PowerSchool ‘not off the hook’ for data breach: ex-privacy commissioner
Global News
Chantal Bernier says the agreement that ended a federal probe into the hack was the most effective way to hold PowerSchool accountable, but called for more powers at the agency.
A former federal privacy commissioner says PowerSchool is “not off the hook” over the massive data breach that affected millions of kids, teachers and parents despite the end of an investigation into the company’s cybersecurity practices, noting the improvements PowerSchool has committed to making.
Chantal Bernier, who was assistant federal privacy commissioner from 2008 to 2014 and held the role of interim commissioner in 2014, told Global News the agreement announced Tuesday was the most effective way for the Office of the Privacy Commissioner (OPC) to hold PowerSchool accountable, given the deadlines the company now has to boost its security and prove it can prevent future cyberattacks.
“It keeps alive the right for the OPC to initiate a complaint and then go into a full investigation should PowerSchool not come through,” Bernier said in an interview.
“PowerSchool is not off the hook at all.”
The OPC said Tuesday that privacy commissioner Philippe Dufresne had decided to end his investigation into the breach after PowerSchool “took measures to contain the breach, notify affected individuals and organizations and offer credit protection, and has voluntarily committed to additional actions to support its security safeguards.”
According to a letter of commitment with the OPC signed last week, PowerSchool has until the end of July to provide any additional information related to the data breach to the commissioner, and will need to provide evidence by the end of this year that it has strengthened its monitoring and detection tools.
By March 2026, the education software company will also need to get recertified under global information security standards and provide an independent, third-party security assessment and report to the OPC on PowerSchool’s updated safeguards to protect personal information, prevent and respond to potential breaches, and other cybersecurity measures.
Dufresne will have to review and approve PowerSchool’s plans to accept or reject any recommendations from that report, as well as ensure the company meets its other commitments.
Flu season has arrived early, with CHEO reporting eight times more cases than last year as hospitals warn of rising infections among children and seniors.
Nova Scotia’s largest utility is responding to a stinging letter from Premier Tim Houston by insisting it hasn't broken any laws.
A British Columbia Liberal MP said Prime Minister Mark Carney "will have to answer" questions on why he reversed a budget commitment on tax credits in Alberta energy deal.
AFN Chief Cindy Woodhouse Nepinak has said Budget 2025 failed First Nations because it did not include more infrastructure funding and educational resources for their communities.
Conservation officers in B.C. say they've captured four more grizzly bears that are being tested to determine if they were involved in an attack on a school group last month.
Joshua Wright says a yellow cedar tree he photographed last year was "incredible," the largest he'd ever seen in a decade of hiking around Vancouver Island.
Canadians could face grocery bills up to $1,000 higher in 2026 as food prices rise 4-6 per cent, with restaurants and meat seeing the biggest jumps.
Despite a growing homelessness problem in the South Okanagan city, council voted 4-2 against the project and the millions of provincial dollars that would come along with it.
Artificial Intelligence Minister Evan Solomon told a House of Commons committee the updated strategy will come next year, after saying in the fall it would come this year.
Reports emerged this week of U.S. government procurement plans to order 20 Senator vehicles for its ICE officers, a move worth roughly $10 million.
The 16-year-old was arrested in April after police said a credible threat was made against students at Citadel High School.
A committee meeting also heard an extra $194 million is needed to pay for carbon price fuel charges that the provincial government didn't collect.
The premier of Nova Scotia is calling for an investigation into how a major power utility has handled a cyberattack.