Lyndsay leads McMillan’s Data Management Group nationally. She is a strategic advisor to organizations in the technology industry, and companies in all industries that collect, use, store and otherwise process personal information. She provides practical advice and solutions that allow clients to leverage data while meeting their regulatory obligations and maintaining consumer trust, based on her in-depth knowledge of privacy, data protection and cybersecurity laws across Canada.
Lyndsay helps clients conduct privacy impact assessments and develop comprehensive privacy compliance and vendor management programs, including designing appropriate policies and procedures, training, and template documents. With over 15 years of experience in privacy and data protection law, Lyndsay advises on a broad range of matters, including requirements and restrictions related to obtaining valid consent to process personal information, data security, employee privacy, handling sensitive personal information (including personal health information, financial information, biometrics, and demographic data), data analytics, web scraping, electronic monitoring, background checks, social media, smart homes, smart cars, IoT, AI, and transferring personal information across borders. She is adept at coordinating legal strategy with counsel in other jurisdictions, as well as assisting organizations to understand and reconcile differences between Canadian laws and legal requirements in other countries.
Lyndsay is an experienced data breach coach who assists clients with navigating risk assessments, executing response and mitigation strategies, meeting reporting obligations, and communicating with regulators. She also regularly drafts and negotiates data processing agreements, as well as privacy and data protection terms in a wide variety of commercial and consumer contracts. In addition, she provides advice and assistance on the privacy and data protection aspects of corporate transactions.
Lyndsay is co-author of Privacy in the Workplace, 4th ed., and Canadian chapters in the International Comparative Legal Guides on Cybersecurity (2020/2021) & Data Protection (2021/2022). She has been recognized by Best Lawyers in Canada in Privacy and Data Security Law (2022/2023), as a Mondaq Thought Leader for Data Protection, Canada (2021), by Thomson Reuters Stand-Out Lawyers (2021/2022), in the 2022 Canadian Legal Lexpert Directory for Data Privacy and in the 2022 Lexpert Special Edition on Canada’s Leading Technology & Health Sciences Lawyers. She is Chair of the Data Breach committee of PrivacyRules, a global alliance of privacy professionals, as well as Co-Director of the Osgoode Certificate in Privacy and Cybersecurity Law. She has been a Certified Information Privacy Professional/Canada through the International Association of Privacy Professionals since 2013.
In addition to her Data Management practice, Lyndsay counsels employers in all areas of employment law, including hiring, employment agreements, incentive compensation plans, performance management, terminations, employment standards and human rights laws.
Corporate Transactions
Cases
Lyndsay is the recipient of multiple Awards in Law, including the Bronze Medal and prizes for placing first in first year law at Osgoode Hall Law School. A complete list of her legal Awards is as follows:
Full evaluation of a target's privacy, technology and cybersecurity compliance in due diligence is critical for transactions involving technology companies.
The Court of Appeal for Ontario released a trio of decisions that materially impact the viability of class actions following a data breach.
Join McMillan's Privacy & Data Protection Group on Wednesday, December 7th for an overview of recent significant legal developments, tips on complying with new and forthcoming obligations under Quebec’s Bill 64, and discussions about hot topics in data management.
New federal privacy legislation has been introduced. If passed, Bill C-27 will materially change the legal landscape for privacy and data protection in Canada.
Join us on Thursday, April 28, 2022 as members of McMillan's Privacy & Data Protection Group discuss privacy and data protection issues relevant to the automotive industry.
Canada’s Minister of National Defence has issued a statement regarding a recently identified critical vulnerability in the Apache Log4j logging product.
Our lawyers will provide an overview of important case law developments, regulatory guidance, upcoming statutory changes, and hot topics in Privacy, Data Protection & Cybersecurity
Ontario government seeks input on privacy policy proposals, signaling that Ontario private sector privacy legislation may be on the horizon
Join us for Part Two of McMillan's Automotive Industry Webinar Series
The International Comparative Legal Guide (ICLG) - Cybersecurity Canada 2021 guide covers common issues in cybersecurity laws and regulations.
The Digital Charter Implementation Act, 2020 received its first reading in the House of Commons. If passed, the Act will radically change Canadian Privacy Law.
This annual workshop addresses significant legal developments and provides practical advice on responding to employee issues.
Office of the Privacy Commissioner of Canada ("OPC") released a number of new resources to assist organizations with their breach assessment, reporting and recording obligations.
Organizations operating in Canada are advised to immediately review their privacy-related policies and marketing to avoid false or misleading representations
Many organizations recognize the potential benefits that artificial intelligence can bring to their business. Canadian regulations coming sooner than later.
Focusing our discussion on significant advancements, findings and key takeaways, we will present a “Year in Review” session that will cover many of the notable developments that occurred in 2019.
On November 14, 2019, IIROC amended its Dealer Member Rules to require mandatory reporting by dealer members that suffer a cybersecurity incident or breach.
Join us as we discuss significant legal developments and provide practical advice on critical issues facing employers in Canada.
Feedback from stakeholders regarding its consultation on transfers for processing and transborder data flows, Office of the Privacy Commissioner of Canada has decided to maintain the status quo.
