How Osgoode’s Privacy and Cybersecurity Law LLM helps Tania Narciso navigate ambiguity

Tania Narciso gave herself an accidental head start on her road to the top of the risk and compliance field.

Long before graduating from Osgoode’s part-time Professional LLM in Privacy and Cybersecurity Law, Narciso took a part-time job at a bank to support herself during her undergraduate studies in science, believing that she was setting herself up for a future in healthcare.

But when opportunities opened up at the bank, Narciso explored them and soon discovered that she had given herself a great foundation in risk.

“Science is all about hypothesises and probabilities, which is exactly what we are talking about when it comes to risk,” Narciso explains. “That quantitative side really complemented what I was doing in risk management and gave me a distinct advantage over the people without that kind of science background, who were only able to interpret legislation and check boxes.”

As the global financial crisis brought a renewed focus on risk in banking, Narciso advanced quickly, before enrolling in an MBA program that boosted her business and finance credentials.

“The timing was right, because the environment we were operating in and the regulatory expectations were changing,” she says.

Still, without a background in law, Narciso was eager deepen her understanding of the legal landscape and began exploring her options for a professional LLM that would round out her risk and compliance skills. She initially considered Osgoode’s Financial Law program, before hearing about the school’s brand new Professional LLM in Privacy and Cybersecurity Law and enrolling in its inaugural class while working in the Canadian operations of global digital payment giant PayPal.

“I had come from the world of traditional banking, which was a lot slower paced than this innovative, tech-first company,” Narciso says. “Privacy law wasn’t keeping up with the speed of change and innovation. At the same time, new technology, products, services and business models seemed to be moving fast and outgrowing the intent of applicable law.”

“We were navigating through ambiguity and the Privacy and Cybersecurity Law LLM looked like a great opportunity to dive into the intersection of business, law and technology to further enhance my ability to lead through complexities and ambiguity,” she adds.

The program lived up to expectations, according to Narciso, who was particularly inspired by the teaching of its faculty, including Program Director Bradley Limpert, a Canadian technology law pioneer.

“You could tell that there was a lot of practical expertise that he brought to his teaching, which was really great,” Narciso says. “He has an ability to make you see the law in an applied way, so that it’s not just all about theory and legalese.”

As a program geared to working professionals, the flexibility of the LLM shone through for Narciso, who completed part of her studies while on maternity leave from her job and with young children at home. To get the most of their own Privacy and Cybersecurity Law LLM experience, she advises students following in her footsteps to be prepared to work hard and become engaged in both their subject matter and the broader Osgoode community.

“It was sometimes difficult to find the time, because there is a lot of reading to do. But the assignments are very well structured throughout and you get lots of notice of what is expected, which means you’re able to schedule things around your other work and personal commitments. The teachers are also really open and available for questions,” Narciso says.

Another highlight for Narciso were her classmates, who included lawyers in private practice, as well as a significant number of professionals like herself without a legal background.

“Everyone is there to contribute to your learning and growth,” she says. “Since we’ve graduated, we’ve all crossed paths and supported each other, getting new jobs, presenting at conferences and writing thought pieces together.” 

In addition, she found the program invaluable for building legal analysis and writing skills that she has brought with her to her current role as Chief Risk & Compliance Officer at TSX Trust Company, part of the TMX Group.

“As a compliance professional, you can learn a piece of legislation inside-out, but it’s quite different when you understand how to analyze the law, compare case law, write legal memos and develop arguments,” she says. “It was a really powerful complement to my existing skills.”

Several years on from the privacy and cybersecurity law revolution that prompted Narciso to enrol at Osgoode, a fresh wave of technological disruption in the financial sector is giving her a sense of déjà vu.

“In the next few years, we are going to be navigating plenty more ambiguity,” she says.

For example, TMX’s regulator – the Office of the Superintendent of Financial Institutions – is in the process of updating its key model risk management guideline E-23 to account for developments in artificial intelligence and machine learning. Meanwhile, the entire financial industry is closely watching several pieces of legislation currently before Parliament, which are expected to overhaul Canada’s approach to both privacy and open banking if they pass before the end of the current session in Ottawa. 

 “We’re moving from a situation where one bank does everything to a more open banking and financial network that relies on technology and third-party financial service providers,” Narciso explains, adding that her Osgoode LLM experience has left her well equipped to deal with challenges ahead.  “We’re working with our industry peers to figure out what is this new world order and what are the risks emerging as a result,” she says.