October 17, 2025
4 Min Read
Privacy and cybersecurity law is not for the faint of heart, if you ask Matt Saunders.
The Montreal-based lawyer explains that the complex and constantly evolving legislative environment that he and his colleagues work in has always required adaptability for those who want to stay ahead of the curve. But recent technological advances have only increased the need for privacy and cybersecurity law professionals to stay current.
“The stakes are rising and now with artificial intelligence, threat actors are using more nefarious ways to break into systems. That in turn is raising unique cyber and privacy risks,” says Saunders, counsel to national law firm Borden Ladner Gervais LLP and co-chair of OsgoodePD’s upcoming 4th Annual Update: Privacy and Cybersecurity Law and Practice.
In fact, the pace of change in the field means that attendees at the day-long program – which takes place live online on Dec. 3, with a replay scheduled several weeks later on Jan. 23 – may not recognize much of the content, even if they took part in earlier editions.
“We don’t want to just rehash things that have been covered at previous sessions,” says Saunders who co-chairs the program with Sylvia Klasovec, the founder of Trusteva Consulting Inc.
“What we’re really keen on doing is creating panels and discussions that will help people connect the dots between privacy, cybersecurity and AI, because there is so much overlap in the legal and practical developments that are happening,” Saunders adds. “Lawyers within those three spaces, particularly those who think they can operate in any one of them in isolation, will benefit from attending.”
Saunders came relatively late to the law, having first established himself in the field of risk management consulting in Vancouver, where he managed pandemic response initiatives and public health security projects for clients across the U.S. and Canada.
After graduating from law school, Saunders initially practised complex commercial litigation at a large global law firm, before moving to the Maritimes, where insurance defence work took up a greater proportion of his litigation practice and gave him his first real exposure to cyber defence policies – as well as the insurance companies and businesses that are parties to them.
“That brought me full circle from risk management consulting to my current practice in AI, data privacy and cybersecurity law, which is almost like risk management advisory,” he says. “I don’t litigate anymore as my practice is focused more towards anticipating, preventing and responding to cyber incidents.”
In addition to conducting tabletop exercises for clients to test their readiness for a potential cyber attack, Saunders also frequently acts as a breach coach for regional, national and international businesses in the midst of a real one, guiding them through the legal and regulatory consequences of the crisis.
The privacy and cybersecurity law and practice update will not be Saunders’ first encounter with OsgoodePD, since he is a former graduate of the renowned Intensive Trial Advocacy Workshop program – in addition to the Written Advocacy program, where one of the instructors was uniquely familiar.
“My dad was a judge on the Nova Scotia Court of Appeal and he was on the faculty, so we did that together as father and son; student and teacher,” Saunders says.
“It was a really formative experience for me, so I jumped at the chance to give back to Osgoode,” he adds, noting that the practical focus of the ITAW is reflected in the agenda of the privacy and cybersecurity law program.
“We’ve pulled together a variety of speakers who work at the intersection of law enforcement, academia and cyber extortion negotiations to talk about the kinds of tools you need in your toolbox and provide practical insights that can be immediately applied in your work,” Saunders says.
As well as private-practice or in-house lawyers with an interest in AI, privacy and cybersecurity law, he says professionals in the fields of IT, government, policing and breach coaching should consider enrolling.
“There’s a whole host of people who are going to have to come to grips with how AI tools are being deployed and learn how to speak fluently about these risks, because they’re all going to be called around the table when incidents take place,” Saunders says.
Legal practitioners and industry professionals who want to dive deeper into the subject also have the option of enhancing their expertise further via Osgoode’s part-time Professional LLM in Privacy and Cybersecurity Law, a program geared to working professionals.
Want to learn more about the 4th Annual Update in Privacy and Cybersecurity Law and Practice?