Canadian Lawyer InHouse

went wrong or how they've interacted with hackers. Gordon says the CCTX is trying to create an online platform where critical knowledge can be exchanged anonymously so that even competitive fi rms can learn from and sup- port each other. Some organizations and GCs have no choice but to be proactive, even without the benefi t of collective resources such as the CCTX. Take Howard Simkevitz, general counsel and chief privacy offi cer at the On- tario Institute For Cancer Research. One of the OICR's major programs involves a reg- istry that stores tumour samples linked to a complementary database. Besides the ob- vious importance of ensuring the database isn't compromised, Simkevitz says policies to get on top of IT security were driven by two major factors: PHIPA regulation re- quirements and the maturity of services to deal with liability issues. "One of my fi rst priorities was to evaluate our insurance for cyber events," he says. "Of course, not surprisingly, we found that our existing coverage would not be suffi cient to the extent that we would need if we have a hacking event and needed to engage a foren- sic specialist. I think a lot of organizations are under the assumption that their general liability insurance will cover cyber events when it will not, or won't in its entirety." Simkevitz says after talking to a number of brokers, he discovered there are some compelling packages, and he encourages his peers to shop around. "It's a very edify- ing process," he says. (Laliberte agrees that good cyber-insurance "absolutely helps" in giving senior leadership peace of mind.) THE CYBERSECURITY EFFECT ON CLASS ACTION LITIGATION Cyber-risk insurance may be getting more popular because of the scope of what con- stitutes fallout from an IT security breach. There is fi nancial loss if hackers successful- ly sell customer data or use it to steal from bank accounts. More common has been the suggestion from experts and vendors that a high-profi le cyberattack will result in repu- tational damage to the victim. Simkevitz, for one, isn't buying it. "How many customers stopped going to TJ Max? How many stopped using their Sony PlayStation?" he asks. "My sense is that not many people changed their behav- iour." More notable in recent years has been victims banding together seeking restitu- tion of some kind, says Imran Ahmad, a partner with Miller Thomson LLP. "You're seeing a lot of litigation on the tort side of things — very creative class action lawyers proposing intrusion upon seclusion — typically things we would not historically see in this space," he says. Intrusion upon seclusion, which has only emerged recently in certain Canadian juris- dictions, allows plaintiffs to sue if a person has intentionally invaded their private af- fairs without permission and if a reasonable person would view the invasion as highly offensive. Ahmad points to a Jane Doe case where a man released a video of a sexual na- ture after their relationship ended without her consent. "The court recognized there was an im- pact of disclosing without the authorization of subject," he explains. "Now class action went wrong or how they've interacted with hackers. Gordon says the CCTX is trying to create an online platform where critical knowledge can be exchanged anonymously so that even competitive fi rms can learn from and sup- port each other. Some organizations and GCs have no choice but to be proactive, even without the benefi t of collective resources such as the CCTX. Take Howard Simkevitz, general counsel and chief privacy offi cer at the On- tario Institute For Cancer Research. One of the OICR's major programs involves a reg- istry that stores tumour samples linked to a complementary database. Besides the ob- vious importance of ensuring the database isn't compromised, Simkevitz says policies to get on top of IT security were driven by two major factors: PHIPA regulation re- quirements and the maturity of services to deal with liability issues. "One of my fi rst priorities was to evaluate our insurance for cyber events," he says. "Of course, not surprisingly, we found that our existing coverage would not be suffi cient to the extent that we would need if we have a hacking event and needed to engage a foren- sic specialist. I think a lot of organizations are under the assumption that their general liability insurance will cover cyber events when it will not, or won't in its entirety." Simkevitz says after talking to a number of brokers, he discovered there are some compelling packages, and he encourages his peers to shop around. "It's a very edify- ing process," he says. (Laliberte agrees that good cyber-insurance "absolutely helps" in giving senior leadership peace of mind.) THE CYBERSECURITY EFFECT ON CLASS ACTION LITIGATION Cyber-risk insurance may be ge popular because of the scope of stitutes fallout from an IT secur There is fi nancial loss if hackers ly sell customer data or use it to bank accounts. More common ha suggestion from experts and ven high-profi le cyberattack will resu tational damage to the victim. for one, isn't buying it. "How many customers stoppe TJ Max? How many stopped u Sony PlayStation?" he asks. "M that not many people changed th iour." More notable in recent years victims banding together seekin tion of some kind, says Imran partner with Miller Thomson LL "You're seeing a lot of litigat tort side of things — very cre action lawyers proposing intru seclusion — typically things we historically see in this space," he Intrusion upon seclusion, whic emerged recently in certain Cana dictions, allows plaintiffs to sue has intentionally invaded their fairs without permission and if a person would view the invasion offensive. Ahmad points to a Jan where a man released a video of a ture after their relationship end her consent. "The court recognized there w pact of disclosing without the aut of subject," he explains. "Now c Just last week, we had a board meeting where one of the things on the agenda was to review our policy with regards to confi dential information and how we protect it. DAVID LALIBERTE, Groupe Média TFO MARCH 2017 18 INHOUSE

• Cover