Agenda

Have you just been named your organization’s Privacy Officer? Or, maybe you’ve been the Privacy Officer for a while, but feel you’re not really getting any traction? If you’re not too sure what the job looks like, or you’re not too sure where to start or what to do next, then join us for this basic training workshop.

It’s a challenging and sometimes demanding role, and this workshop will cover topics like how to decide who should be the Privacy Officer, what the role entails, and practical advice for making sure your organization’s Privacy Officer has the necessary support within the organization to do the job right. Participants will have the opportunity to learn both from each other’s experiences, and from experienced facilitators.

Patrick Egan
Senior Investigator
Office of the Information and Privacy Commissioner for British Columbia

Patrick Egan joined the Office of the Information and Privacy Commissioner as a Portfolio Officer in April of 2005. He has been a social worker since 1991 and has worked in a variety of program areas including group homes, alternative education programs, adult education, and community development. From 1999 to 2005, Pat worked for the BC Ministry for Children and Family Development and worked as a child protection and guardianship social worker. Before moving to Victoria in 2005, Pat lived in the Hazelton area of Northwest British Columbia for twelve years. Pat has recently discovered the sport of surfing on Vancouver Island’s west coast.

Linda Sasaki
Portfolio Officer
Office of the Information and Privacy Commissioner of Alberta

Linda Sasaki is the Acting Director - PIPA with the Office of the Information and Privacy Commissioner of Alberta where she is responsible for investigating and mediating matters under review, or relating to complaints about organizations’ compliance with Alberta’s Personal Information Protection Act (“PIPA”).

With over 19 years experience in Alberta’s public service, Linda has been involved in many aspects of government, including Board development work with not-for-profit organizations, facilitating community development projects and investigating and mediating human rights complaints.

Risk intelligent enterprises use records and information management as a strategic driver to the success of handling information at their organizations. Effective records management plays an integral role in ensuring that your organization is compliant with relevant legislation, but also protects you from such issues as not being able to appropriately respond in instances involving privacy access requests or responses to eDiscovery requests. Please join us for this half-day workshop that will include, but not be limited to, a discussion of the following:

-Records management terminology, methods, and techniques

-Things to consider in how to map out a records management architecture or program at your organization

-How records management fits into the overall structure of enterprise content management

-Data classification

-Drivers of records management (for example, eDiscovery and litigation readiness)

This workshop is open to all, but is intended for individuals with minimal to intermediate understanding of records management.

Tara Perverseff
Portfolio Officer
Office of the Information and Privacy Commissioner of Alberta

Tara Perverseff is a Portfolio Officer with the Office of the Information and Privacy Commissioner of Alberta, and formerly a Senior Consultant with the Calgary office of Deloitte & Touché. Tara’s experience in records management includes data classification reviews, records management program reviews, vital records identification, the creation of a records management program framework, and policy development. Tara’s work in the area of privacy is cross-jurisdictional including experience with Provincial and Federal legislation, standards, and guidelines across Canada. Her work on privacy includes the development of policies, procedures, and guidelines, privacy program design review, and extensive work with privacy gap and impact assessments and the identification and remediation of risk. Tara has a Master of Arts Degree in Sociology from the University of Calgary specializing in Criminology and Media.

Frank Duffy
Senior Manager
Deloitte & Touche LLP

As a Manager with Deloitte’s Data Risk practice, Frank Duffy brings practical standards-based experience in records management ranging from establishing governance frameworks and drafting corporate policies to designing classification schema, retention schedules and metadata for records. Frank has helped clients to implement electronic records management systems (ERMS) to deploy records system controls and has assisted clients in highly regulated and litigious sectors to enable e-discovery through records management in the regular course of business. Frank has a Bachelor of Laws and a Masters of Management (Information Systems) from the University of British Columbia and is also a certified privacy professional.

On July 14, the Alberta government formally proclaimed as in effect the amended Health Information Act of Alberta (HIA), including two new regulations. Under this significant change, the jurisdiction of HIA is greatly expanded beyond government-delivered or sponsored health services to include now many private-sector health services delivered by designated health professionals. including:

* Pharmacists
* Optometrists
* Physicians
* Opticians
* Chiropractors
* Midwives
* Podiatrists
* Denturists
* Dentists
* Dental Hygienists
* Registered Nurses
* Pharmacists

What is more, it is anticipated that other major health professionals, such as Psychologists, Physiotherapists, Occupational Therapists, Diagnostic Technicians, and Speech Therapists will also be added to this list within the next year or two.

For many private sector companies who have health professionals on staff or on contract for services, there will be a new twist to maintaining compliance with privacy laws. If you are one of these organizations, how will this affect you?

This workshop will outline the basic elements of the Health Information Act and will focus on areas in the Act that introduce new or different compliance requirements for private sector health practices, such as:

* Mandatory Privacy Impact Assessments
* New access, collection, use, and disclosure criteria
* Enhanced information security requirements and accountabilities
* Use and management of third-party information service providers
* Audit and disclosure logs
* Electronic Health Record system compliance
* Change from consent-based to purpose-based authority
* Extensive and increased sanctions for non-compliance

The seminar will finish off by presenting solutions and strategies for meeting these new compliance challenges. The half-day session is highly interactive and will make use of scenarios, examples and participants' input to enhance the learning experience.

