While there is growing acceptance within the Canadian insurance market of the need for cyber-insurance, knowledge and understanding of third party risks remain limited. This article reviews relevant decisions to date and discusses causes of action and associated hurdles, as well as the increased importance of “nominal damages” in the context of data/privacy breach class actions.
Author’s note: This article was drafted prior to the release of the Ontario Superior Court of Justice’s decision in Kaplan v. Casino Rama (2019 ONSC 2025), otherwise that decision also would have been referenced extensively. We are pleased to say that the Kaplan decision reflects much of what is written below. However, for those interested, we recommend reviewing that decision, as well as monitoring its progress as appellate review is undertaken.