• About
  • Offices
  • Careers
  • Students
  • Alumni
Background Image
Logo Bennett Jones
  • People
  • Expertise
  • Resources
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All

FEATURED AREAS

Energy
Funds & Finance
Mining
Capital Projects
All Industries
Crisis & Risk Management
Environmental, Social & Governance
Governmental Affairs & Public Policy
All Practices
Insights
Media
Events
Subscribe
COVID-19 Resource Centre
Business Law Talks Podcast
Kickstart
New Energy Economy Series
People
Featured Areas
All Practices
All Industries
About
Offices
Careers
Insights
Events
Search
Search
 

Privacy & Data Protection

  • Download PDF
  • Key Contacts
  • Recent Experience
  • Recent Recognition
  • Insights, News & Events
  • Download PDF
  • Recent Experience
  • Recent Recognition
  • Insights, News & Events

Ongoing changes in the accumulation, storage and use of personal data – whether by government, employers, financial institutions, health care providers or the data subjects themselves – have given rise to new and more serious privacy concerns. Recent changes to privacy laws, varying standards internationally and one reported crisis after another have forced business, government and the public to seek guidance on managing the precarious balance between safeguarding personal privacy and third-party interests in acquiring and using personal information.

Bennett Jones performs groundbreaking work with governments, employers, institutions, device providers and public and private information-gatherers, advising on the far-reaching legal implications of privacy regulation, data protection and data dissemination.

Offering both compliance and enforcement advice, we can provide internal compliance procedures and policies for clients ranging from public and private industrial businesses to retail operations, Universities, charities, health regions and ISPs and other entities operating traditional and new media businesses. We train privacy officers on their rights and obligations under the law, and provide opinions and direction on specific incidents involving employees, customers, patients, Internet users, network providers and data miners whose activities involve the handling of sensitive information.

In regard to corporate transactions, we counsel purchasers on the privacy standards governing employee records, customer files and transaction lists as well as the unique due diligence issues involved when key assets of the target include important databases.

We help clients with privacy issues applicable to employee recruitment and the ongoing management of employment relationships.

In a world of cyber breaches, hacking, credit card and ATM fraud, Internet-based file sharing disputes, and acknowledged institutional surveillance of Internet and email usage, we advise on proactive data protection efforts to mitigate risk in advance of a breach or attack and counsel clients who have faced a breach or have been hacked. We assist with all manner of computer-related privacy and data protection matters, including electronic communications regulation (anti-spam).

We also aid clients with the protection and enforcement of electronic-based privacy rights both domestically and internationally.

The scope of our experience is broad and includes:

  • Data Protection / Privacy and Security Policies and Governance
  • Health Information Privacy and Security Policies and Governance
  • Data Protection / Privacy Compliance Policies and Procedures including integration with electronic communication regulation
  • Review of Data Protection / Privacy and Security insurance coverage
  • Guidance for boards of directors and senior management on Data Protection / Privacy and Security obligations
  • Data Protection / Privacy Investigations
  • Data Protection / Privacy Litigation and Regulatory Enforcement
  • Liaison with regulatory, law enforcement authorities, and Privacy Commissioners
  • Data Protection / Privacy and Security Assessment and Preparedness
  • Data Breach Preparedness
  • Data Breach Investigation and Response
  • Data Breach Litigation and Regulatory Enforcement
  • Defense of class action proceedings relating to data breach or privacy incidents
  • Cross-Border Data Transfers and Data Protection / Privacy
  • Employee Privacy considerations
  • M&A Due Diligence Involving Data Protection / Privacy and Security
  • Advising on the interaction of Data Protection / Privacy compliance and the regulation of commercial electronic messages
  • Licensing and web-contract terms with respect of privacy / data protection, software updates, internet of things and related matters

Key Contacts

  • Stephen D. Burns Stephen D. Burns, Partner, Trademark Agent
  • Ruth E. Promislow Ruth E. Promislow, Partner
  • Michael R. Whitt Q.C. Michael R. Whitt Q.C., Partner, Patent Agent, Trademark Agent
  • Related Lawyers

