Canada’s new data breach law, the Personal Information Protection and Electronic Documents Act (“PIPEDA”), became effective on November 1, 2018. The Office of the Privacy Commissioner of Canada released new guidance providing explanations of the breach reporting requirements for private-sector businesses that operate in Canada or do business with Canadian customers. The new requirements of