Rick Klumpenhouwer
Manager, Consulting Services
Cenera

Rick Klumpenhouer, Manager Consulting Services, Cenera. Rick has over 20 years experience in various aspects of information management, archives, and privacy. He holds a Masters degree in history from the University of Western Ontario and a Masters in Archival Studies from the University of British Columbia. He was Executive Director of the Legal Archives Society of Alberta from its founding in 1990 to 1997. He was Coordinator, Records Management later Information Management and Privacy at the Calgary Health Region between 1997 and 2002, when he joined Denham and Associates as a privacy consultant. He has been with Cenera since September 2003.

Back by popular demand! This workshop was offered last year and was extremely well-received …

So you think that you are finally PIPA compliant? You have a privacy policy which is easily available. The receptionist knows who the privacy officer is. Your IT shop has carefully secured your computer systems to the latest standards. You are just breathing a sigh of relief and turning your mind to the next issue when your assistant walks in with a request from a client for all his personal information. What now?

This workshop will explore how organizations should deal with access requests both from clients and employees and how to properly apply the exceptions of PIPA that allow or require information to be withheld or severed by the organization. The workshop will also include hands-on exercises to give you practical experience in severing.

Patrick Egan
Senior Investigator
Office of the Information and Privacy Commissioner for British Columbia

Patrick Egan joined the Office of the Information and Privacy Commissioner as a Portfolio Officer in April of 2005. He has been a social worker since 1991 and has worked in a variety of program areas including group homes, alternative education programs, adult education, and community development. From 1999 to 2005, Pat worked for the BC Ministry for Children and Family Development and worked as a child protection and guardianship social worker. Before moving to Victoria in 2005, Pat lived in the Hazelton area of Northwest British Columbia for twelve years. Pat has recently discovered the sport of surfing on Vancouver Island’s west coast.

Justin Hodkinson
Portfolio Officer
Office of the Information and Privacy Commissioner for British Columbia

Justin Hodkinson has worked for the OIPC since March 2007 as a Portfolio Officer. Before that, Justin worked in private practice as a lawyer dealing primarily in the areas of leaky condo litigation, strata property law and plaintiff side employment law. He graduated from the University of Alberta faculty of law in 1999.

Frank Work Q.C.
Information and Privacy Commissioner of Alberta
Office of the Information and Privacy Commissioner of Alberta

Alberta's second Information and Privacy Commissioner appointed in 2002
Mr. Work was born in Calgary, received his Bachelors Degree in Political Science and Masters Degree in Environmental Design from the University of Calgary and obtained a law degree in 1981 from McGill University. He practiced corporate commercial law in Calgary, worked for the Attorney General of Bermuda, and was seconded to the United Nations Environmental Program.
After returning to Canada in 1987, Mr. Work took a contract position with the World Bank and was assigned to the country of Mauritius.
From 1991 to 1996 Mr. Work worked as Parliamentary Counsel to the Legislative Assembly of Alberta, and General Counsel to the Ethics Commissioner of Alberta. In 1996 Mr. Work began his career at the Office of the Information and Privacy Commissioner as General Counsel and Assistant Commissioner. Mr. Work was appointed to a five-year term as Information and Privacy Commissioner in May 2002.

Chairperson
Frank Work Q.C.
Information and Privacy Commissioner of Alberta
Office of the Information and Privacy Commissioner of Alberta

Alberta's second Information and Privacy Commissioner appointed in 2002
Mr. Work was born in Calgary, received his Bachelors Degree in Political Science and Masters Degree in Environmental Design from the University of Calgary and obtained a law degree in 1981 from McGill University. He practiced corporate commercial law in Calgary, worked for the Attorney General of Bermuda, and was seconded to the United Nations Environmental Program.
After returning to Canada in 1987, Mr. Work took a contract position with the World Bank and was assigned to the country of Mauritius.
From 1991 to 1996 Mr. Work worked as Parliamentary Counsel to the Legislative Assembly of Alberta, and General Counsel to the Ethics Commissioner of Alberta. In 1996 Mr. Work began his career at the Office of the Information and Privacy Commissioner as General Counsel and Assistant Commissioner. Mr. Work was appointed to a five-year term as Information and Privacy Commissioner in May 2002.

Declan McCullagh
Chief Political Correspondent, Senior Writer
CNET, CBS News

Declan McCullagh is the chief political correspondent for CNET, which is part of CBS Corporation. Previously he was a senior correspondent for CBS News' Web site. He became the chief political correspondent for CNET News in 2002 and lives in the San Francisco area after spending over a decade in Washington, DC.

An award-winning journalist, McCullagh writes and speaks frequently about technology, law, and politics. From 1998 to 2002, he was Wired's Washington bureau chief. Previously he was a reporter for Time Magazine, Time Digital Daily, and The Netly News, as well as a correspondent for HotWired. McCullagh previously wrote for the Taking Liberties section of CBS News' Web site, the successor to a weekly column he started in October 2008 titled Other People's Money.

McCullagh's articles have appeared in scores of publications including The Wall Street Journal, The New York Times Magazine, Playboy magazine, George magazine, The New Republic, Communications of the ACM, and the Harvard Journal of Law and Public Policy. He has appeared on NPR's All Things Considered, ABC News' Good Morning America, NBC Evening News, Court TV, and CNN. He has taught as an Adjunct Professor of Law at Case Western Reserve University in Cleveland, Ohio. He also has been a lecturer at American University in Washington, DC where he has taught a graduate journalism class (COMM-710).