Recent Experience

Calgary Police Service, with their Freedom of Information and Protection of Privacy (FOIP) Act matters, including appearing before the Office of the Information and Privacy Commissioner of Alberta’s office on breach and notification matters, as well as before the courts.
Counsel for Marriott in privacy class action litigation
Regulatory compliance advice on Canadian privacy and health information laws for a leading medical device manufacturer with global operations
Regulatory compliance advice across a broad spectrum of industries, including technology, financial services, oil and gas production, health, mining, utilities, e-commerce, and hospitality
Breach counsel, involving overseeing forensic investigations, regulatory and litigation risk management, reporting to regulators and handling regulatory inquiries/investigations
Breach coach, development of policy and compliance programs for one of the largest cannabis companies in the world on cybersecurity preparedness and incident response
Breach coach for association of insurance and reinsurance companies with global operations
Data security, privacy advice and breach coach to a supplier of information management systems to oil and gas companies around the world
Sole legal counsel on technology, licensing and IP mandates to Atco Ltd. and Canadian Utilities Limited, a global provider of integrated energy, housing, transportation and infrastructure solutions
Counsel to provincial physician organization on Health Information Act matters, including appearing before regulators and the courts
Regulatory compliance advice on Canadian privacy laws and the collection, storage and use of personal information for one of the world’s largest life sciences companies
Counsel to major Canadian city police service, mandates routinely include Freedom of Information and Protection of Privacy Act matters
Privacy, IP and regulatory advice to help healthcare technology solutions provider navigate its entry into the Canadian market

Recent Recognition

Who's Who Legal: Data
Bennett Jones lawyers recognized globally for data information technology

Insights, News & Events

Speaking Engagements

16th Annual Crown Corporate Governance Conference

January 19, 2021
       

Blog

Understanding the Draft Consumer Privacy Protection Act: A Summary of the Key Changes Proposed

November 26, 2020
       

Blog

Substantial Changes to Federal Regulation of Privacy Now Imminent

November 17, 2020
       

Blog

Privacy Enforcement Update: Possible Collaboration Between the Competition Bureau and the Office of the Privacy Commissioner

November 06, 2020
       

Blog

Use of Facial Recognition Software for Customer Analytics

November 02, 2020
       

Articles

Balancing Privacy and Convenience in Electronic Healthcare Law Review

November 2020
       

Blog

Privacy Commissioner's Call for Increased Enforcement

October 09, 2020
       

Announcements

Christine Plante Rejoins Bennett Jones

September 28, 2020
       

Announcements

Ruth Promislow: Commentary on a Reasonable Security Test

September 28, 2020
       

Articles

Commentary on a Reasonable Security Test

September 2020
       

Blog

Alberta Sunshine List Expanded to Include Physicians

September 17, 2020
       

Blog

Ontario Government Seeks Input for Private Sector Privacy Legislation

September 01, 2020
       

Announcements

Bennett Jones' Best Lawyers in Canada 2021

August 27, 2020
       

Articles

Balancing Privacy and Convenience

August 2020
       

Blog

Balancing Privacy and Convenience: Medical Information and the Emergence of Virtual Medicine

June 24, 2020
       

Blog

Lessons in Digital Asset Recovery

June 02, 2020
       

Blog

Competition Bureau Calls for Increased Fines Under Competition Act for Privacy Violations

May 29, 2020
       

Blog

Canadian Domain Name Registrar Offers New Free Cybersecurity Solution to Individuals

May 21, 2020
       

Blog

Key Takeaways from Competition Bureau Fine for Privacy Violation

May 21, 2020
       

Announcements

Fifteen Bennett Jones Lawyers in Lexpert's Special Edition on Technology

May 13, 2020
       

Blog

COVID-19 and Contact-Tracing Apps in Canada

May 12, 2020
       

Blog

Data Breach and Vicarious Liability for Employee Misconduct

May 01, 2020
       

Blog

Changes Result in the Alberta Electronic Transactions Act Applying to Employment and Other Records

