Kristen Pennington maintains a dynamic practice in both employment law and privacy and data protection law. She provides counsel to startups and established companies in a range of industries, including manufacturing and cannabis.

Experienced in all areas of employment law, Kristen advises employers on hiring and dismissals, employment contracts, performance management and discipline, employment policies and human rights laws. Kristen has appeared before the Ontario Superior Court, the Ontario Court of Appeal, the Ontario Human Rights Tribunal, the Ontario Labour Relations Board, and the Canadian Railway Office of Arbitration and Dispute Resolution, as well as at various arbitrations and mediations.

An area of particular expertise for Kristen is assisting employers in developing and implementing effective discrimination, violence and harassment policies and programs, and managing workplace complaints. She also provides training on workplace investigations, employee accommodation and management of conflict in the workplace.

Kristen has assisted vendors and purchasers with assessing the employment and privacy law implications of corporate transactions. She also assists businesses entering the Canadian market, providing insights on Canada’s distinct labour and employment, and privacy laws.

Kristen counsels clients on a wide variety of privacy and data security issues, including employee background checks, cross-border transfers of personal information and data breaches. She helps clients develop robust privacy compliance programs, and drafts policies, consent forms, acceptable use policies, and commercial privacy and data protection terms.

Representative Matters

  • Provided employment and privacy law advice to an international consulting firm in connection with its entry into the Canadian market through the acquisition of a leading health consulting company
  • Provided employment advice to a publicly-traded payment company in connection with its acquisition of a Canadian fintech firm
  • Acted for HCI Equity in connection with the acquisition by AmerCareRoyal, LLC of McNairn Packaging
  • Assisted an international software company with its entry into the Canadian market, including establishing template employment agreements and compensation plans and implementing mandatory employment policies
  • Assisted a large, multi-entity human resources and benefits organization with the development of a Canadian privacy compliance program
  • Acted for a transportation company with respect to the dismissal of an employee involved in a high-profile incident resulting in third-party fatalities
  • Acted for a manufacturing company with respect to the dismissal of an employee involved in a workplace sexual harassment complaint
  • Assisted a board of directors with managing, investigating and responding to sensitive workplace harassment and discrimination complaints involving senior leadership

Speaking Engagements

Ontario Bar Association Panel: Requesting Proof of COVID-19 Vaccinations from Customers and Clients

March 1, 2021

Ontario Bar Association Panel: Workplace Harassment Investigations

February 24, 2021

HR Insider Webinar: Mandatory Vaccination Policies – Enforceable or a Shot in the Dark?

February 10, 2021

Terralex Data Privacy Day Series: The Rise of Privacy Torts in Canada

January 28, 2021

Ontario Bar Association Panel: Mastering Summary Judgment Motions

October 27, 2020

Glendon College: Glendon Grads Address Canada @ 150

September 23, 2017

Teaching Engagements

  • Mentor – Taste Program, York University – Mentoring young aspiring lawyers over lunch


Media Mentions

  • Kristen is a regular contributor to a variety of leading employment and privacy law publications, including Employment Law Today, Employment Law Bulletin, Labour Notes, Canadian Employment Safety and Health Guide, Canadian Corporate Counsel, In-House Defense Quarterly, Internet and E-Commerce Law, and Canadian Privacy Law Review.
  • Kristen has also been interviewed and quoted by a variety of news sources nationwide, including The Globe and Mail, Metro News, CTV, Global News, Yahoo and CBC’s The National.

Directorships & Affiliations

  • Ontario Bar Association
  • The Advocates’ Society

Education & Admissions

Called to the Ontario bar
Intensive Trial Advocacy Program York University, Osgoode Hall Law School
JDUniversity of Toronto, Faculty of Law
Honours BA, Canadian StudiesYork University, Glendon College

Insights by Kristen Pennington (21 Posts)

Mandatory Vaccination Policies: Enforceable or a Shot in the Dark? (February 10, 2021)

Feb 1, 2021

While mass vaccination hasn’t arrived, employers are already wrestling with what the rules should be as we start to return to a new normal.

