Justin Boileau Associate

Speaks:  English, French

Year of Call: 2020 - Quebec

Primary office:  Montréal

Justin Boileau

Justin Boileau is an associate in Gowling WLG's Montréal office, where he is a member of the Cyber Security and Data Protection Group.

He provides pragmatic advice to guide clients through the complex landscape of data protection legislation.

Before joining Gowling WLG, Justin worked at one of the world's largest professional services firms. In that role, he assisted clients in complying with Canadian and Quebec data protection laws and supported them in addressing cyber security incidents.

Additionally, Justin worked at a Parisian boutique firm, where he assisted companies in implementing compliance measures following the adoption of the General Data Protection Regulation (GDPR).

Justin holds a civil law degree from the University of Ottawa and a juris doctor from the Université de Montréal. During his studies, he served as a research assistant, focusing on privacy law, artificial intelligence and emerging technologies.

Career & Recognition

Filter timeline:
  • 2022

    • Education
      Université de Montréal, JD.
  • 2020

    • Qualifications (Year of Call/Admission, etc.)
      Year of Call, Quebec
  • 2019

    • Education
      University of Ottawa, LLL

Ilona BOIS-DRIVET, Hannes WESTERMANN, Jie ZHU, Justin-Éric BOILEAU, Sébastien MEEÙS, Rapport sur l'épistémologie de l'intelligence artificielle (IA), 2023, 249 p., document de travail n°32 (https://www.cyberjustice.ca/en/publications/rapport-sur-lepistemologie-de-lintelligence-artificielle-ia-2/)

Representative Work

  • Assessed a multinational company's data protection practices, identifying areas for improvement and providing practical, prioritized recommendations that not only helped rectify disparities with legal obligations but also aided in the development of a comprehensive data protection program.
  • Led the overhaul of a private company's privacy policies, which included establishing and documenting robust and transparent internal processes.
  • Helped a public body overcome a ransomware attack by coordinating data recovery efforts while also ensuring compliance with the various legal obligations arising from the attack.