John M. Cassell

Dec 12, 2023 | lexblog.com | Imran Ahmad |John M. Cassell |Suzie Suliman |Jeremie Wyatt

In our previous post, we discussed specific considerations for common boilerplate provisions in data processing agreements (DPAs). Due to the sensitivity of data transfers and privacy laws, DPAs require careful drafting to ensure the data processor complies with appropriate privacy obligations and is responsible for any non-compliance. This post takes a closer look at DPA-specific obligations relating to the data processing itself.

Dec 4, 2023 | lexblog.com | Imran Ahmad |John M. Cassell |Suzie Suliman |Jeremie Wyatt

Modern businesses collect and process personal information about their customers and employees for the benefit of their business – these benefits include identifying opportunities to enhance their products or services, streamlining operations, reducing costs or maximizing profits. Processing such data is often outsourced to a third-party data processing service provider.

Nov 28, 2023 | lexblog.com | Imran Ahmad |John M. Cassell |Maya Medeiros |Véronique Barry

In a world where generative AI is driving innovation and technology is outpacing legislation, there’s a lot for companies to consider to maintain operational effectiveness and minimize risk. To help provide some guidance, Norton Rose Fulbright Canada hosted its 2023 technology, privacy and cybersecurity virtual summit.