Privacy, Data Governance and Cybersecurity

Personal information and business data are increasingly valuable but inherently risky assets that are protected by both technological and legal safeguards.

These safeguards are in flux given fast-changing technology, evolving privacy and data protection laws, and ever-escalating cybersecurity threats – the latter recently resulting in massive privacy and data breaches at government departments and market-leading brands in the retail, ISP and financial services sectors.

Businesses facing privacy and data protection challenges require expert legal advisors who provide innovative and practical solutions. Our multi-disciplinary privacy and data protection team includes client-and-peer-ranked leading and technologically-savvy business, regulatory and litigation lawyers, some of whom are also trained as engineers.

The experience and services of our lawyers covers the full spectrum of risk mitigation, incident response and dispute resolution and includes advising on:

  • Canadian federal and provincial privacy and data protection laws applicable to private sector businesses;
  • privacy and data protection gap and risk assessments;
  • implementing and auditing personal information and data protection practices, including privacy policies and consents;
  • data classification and information management programs;
  • data protection provisions for third party service provider/outsourcing agreements;
  • privacy and data protection issues related to websites, apps, e-commerce and cloud computing;
  • privacy and data protection issues and requirements in business transactions including mergers, acquisitions, securitizations and financings;
  • privacy and data security breaches, incident management and regulatory notification issues;
  • security solutions and crisis management relating to lost or stolen devices (like phones, laptops or flash drives), cyberattacks, ransomware, misdirected email, fraudsters and rogues;
  • competition law compliance risks associated with information sharing among competitors and industry associations as part of responses to cybersecurity and other threats or for other legitimate purposes;
  • investigations by and complaints before Canadian federal and provincial privacy commissioners;
  • government access to information and freedom of information requests and proceedings;
  • privacy-related litigation, including investigations, surveillance and e-discovery issues;
  • workplace privacy issues, including email, Internet and social media use policies affecting an employee’s expectation of privacy;
  • privacy and data protection training and awareness programs;
  • Canadian privacy laws and Canada’s Anti-spam Legislation (CASL) applicable to promotional electronic messages sent, and computer programs installed, by manufacturers, distributors, retailers, app developers and other Internet-based businesses;
  • issues under CASL and Canadian privacy laws regarding marketing and advertising campaigns, including refer-a-friend campaigns, social media marketing, big data, programmatic ad trading, and online behavioural advertising;
  • Canadian personal health information protection laws applicable to health care institutions, health products/services companies (including pharmaceutical companies) and other organizations in the life sciences sector;
  • outsourcing involving personal information or other sensitive data that requires protection;
  • international privacy and data protection issues, including transferring of data outside Canada and complying with information transfer agreements under foreign laws such as the European Union’s Data Directive and General Data Protection Regulation; and
  • government relations and regulatory affairs involving emerging privacy and data protection issues relating to law and public policy both within Canada and abroad.

recent news & insights

Corporate Commercial

Year in Review: Our Most Popular Insights From 2024

Privacy, Data Governance and Cybersecurity

2024 ILN Data Privacy Guide – Canada

Article
Person Typing on a Laptop with Cyber Security Icons

Technology

Podcast: Law Firm ILN-telligence

Interview

Privacy, Data Governance and Cybersecurity

Young Park speaks with CBC’s Canada Tonight to discuss Canadian voter data accessibility and the BC Supreme Court ruling.

Interview
Person Typing on a Laptop with Cyber Security Icons

Privacy, Data Governance and Cybersecurity

Success Before the BC Supreme Court in a Landmark Decision With Respect to BC’s Personal Information Protection Act and its Application to Canada’s Federal Political Parties.

Announcement
Person Typing on a Laptop with Cyber Security Icons

Privacy, Data Governance and Cybersecurity

Success Before the BC Supreme Court in a Landmark Decision With Respect to BC’s Personal Information Protection Act and its Application to Canada’s Federal Political Parties.

Announcement
Person Typing on a Laptop with Cyber Security Icons

Privacy, Data Governance and Cybersecurity

5 Things Canadian Businesses Should Know About The New EU Artificial Intelligence Act

Article

Corporate Commercial

41 Lawyers Profiled Across 24 Areas of Law in The Best Lawyers in Canada, 2024

Announcement, Recognition

Privacy, Data Governance and Cybersecurity

Improving Your Organization’s Cyber Resilience

Article
Computer Screen System Hacked Warning Icon

Corporate Commercial

Fogler, Rubinoff Ranked as One of Ontario’s Top 10 Regional Firms

Announcement, Recognition
Gold badge with gold starts

Privacy, Data Governance and Cybersecurity

Mondaq Thought Leader Award

Announcement, Recognition

Privacy, Data Governance and Cybersecurity

Data Protection & Privacy 2023 – Canada Law & Practice

Article

Privacy, Data Governance and Cybersecurity

Cybersecurity and Privacy Breaches: Prevent, Detect, Respond

Article
Computer Screen System Hacked Warning Icon

Privacy, Data Governance and Cybersecurity

Pausing AI Development

Article
AI letters surrounded by digital assets

Privacy, Data Governance and Cybersecurity

Why Businesses of All Sizes in Canada Should Have Privacy Management Programs…If Not Now, Sooner than Later

Article
blurred background with compliance icons

Privacy, Data Governance and Cybersecurity

The Litigation Consequences of Cybersecurity Breaches – Part 2

Article
Computer Screen System Hacked Warning Icon

Privacy, Data Governance and Cybersecurity

What’s Ahead in 2023 for Privacy and Cybersecurity Law

Article
Person Typing on a Laptop with Cyber Security Icons

Privacy, Data Governance and Cybersecurity

The Litigation Consequences of Cybersecurity Breaches – Part I

Article
Computer Screen System Hacked Warning Icon

Privacy, Data Governance and Cybersecurity

Canada Proposes New AI Law for Private Sector Inspired by EU’s Proposed AI Act

Article
A hand interacts with virtual icons

Privacy, Data Governance and Cybersecurity

How Canada’s Proposed Private Sector Modernized Privacy Law and New AI Systems Law Will Impact Canadian Business

Article
Person Typing on a Laptop with Cyber Security Icons

Litigation and Dispute Resolution

A New (and Needed) Cyber-Tort Emerges: Harassment In Internet Communications Caplan v. Atas, 2021 ONSC 670

Article

Privacy, Data Governance and Cybersecurity

Happy Together: Privacy & Competition Law in a Digital Economy

Speaking Engagement

Privacy, Data Governance and Cybersecurity

Shining a Light on Privacy: Untangling the Web of Canadian Privacy Laws

Article

Intellectual Property

The Federal Court of Appeal Upholds Canada’s Anti-Spam Legislation as Constitutional

Article

Privacy, Data Governance and Cybersecurity

Interview: Legal campaign calls on five watchdogs to investigate political parties over privacy concerns

Interview

Privacy, Data Governance and Cybersecurity

Interview: OPC Understaffed as Mandatory Data Breach Reporting Comes Into Effect

Interview

Privacy, Data Governance and Cybersecurity

Interview: Tired from GDPR? Get ready — next is the ePrivacy Regulation

Interview

Privacy, Data Governance and Cybersecurity

Privacy And Property: The Supreme Court Clarifies The Limits Of PIPEDA

Article

Advertising and Marketing

Private Right Of Action Under CASL – The Case For Judicial Restraint In Ordering Non-Compensatory Damages

Article

Connect with our team

Exceptional teams with a personal touch – that’s the Foglers Advantage.
Find a lawyer in this practice area