Legal departments in companies operating in Manitoba and Saskatchewan are dealing
with demands to serve their global audiences.
Like so many
companies in Canada these days, business isn’t just local or even within
provincial borders — it’s growing to serve North American and global
markets. With that growth comes demands to satisfy international regulations
and provide critical technological solutions.
Just two examples in Saskatchewan and
Manitoba exemplify those realities. Viterra Inc. is a handler of grains,
oilseeds and pulses that partners with growers in Canada and the United States
to connect them to markets in more than 50 countries.
in Regina, Sask., Viterra is part of Glencore Agriculture. Viterra’s core
business is originating, handling, processing and marketing agricultural
commodities through an extensive network of North American assets. With
strong competition in the industry, Viterra has made it a priority in recent
years to carefully invest in its asset network through strategic acquisitions,
building new grain elevators in targeted areas and undertaking capital
“These investments have required legal
support for M & A activity, real property, procurement, commercial
negotiations and agreements and regulatory matters at all levels of government.
Our legal team is a valuable part of Viterra’s growth strategy ensuring we work
closely and proactively with the business to understand the company’s vision
and strategic priorities for the future,” says Evan Olson, corporate counsel
with Viterra in Regina.
trends across North America, Olson says, Viterra has placed an emphasis on
managing costs and building a largely self-sufficient legal group that develops
expertise in-house to deliver ongoing value to the business.
requires a focus on internal talent development and knowledge of the
agribusiness sector, says Olson. Resource requirements both internally and
externally are regularly reviewed to maintain a balance between cost efficiency
and appropriate resourcing for business needs at any given time.
warranted, we do invest in external counsel to address resource capacity issues
or when specialized legal advice is required, for example, on litigation
matters and certain M & A activity. It’s an interesting time to be in-house,
as we’re seeing all kinds of external legal support options developing beyond
traditional full-service firms,” says Olson. “We’re watching closely as the
innovation in legal service models develops and non-traditional options for
resourcing become more mainstream.”
strategic focus for Viterra is the relationships with its farm
customers. “Our future success depends on our ability to consistently
provide our customers with solutions to help them achieve their goals,” he
A big part of
this is working to provide technology solutions to farm customers who want
online platforms for market information and grain marketing
opportunities. “Development of these technology solutions such as
myViterra, our online customer portal, has created very interesting legal work
around proactive measures related to data protection, cybersecurity, cloud and
cross-border storage, electronic funds transfers and e-signature contracting,”
Changes in the
way farm customers consume market information and engage in business with
Viterra has created many opportunities and challenges for legal to provide
support for the business internally.
maintains a legal group of three lawyers and one paralegal to serve the needs
of the business. “In recent years, we have seen our role evolve to include
time outside of traditional legal drafting and advising to include strategy and
general advising to the business,” says Olson.
Dealing with global privacy
At InfoTech Inc., provider of Wellness Checkpoint in Winnipeg, a health
and productivity risk management service that allows employers to make better
decisions around what to offer their employees in terms of well-being services,
Mike Hicks, chief operating officer and general counsel, is dealing with the demands
of the company’s European customers around the pending EU General Data
Founded in 1984 and launched in 1990 in
Winnipeg, Wellness Checkpoint is a Software as a Service online health risk
assessment tool for employees of large companies. It provides client companies
an idea of the health footprint of its workforce so they can better design the
programs they make available to them.
“For example, you may find you have a lot of
people in your company who smoke, but you may have more of an issue with stress
and depression that is hurting the business and productivity of people in the
company. At a population level, the tool helps look at what are the important
issues and cost drivers you are experiencing now?” explains Hicks.
The company has some Canadian customers
such as CIBC, CBC and Air Canada that have employees worldwide, but it also has
many global companies in the EU.
“Winnipeg is an interesting place to do
business because, even for a Winnipeg business, the minute you have business
outside Winnipeg, it’s either west or east quite a distance or down in the
U.S., so you’re almost national or international by definition when you’re in
Winnipeg,” says Hicks. “And when you start to grow — there’s no such thing as a
Manitoba-only business if you’re in the technology or service industry because
you need to serve people outside Winnipeg because it’s not a big enough market
When it was first launched, the company
grew fairly quickly, including Dupont as a client, which wanted to use the
service in its European operations.
“One of the
key differentiators is we can go to a big company and say ‘We can serve your
people wherever they may be’ and that’s what took us international,” says
The GDPR will
and is already influencing Canadian law, says Hicks. The Canadian privacy law
is adapting to the new reality. “If you look at consumer expectations about how
[a company] is going to treat my data — there is a lot of stuff creeping into
business practice. You have to follow the current high water mark for the
things you need to comply with. Canadian law is tracking that and there will
need to be changes made to the Canadian law to maintain the adequacy
In some respects, Hicks says, InfoTech is
similar to other Winnipeg companies in that even people who live in Winnipeg
haven’t heard of it — Wellness Checkpoint is the product name, but
InfoTech is the company.
As Hicks is the solo legal professional in
the organization, he uses external legal services locally and globally. “I get
to do all the procurement work — our clients are primarily multinationals so
the procurement work is interesting. I also do the privacy work. Information
and privacy is a very big deal these days, particularly for Europeans, so GDPR
is ‘huge’ for InfoTech.”
come into force in May of this year, but the trickle-down effect isn’t just
that companies like InfoTech need to comply with it because they have Europeans
using their software tool. “Pretty much every one of our clients that is a multinational
is impacted by it, so they aren’t just asking us ‘Are you going to be OK?’ they
are testing and doing security reviews and sending people to look and confirm
that we are ready.”
Hicks says much of what GDPR requires is
coming from a privacy perspective, but how an organization delivers privacy is
within the realm of information security. “It involves very detailed
questionnaires and interviews about your infrastructure, how you keep things
and so it’s an awful lot of work to satisfy people about what we’re doing.”
InfoTech was always subject to the
European Directive, which is the predecessor to GDPR, and a lot of the things
it required, GDPR requires, so Hicks says the company was well on its way to
GDPR compliance, but there are some things that are new and some are
functionality issues that have to be built into the tool and some are things
that need to be stated in privacy notices.
“If someone says ‘Yes, I would like you to
give me access to all of my data or I would like to have my data in a portable
fashion so I can take it somewhere else,’ the task for me then is understanding
what does GDPR require and how do you satisfy that?”
there is still some ambiguity around the regulation. “I think we’re going to
have to wait until a few things happen to know exactly where the guardrails
are,” he says.
A further wrinkle is Brexit — if that does
proceed and the United Kingdom is no longer part of the EU, it will need its
own rules similar to GDPR.
“We’re doing a lot of work lately to satisfy
our partners — most of them large companies — to say it’s OK to send your
data here, just as it always has been.”