April 13, 2020
       

Blog

Privacy Considerations When Using Smartphone Location Data to Limit the Spread of COVID-19

April 13, 2020
       

Blog

COVID-19 and Cybersecurity Scam Alert: Protecting Your Information and Assets

March 19, 2020
       

Blog

Privacy Considerations When COVID-19 Identified in the Workplace

March 17, 2020
       

Blog

Privacy Considerations when COVID-19 Screening

March 16, 2020
       

Blog

New Privacy Guidance for Businesses Operating in British Columbia

March 11, 2020
       

Blog

Expect Increased Privacy Regulatory Enforcement in 2020

March 09, 2020
       

In the News

Bennett Jones on PIPEDA and AI in Law Times

February 19, 2020
       

Blog

Review of Artificial Intelligence May Result in Significant Changes to PIPEDA

February 06, 2020
       

Blog

Competition Bureau Intends to Police Privacy Violations—Beware of Potential Fines

January 24, 2020
       

Announcements

Ruth Promislow Appointed to Sedona Conference Steering Committee

December 17, 2019
       

Speaking Engagements

Ruth Promislow Presented on Privacy Concerns and Considerations

November 25, 2019
       

Speaking Engagements

Ruth Promislow on Data Protection and Privacy in Canada Panel

November 13, 2019
       

Speaking Engagements

Ruth Promislow on Cyber Time: Cybersecurity Crash Course for Directors & Executives

October 30, 2019
       

Blog

Cryptocurrency 2.0: Is Libra the Tipping Point?

October 21, 2019
       

Blog

Business Email Compromise: Protect Your Company From This Common Scam

October 07, 2019
       

Blog

Canadian and Other Privacy and Data Protection Authorities Address Anticipated Challenges Related to Artificial Intelligence

October 04, 2019
       

Blog

Transborder Data Flow Consent Standard is Reaffirmed

September 24, 2019
       

Blog

Meaningful Consent: An Evolving Standard under Canadian Privacy Law

September 20, 2019
       

Speaking Engagements

Ruth Promislow on WG11

September 18-19, 2020
       

Blog

Privacy Regulators Turning Up the Heat: Major Fines for Data Breaches and Privacy Violations This Summer

September 12, 2019
       

Blog

Limitation Period for Damages Claims under Personal Information Protection Act (Alberta)

August 28, 2019
       

Speaking Engagements

Ruth Promislow as Dialogue Leader on the WG11 Meeting

June 18-21, 2019
       

Speaking Engagements

Ruth Promislow on Cyber Time: Cybersecurity Crash Course for Directors & Executives

June 12, 2019
       

Speaking Engagements

Ruth Promislow on Privacy and Data Protection in the Cannabis Industry Panel

June 07, 2019
       

Blog

Organizations Can Expect Increased Canadian Regulation for Privacy Violations

May 31, 2019
       

In the News

Ruth Promislow on Canada’s New Digital Charter

May 30, 2019
       

Speaking Engagements

Ruth Promislow on Cyber Security Forum

May 26-28, 2019
       

Updates

Canada Digital Charter Announced

May 23, 2019
       

Blog

Cyber Crash Course for Directors and Officers

May 16, 2019
       

Speaking Engagements

Ruth Promislow on Payment by Cryptocurrency Panel

May 15, 2019
       

Speaking Engagements

Ruth Promislow on Cybersecurity Crash Course for Directors and Officers

May 14, 2019
       

Blog

Changes to Cross-Border Data Flow Consent Requirements: Is Your Privacy Policy Still Compliant?

