Register Here
  Call For Papers
  Hotel Info
  Power Panels
Untitled Document
2019 Sponsors

2019 Tech Sponsors

2019 Exhibitors
Untitled Document
2018 Platinum Sponsor

2018 Gold Sponsor

2018 Silver Sponsor

2018 Tech Partner

2018 Tech Sponsor

2018 Exhibitors

VTech - Privacy and Data Breaches: A Wake Up Call and Unfolding Massive Legal Issues From This Legal Expert.

TORONTO, Dec. 4, 2015 /CNW/ - "Toymaker VTech says data on over 6 million children taken in cyber-attack", Globe and Mail headline, December 1, 2015. VTech Holdings, based in Hong Kong stated said the children's profiles include name, gender and birth date were affected. Stolen data on their parents of approximately 5 million included name, mailing address, email address, secret question and answer for password retrieval, IP address, download history and encrypted password  housed on the "Learning Lodge" app store database remains a big concern. VTech Holdings Limited, based in Hong-Kong, stated that an unauthorized party accessed VTech customer data.

The VTech massive breach has affected approximately 300,000 Canadian parents and children.  Ravi Shukla, Partner and leading Internet and Information Technology expert at Fogler Rubinoff LLP, a Toronto-based law firm says "At this time, it is unclear if the Canadian Federal Privacy Commissioner intends to become involved. That position will depend upon, firstly, what the contractual arrangements between the affected parents and the company are, as parents could have agreed to have their relationships with VTech governed by the laws of a foreign jurisdiction and, secondly, the overall application of the established "real and substantial connection"test for exporting Canadian laws. The analysis of real and substantial connecting factors require a flexible, contextual approach on a case by case basis - the subject matter of the complaint and Canada."  From a legal perspective, Ravi Shukla points out that "PIPEDA may cover organizations based outside Canada. A variety of factors may be explored to determine if PIPEDA applies including location in which the activity complained of takes places; location to which information and profits flow; location of preparatory activities; residency and/or location involved including end users, intermediaries, content providers or host servers; location of contract; location of any potential related proceedings; jurisdiction where promotional efforts are primarily targeted".

Meanwhile, Learning Lodge and along with their 12 other V-Tech websites have announced that these websites have been suspended and hired Mandiant, a forensics unit organization to assess and review. Ravi Shukla says; "In Canada, PIPEDA makes it clear that organizations need to protect information on a sliding scale basis. It is widely understood that information pertaining to children is to be treated as highly sensitive and protective technological and other measures need to be deployed." Ravi Shukla and other security and privacy experts argue that it is more about arming criminals with information about identity that makes victimization a crucial matter.  They further surmise that VTech did a poor job securing childrens' data and keeping personal data safe and secure.

As for VTech, the breach will have a significant business impact with holiday-shopping customers.   Furthermore,  a 2014 risk survey of 1,500 Canadians provided some key insight on what's at stake for organizations. Fifty per cent of respondents indicated they would likely do business with an organization that had above-average IT security, while more than 83 per cent of respondents indicated they would likely or very likely switch to a competitor if that organization experienced a data breach where personal information was lost or compromised. According to Ponemon Institute [which conducts independent research on privacy, data protection and information security policy] earlier this year on a study that examined the cost of data breaches in Canada, found that the average per capita cost of a data breach is $250 and the average total organizational cost is $5.32-million.  The industries with a per capita data breach of substantially more than $250 were financial, services, technology and energy.

Ravi Shukla cautions senior decision makers on the need to be proactive, "Hope is not a strategy and on a weekly basis the facts show clearly that the time for taking serious protective counter-measures is upon us.  The legal requirements to do so, have been in place for some time.  The alternative is to expect the pattern of ever increasing size and sophistication of breaches to continue. While the stories of enterprising external criminals brazenly exploiting human and technological weaknesses naturally gain the most public attention, the bulk of Canadian class action lawsuits based on allegations of privacy breaches are rooted in employee malfeasance or negligence. The internal risk is still greater than the external risk."

The question widely being asked is: Are Canadian companies protecting themselves enough? While the standard to be met is not perfection, a failure to meet ever evolving best practices based industry standards will result in serious consequences, destructive outcomes, exorbitant and rising costs of data and privacy breaches will permeate into a company's operational structure for years well after the cyberattack and subsequent data and privacy breaches with accompanying lawsuits. The legal crisis list is long and severe: Class-action Suits in the Thousands, Investigations and Regulatory actions by the Privacy Commissioner, Courts Now Awarding Significant Damages, in addition to Insurance Premium payouts.

Ravi Shukla poses the thought-provoking question to Canadian corporate leaders about their need to evaluate their own complacency and a potential mindset of a false sense of security combined with a misguided focus on "penny-wise-pound foolish" cost reductions where digital personal identities of customers and employees are vulnerable. Cyber criminals are accessing systems using cloud computing to launch bot nets on a corporation's computers to spread viruses, install malware and deliver spam without the company being aware of it. 

