nav_20_logo
perspectives_icon_img@2x

Perspectives

Navigator’s folio of ideas, insights and new ways of thinking

The Ratchford Files: Getting in Front of Data Breach Issues

John Ratchford
John Ratchford | Principal & General Counsel
January 29, 2015 lnkdn_btn-svg
earthnight

Canadian consumers are worried about data breaches, Navigator’s survey reveals, and they believe it’s time for government to act

A problem that began in the arcane world of online gaming back in 2011 has become one of the most challenging corporate issues of 2015.
In April 2011, hackers accessed the names, addresses and credit card data of 77 million users of the Sony PlayStation Network. Suddenly, the public became aware of the consequences of data breaches. Initially, Sony offered an apology and some free games to those affected. It ended up settling an international class action suit for about $20 million.
Most experts agree that the PlayStation breach was relatively minor in the context of what has happened since.
The protection of personal information has quickly emerged as one of the most complex legal issues and top-of-mind crises that companies face, whether the threat is hackers or human error. The situation is exacerbated by the multinational networks of partners, suppliers, vendors, customers and employees who have direct and indirect access to that information.
Under current privacy law, those collecting personal data are prohibited from distributing it without obtaining prior consent. The number and the scale of data breaches, however, may portend a shift towards much more explicit obligations to keep such data secure, and penalties for failing to do so.
Already, the pressure on governments to take action is on the rise and legislation is before Parliament in the form of Bill S-4, the Digital Privacy Act.
Navigator’s proprietary research (see previous article) indicates a growing intolerance for the status quo. An overwhelming number of Canadians indicate that much tougher laws and regulations are required to better protect consumers. Almost as many believe that data breaches will not be effectively dealt with until government and regulators impose much stricter policies and practices.
In the near term, it is reasonable to conclude that the political traction of this issue is likely to have a material impact on the purview of corporate general counsel.
It is the GC’s role to identify laws that apply to their employers’ operations and to ensure there is a rigorous compliance process in place. That means increased focus on internal information technology systems, as well as those of an array of business partners.
ratchfile-06

In the near term it is reasonable to conclude that the political traction of this issue is likely to have a material impact on the purview of corporate general counsel.

ratchfile-07
The search for compliance gaps will be increasingly difficult, given the global nature of information acquisition, use and storage. For example, Canada’s anti-spam laws place restrictions on Canadian companies but do not affect those who conduct business outside the country.
Another consideration is how the rules in key jurisdictions affect practices beyond their scope. In the case of the U.S. Sarbanes-Oxley Act of 2002 (also known as the Public Accounting Reform and Investor Protection Act and the Corporate and Auditing Accountability and Responsibility Act), new reporting requirements in the U.S. reverberated globally.
However these emerging trends play out, one thing is already certain: For companies of all sizes, there is an urgent need to plan for data breach crises and their steep reputational — and financial — costs in competitive markets. The widespread public expectation that business leaders will be fully prepared to contend with data breaches and their consequences is already well entrenched, according to Navigator’s research.
Of course, successfully managing those expectations is just one part of the data breach challenge.

John Ratchford is a Principal and General Counsel at Navigator. He has been a practising lawyer for over 19 years.

fb_btn tw_btn

About the author:

John Ratchford
John Ratchford | Principal & General Counsel
fb_btn tw_btn

John Ratchford is a Principal and General Counsel at Navigator with twenty years’ experience in the practice of law, and providing strategic communications advice. His public and government affairs experience has included serving as Counsel to the Premier of Ontario; Chief of Staff to the Deputy Premier of Ontario; and Campaign Press Secretary to Nova Scotia Premier John Hamm.
At Navigator, John handles public affairs campaigns, crisis communication projects and corporate transactions.
John practised law with a leading law firm in Halifax Nova Scotia, Stewart McKelvey, before coming to Toronto in 2000 to join one of Canada’s largest law firms, Gowlings LLP.
John serves on the board of the Sarcoma Cancer Foundation of Canada, and on the finance and parish committees of St. Peter’s Roman Catholic Church in Toronto. He has served on numerous political campaigns, as a member of the boards of directors of the Arthritis Society, the United Way (Halifax), and the Parkinson Society; and on the executives of the St. Francis Xavier University alumni association in Toronto and the PC Party of Nova Scotia.
John received an Honours Bachelor of Arts degree from St. Francis Xavier University in Nova Scotia in 1991 and his LL.B. from the University of New Brunswick in 1994. He was called to the bar in Nova Scotia in 1995 (since retired), and the bar in Ontario in 2000. He is a member of the Law Society of Upper Canada.

Enjoyed reading?

Get Notifications