Potential Overhaul of Canadian Privacy Law – Is Your Organization Ready?

Jan 18, 2021

Potential Overhaul of Canadian Privacy Law – Is Your Organization Ready?

International Comparative Legal Guide (ICLG) – Cybersecurity Canada 2021

Dec 3, 2020

The International Comparative Legal Guide (ICLG) - Cybersecurity Canada 2021 guide covers common issues in cybersecurity laws and regulations.

McMillan’s Employment and Labour Webinar

Nov 10, 2020

This annual workshop addresses significant legal developments and provides practical advice on responding to employee issues.

Canada’s New Cybersecurity Certification Goes Live

Oct 13, 2020

The federal government has launched a voluntary CyberSecure program to help small and medium-sized organizations protect against cybersecurity threats

Mandatory Indoor Face Coverings: What Ontario Employers Need to Know

Oct 6, 2020

Mandatory Indoor Face Coverings: What Ontario Employers Need to Know

Ontario Amends Employment Standards Legislation in Response to COVID-19

Aug 5, 2020

Ontario passes new protected leave of absence for employees impacted by COVID-19, and suggests COVID-19
cases should be reported as occupational illnesses.

Privacy Penalties – Canadian Competition Bureau Wades Into Privacy Enforcement

May 26, 2020

Organizations operating in Canada are advised to immediately review their privacy-related policies and marketing to avoid false or misleading representations

Privacy Commissioner Releases Tips for Secure Videoconferencing

May 5, 2020

It goes without saying that organizations’ use of videoconferencing is at an all-time high as many businesses have converted to remote work.

Shedding “Light” on a New Privacy Tort

Mar 3, 2020

An Ontario court has recently recognized the privacy tort of "false light publicity".

2019 Year in Review: Privacy, Data Protection & Cybersecurity

Feb 4, 2020

Focusing our discussion on significant advancements, findings and key takeaways, we will present a “Year in Review” session that will cover many of the notable developments that occurred in 2019.

Inadequate Workplace Harassment Investigation Results in $75,000 Damage Award

Jan 28, 2020

A recent decision of the Manitoba Human Rights Commission emphasizes the importance of developing a clear plan at the outset of a workplace investigation.

New Year, New Laws? Canada Sets its Privacy Law Resolutions

Jan 28, 2020

A number of recent developments suggest that momentum for significant reform to Canadian privacy and data protection laws is building.

Keepin’ It “Real”: OPC Finds that PIPEDA Applies to Foreign-Incorporated Business

Jan 15, 2020

Keepin' It "Real": OPC Finds that PIPEDA Applies to Foreign-Incorporated Business

Sorry Not Sorry: Ontario Decision Highlights “Aggravating Factors” in Sexual Harassment Cases

Jan 7, 2020

An Ontario Court has upheld the termination of a 30-year employee with a clean disciplinary record following a single incident of sexual harassment.

Contact Information Posted on Websites Not Necessarily Up for Grabs

Dec 19, 2019

Investigation findings of the Office of the Privacy Commissioner highlight issues surrounding the use of personal contact information posted on websites

Ontario Court Suggests Terminated Salespeople are Fish Out of Water

Dec 16, 2019

Recent Ontario decision calls into question prior holdings about the transferability of salespersons' skills.

Top of the Class: New Cybersecurity Program to Certify Privacy-Minded Businesses

Aug 14, 2019

The federal government has launched a new cybersecurity certification program aimed at helping small and medium-sized businesses protect against cyber threats.

Proposed Digital Charter Could Bring Sweeping Changes to Canadian Privacy Laws

May 23, 2019

On May 21, 2019, the Canadian federal government released a proposed Digital Charter

Consent Unnecessary to Disclose Credit File to Statistics Canada

Dec 30, 2018

A recent OPC investigation highlights the need to proceed with caution when asked to disclose personal information to a government institution.

Trick or…Breach? PIPEDA’s Breach Reporting Requirements Come Into Force on November 1, 2018

Nov 1, 2018

This bulletin provides an overview of the new breach reporting requirements.