skip to main content





Businesses operating in Canada are subject to a sophisticated regulatory framework for privacy and data security, encompassing federal and provincial laws. They are also subject to a global framework of laws, regulations and directives throughout the United States, Europe and around the world. The Aird & Berlis Privacy & Data Security Group delivers practical solutions to privacy (including health information privacy), data protection and data security issues within a global environment, and advises on how the related laws impact domestic and international commerce.

Data security and risks require fast and practical guidance within the context of a global environment. When threats to data security are imminent or have occurred, we work with you to protect your business and reputation. We work with forensic teams and with the regulators and law enforcement to ensure risks to everyone affected are mitigated. 

We typically provide both strategic and tactical advice to multinational and domestic entities, including critical infrastructure players such as energy, health care, transportation, communications and government, as well as those in the education, professional services, technology, social media, retail and manufacturing sectors.

Our lawyers are industry leaders who are often asked to provide guidance and opinions to governments and regulators on new laws and amendments to existing laws to address the rapidly-evolving data privacy and security industry landscape and risks.  

Specialized Expertise

Privacy and Data Management

Clients rely on our expertise to help them protect one of their most valuable resources – data. From conducting privacy and information threat-risk assessments and designing privacy and data management policies to developing compliant business processes, policies and sophisticated training modules, we are committed to helping clients plan and prepare for the expected and unexpected. Knowing the legal and regulatory landscape is vital to crafting a strategy that protects customer and consumer privacy and optimizes an organization’s security. We advise on all facets of privacy law, including issues surrounding the transfer of data outside of Canada, compliance with Canada’s Anti-Spam Legislation (CASL), fraud detection, workplace privacy issues and privacy information security breaches.

We serve as data breach response advisors (a ‘go team’), working to mitigate, source, contain and manage the damage that results from a security breach. Our professionals work closely with management, IT experts and forensic auditors, regulators, public relations representatives and human resource specialists. In our role as a data breach coach, we provide a complete response directed to our client’s specific needs and the type and scope of the breach. In addition to proactively advising on risk management and notification strategies, we can also provide notifications to individuals, businesses and law enforcement following a breach. We also work with insurance companies in advising on appropriate coverage limits and data breach response management when insurance is involved. As a matter of preserving lawyer-client privilege, we will sometimes hire technical experts ourselves and have them report to us on the outcomes of their investigations following a data breach.

Cyber Security and Cyber Offences

With the rise of cyber threats and attacks, it is becoming increasingly more important to take a proactive approach to safeguarding your organization’s presence in cyberspace. Our lawyers can help you to understand and assess your legal risk and develop strategic and tactical cyber security measures to reduce your vulnerability and protect your organization.

Should the need arise, we can also provide timely support and legal guidance in the face of a cyber threat or attack, whether as the result of an internal security breach or external action, such as state-sponsored or politically- or financially-motivated offences. Our professionals understand the urgency needed to respond to such events in order to effectively mitigate the risk of financial loss and reputational damage. Our team is committed to providing the advice and action you need when you need it.

Representative Matters

Recent Developments

Publications Newsletter Oct 06, 2017 Doing Business in Canada - October 2017
Publications Newsletter Jun 29, 2015 Privacy Newsflash - June 29, 2015
Publications Newsletter Mar 11, 2015 Privacy Law Bulletin - March 11, 2015
Publications Newsletter Mar 06, 2015 Privacy Law Bulletin - March 6, 2015
Publications Newsletter Feb 05, 2015 Privacy Law Bulletin - February 2015
Publications Newsletter Jul 25, 2014 Privacy Law Bulletin - July 2014
Publications Newsletter Mar 25, 2014 Canada’s Anti-Spam Legislation – Are You Ready?
Publications Newsletter Dec 04, 2013 Privacy Law Bulletin - December 2013
Publications Newsletter Nov 25, 2013 Privacy Law Bulletin - November 2013

Blog Posts

Insights TheSpotlight Sep 14, 2017 Equifax Breach - The Breach That Will Keep on Giving
Insights TheSpotlight Jul 21, 2017 With All Eyes Turned to CASL, is Anyone Paying Attention to GDPR? With Less Than 1 Year Before GDPR Takes Effect, Make Sure Your Organization is Ready
Insights TheSpotlight Jul 10, 2017 Cyber Security, Risk, Response and Cyber Insurance