Organizations have more data at their disposal than ever before. Generally, this is a good thing: data can help inform organizations’ strategic and operational decision-making. Increasingly, though, data is also a business risk. Organizations face increasingly complex laws governing the collection, storage, use and disclosure of information. Data breaches can also expose organizations to significant operational and reputational harm. To properly manage these risks, organizations must understand their legal obligations and adopt effective policies and information management practices.

WeirFoulds proudly serves organizations such as public institutions, universities (and other educational institutions), and healthcare providers (including hospitals, regulatory bodies, and their respective stakeholders), providing advice on the impact of the Personal Information Protection and Electronic Documents Act (PIPEDA), Municipal Freedom of Information and Protection of Privacy Act,  Freedom of Information and Protection of Privacy Act, and the Personal Health Information Protection Act.

We also assist in the  development of information management systems, privacy policies and codes, and provide advice relating to access to information requests, prepare submissions to regulators, and represent organizations that face legal challenges in the wake of a data breach.

Meet our lawyers and professionals in this area

John Wilkinson
Key Contact

John Wilkinson

Partner
Macdonald Allen

Macdonald Allen

Partner
Alyssa Armstrong

Alyssa Armstrong

Associate
Abby Benattar

Abby Benattar

Associate
Jeff Cowan

Jeff Cowan

Counsel
Lisa Danay Wallace

Lisa Danay Wallace

Partner
Jill Dougherty

Jill Dougherty

Partner
Albert Formosa

Albert Formosa

Partner
Lara Kinkartz

Lara Kinkartz

Partner
James G. Kosa

James G. Kosa

Partner
Francisca Sinn

Francisca Sinn

Senior Counsel
Agatha Suszek

Agatha Suszek

Associate
Alexandra Wilbee

Alexandra Wilbee

Partner
Thomas Wong

Thomas Wong

Partner
placeholder

Sarah Yun

Partner
Related Practice Areas:

Areas of Expertise

  • Access to Information requests
  • Best practices
  • Bring Your Own Device (BYOD) advice
  • Compliance
  • Data breaches
  • Due diligence
  • Information governance
  • Insurance
  • Litigation
  • Privacy and security policies
  • Regulatory submissions

Representative Experience

  • Acted for the LCBO in a series of judicial review applications, appeals and reconsiderations of the Information and Privacy Commissioner of Ontario (IPC) decisions relating to the ability of the LCBO to collect personal information regarding wine club members placing orders (through clubs) with the LCBO. WeirFoulds was successful (on judicial review and in resisting a motion for leave to appeal) in quashing (on procedural fairness grounds) the IPC’s Order requiring the LCBO to cease collecting and to destroy the personal information in question. The IPC’s subsequent reconsideration decision was upheld on judicial review, and we have been acting for the LCBO in liaising with the IPC to agree upon the steps to be taken by the LCBO to implement the IPC’s order.
  • Acted on the leading case in Canada on electronic discovery. Air Canada v. WestJet Airlines Ltd.(2006), 267 D.L.R. (4th) 483 (Ont. S.C.J.).
  • Advising on access requests on an ongoing basis. Representing a client in adjudication before the Information and Privacy Commissioner of access appeal involving confidential third party information and mediation involving access to compensation information.
  • Provided a legal opinion to an international entity regarding the scope of CASL to its operations including whether certain electronic communications constitute “commercial electronic messages”.

Privacy & Access to Information - Insight & Events

Legend: GeneralLitigationPropertyCorporateGovernment
Printable PDF (opens in new window)
Media Contact