It’s been a long battle, but transparency has prevailed.
LifeLabs LP v. Information and Privacy Commissioner of Ontario (IPC) stemmed from a cyberattack in 2019 that resulted in the compromise of 15 million Canadian’s data. LifeLab eventually complied with inquiries by the Privacy Commissioner, who requested that LifeLab provide its forensics report and other documents, but LifeLab challenged the release of their internal forensics report to the public. In May of 2024, their attempt to protect the report from release was rejected by the Divisional Court in Ontario, which held that forensic reports are not privileged.
LifeLab still didn’t give up and tried to appeal the decision to the Ontario Court of Appeal — to no avail.