McCullagh moderates Politech, a well-known mailing list looking broadly at politics and technology that he founded in 1994, and has been online since 1988. He was the first online reporter to join the National Press Club; he participated in the first White House dot com press pool; and was one of the first online journalists to receive credentials from the press gallery of the U.S. Congress. McCullagh has spoken at schools including Stanford University, MIT, Harvard University, Georgetown University, the University of Chicago, and Duke University, and has testified twice before the Federal Trade Commission.

In addition to tinkering with his classic NeXT cube, McCullagh programs in C and Perl, and maintains a Linux server that supports about seven web sites, some with a MySQL backend. He rides a Honda 919 motorcycle, is a licensed private pilot who flies a Diamond Katana and Cessna 172s, and lives with his wife and family in the San Francisco area. The mccullagh.org photo database is his own design.

This interactive session will examine and discuss hypothetical factual scenarios (based on real life experiences) in order to identify common errors and issues which arise in the employment setting. The emphasis will be on providing information designed to assist employers and employees in avoiding privacy law mistakes and identifying best practices. Areas covered include:

• use of personal information during the hiring process
• employee medical information
• employee monitoring (including via GPS and similar devices)
• employee use of social networks

Chairperson
Jane Graydon
Director Human Resources and Chief Privacy Officer
BC Biomedical Laboratories

Jane joined BC Biomedical in 2003 as Director Human Resources and Chief Privacy Officer.
BC Biomedical Laboratories Ltd. is a community medical laboratory based in Surrey, BC, with 43 patient service centres throughout the Lower Mainland. BC Biomedical is owned and operated by British Columbian pathologists with 750 employees serving over 2 million patients each year. BC Biomedical has been one of the 50 Best Employers in Canada according to Hewitt/Report on Business Study for the last eleven years with three years in the number one position.

Jane also teaches Leadership at Simon Fraser University’s Faculty of Business. Jane worked for 19 years with Nortel Networks in various Human Resource Management and Change Management roles.

Jane has an MBA in Human Resource Management from McMaster University and a Bachelor of Commerce majoring in Marketing. She continued her studies in International Business in Japan.

Ingrid Otto
Lawyer
Davis LLP

Ingrid's practice is focused exclusively on employment law, human rights, labour, education law, and privacy. She acts primarily for employers and works closely with an organization's management team to strategically and proactively resolve workplace matters with a view to risk management and dispute avoidance.

Ingrid has extensive advocacy experience, successfully representing clients at labour arbitration and labour relations boards, human rights tribunals and the courts. She also provides training sessions for managers and has presented seminars on a wide variety of topics including harassment, absenteeism, human rights issues and privacy.

Tamara Hunter
Lawyer
Davis LLP

Ms. Hunter is a member of the firm's Litigation Department and practises in the areas of administrative law, freedom of information and privacy law and professional regulation law. Before joining Davis LLP, she was a law clerk in the Supreme Court of Canada. Ms. Hunter is experienced in freedom of information and privacy law and has represented a number of clients (including businesses and public bodies) on matters before the Office of the Information and Privacy Commissioner. She has assisted numerous private sector organizations with privacy law compliance. Ms. Hunter was a founding member and is a past co-chair of the CBA Freedom of Information and Privacy Law subsection. Ms. Hunter has acted for a variety of professional regulatory bodies on matters involving professional disciplinary proceedings and related litigation.

Monitoring and measuring privacy compliance requires the establishment of effective monitoring procedures and a baseline against which to assess performance. Most monitoring techniques are designed to assess against legislative and regulatory requirements or entity policies and procedures, and usually provide a hard target; one that is frequently difficult to meet; at least initially.

The Privacy Maturity Model is based on the AICPA/CICA Generally Accepted Privacy Principles (GAPP), a recognized privacy framework that addresses the requirements of most global privacy legislation. When combined with the Capability Maturity Model (CMM), entities have an effective tool that allows them to measure compliance through benchmarks established in the Privacy Maturity Model and aligned with the CMM.
 

Chairperson
Jeannette Van Den Bulk
Senior Legislation and Privacy Advisor
Ministry of Citizen Services, Province of British Columbia

Jeannette is a graduate of the UVIC Faculty of Law and worked in private practice for three years in Victoria before joining the public service. Jeannette is now in her 4th year working in the central privacy area for the BC Government. Her work is mainly on legislative reform and large scale information sharing initiatives. In addition, she has been a privacy advisor on the implementation of new technologies into the public service.

Robert G. Parker
AICPA/CICA Privacy Task Force

Robert G Parker joined the AICPA/CICA Privacy Task Force at is inception in 2001; he left to chair the CICA’s Canadian Privacy Advisory Group from 2005 to 2008, rejoining the Privacy Task Force in 2008 to focus on the Privacy Maturity Model and privacy reporting.
He also serves on the CICA’s Information Technology Advisory Committee and is a member of the Board of the University of Waterloo Centre for Information Systems Assurance and was the author and lead presenter on the Canadian Banker’s Association’s Security and Privacy seminar series.
He is a frequent author and presenter, having presented sessions on privacy in Canada, the United States, Europe and Australia, and having been published or quoted in a number of recognized magazines and journals.

