law appeared first on IPOsgoode.

]]>
The Government Of Canada’s 2021 Budget Proposes Building An Innovation Economy Of The Future /osgoode/iposgoode/2021/04/30/the-government-of-canadas-2021-budget-proposes-building-an-innovation-economy-of-the-future/ Fri, 30 Apr 2021 13:00:22 +0000 https://www.iposgoode.ca/?p=37198 The post The Government Of Canada’s 2021 Budget Proposes Building An Innovation Economy Of The Future appeared first on IPOsgoode.

]]>
This article was originally posted on

On April 19, 2021, the Government of Canada announced itsĚýĚý(Budget 2021) with goals to finish the fight against COVID-19, ensure a strong economic recovery, and position Canada for a prosperous future. To accomplish its objectives, the government hasĚýĚýfor proposed expenditures in the areas of intellectual property (IP) and technology.

Budget 2021 will build on the National Intellectual Property Strategy of Budget 2018 by funding Canadian innovators, start-ups, and technology-intensive businesses. This includes providing $75 million for the National Research Council’s Industrial Research Assistance Program to assist high-growth client firms with obtaining access to IP services.

Budget 2021 also proposes to use $90 million to establish the ElevateIP program, which will help accelerators and incubators provide IP services to start-up companies. These direct investments are complemented by the launching of a Strategic Intellectual Property Program Review to conduct a broad assessment of IP provisions in Canada’s innovation and science programming, including both basic research and near-commercial projects.

Alongside its general IP investment plan, the Government of Canada has allocated funding to various technology initiatives in Budget 2021, such as proposing:

  • $5 billion over seven years towards the adoption of clean technology through the Net Zero Accelerator program;
  • $500 million over five years, starting in 2021-2022, and $100 million per year ongoing, to expand the National Research Council’s Industrial Research Assistance Program, which is poised to give up to 2,500 innovative small and medium-sized firms expertise and capital to scale up their businesses;
  • $443.8 million over ten years for the Pan-Canadian Artificial Intelligence Strategy to support research and innovation in the artificial intelligence sector;
  • $360 million over seven years to launch a National Quantum Strategy that will assist researchers studying quantum technology and establish a secretariat at the Department of Innovation, Science and Economic Development to coordinate efforts in this space;
  • $90 million over five years for the National Research Council to modernize the Canadian Photonics Fabrication Centre;
  • $400 million over six years to launch a Pan-Canadian Genomics Strategy to develop therapeutics and create jobs in the field, including allocating $136.7 million for Genome Canada to deliver mission-driven programming directed at starting the initiative; and
  • $2.2 billion over seven years towards Canada’s life science sector, including allocating resources to support Canadian firms through the Strategic Innovation Fund and creating a Clinical Trials Fund to assist in the research and development of treatments in the health field, including the pharmaceutical sector.

Written by M. Imtiaz Karamat, Osgoode Alumni and Student-at-Law at Deeth Williams Wall LLP.

The post The Government Of Canada’s 2021 Budget Proposes Building An Innovation Economy Of The Future appeared first on IPOsgoode.

]]>
Ontario Court Of Appeal Finds Insurance Coverage Does Not Apply To Cyber Hack /osgoode/iposgoode/2021/04/23/ontario-court-of-appeal-finds-insurance-coverage-does-not-apply-to-cyber-hack/ Fri, 23 Apr 2021 13:00:00 +0000 https://www.iposgoode.ca/?p=37064 The post Ontario Court Of Appeal Finds Insurance Coverage Does Not Apply To Cyber Hack appeared first on IPOsgoode.

]]>
This article was originally published on on April 14, 2021.

On March 15, 2021, the Ontario Court of Appeal (the Court), inĚýFamily and Children’s Services of Lanark, Leeds and Grenville v Cooperators General Insurance Company,Ěý, reversed the lower court’s decision that found that Co-operators General Insurance Company (Co-operators) had a duty to defend Family and Children’s Services of Lanark, Leeds and Grenville (FCS) and Laridae Communications Inc. (Laridae) against two claims in relation to a cyber hack.

Laridae was retained by FCS to perform communication and marketing services, including working on FCS’ website. FCS subsequently discovered that its website had been hacked and that a report containing personal information of 285 clients and subjects of FCS’ investigations was disclosed on Facebook without authorization. Both companies were insured by Co-operators and claimed that Co-operators had a duty to defend against the following two claims that arose out of the event:

  1. a $75 million class action brought against FCS alleging that FCS was negligent in securing its website; and
  2. a third-party claim in that proceeding brought by FCS against Laridae for negligence and breach of contract.

Co-operators denied that it had a duty to defend because its policies excluded claims arising from the distribution of data by means of an internet website. All three parties brought applications to determine the rights that depend on the interpretation of the policies.

The Court disagreed with the lower court’s finding that the matter could not be addressed by way of application, stating that there were no material facts in dispute requiring a trial and that the policy provisions in issue were clear and unambiguous. Upon assessing the issue, the Court found that the substance and true nature of both claims arose from the wrongful appropriation and distribution of confidential personal information on the internet. The Court held that all claims asserted were covered by the clear and unambiguous language of the exclusion clauses, and therefore Co-operators had no duty to defend either claim.

The Court did not waver when faced with FCS and Laridae’s argument that applying the data exclusions would nullify meaningful coverage under the policy. The Court held that the policies clearly stated that Co-operators would not insure against all risks, and therefore, holding the parties to the terms of the agreement, aligned with the reasonable expectations of the parties.

Written by M. Imtiaz Karamat, Osgoode Alumnus and Student-at-Law at Deeth Williams Wall LLP.

The post Ontario Court Of Appeal Finds Insurance Coverage Does Not Apply To Cyber Hack appeared first on IPOsgoode.

]]>
Facebook Addresses Resurgence Of Information From 2019 Data Breach /osgoode/iposgoode/2021/04/16/facebook-addresses-resurgence-of-information-from-2019-data-breach/ Fri, 16 Apr 2021 13:00:45 +0000 https://www.iposgoode.ca/?p=37062 The post Facebook Addresses Resurgence Of Information From 2019 Data Breach appeared first on IPOsgoode.

]]>
The following article was originally published on on April 13, 2021.

On April 3, 2021, Business InsiderĚýĚýthat information relating to over 530 million Facebook accounts had been made publicly available online. It isĚýĚýthat 3.49 million accounts belong to Canadians and the leaked data included names, locations, birthdates, email addresses, and other identifying information.Ěý

In response, Facebook issued aĚýĚýthat stated that the information was not leaked through a recent hack, but was the resurgence of data that was taken from the platform in 2019. Facebook claimed that the information was obtained via data scraping, where automated software is used to obtain public information from the internet and distribute it to online forums. The company believes that malicious actors took advantage of the vulnerability in Facebook’s contact importer feature, which is designed to help users easily find and connect with friends through their contact lists. Through exploiting the feature, the malicious actors were able to obtain information from users’ public profiles. Facebook has assured the public that the malicious actors had limited access to users’ information and the leaked data did not include financial information, health information, or passwords.

The news release also stated that Facebook made changes to its contact importer feature in 2019 to address the issue. More specifically, it modified the feature to prevent malicious actors from imitating the Facebook app and uploading a large set of phone numbers to find matching Facebook users. Facebook stated that it will work to get the data set taken down and that it will continue to combat the misuse of its platform’s features.

Written by M. Imtiaz Karamat, Osgoode Alumnus and Student-at-Law at Deeth Williams Wall LLP.

The post Facebook Addresses Resurgence Of Information From 2019 Data Breach appeared first on IPOsgoode.

]]>