Privacy and Cybersecurity Law and Practice 2024

9:00 a.m.
Program Chair’s Welcome and Introductory Remarks

Eric Charleston, Borden Ladner Gervais LLP
Sylvia Klasovec Kingsmill, Global Privacy Leader, Partner, Risk Consulting, KPMG Canada

9:05 a.m.
The Evolving Landscape of Privacy Law in Canada

Joanna Fine, Osler Hoskin & Harcourt LLP

Make sure you’re on top of the upcoming (and ongoing) changes to privacy laws in Canada. Topics include:
• Overview of regulatory landscape
• Bill C-27, including AIDA – core concepts, compliance and status of legislation
• Implementation of Quebec’s Law 25 – changes that occurred in 2023 and what’s coming in 2024

10:00 a.m.
Break

10:15 a.m.
Strategic and Practical Implementation of the Law

Sylvia Klasovec Kingsmill, Global Privacy Leader, Partner, Risk Consulting, KPMG Canada
Sophia Muller, Senior Manager, Privacy SME, KPMG Technology and Risk Consulting

• Strategies when implementing privacy polices – from legal theory to business practice
• Practical insights on privacy tech enablement, including: automating your compliance obligations to accelerate, privacy risk management, consent management, data mapping
• When and how to introduce AI policies and frameworks

11:15 a.m.
Cybersecurity Law and Practice Update

Shane Morganstein, Borden Ladner Gervais LLP
Saba Zia, Senior Counsel, Privacy and Cybersecurity, RBC

Get the latest practical information and guidance on cybersecurity law in Canada, including regulatory changes (status of Bill C-26) and best practices to help you better prepare and respond to cybersecurity incidents.

12:15 p.m.
Lunch Break

1:15 p.m.
Understanding De-identification

Abigail Dubiniecki, Privacy Consultant, Writer and Speaker
Constantine Karbaliotis, nNovation LLP
Fazila Moosa, Founder, Privatech

• What is de-identification and how is it different from anonymization?
• What do the regulations say?
• Analyzing IPC guidelines on disclosure
• De-identification myths
• Techniques for organizations

2:00 p.m.
Navigating Today’s Cybersecurity Threat Landscape

Fred Carter, Senior Technology and Policy Advisor, Information and Privacy Commissioner of Ontario
Eric Charleston, Borden Ladner Gervais LLP

• Vendor risk/vendor breach management
• What are people getting in trouble for?
• How to manage it contractually, what to include in data breach agreement
• What to do in the event of a breach
• Real-world examples of breach – 3 different industries

3:00 p.m.
Break

3:15 p.m.
Data Portability in Open Banking

Alina Silvestrovici Paun, Managing Counsel, Payments and Merchant Solutions, TD Bank

• What is data portability, and how does it relate to open banking?
• Payments modernization
• Security and privacy considerations in Canada and globally

3:45 p.m.
AI in Canada: Ethics and Compliance

Pamela Snively, Chief Data and Trust Officer, Telus

• How are AI systems currently governed in Canada and what’s changing?
• Communications requirements
• Oversight/monitoring requirements – who is responsible to monitor AI and prevent misuse
• Discrimination/bias

4:30 p.m.
Program Concludes