CAUTION: We have been advised that fraudulent emails with a modified domain name have been sent by a source purporting to be from Aird & Berlis LLP. These communications are not legitimate and are not from Aird & Berlis LLP. Disregard any such emails and do not engage with the sender or the email in any way. Please report the attempted fraud by contacting the Canadian Anti-Fraud Centre and by emailing Aird & Berlis LLP at

Businesses operating in Canada are subject to a sophisticated regulatory framework for privacy and data security, encompassing federal and provincial laws. They are also subject to a global framework of laws, regulations and directives throughout the United States, Europe and around the world. The Aird & Berlis Privacy & Data Security Group delivers practical solutions to privacy (including health information privacy), data protection and data security issues within a global environment, and advises on how the related laws impact domestic and international commerce.

Data security and risks require fast and practical guidance within the context of a global environment. When threats to data security are imminent or have occurred, we work with you to protect your business and reputation. We work with forensic teams and with the regulators and law enforcement to ensure risks to everyone affected are mitigated. 

We typically provide both strategic and tactical advice to multinational and domestic entities, including critical infrastructure players such as energy, health care, transportation, communications and government, as well as those in the education, professional services, technology, social media, retail and manufacturing sectors.

Our lawyers are industry leaders who are often asked to provide guidance and opinions to governments and regulators on new laws and amendments to existing laws to address the rapidly-evolving data privacy and security industry landscape and risks.  

Specialized Expertise

Privacy and Data Management

Clients rely on our expertise to help them protect one of their most valuable resources – data. From conducting privacy and information threat-risk assessments and designing privacy and data management policies to developing compliant business processes, policies and sophisticated training modules, we are committed to helping clients plan and prepare for the expected and unexpected. Knowing the legal and regulatory landscape is vital to crafting a strategy that protects customer and consumer privacy and optimizes an organization’s security. We advise on all facets of privacy law, including issues surrounding the transfer of data outside of Canada, compliance with Canada’s Anti-Spam Legislation (CASL), fraud detection, workplace privacy issues and privacy information security breaches.

We serve as data breach response advisors (a ‘go team’), working to mitigate, source, contain and manage the damage that results from a security breach. Our professionals work closely with management, IT experts and forensic auditors, regulators, public relations representatives and human resource specialists. In our role as a data breach coach, we provide a complete response directed to our client’s specific needs and the type and scope of the breach. In addition to proactively advising on risk management and notification strategies, we can also provide notifications to individuals, businesses and law enforcement following a breach. We also work with insurance companies in advising on appropriate coverage limits and data breach response management when insurance is involved. As a matter of preserving lawyer-client privilege, we will sometimes hire technical experts ourselves and have them report to us on the outcomes of their investigations following a data breach.

Cyber Security and Cyber Offences

With the rise of cyber threats and attacks, it is becoming increasingly more important to take a proactive approach to safeguarding your organization’s presence in cyberspace. Our lawyers can help you to understand and assess your legal risk and develop strategic and tactical cyber security measures to reduce your vulnerability and protect your organization.

Should the need arise, we can also provide timely support and legal guidance in the face of a cyber threat or attack, whether as the result of an internal security breach or external action, such as state-sponsored or politically- or financially-motivated offences. Our professionals understand the urgency needed to respond to such events in order to effectively mitigate the risk of financial loss and reputational damage. Our team is committed to providing the advice and action you need when you need it.

Recent Developments

Events May 12, 2021 Privacy and Data Breach Response: Managing the Process, Notifications and Mitigating Damages CPD Information: 1 Substantive Hour for Lawyers
Events Apr 14, 2021 Privacy and Data Breach Prevention: Safeguarding Your Business CPD Information: 1 Substantive Hour for Lawyers
Events Dec 02, 2020 Reforming Canadian Data Privacy Laws: Introducing Bill C-11 CPD Information: 1 Substantive Hour for Lawyers
Events Sep 30, 2020 The Future of Privacy Laws in Canada CPD Information: 1 Substantive Hour for Lawyers
Events Sep 06, 2018 Legal Fundamentals for Private, Owner-Managed and Family Businesses Archive Now Available!

Blog Posts

Insights TheSpotlight Jul 30, 2020 Seismic Shift in Privacy Risks and Obligations
Insights TheSpotlight May 01, 2020 Smart Devices at Home and Maintaining Confidentiality Are Your Smart Devices Listening to Your Confidential Discussions? How to Secure Your Devices and Protect Your Data
Insights TheSpotlight Apr 20, 2020 Digital Ethics
Insights TheSpotlight Mar 27, 2020 Geolocation and the Fight Against COVID-19 Could the Emergencies Act Overrule Privacy Law Protections for Cellphone Location Data?
Insights TheSpotlight Dec 19, 2019 Federal Privacy Law – Is It About to Change?
Insights TheSpotlight Jul 09, 2019 Facebook’s New Digital Currency

Related Industries