An introduction to video surveillance and Google Street View, this session will explore themes such as how private organizations should and should not use video surveillance and why private organizations should pay attention to Google Street View. In particular, this session will address the following points:

• Video surveillance has been around for a while, but is really just becoming privacy intrusive now and therefore organizations need to pay attention.
• Getting to know Google Street View, Singing its praises and pointing out its pitfalls for businesses
• The proper use of video surveillance by private organizations
• Foursquare, Geotagging, Facebook Places

Chairperson
Troy Taillefer
Policy Analyst
Office of the Information and Privacy Commissioner for British Columbia

Troy is a Policy Analyst with the Office of the Information and Privacy Commissioner for British Columbia and has worked there for two years. Troy led the OIPC’s 2010/2011 investigation of BC Lottery Corporation’s PlayNow.com breach.

Prior to working for the OIPC, Troy worked for the Ministry of Attorney General’s Administrative Justice Office as well as the Ministry of Forests and Range, where he advised Ministry employees on administrative law issues. Troy is a graduate of the UVIC Faculty of Law and worked in private practice for four years in Vancouver and Victoria before moving to the public sector.. Away from work, soccer and running take up a fair bit of Troy’s time.

Trevor Presley
Investigator
Office of the Information and Privacy Commissioner for British Columbia

Trevor Presley has been an Investigator for the Office of the Information and Privacy Commissioner for British Columbia for the past 4 years. He has investigated numerous breaches in both the public and private sector and has presented to a variety of audiences on key issues such as the collection of information by Google Street View and the privacy implications of Social Media.

When can online information be collected, used, and disclosed in order to hire, investigate, or discipline workers? This presentation will cover points such as:

• collection and use of blogs, posts, and social networking information in hiring;
• consent and workplace policies; and
• collection, use, and disclosure of online information in workplace investigations and discipline.

Expect a lively discussion of the relevant principles, cases, and sample scenarios.

Chairperson
Rachel Hayward
Portfolio Officer
Office of the Information and Privacy Commissioner of Alberta

Rachel Hayward has worked in the privacy field for 10 years. Currently she is working as a Portfolio Officer with the Office of the Information and Privacy Commissioner of Alberta. In her role Rachel is the OIPC representative for health research, PCNs, the Health Quality Council of Alberta and several other Health professional bodies.

Prior to her current role Rachel was a manager with Deloitte with a focus on privacy and risk management. In this role she worked with provincial, national and international organizations to help them achieve their privacy goals and requirements.

Rachel holds a master's degree in public administration and is certified information privacy professional.

Loretta Bouwmeester
Associate Lawyer
Gowlings

By way of introduction I am an associate in Gowlings’ Calgary office, practicing in the areas of privacy, employment and labour and human rights law.

Prior to relocating to Calgary, I worked in-house with a municipality and dealt with a broad range of issues including privacy matters. I bring the benefit of this experience to my clients when working with them to both resolve disputes and in proactive strategy planning and risk management initiatives. The following are presentations, papers, and publications I have delivered in the last year and a half:
* Labour Arbitration and Policy Conference Panel Member. Lancaster House, June 2010 (dealing with attendance management and disability issues workshop
* Co –author of the Disability Management Compliance Manual published by Lexis Nexus in March 2010
* Faculty of Arts (Psychology) Guest Speaker. St Mary’s University, March 2010 (Privacy Law Overview)
* Workplace Human Rights Conference. Lorman Education Services, March 2009 (Drug and Alcohol Testing).
* Employment and Labour Law Seminar. Gowling Lafleur Henderson LLP, April 2009 (Drug and Alcohol Testing)
* Faculty of Engineering Guest Speaker. University of Calgary, November 2009 (Overview of Employment and Labour Law Concepts

Anne L. G. Cote
Lawyer
Field Law

Anne maintains a practice primarily in privacy law, labour and employment law, and administrative law. She has advocacy experience representing clients in inquiries before the Alberta Office of the Information and Privacy Commissioner, in labour arbitrations, as well as before human rights tribunals, professional regulatory tribunals, and the Alberta Court of Queen's Bench and Alberta Court of Appeal.
Anne is a founding member of Field LLP's Privacy Practice Group and is co-Chair of the Canadian Bar Association's Privacy Law (North) Section. Prior to joining Field LLP, Anne practiced at a national law firm for six years. Anne also articled with the Court of Queen’s Bench and Court of Appeal of Alberta in Edmonton.

With identity theft the fasting growing crime worldwide, Bill 54, PIPEDA amendments and other recent legislation changing Canada’s data breach notification requirements, organizations now, more than ever, need to be prepared for the eventuality of a data breach and how best to respond should one occur.
This presentation will provide:

• An update on the state of identity theft and data breaches worldwide.
• A legislative update on breach notification law in Canada.
• A review of real-world data breach examples include numerous examples of actual breaches handled by Kroll Canada and Kroll Ontrack data forensics outlining the importance of proper investigative procedures.
• Best practice suggestions on how to mitigate the risk associated with this growing trend.
• How best to handle a data breach and what a proper data breach response should include
   

Chairperson
John Jager
Vice President, Research Services
Nymity

John Jager, CIPP/C, is an accredited and experienced privacy professional who has been Nymity’s Vice President of Research Programs for 3 years. His experience in privacy includes 2 years as the Chief Privacy Officer at Sears Canada Inc. John is the chair of the Canadian Marketing Association’s Privacy and Ethics Committee. John delivers Nymity’s Breach Response Training Workshops and has created Nymity’s Breach Response Centre, a component of PrivaWorks.

