This article appeared in Cybersecurity Law & Strategy, an ALM publication for privacy and security professionals, Chief Information Security Officers, Chief Information Officers, Chief Technology Officers, Corporate Counsel, Internet and Tech Practitioners, In-House Counsel. Visit the website to learn more.

Part One of this series discussed the history of Canada's recently introduced Consumer Privacy Protection Act and reviewed the similarities with GDPR, such as data portability, the right to be forgotten, codes of practice, and a safe harbor provision. Part Two analyzes the new compliance requirement of valid consent.