• About
  • Offices
  • Careers
  • News
  • Students
  • Alumni
  • Payments
  • FR
Background Image
Bennett Jones Logo
  • People
  • Expertise
  • Knowledge
  • Search
  • FR Menu
  • Search Mobile
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
View all
Practices
Corporate Litigation Regulatory Tax View all
Industries
Capital Projects Energy Funds & Finance Mining View all
Advisory
Crisis & Risk Management ESG Strategy and Solutions Governmental Affairs & Public Policy
View Client Work
International Experience
Insights News Events
New Energy Economy Series Business Law Talks Podcast Economic Outlook
ESG & the CIO Subscribe
People
Practices
Industries
Advisory Services
Client Work
About
Offices
News
Careers
Insights
Law Students
Events
Search
Alumni
Payments
Subscribe

Stay informed on the latest business and legal insights and events.

LinkedIn LinkedIn Twitter Twitter Vimeo Vimeo
 

Commentary on a Reasonable Security Test

September 2020

Download PDF

     
Download PDF Commentary on a Reasonable Security Test

The Sedona Conference Working Group on Data Security and Privacy Liability (WG11) developed this Commentary to address what “legal test” a court or other adjudicative body should apply in a situation where a party has, or is alleged to have, a legal obligation to provide “reasonable security” for personal information, and the issue is whether the party in question has met that legal obligation.

The Commentary proposes a reasonable security test that is designed to be consistent with models for determining “reasonableness” that have been used in various other contexts by courts, in legislative and regulatory oversight, and in information security control frameworks. All of these regimes use a form of risk analysis to balance cost and benefit. The proposed test provides a practical method for expressing cost/benefit analysis that can be applied in data security regulatory actions, to litigation, and to information security practitioners using their current evaluation techniques. The Commentary also explains how the analysis should apply in the data security context. Because the test is rooted in commonly held principles, the drafters believe it offers methods for deriving reasonableness that are familiar to all interested parties. But it should be noted that depending on their text, individual laws or rules that require reasonable security might require use of a different analysis.

The Commentary begins with a brief summary of the importance of having a test, the reasoning behind a cost/benefit approach for the test, and what issues the test does not address. Part I sets out the proposed test and the explanation of how it is applied. Part II provides review and analysis of existing resources that offer guidance on how “reasonable security” has been defined and applied to date and explains how they bear upon the test. It includes a summary review of statutes and regulations that require organizations to provide reasonable security with respect to personal information, decisions of courts and other administrative tribunals with respect to the same, applicable industry standards, and marketplace information. Following this discussion, the Commentary identifies those items that are not included in the proposed test (also referenced in the Introduction section) and concludes with a discussion regarding the importance of flexibility.

The full text of The Sedona Conference Commentary on a Reasonable Security Test, Public Comment Version, is available free for individual download from The Sedona Conference website.

Ruth Promislow was a contributing editor of this piece.

Key Contact

  • Ruth E. Promislow Ruth E. Promislow, Partner

Celebrating our Centennial Chronicle

Related Links

  • Insights
  • Media
  • Subscribe

Related Expertise

  • Privacy & Data Protection

Recent Posts

Announcements

Jason Kenney Joins Bennett Jones as Senior Advisor

February 01, 2023
       

Speaking Engagements

U.S. Export and Re-Export Compliance for Canadian Operations

February 01, 2023
       

In The News

Canadian Government Cannot Rely on More Borrowing to Fund Pledges

January 27, 2023
       

Speaking Engagements

The Evolution of Economic Crime, Asset Recovery, Money Laundering and Enforcement

January 26, 2023
       

In The News

Why Ottawa's Plans to Restore Fiscal Balance Are On Shaky Ground

January 26, 2023
       

In The News

Canada Needs to Get Its Act Together on Growth

January 25, 2023
       

In The News

Canada's Spending Plans Will be Threatened by Higher Interest Rates and Looming Recession

January 25, 2023
       

In The News

David Dodge on Power Play: Canada's Fiscal Plan is Not the Full Story

January 25, 2023
       

In The News

Federal Government is Underestimating Risks of Recession and Higher Interest Rates

January 25, 2023
       
Bennett Jones Centennial Footer
Bennett Jones Centennial Footer
About
  • Leadership
  • Diversity
  • Community
  • Innovation
  • Security
  • History
Offices
  • Calgary
  • Edmonton
  • Montréal
  • Ottawa
  • Toronto
  • Vancouver
  • New York
Connect
  • Insights
  • News
  • Events
  • Careers
  • Students
  • Alumni
Subscribe

Stay informed on the latest business and legal insights and events.

LinkedIn LinkedIn Twitter Twitter Vimeo Vimeo
© Bennett Jones LLP 2023. All rights reserved.
  • Privacy Policy
  • Disclaimer
  • Terms of Use
Logo Bennett Jones