April 30, 2019
       

Speaking Engagements

Ruth Promislow at NetDiligence Cyber Risk Summit

April 05, 2019
       

Speaking Engagements

Ruth Promislow at The Sedona Conference, Houston

February 28-March 1, 2019
       

Speaking Engagements

Ruth Promislow at The Consulate General of Canada

February 27, 2019
       

Blog

Technology and Cybersecurity Incident Reporting: New Guidance from OSFI

January 31, 2019
       

Announcements

Ruth Promislow Selected to Sedona Conference Drafting Team

December 17, 2018
       

Blog

B.C. Privacy Commissioner Issues Guidance Regarding Cannabis Transactions

November 07, 2018
       

Blog

Cyber Breach at the Ontario Cannabis Store Impacts 4,500 Consumers

November 07, 2018
       

Blog

Hacking Elections—New Vulnerabilities

November 01, 2018
       

Blog

Breach Notification Rules Under GDPR, PIPEDA and PIPA

October 01, 2018
       

Blog

Global Patterns and Risks in Cybersecurity

September 27, 2018
       

In the News

Martin Kratz and Stephen Burns in Law360

August 31, 2018
       

Blog

What Can Canada Expect with Mandatory Breach Notification?

August 08, 2018
       

Blog

Cybersecurity—Loss Due to Social Engineering Attack Covered Under Insurance Policy

August 03, 2018
       

Blog

Data Breach Litigation—What If a Breach is Denied?

July 31, 2018
       

Blog

CRTC Issues $250,000 in Penalties for Malware Distribution

July 11, 2018
       

Blog

Understanding the GDPR—Comparing Consent Provisions to PIPEDA, PIPA and CASL

June 14, 2018
       

Blog

CASL Compliance Becomes More Complex

May 31, 2018
       

Blog

Understanding the GDPR: A Comparison Between the GDPR, PIPEDA and PIPA

May 14, 2018
       

Blog

514-BILLETS Pays $100,000—CASL Still Being Enforced After Critical Reviews

May 01, 2018
       

Blog

Are You Ready for Mandatory Breach Reporting and Notification?

April 19, 2018
       

Updates

Mandatory Breach Notification Across Canada

April 04, 2018
       

Blog

Cybersecurity Uncertainty for Cryptocurrencies

February 01, 2018
       

Blog

Recent Developments in Online Privacy Protections for Canadians

February 01, 2018
       

Blog

Law Firm Credentials for Sale on the Dark Web: Understanding Your Cybersecurity Vulnerabilities

January 23, 2018
       

Blog

Electrical Infrastructure Standards Updated to Meet Cybersecurity Threat

January 04, 2018
       

Speaking Engagements

Calgary Chapter of the National CIO Association

September 21, 2017
       

Blog

Proposed Breach of Security Safeguards Regulations Under PIPEDA have been Released

September 07, 2017
       

Blog

Cybersecurity: Spear Phishing Covered Under Insurance Policy Where Code Manipulated

July 25, 2017
       

Blog

Healthcare Data: Are You Required to Report a Ransomware Attack?

July 25, 2017
       

Blog

New General Data Protection Regulations in European Union Has Cybersecurity Consequences

July 19, 2017
       

Blog

Supreme Court of Canada Leaves Forum Selection Clauses in a State of Uncertainty

June 26, 2017
       

Updates

Cybersecurity: 2017 Report & 2016 Reflections

February 2017
       

Blog

Canada's Anti-Spam Law: Is Your Business Ready for July 1st, 2017?

January 12, 2017
       

Blog

Cybersecurity Threats Everywhere–Beware of USB Keys

December 20, 2016
       

Updates

Cybersecurity: United States Federal Trade Commission Strikes Again; Foreshadowing of things to come in Canada?

December 20, 2016
       

Blog

Rise of Ransomware Attacks in Canada: Businesses Beware

December 09, 2016
       

Speaking Engagements

2016 Cyber Security Forum

August 31, 2016
       

Speaking Engagements

Canadian Bar Association Privacy and Access Law Section (South) Presentation

February 29, 2016
       

Updates

The New Face of Commercial Crime

February 04, 2016
       

The firm that businesses trust with their most complex legal matters.

  • Privacy Policy
  • Disclaimer
  • Terms of Use

© Bennett Jones LLP 2021 All rights reserved. Bennett Jones refers collectively to the Canadian legal practice of Bennett Jones LLP and the international legal practices and consulting activities of various entities which are associated with Bennett Jones LLP

Logo Bennett Jones