Shawn Melito
Director
Kroll Fraud Solutions

Since 2007 Shawn Melito has been heading up Kroll Fraud Solutions, which is Canada’s leading full-service data breach response company. He is sought after as a speaker on identity theft and data breach resolution with recent presentations at the International Association of Privacy Professionals (IAPP) 2010 Canadian Summit, the Technical Institutes Insurance Consortium, the Disaster Recovery Information Exhange, Toronto branch, the Association of Certified Fraud Examiners and the Institute of Internal Auditors. Shawn is a member of the IAPP Canadian Advisory Board and a Board Member for the Sunshine Foundation. He holds a B.A. from U of T and a MBA from the Richard Ivey School of Business.

Privacy in the health and private sectors has developed in two very separate silos but there is much that each can learn from the other. This presentation will focus on best practices in data governance models in both sectors and will culminate in a discussion of the reasons for building an information governance program as well as an Information Governance Framework template from which all organizations could benefit.

Chairperson
Steven Lingard
Assistant General Counsel
Insurance Bureau of Canada

Steven is Assistant General Counsel for Insurance Bureau of Canada which is the national trade association for property and casualty insurers. He earned his common and civil law degrees from McGill University and a Master of Laws degree from Osgoode Hall Law School. His thesis was a study of the Canadian, Quebec and European privacy laws. He is Secretary and Legal Advisor to IBC's Regulatory Affairs Committee and its Privacy Working Group.

Ruth Belcher
Managing Director
AccessPrivacy HB
Heenan Blaikie

As one of Canada’s foremost experts on privacy in the financial sector, Ruth Belcher assists in-house counsel and Chief Privacy Officers of organizations on a broad range of privacy and financial services regulatory issues including drafting policies, procedures and training materials; managing data breaches and privacy and other regulatory investigations; conducting privacy and other compliance risk assessments; and advising on privacy and outsourcing governance. Prior to joining AccessPrivacyHB in 2009, she was Chief Privacy Officer and Director, Canadian Personal & Commercial Bank Compliance for Scotiabank. Ruth managed the global customer privacy compliance program involving more than 50 countries, and was responsible for developing and maintaining compliance programs responsive to the requirements of the Bank’s principal regulators in Canada. She also provided advice, training and assistance on financial services consumer protection compliance, including due diligence activities, integration of acquisitions, product and documentation reviews and complaint management.

Ruth is a member of the Canadian Marketing Association (CMA) Ethics & Privacy Committee. She was formerly a member of the Advisory Committee to the Conference Board of Canada Council of Chief Privacy Officers as well as numerous Canadian Bankers Association working groups. She speaks regularly on privacy issues and takes part actively in regulatory conferences for the financial sector.

Pam Snively
Managing Director
AccessPrivacy HB
Heenan Blaikie

Pamela Snively is a lawyer and consultant with AccessPrivacyHB. She provides a broad range of privacy, risk management and compliance advice in the private, public and health sectors. She assists organizations in implementing enterprise risk management programs; advising on privacy and outsourcing governance; designing and implementing records management programs; drafting policies, procedures and training materials; managing data breaches and other regulatory investigations; conducting privacy impact or risk assessments; and advising on PCI (Payment Card Industry) compliance standards.
Prior to joining AccessPrivacyHB in 2009, Pamela was Chief Risk Officer & General Counsel at Resolve Corporation, a publicly traded North American business process outsourcer. At Resolve, along with responsibility for all legal matters, Pamela was accountable for implementing an enterprise risk and compliance program that included a robust privacy and security program, as well as business continuity planning. Prior to Resolve, Pamela was the Chief Privacy Officer & Senior Counsel at Symcor Inc., one of North America’s largest financial processing outsourcers. At Symcor, Pamela practiced labour and employment law along with privacy law. Pamela developed and implemented an innovative and highly effective privacy program, designed to meet the rigorous and complex demands of the Canadian banking community and its regulators with respect to sensitive personal financial data.

This session is intended to increase participants’ awareness of the role and importance of data privacy, security, and safety during a crisis, including considerations for different types of information (operational, strategic, employee, and customer). In particular, the session will address the important role information plays in managing a crisis, and how to balance safety and crisis management with privacy and security concerns.

Chairperson
Patrick Egan
Senior Investigator
Office of the Information and Privacy Commissioner for British Columbia

Patrick Egan joined the Office of the Information and Privacy Commissioner as a Portfolio Officer in April of 2005. He has been a social worker since 1991 and has worked in a variety of program areas including group homes, alternative education programs, adult education, and community development. From 1999 to 2005, Pat worked for the BC Ministry for Children and Family Development and worked as a child protection and guardianship social worker. Before moving to Victoria in 2005, Pat lived in the Hazelton area of Northwest British Columbia for twelve years. Pat has recently discovered the sport of surfing on Vancouver Island’s west coast.

