Data Protection: GDPR
General Data Protection Regulation – The Global Standard
What is it?
The General Data Protection Regulation (“GDPR”) is a regulation that came into force on May 25, 2018 on consumer data protection and privacy for all individuals within the European Union (“EU”). However, though the Regulation was introduced by the EU, it can apply to any individual or corporation who processes “personal data” regardless of their location.
The GDPR Regulation should be taken seriously as it is designed to help consumers gain a greater level of control over their data, while offering more transparency throughout the process.
Factors to think about to be GDPR Compliant
The GDPR Regulation is a lengthy and complex document that took over 4 years of negotiation to establish. Therefore, using a general perspective, the basic factors that an individual or corporation should be thinking about to be GDPR compliant are listed below:
Consequences for Non-Compliance
There are two tiers of fines that can be used as penalties for non-compliance:
The GDPR is an important piece of regulation that affects global corporations and individuals. When you intend to obtain “personal data” keep in mind the factors above and ensure that your corporation is GDPR compliant to limit any further consequences.
Vikas Chadha is a member of the BLG Business Venture Clinic, and is a 2nd year student at the Faculty of Law, University of Calgary
Start-Ups and E-Commerce
While online shopping has become prevalent due to its ease and convenience, many are still unaware of how they are impacted by laws governing e-Commerce. These laws have implications on both the online buyer and the online seller and are of particular importance to a start-up company that engages in e-commerce and operates largely online.
When a purchase is made online, the seller and the buyer are entering into a contract. In order to enter into the agreement, the seller must provide the buyer with certain information regarding the business to allow the buyer to make a fully informed decision when purchasing a product or service. The necessary information is as follows:
Finalizing the Internet Sales Contract
Before finalizing any agreement, the sellers’ website must be designed to allow the buyer to correct any errors that may arise in the course of making their purchase. An example of such an error is the buyer choosing to purchase two units of a product when it was their intention to purchase one. Before completing the transaction, the buyer should be provided with a summary of the transaction allowing them to recognize their error and make the necessary corrections before completing their order. If a buyer was not provided with the opportunity to review their order for errors prior to the transaction being finalized, this may provide them with cause for the cancellation of the order upon receipt, so long as this is done within a reasonable amount of time.
Once the internet sales contract has been finalized and entered into by the buyer, the seller must provide a receipt of the transaction. It is acceptable for this receipt to be provided by e-mail to an e-mail address provided by the buyer. The receipt should contain the buyers name, the date the order was placed and should be provided within 15 days of when the order was placed.
Right of Cancellation
In addition to the right to cancel where an opportunity to review the order prior to completion was not provided, there are other situations where a buyer may cancel an internet sales contract. A buyer may cancel an internet sales contract any time prior to the commencement of the services or delivery of the goods if:
If the buyer wishes to cancel for any legitimate cause, they must do so by providing notice to the seller. If the buyer fails to communicate cancellation to the seller despite having legitimate cause such as the examples discussed above, the contract will not be cancelled. Methods by which a buyer may cancel an agreement with a seller include mail, e-mail, phone or fax. Keep in mind that the buyer must be able to prove what day they requested the cancellation. The date will be relevant in determining whether the cancellation was justified.
Richie Aujla is a member of the BLG Business Venture Clinic, and is a 2nd year student at the Faculty of Law, University of Calgary
 Alta Reg 81/2001, s 4(1).
 Ibid, s 4(2).
 Ibid, s 5.
 Ibid, s 6(2).
 Ibid, s 6(3).
 Ibid, s 8(1).
 Ibid, s 8(3).