It's a legal problem as equally as a technical problem.  Class action suits with customers and class action suits against boards directors personally for failing to protect the company. How risk is being managed has become a matter of disclosure for publicly traded companies, in addition to boards and c-suite executives considered as part of the board's oversight. Operating system vulnerabilities will continue to exist, despite best efforts. Canadian organizations must be vigilant in assessing existing security protection and invest smartly, react quickly, embrace a higher level of proactive-ness to manage business risk, cyber security threats and security losses, in addition to reputational loss from aggrieved customers. If it becomes public the retaining public trust will be ferocious.

Canadians do have reasons to be somewhat optimistic. The federal private sector privacy legislation PIPEDA was promulgated back in 2000 and has given rise to several provincial counterparts.  Those pieces of legislation place significant legal obligations on the custodians of personal information.  Activist Canadian courts have increased pressure on organizations to take the appropriate measures to secure information. Notably in 2012 , the Ontario Court of Appeal created a new common law cause of action for breach of privacy in Ontario.  The new tort of intrusion upon seclusion may also apply in Alberta, Nova Scotia, New Brunswick and Prince Edward Island.

The natural tendency is to defer to the views of knowledgeable I.T. department representatives, however, cyber security and privacy protection issues should be at the top of agendas of c-suite executives and boards.  Taking action to make sure data assets are adequately protected and getting the proper legal advice includes the steps of network and information mapping, conducting vulnerability assessments (which will extend to evaluating the risks associated with third-party vendors), developing an incident response plan, assessing insurance coverage evaluation, evaluating compliance obligations imposed by regimes such as PIPEDA or PCI-DSS and setting an overall information risk management strategy.

About Ravi Shukla

Ravi Shukla is a business lawyer specializing in Internet and Information Technology law.  He regularly advises on a range of commercial, computer, intellectual property, information security (including cybersecurity), regulatory, governance and privacy rights issues.  With 25 years of legal experience along with an engineering background, Ravi Shukla is technically-savvy, strategically sound and has  sophisticated expertise of advancing issues regarding data, security and privacy issues affecting Canadian organizations. He provides a balanced, well-informed point of view for Canadian companies and government organizations.

About Fogler Rubinoff

Fogler, Rubinoff LLP is a full-service law firm with offices located in Toronto and Ottawa, Ontario, Canada. Established in 1982, they provide high-quality legal services and advice to both established and emerging businesses as well as individuals. Fogler, Rubinoff LLP, one of the 20 largest law firms in Toronto, is one of Ontario's top ten regional law firms by Canadian Lawyer Magazine. They are also a member of the International Lawyer's Network. This association, with over 90 law firms located throughout more than 66 countries worldwide, allows them to offer a significant strategic advantage to their clients with a global presence. Fogler, Rubinoff LLP prides themselves on trust, experience, sound judgement and results.

SOURCE Fogler, Rubinoff

About PR Newswire
Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Silicon Valley Faculty Highlight
The platform combines the strengths of Singtel's extensive, intelligent network capabilities with Microsoft's cloud expertise to create a unique solution that sets new standards for IoT applications," said Mr Diomedes Kastanis, Head of IoT at Singtel. "Our solution provides speed, transparency and flexibility, paving the way for a more pervasive use of IoT to accelerate enterprises' digitalisation efforts. AI-powered intelligent connectivity over Microsoft Azure will be the fastest connected path for IoT innovators to scale globally, and the smartest path to cross-device synergy in an instrumented, connected world.
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
"NetApp's vision is how we help organizations manage data - delivering the right data in the right place, in the right time, to the people who need it, and doin...
"We were founded in 2003 and the way we were founded was about good backup and good disaster recovery for our clients, and for the last 20 years we've been pret...
CloudEXPO TV Power Panels
New competitors, disruptive technologies, and growing expectations are pushing every business to both adopt and deliver new digital services. This ‘Digital Tran...
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the...
This week I had the pleasure of delivering the opening keynote at Cloud Expo New York. It was amazing to be back in the great city of New York with thousands of cloud enthusiasts eager to learn about the next step on their journey to embracing a cloud-first worldl."
How does Cloud Expo do it every year? Another INCREDIBLE show - our heads are spinning - so fun and informative."
Thank you @ThingsExpo for such a great event. All of the people we met over the past three days makes us confident IoT has a bright future."
One of the best conferences we have attended in a while. Great job, Cloud Expo team! Keep it going."


Who Should Attend?
Senior Technologists including CIOs, CTOs & Vps of Technology, Chief Systems Engineers, IT Directors and Managers, Network and Storage Managers, Enterprise Architects, Communications and Networking Specialists, Directors of Infrastructure.

Business Executives including CEOs, CMOs, & CIOs , Presidents & SVPs, Directors of Business Development , Directors of IT Operations, Product and Purchasing Managers, IT Managers.

Join Us as a Media Partner - Together We Can Enable the Digital Transformation!
SYS-CON Media has a flourishing Media Partner program in which mutually beneficial promotion and benefits are arranged between our own leading Enterprise IT portals and events and those of our partners.

If you would like to participate, please provide us with details of your website/s and event/s or your organization and please include basic audience demographics as well as relevant metrics such as ave. page views per month.

To get involved, email [email protected].