Michael Luxton
Owner, Consultant
Malabar Consulting Ltd

Michael has over 20 years experience in various aspects of crisis and information management planning. As a past member of the Canadian Forces he has been involved in contingency and operations planning at a variety of levels as well as being involved in human resource management roles with recruiting. As a consultant he has been working both through his own company and as a sub-contractor to Cenera in the fields of privacy compliance and management planning, information management and security planning, crisis planning, and human resources support planning for the past four years. He has completed a Bachelor of Arts and Science degree and a Computer Management and Information Systems certificate as well as numerous military planning and management courses during his career with the Forces.

This session will explore the privacy issues related to workplace investigations. Workplace investigations are often the bane of a privacy officer or a manager's existence. The involvement of many third parties, the need to report to the affected parties, and conflict among staff members, often lead to privacy nightmares. The speakers will discuss how PIPA applies to these circumstances and how managers can prepare for these privacy issues before the situation gets out of hand.

Chairperson
Jim Burrows
Acting Executive Director
Office of the Information and Privacy Commissioner of British Columbia

Jim Burrows is currently the Acting Executive Director at the B.C. Office of the Information & Privacy Commissioner. Previous to that, Jim was the Portfolio Officer at the same office. From 1990 until 2001, he worked for the City of Victoria in various capacities including managing the Information Systems Division as well as Information and Privacy Coordinator and City Archivist. Jim received a Masters of Archival Studies from the University of British Columbia.

Mathew Wesolowski
Vice President, General Counsel and Chief Privacy
Alberta Motor Association

Mathew Wesolowski was called to the Bar in 1983, and was a litigator with Milner & Steer (now Fraser Milner Casgrain) until 1996, after which he became Senior In-house Counsel for AMA Insurance Company, a position he held until 2002.

Mathew is currently, Vice President, General Council & Chief Privacy Officer of the Alberta Motor Association (AMA) and each of its subsidiaries (from 2002 to present). His responsibilities with the AMA also include Chief Compliance Officer and Safe Disclosure Officer.

During his time at the AMA he has developed specific knowledge in and is responsible for; Human Resource issues and employment law, Privacy, Compliance, Insurance law, and Commercial transactions.

In addition to work responsibilities, he has been a long time contributor and instructor for the Alberta Bar Admission Course and is a frequent presenter for the Legal Education Society of Alberta (LESA) and other conference providers.

Jillian Harker
Portfolio Officer
Office of the Information and Privacy Commissioner of Alberta

Jillian Harker (formerly Vincent) is a Portfolio Officer, Personal Information Protection Act with the Office of the Information and Privacy Commission of Alberta. Jillian holds degrees in both molecular genetics and law and is a member of the Alberta bar. Prior to joining the Office of the Information and Privacy Commissioner she spent several years in private practice at a national firm advising clients on privacy, employment and technology issues.

UPDATE FROM THE OPC – NEW REGIONAL TORONTO OFFICE

This presentation will provide an overview and update on the Office of the Privacy Commissioner of Canada’s (OPC) new regional office in Toronto, and will review the reasons and purpose for opening a regional office, proposed activities that will be undertaken, and how the OPC’s Toronto office will play a role and contribute to the OPC’s overall investigations and outreach strategy. In addition, the speaker will provide an update on recent OPC activities, including the OPC’s mortgage brokers’ audit.

Chairperson
Kim Kreutzer Work
Acting Manager – Legislation and Policy
Service Alberta
Government of Alberta

Kim is a senior legislation and policy advisor with Service Alberta, the Ministry responsible for Alberta’s Personal Information Protection Act (PIPA) and the Freedom of Information and Protection of Privacy Act (the FOIP Act).

Since joining the ministry in 2002, much of Kim’s work has revolved around PIPA, from the development of the Act in 2003, through its review in 2007 by the all-party committee of the Alberta Legislature, to the enactment of the May 2010 amendments. She has also worked on several PIPA publications for private-sector organizations and has made various presentations to government ministries and business associations on an organization’s duties and responsibilities under PIPA.

Kim has also undertaken various projects involving the public-sector access and privacy legislation and is presently involved in the legislated review of the FOIP Act.

Robin Gould-Soil
Director, PIPEDA
Office of the Privacy Commissioner of Canada

Robin Gould-Soil, is the Director, PIPEDA at Office of Privacy Commissioner of Canada (OPC) through an Interchange program from TDBFG, a position she has held since July 2010. Prior to joining the OPC, Robin was the Chief Privacy Officer of TDBFG, a position she held since November 2000. In this role, she was charged with overseeing the development and execution of the Bank’s global privacy strategy as well as that of insurance, securities and other subsidiaries in Canada.

Robin responsibilities included championing a strategic approach to privacy enterprise-wide; ensuring the integration of privacy management into business planning and operations, fostering the development of a privacy culture and mindset within the organization through privacy training, education and other communications; advising employees on resolving privacy complaints and requests; monitoring risk/control issues and developing tools to help implement, monitor and evaluate compliance through the organization; and liaising with external privacy bodies and industry groups.