Intro to Blockchain
Blockchain: Decentralized Ledgers & Smart Contracts
A blockchain is a ledger, similar to a Microsoft Excel spreadsheet. A blockchain is maintained in a decentralized manner. Blockchain ledgers keep track of “transactions”. Transactions occur without external third parties, no escrow needed. These transactions are grouped together in a data structure called a block, where the term block refers to a group of transactions that have been processed at the same time. The transactions are related temporally and are recorded serially. Each block includes a hash (a cryptographicaly generated code) that refers to the last block so any attempt to change a prior block has a cascading effect on each subsequent block. This relationship between blocks gives rise to the term blockchain. Every user on a blockchain sees and maintains the same copy of the ledger through a concept called “reaching consensus”. A reliable consensus procedure is required to ensure the accuracy of the ledger and maintain the security of the system. A blockchain can be public, where anyone can participate, or the blockchain can be permissioned, where only authorized participants can access and add transactions to the ledger.
A blockchain is a peer-to-peer system with no central authority managing the data flow. To maintain data integrity a large distributed network of independent users is encouraged. The computers making up the network are in more than one location. The term “node” typically refers to a computer in the network.
Blockchains are built to create trust between unknown parties. Blockchains are meant to be honest systems that self correct without the need of a third party to enforce the rules. A consensus algorithm enforces the rules. Consensus develops agreement among a group of commonly mistrusting shareholders. Each blockchain relies on its own algorithm for creating agreement within its network.
The main focus areas for decentralized ledger technology are:
Hashgraph as an example of a decentralized ledger
Hashgraph is a virtual-voting decentralized ledger technology. Everyone is a node on the network and each can submit data in parallel at the same time on the graph.
Hashgraph is not blockchain but boasts that it can provide a comparable or possibly better security level while simultaneously performing transactions faster. Hashgraph patented its algorithm to ensure stability. Hashgraph has a governance system where 39 international, independent blue chip organizations control two thirds of the network’s cryptocurrency. The governance system is based on Dee Hock’s formative book, One From Many: VISA and the Rise of Chaordic Organization, that chronicles the creation of the VISA network among other things where banks associated to benefit all customers.
Smart contracts are contracts formed with blockchain technology. They are not subject to linguistic interpretations and are marketed as a way to prevent ambiguity, ensuring both parties understand exactly what has been agreed to. A smart contract uses computer code to determine the relations and obligations between parties. The resulting interpretation is designed to be more predictable. Smart contracts can remove third-party or escrow agents since performance can automatically be determined by monitoring compliance with a set of conditions. The contract is administered as the conditions are met. This may lead to an “inexorability” problem if a vulnerability within the code is exploited.
Szabo predicted that smart contracts would overcome legal barriers that prevent local businesses from entering global markets.
“Smart contract” has evolved to encompass more than one meaning. When referring to blockchain application development, smart contract does not refer to a legal contract but rather a snippet of programming code that gets executed on the blockchain, typically in an automated fashion (although some parts may require human input and control). To simplify things, the snippet of programming could be referred to as “smart contract code” and the entire legal contract expressed and implemented in software could be referred to as a “smart legal contract”.
Ricardian contracts as an example of smart contracts
A Ricardian contract records the “intentions” and “actions” of a particular contract, no matter if it has been executed or not. The same Ricardian contract has to be both readable by people and parsable by computer programs. Each Ricardian contract has its own unique hash that refers uniquely to that document (a cryptographic message digest). That hash ensures the Ricardian contract is immutable (not susceptible to change). While it is possible to implement a Ricardian contract as a smart contract, not every Ricardian contract is a smart contract. The creator, Ian Grigg (a specialist in financial cryptography working at Systemics Inc), defines a Ricardian Contract as a single document that is:
While a Ricardian contract is a design pattern that captures the intent of the agreement of the parties before performance, it can implement the concept of the smart contract by using a hash as a reference that links to external documents of code.
Ricardian contracts have not been presented in Canadian court, however, contract law will apply if the agreement has the basic components of a contract, regardless of the form. To prove a meeting of the minds all the essential terms of contract must exist: 1. an offer, 2. an acceptance, 3. certainty of the agreed terms, 4. consideration, and 5. the intention to create legal relations.
Shannon Peddlesden is a member of the BLG Business Venture Clinic and a 2nd year student at the Faculty of Law, University of Calgary.
Shawn S Amuial, Josias N Dewey, Jeffrey R Seul, The Blockchain: A Guide for Legal and Business Professionals, (Danvers, MA: Thomson Reuters®, 2016).
