As data increasingly drives global commerce, compliance with privacy laws is a key concern for both private- and public-sector organizations. Blakes privacy lawyers advise clients in all industries and sectors at every point along the data management and accountability spectrum. From proactive privacy compliance and risk mitigation to incident response and dispute resolution, our goal is to help clients achieve compliance and manage risk while optimizing business opportunities.
Blakes privacy lawyers regularly work with clients to develop and operationalize privacy and data management programs. We assist with auditing personal information practices, conducting privacy impact assessments, developing privacy policies and procedures and incident response plans. We work closely with our Cybersecurity group, a cross-office multidisciplinary team of lawyers with significant technology, regulatory, privacy, employment, financial services, crisis management and litigation expertise. We understand the complex, interrelated legal, technical and compliance issues required to have an effective cybersecurity strategy. We also advise on records management and data retention matters, developing vendor management programs, drafting and negotiating data protection agreements, and conducting privacy training and tabletop exercises.
We have extensive experience advising on Canadian aspects of global privacy compliance projects, including reviewing global privacy policies, consent frameworks, data protection addenda and internal privacy policies and procedures. Our deep understanding of the complex interconnected data protection regimes in Canada and globally allows us to provide practical, functional and commercially driven advice worldwide.
Blakes privacy lawyers support both well-established and emerging start-up clients in all industries and sectors, including technology, financial services and insurance, health and life sciences, energy, infrastructure, education, hospitality, retail, and consumer goods sectors. We have extensive experience advising on the privacy implications and compliance requirements associated with new and innovative technologies and business models, including privacy considerations in connection with big data, artificial intelligence and machine learning, biometrics, and blockchain technology.
We represent clients in regulatory proceedings before information and privacy commissioners with respect to complaints, appeals, breach reports, investigations and audits. We regularly assist clients with successfully managing disclosure and access to information requests. Many of the leading cases on access to information issues in Canada have been argued by Blakes litigators, making us a leading Canadian privacy and data protection law firm.
With respect to the privacy aspects of corporate transactions, we assist clients with carrying out privacy-related due diligence, negotiating and drafting the privacy-related aspects of transaction documents, resolving data transfer issues and meeting post-closing requirements.
Blakes privacy lawyers also have broad cross-disciplinary expertise in marketing and advertising laws. We regularly assist clients with ensuring their marketing practices are in compliance with data privacy laws, Canada’s Anti-Spam Legislation and the Unsolicited Telecommunications Rules of the Canada Radio-television and Telecommunications Commission.
Professional Activities Blakes lawyers have written and spoken extensively on privacy and data protection issues and have been actively involved in many committees, organizations and advisory bodies, including:
Advisory Committee to the Office of the Privacy Commissioner of Canada
Information, Telecommunications and Intellectual Property Section – Quebec Branch of the Canadian Bar Association (at the executive and chair level)
Advisory Council of the Identity, Privacy and Security Initiative at the University of Toronto
International Association of Privacy Professionals
Global Data Review’s GDR 100 ranks Blakes among the best data law firms, noting that the Firm has “market-leading practitioners…who advise on wide-ranging data projects” and that clients “seek out its expertise in the immediate aftermath of cyber incidents.”
CHC Casinos Canada Limited and the Ontario Lottery and Gaming Corporation in successfully defending them in a class action arising out of a cyber-attack against Casino Rama.
AnRESP company in successfully defending them in a class proceeding arising out of a privacy breach at an Ontario hospital.
A major North American automotive manufacturer in a proposed privacy class action.
An international airline in a class action arising out of a cyber-attack.
The appellant in Royal Bank of Canada v. Trang, a Supreme Court appeal relating to the balance of legitimate commercial interests with privacy rights in Canada’s federal data protection statute.
We have also assisted clients with the following:
Advising on auditing their personal information practices, drafting privacy policies and consent forms, and advising on their implementation.
Advising on privacy issues in corporate transactions, including reviewing a broad range of interprovincial and international transactions to identify Canadian privacy issues and drafting data protection language.
Advising on and drafting employee privacy policies and data protection agreements with service providers.
Reviewing numerous insurance and financial services application forms to identify Canadian privacy issues and drafting data protection language.
Reviewing a wide range of marketing and promotional material to identify and address Canadian privacy issues.
Advising on privacy issues related to their use of technologies, including with respect to websites, e-commerce, online advertising, social media and cloud computing.
Advising on access-to-information matters and assisting with Privacy Commissioner complaints and investigations.