Robin is a recognized privacy leader within Canada. She has obtained CIPP/C certification. Robin is a former executive member of the Canadian Chief Privacy Officers’ Association ; CMA privacy and ethics committee and is on the Advisory Board of the International Association of Privacy Professionals (IAPP) as well as a member at the Canadian Bankers Association’s privacy specialist group. As a privacy practitioner, Robin brings to the table first-hand experience working in the many domains affected by privacy. Since first joining TDBFG, over 25 years ago, she has held positions and accumulated diverse knowledge in all areas of the business, from production development, project management, operations management and IT thought-out the organization.

Moderator
Drew McArthur
Principal
The McArthur Consulting Group

Drew retired in late 2007 after a rewarding 35 year career with TELUS that spanned many functions, including operations, customer service, marketing and most recently as Vice President Corporate Affairs and Chief Compliance Officer. As Chief Compliance Officer, Drew was responsible for legal and regulatory compliance for all of TELUS’ operations, reporting to the Audit Committee of the Board of Directors. The responsibilities of this role included ensuring TELUS had the appropriate controls, policies and measurements in place to be compliant with many areas of law and regulation, including CRTC regulations, insider trading, competition law, privacy and record retention. He has many years experience dealing with compliance and privacy issues of a practical nature, and has worked throughout Canada to represent industry and other stakeholders in various initiatives.

Most recently, Drew played a pivotal role working with many stakeholders to develop information breach notification guidelines, which have been adopted by the Office of the Privacy Commissioner of Canada and provincial privacy commissioners.

Drew continues to work in the field of privacy and compliance, providing the unique perspective of a practical understanding of policy development and brings it to life within a large, complex organization with many diverse operational units.

Frank Work Q.C.
Information and Privacy Commissioner of Alberta
Office of the Information and Privacy Commissioner of Alberta

Alberta's second Information and Privacy Commissioner appointed in 2002
Mr. Work was born in Calgary, received his Bachelors Degree in Political Science and Masters Degree in Environmental Design from the University of Calgary and obtained a law degree in 1981 from McGill University. He practiced corporate commercial law in Calgary, worked for the Attorney General of Bermuda, and was seconded to the United Nations Environmental Program.
After returning to Canada in 1987, Mr. Work took a contract position with the World Bank and was assigned to the country of Mauritius.
From 1991 to 1996 Mr. Work worked as Parliamentary Counsel to the Legislative Assembly of Alberta, and General Counsel to the Ethics Commissioner of Alberta. In 1996 Mr. Work began his career at the Office of the Information and Privacy Commissioner as General Counsel and Assistant Commissioner. Mr. Work was appointed to a five-year term as Information and Privacy Commissioner in May 2002.

Elizabeth Denham
Information and Privacy Commissioner, British Columbia
Office of the Information and Privacy Commissioner for British Columbia

Verney Conference Management, and the Organizing Committee would like to thank Deloitte for their generous support of the "PIPA Conference 2010: Getting through the Privacy Jungle - How to see the Forest and the Trees", and this year's Networking Reception.

Join your colleagues and fellow participants for a relaxing break, and some light discussion after a great day of insightful and interesting sessions!

Elizabeth Denham
Information and Privacy Commissioner, British Columbia
Office of the Information and Privacy Commissioner for British Columbia

Chairperson
Elizabeth Denham
Information and Privacy Commissioner, British Columbia
Office of the Information and Privacy Commissioner for British Columbia

Aritha van Herk
Professor, Writer
University of Calgary

Aritha van Herk is a novelist, writer, teacher and editor working within Canadian Literature, belles-letters and contemporary culture. Her award-winning novels and essays have been published and praised nationally and internationally, and her work is the subject of dozens of studies, theses, and papers.

Her first novel, Judith, received the Seal First Novel Award in 1978. Her second novel, The Tent Peg, appeared in 1981, and her third novel, No Fixed Address, was nominated for the Governor General's Award for fiction in 1986. Places Far From Ellesmere, a geografictione blending geography and fiction, examines the conjunction of place, autobiography, and reading from the perspective of Anna Karenina and Ellesmere Island. Restlessness, a fictional examination of contemporary melancholia, is set in the Edwardian gloom of the Palliser Hotel in the picaresque core of Calgary, Alberta. Her critical and non-fiction works, A Frozen Tongue and In Visible Ink, interrogate urgent questions of reading and writing as integral to contemporary culture. Her irreverent but relevant history of Alberta, Mavericks: An Incorrigible History of Alberta, won the Grant MacEwan Author's Award for Alberta Writing. That book frames the new permanent exhibition on Alberta history, which opened at the Glenbow Museum in 2007; her latest book, Audacious and Adamant: the Story of Maverick Alberta, accompanies that exhibit. She has also edited seven anthologies of essays and short stories, including most recently Carol Shields: Evocation and Echo (2009).

A University Professor and Professor of English at the University of Calgary, she has taught and mentored innumerable Creative Writing and Canadian Literature students who have gone on to publish their work.

Aritha van Herk is a Fellow of the Royal Society of Canada, and is active in Canada's literary and cultural life. She serves on the Board of Directors for The Walrus, for the Friends of Canadian Broadcasting, and on the Sheldon Chumir Foundation for Ethics in Leadership. The author of hundreds of reviews and articles on contemporary literature and history, she is active in the cultural life of the west, the nation, and the world.

You have invested hundreds of hours and a pile of money to keep your data private with technology and policies. Good for you, but are you sure that you are not part of the problem? You are probably leaking private information without even knowing it.