On June 11, 2019, the Office of the Privacy Commissioner of Canada (“OPC”) published a reframed discussion document (the “Reframed Discussion”)
On May 21, 2019, the Canadian federal government released a proposed Digital Charter
On April 9, 2019, the Office of the Privacy Commissioner of Canada (“OPC”) initiated a consultation on transborder dataflows under the Personal Information Protection and Electronic Documents Act (“PIPEDA”) (the “Consultation”).
The Office of the Privacy Commissioner of Canada recently released a guidance document for Canadian private sector cannabis retailers who collect personal information from their customers.
McMillan is pleased to host its third annual Privacy, Data Protection & Cybersecurity Seminar in Toronto.
July, 2018, the CRTC announced it took enforcement action against Datablocks and Sunlight Media - the first time action is taken under Canada's "Anti-Spam Law"
On April 19, 2018, the Canadian Securities Administrators (the "CSA") published new draft rules governing the registration of derivatives market participants.
Personal information where it is reasonable in the circumstances to believe that the breach creates a "real risk of significant harm"[1] to affected individuals
Members of McMillan’s Privacy, Cybersecurity, Data Protection groups will be discussing, for the second year running, how client and in-house counsel can educate their firms on how to navigate through privacy in the workplace, cyber security risks and data protection issues on Tuesday Nov 14, 2017.
Prying Eyes: Risk of Employee ‘Snooping' and How to Reduce it
Cybersecurity – The Legal Landscape in Canada
Please join us for a practical and in-depth discussion aimed at HR professionals, in-house counsel and operations managers, who want to prepare and better understand how Bill1 48 will impact their business.
Supreme Court of Canada Turns the Other Cheek: Facebook's "Terms and Conditions" – Forum Selection Clause Unenforceable
CASL Private Right of Action Delayed; Enforcement by CRTC Continues
Employee personal information handled by an organization is far greater than the personal information collected by the organization about customers and third parties
Are You Ready for CASL's Private Right of Action?
Ontario's Pooled Registered Pension Plans Act Takes Effect
Cybersecurity and cyber risk are growing areas of concern for businesses, governments and individuals.
As organizations are increasing their investment in data safeguards, McMillan’s Privacy Group would like to help our clients understand their core privacy, data protection and cybersecurity obligations and related legal issues.
McMillan's Labour and Employment Group invites you to join us at our annual employment and labour seminar.
Speak Now: Consultation on Solvency Funding for Defined Benefit (DB) Pension Plans
The GDPR – Key Points for Canadian Businesses
Privacy Alert: Proliferation of Access Requests as New Tools Automate Request Generation and Distribution
Cybersecurity and the Internet of Things
Privacy and Cybersecurity Issues in Canadian M&A Transactions
Introducing Safe Harbour 2.0: the EU-US Privacy Shield
Can you keep a secret? The courts recognize a new tort for public disclosure of private facts
Safe Harbour Not Safe Enough: Data Transfers From E.U. To U.S. Out To Sea
Ashley Madison – A new era in privacy class actions for Canada?
McMillan Privacy Basics Bulletin Series
Flag on the Play? Recent Disclosure of NFL Player's Medical Information Sparks Allegations of Privacy Violations
More Changes to Cyber Security Laws on the Horizon?
Ought We Fear the Time Of Year? Summer Dismissals May Warrant Longer Notice Periods
Bell Gets a Bad Rap for its RAP (Relevant Advertising Program)
Monitoring the Mayor – B.C. Mayor alleges that computer monitoring violated his privacy
The media has taken a keen interest in a story about bystanders who interrupt live broadcasts, primarily by female reporters, with shouts of a vulgar and offensive phrase that is being referenced with the acronym FHRITP.
Three New Leaves for Ontario Workers to Take Effect October 29, 2014
Proposed amendments to the ESA – new leaves for Ontario employees?
Overtime class actions – leave to appeal denied
seclusion intrusion: a common law tort for invasion of privacy
Sigma Systems, a company majority owned by Birch Hill Equity Partners Management since 2015, was acquired by Hansen Technologies Limited. McMillan LLP acted as lead counsel to Hansen with a team lead by JR Beaudrie
The Canadian Cancer Society completed its amalgamation with the Canadian Breast Cancer Foundation following their announcement to merge in October 2016. McMillan LLP was retained on the transaction by the Canadian Cancer Society.
Thoma Bravo acquires technology-focused parking management systems provider T2 Systems
Thoma Bravo acquires autoTRADER Corporation for C$1.575 billion
Voith GmbH sells Voith industrial services division to private equity firm Triton
Thoma Bravo to Acquire TRADER Corporation
Mercedes-Benz Canada Inc. completes sale of two dealerships
Plentyoffish acquired for US$575 million by Match.com
Premier Gold Mines Limited Completes $104 million Acquisition of Goldstone Resources Inc.
Primero Mining Corp. Announces a $1.2 Billion Merger Agreement With Northgate Minerals Corp.
Get updates delivered right to your inbox. You can unsubscribe at any time.
416.865.7083