Digital Economy Update, “Smart contracts – can code ever be law?” (1 March 2018), online: < www.ashurst.com/en/news-and-insights/legal-updates/smart-contracts---can-code-ever-be-law/>.
Hackernoon, “Merkle Trees” (15 December 2017), online: < https://hackernoon.com/merkle-trees-181cb4bc30b4>. Hashing refers to transforming data of any size into short, fixed-length values, this incorporates a technology called Merkle trees. Merkle trees allow for efficient and secure verification of large amounts of data.
EliNext, “Smart vs. Ricardian contracts: what’s the difference?” (28 February 2018), online: <https://www.elinext.com/industries/financial/trends/smart-vs-ricardian-contracts/>.
Choosing a Business Name
Choosing a Business Name
One of the most important steps when starting a new business is choosing the right name. There are, of course, a number of common concerns about the quality of a business name. It must appeal to your target market. It ought to suit your business and industry and work well in marketing. It should be catchy and memorable, helping your business stand out from the competition. It should be able to be used online easily and not already have an existing social media presence. However, there are also a number of legal concerns when it comes to choosing and potentially registering a business name.
The first question you should ask yourself is whether or not your business is a corporation. If you are not incorporated then your business name will not constitute its own separate legal entity but will simply be the name you conduct business under, or a “trade name”. You will also not be allowed to use the words incorporated, limited or corporation (or their abbreviations) in your trade name. In Alberta when you run a business as the sole owner under a name other than your personal name you must register this trade name. You may also register your trade name in a partnership, limited partnership, limited liability partnership, or sole proprietorship that uses only the owner’s legal name with no additions - but you aren’t required to do so under the Partnership Act. You are also not required to provide a NUANS (Newly Upgraded Automated Name Search) business name report when registering a business name, but it is generally recommended. While a business name does not have to be unique, you can still be taken to court by an existing business with a similar trade name.
If you are incorporated there are additional requirements as you will often carry out business under the name of your corporation. An Alberta corporation name must consist of 3 elements: distinctive, descriptive, and legal. For example, ‘XYZ Consulting Ltd.’. A distinctive element must be the unique word(s) of the business name. The made up title or potentially even the location of the business, in this example ‘XYZ’ is the distinctive element. The descriptive element describes what a business is or does, in this case ‘consulting’. Finally, a corporation name must have a legal element at the end of their name to indicate to the world their status as a corporation and put clients on notice that it is a limited liability business. These legal elements are listed in the Business Corporations Act as Limited, Incorporated, Corporation, Ltd., Inc., or Corp.. In this example the legal element is ‘Ltd.’. Corporate names must also be unique. So if you don’t wish to use the assigned ‘number name’ from the Corporate Registry you must get an Alberta NUANS report on your proposed name. This is required for federal incorporation as well. You may also choose to register a business name for your corporation, as a corporation may carry on business under a name other than its corporate name. However, this business name cannot use the legal elements listed above, must still be unique and must still comply with the trade name rules under the Partnership Act.
Overall, naming your business remains a crucial decision in any start-up but keeping in mind these simple requirements can help the decision a bit simpler.
Kiara Brown is a member of the BLG Business Venture Clinic, and is a 3rd year student at the Faculty of Law, University of Calgary.
 Business Corporations Act, RSA 2000, c B-9, s. 10(3).
 Partnership Act, RSA 2000, c P-3, s. 110(1).
 Alberta Government, Incorporate an Alberta corporation, https://www.alberta.ca/incorporate-alberta-corporation.aspx
 Supra note 1 at s. 10(1)
 Ibid at s. 12(1)
 NUANS Corporate name search, https://www.nuans.com/eic/site/075.nsf/eng/home
 Government of Canada, Steps to incorporating, https://www.ic.gc.ca/eic/site/cd-dgc.nsf/eng/cs06642.html#toc-02
 Supra note 1 at s. 10(9)
Blog posts are by students at the Business Venture Clinic. Student bios appear under each post.