At Singleton Reynolds, our people are what makes us great. We come together every day with the common goal of providing exceptional legal services and ensuring we go above and beyond for each and every client.
The range of backgrounds of the partners, counsel, associates and staff of Singleton Reynolds enables us to offer a broad range of services.
Singleton Reynolds’ lawyers spend a significant amount of time researching and thinking about how industry or legislative changes could affect your business.
Singleton Urquhart Reynolds Vogel LLP is recognized as a leader in construction and infrastructure, insurance, commercial litigation, real estate and business law.
Singleton Reynolds has offices to serve you in Vancouver and Toronto.
How was Singleton Reynolds first established? Find out more here.
Recognizing the leadership that contributes to the company successes.
Singleton Reynolds prides itself in being a leader in corporate social responsibility. We encourage diversity, charity, mentorship, civic dedication and neighbourhood support.
Singleton Reynolds strives to understand the balance between your career and your personal goals and encourages our legal and operations staff in the pursuit of their interests outside of the firm.
We are always on the lookout for talented professionals to contribute to our team. Singleton Reynolds offers a professional and challenging work environment, with a competitive compensation and benefits package.
Our goal is to develop strong lawyers from student right through to partner. Mentoring and training start when you are a student and continue throughout your practice.
Obtaining meaningful consent is fundamental to any organization’s use, collection and disclosure of personal information. Failure to obtain meaningful consent may lead to severe regulatory consequences. A very recent and high profile example of the consequences is that on January 21, 2019, Google was fined for €50 million for breaching the European Union’s General Data Protection Regulation (“GDPR”) for its lack of proper consent from users for targeted advertising and its lack of transparency as to how user data is processed. While most Canadian organizations do not have the same business model as Google and are also not subject to the GDPR, the same issues exist in Canada. In Canada, the Office of the Privacy Commissioner of Canada (“OPC”) has recently required Canadian organizations to become much more focused on the process they use to achieve OPC’s requirement of obtaining meaningful consent from users. This is fundamental to OPC’s Canadian private sector privacy regulation. It means the user must know, understand and consent to the nature, purpose and consequences of the collection, use or disclosure of the user’s personal information to which he or she is consenting.
On January 1, 2019, OPC began to apply a set of new guidelines for obtaining meaningful consent to the collection, use and possible disclosure of personal information (the “Guidelines”) that were issued by OPC with the Offices of the Privacy Commissioner of Alberta and British Columbia on May 24, 2018. All private sector businesses in Canada subject to the federal Personal Information Protection and Electronic Documents Act (“PIPEDA”) or its substantially similar provincial counterparts, the Alberta Personal Information Protection Act and the British Columbia Personal Information Protection Act (“BC PIPA”), are expected to follow the Guidelines. Although the Guidelines were published in the context of PIPEDA, organizations subject to its provincial counterparts, particularly those that collect, use or disclose sensitive personal information, should be compliant with the Guidelines as these provincial counterparts are substantially similar to PIPEDA and they share the same principles of consent. Obtaining meaningful consent is becoming more difficult, and failure to do so may subject a business to enforcement action. The Guidelines, however, do not provide a template of an one-size fit all, gold-standard consent process. Therefore, it is prudent for businesses to seek legal assistance to develop creative and tailored solutions to obtain meaningful consent in ways that are suitable to the nature of the business, particularly an online business, and are compliant with the Guidelines.
Here is an overview of the seven guiding principles for meaningful consent as per the Guidelines:
Individuals may require different levels of detail to provide a meaningful consent. To respect the different personal approaches, organizations should provide information to the individuals in manageable and easily-accessible ways and allow the individuals to control how much more detail they wish to obtain, and when. Organizations may consider presenting information in both simple and detailed versions to allow individuals to control the desired level of details provided to them.
Individuals must be given a clear choice to consent to or refuse the collection, use, or disclosure of some or all of their personal information. Organizations may be required to prove certain personal information if such information is a valid condition of service because it is integral to the service provided or falls under an exception to the general consent requirement. Otherwise, individuals must have clear options to opt-out.
Organizations are encouraged to be innovative in designing consent processes that can be implemented just-in-time, specific to the context, and appropriate to the type of interface used. In particular, organizations are not encouraged to simply transpose their paper-based privacy policies from the offline environment to the digital space to obtain online consent. Instead, organizations should better utilize the tools that the digital space offers to improve the consent processes, including introducing just-in-time notices, interactive tools, and customized mobile interfaces to obtain meaningful consent from individuals.
To ensure individuals can understand what they are consenting to, organizations should consider both the content of privacy communications and their accessibility from the user’s perspective. Clear explanations, ease of accessibility to privacy policies and notices, and suitable level of language and display of information are essential.
Organizations must be ready to demonstrate that they have obtained valid consent through having a process in place to obtain such consent from the individuals that is compliant with the consent obligations set out in legislation.
In addition to the above guiding principles, the OPC provides further considerations in the Guidelines for organizations to obtain valid consent:
OPC recognizes that obtaining meaningful consent is increasingly difficult, and the Guidelines are designed to provide the much needed guidance on how to do so. It is prudent for organizations subject to PIPEDA and its provincial counterparts to review their privacy policies and consent process and revise accordingly.
For more information, please contact:
Articles | Mar 13, 2019
News + Insights | Mar 11, 2019
Articles | Oct 29, 2018
Or call toll-free at 1-877-682-4404 or (604) 682-7474 (Vancouver) or (416) 585-8600 (Toronto)
This field is required