What Actually Happens When a Canadian Law Firm Sends an Unredacted Document to the Wrong Party

The Incident Nobody Writes Up Properly

Legal practice runs on documents, and document disclosure runs on humans who are tired, rushed, and managing thousands of files simultaneously. The inadvertent disclosure of an unredacted document — one containing a client's personal information, a third party's identifying details, or information protected by solicitor-client privilege — is not a hypothetical risk for Canadian law firms. It's a recurring operational reality.

What makes this particularly consequential in Canadian practice is the layered nature of the consequences. A single misdirected document can simultaneously trigger a professional conduct complaint to the provincial law society, a PIPEDA complaint to the Office of the Privacy Commissioner, a client claim for damages, and — in a litigation context — a motion to strike or court-ordered sanctions. These aren't independent risks. They compound each other.

How Disclosure Incidents Actually Happen

The mechanics of inadvertent disclosure fall into a few recurring patterns.

Production errors in litigation. When a party produces documents in response to a request or court order, document review is supposed to catch privileged and confidential materials before they leave the firm. In practice, reviews are conducted under time pressure by junior associates or articling students working through thousands of documents. Privileged communications get produced. Redactions that were supposed to cover personal information miss embedded metadata, text boxes, or poorly rendered PDFs where the black bars aren't actually opaque.

Misdirected transmissions. Email autocomplete has caused more legal disclosure incidents than any other single mechanism. A lawyer drafting a message to opposing counsel begins typing a name, selects the wrong address from the dropdown, and sends a confidential client communication to someone who wasn't supposed to have it. The larger the contact list and the more similar the names, the higher the probability.

Exhibits with excessive PII. Documents filed as exhibits in court proceedings are, in many jurisdictions, public records. When a contract, employment record, or medical report is filed as an exhibit without redacting personal information that doesn't need to be public — SINs, dates of birth, health details, home addresses — that information becomes accessible to anyone reviewing the court file.

Third-party information in client files. Clients bring documents that contain personal information about people who aren't parties to the matter — a contract that lists an employee's banking details, a business record that includes customer data, a family document with information about minor children. When these files are produced or shared without review, third-party PII goes with them.

The Professional Conduct Dimension

Law societies across Canada treat inadvertent disclosure as a professional conduct matter. The obligations relevant to document disclosure include confidentiality, competence, and supervision.

The confidentiality obligation is the most direct. The Model Code of Professional Conduct, adopted in various forms across provincial law societies, requires lawyers to hold client information in strict confidence and to avoid disclosure without authorization. An inadvertent disclosure doesn't eliminate the breach — it changes the remediation obligations. The Law Society of Ontario's guidance on inadvertent disclosure requires prompt notification, a request for return or destruction of the materials, and — if the recipient refuses — potentially a court motion.

The competence obligation catches firms that don't have systems in place to prevent foreseeable disclosure errors. If your document review process has no quality control step for redaction, no second-review requirement before production, and no metadata-stripping procedure, you may face a finding that the disclosure resulted from a failure of competence rather than a mere error.

Supervision creates liability for partners and firm management. When a junior lawyer or staff member makes a disclosure error, the supervising lawyer's conduct is also under scrutiny. Did they have adequate systems in place? Did they provide appropriate oversight? These questions matter to law society investigators and to courts assessing whether a firm acted reasonably.

The Client Relationship Consequence

The immediate professional consequence of a disclosure incident is often secondary to the client relationship consequence. Clients who discover that their personal information — or information about their legal matter — was disclosed without authorization have grounds for a professional conduct complaint, a civil claim for damages, and, in some cases, a claim for breach of fiduciary duty.

The damages question is genuinely uncertain. Canadian courts have been reluctant to award substantial damages for privacy breaches in the absence of proven financial harm, but the Supreme Court of Canada's decision in Douez v. Facebook and the emerging body of intrusion upon seclusion case law are slowly changing that landscape. More practically, the reputational damage of a disclosed client secret is often more consequential than any damages award — and the client you lose over a disclosure incident doesn't come back.

What Automated Redaction Prevents

Manual redaction — the process of an articling student or legal assistant going through documents and blacking out personal information — is error-prone at volume. The error rate isn't high per document, but when you're processing hundreds of documents under time pressure, even a 1% miss rate translates to multiple disclosure incidents per year.

Automated PII detection changes the economics. Running documents through detection before production flags personal information categories — SINs, health card numbers, dates of birth, financial account numbers — that human reviewers consistently miss, particularly when they're embedded in non-standard formats, appear in metadata rather than visible text, or are distributed across multi-page documents.

The value isn't replacement of legal judgment about what should be redacted. It's the systematic identification of what might need to be redacted, so that legal judgment is applied to a complete picture rather than the subset that a tired reviewer noticed.

Law firms that have implemented automated detection report the same outcome: they're not finding information they expected was there, they're finding information nobody knew was there. That's where the liability lives — in the SIN on page 34 of a 300-page production set that nobody had reviewed carefully since it came in from a client four years ago.