In this session, professional hacker Brad "RenderMan" Haines will show how easy it is to steal personal information through devices we all use every day.

Chairperson
Drew McArthur
Principal
The McArthur Consulting Group

Drew retired in late 2007 after a rewarding 35 year career with TELUS that spanned many functions, including operations, customer service, marketing and most recently as Vice President Corporate Affairs and Chief Compliance Officer. As Chief Compliance Officer, Drew was responsible for legal and regulatory compliance for all of TELUS’ operations, reporting to the Audit Committee of the Board of Directors. The responsibilities of this role included ensuring TELUS had the appropriate controls, policies and measurements in place to be compliant with many areas of law and regulation, including CRTC regulations, insider trading, competition law, privacy and record retention. He has many years experience dealing with compliance and privacy issues of a practical nature, and has worked throughout Canada to represent industry and other stakeholders in various initiatives.

Most recently, Drew played a pivotal role working with many stakeholders to develop information breach notification guidelines, which have been adopted by the Office of the Privacy Commissioner of Canada and provincial privacy commissioners.

Drew continues to work in the field of privacy and compliance, providing the unique perspective of a practical understanding of policy development and brings it to life within a large, complex organization with many diverse operational units.

Brad "RenderMan" Haines
Hacker/Security Consultant
RenderLab.net

Brad 'RenderMan' Haines is one of the more visible and vocal members of the wardriving community, appearing in various media outlets and speaking at conferences several times a year. Render is usually nearby on any wardriving and wireless security news, often causing it himself. His skills have been learned in the trenches working for various IT companies as well as his involvement through the years with the hacking community. He is also the author of several security books, most recently '7 Deadliest wireless technologies attacks' from Syngress.

A firm believer in the hacker ethos and promoting responsible hacking and sharing of ideas, he wrote the 'Stumbler ethic' for beginning wardrivers and greatly enjoys speaking at corporate conferences to dissuade the negative image of hackers and wardrivers and to educate the public.

This session will provide a legal analysis of the concept of a “Fundamental Human Right”, with specific references to the consequences of breaches and other privacy violations, from the perspective of individuals whose privacy is breached, and with reference to recent legislative developments and decisions.
Includes an analysis of

• The definition of “Human Right”
• The inclusion of Privacy as a “Fundamental Human Right”
• Practical examples of how privacy legislation actually protects this human right, with reference to recent legislative developments and decisions.
• Practical and legal consequences of the violation of the right to privacy as a human right, as opposed to traditional damages.
   

Chairperson
Jillian Harker
Portfolio Officer
Office of the Information and Privacy Commissioner of Alberta

Jillian Harker (formerly Vincent) is a Portfolio Officer, Personal Information Protection Act with the Office of the Information and Privacy Commission of Alberta. Jillian holds degrees in both molecular genetics and law and is a member of the Alberta bar. Prior to joining the Office of the Information and Privacy Commissioner she spent several years in private practice at a national firm advising clients on privacy, employment and technology issues.

Julio Arboleda
Partner
Borden Ladner Gervais LLP

Julio Arboleda is a partner in our Calgary office. Mr. Arboleda was admitted to the Alberta Bar in 1997, and has given numerous presentations on Privacy topics.
Mr. Arboleda first dealt with Privacy issues in 1996 when, as a member of the University of Calgary team in the Phillip C. Jessup Internal Law Moot, he was responsible for arguing then emerging European law with respect to Privacy. He placed first in the Canadian National Round, and second in the preliminary Worldwide Round (Washington D.C.) hosted by the American Society of International Law.
Following this, he completed a Masters in Law (LL.M.) in e-business from Osgoode Hall, York University, Toronto in 2004. His masters paper was on the impact of the privacy legislation on corporate mergers and acquisitions.
Mr. Arboleda has advised numerous clients with respect to privacy issues arising in mergers and acquisitions, the design and implementation of national and international privacy compliance programs and other privacy related legal matters. In addition, he has handled privacy breaches and represented a client during an investigation by the Privacy Commissioner under the Alberta privacy legislation.

There are few areas of information protection more misunderstood and neglected than data disposal, even though it may be the point at which information is most at risk. Organizations that are otherwise conscientious about data protection, often give little or no unified direction to employees about acceptable methods of information destruction, leaving them to devices and processes that result in regulatory non-compliance, competitive espionage and embarrassing headlines. In this session, a globally recognized expert in data destruction legislation and policy development will walk attendees through a streamlined process for creating data destruction policies that provide the direction employees need. The presentation will review the persistent problem of organizations failing to take safe information destruction into account, using examples drawn from headlines in Canada and around the world, and will provide advice on the following:

• How to avoid falling victim to senseless privacy or security breaches resulting from unsafe information destruction;
• How to cope with new information destruction challenges in an era when many documents only ever exist in electronic form;
• How to ensure employee compliance with information destruction requirements.
   

Chairperson
Jill Clayton
Information and Privacy Commissioner of Alberta
Office of the Information and Privacy Commissioner of Alberta

After taking a brief reprieve to British Columbia, Ms.Clayton returned to the Alberta Office, being appointed as Alberta's Information and Privacy Commissioner in February 2012.

Jill joined the Office of the Information and Privacy Commissioner of Alberta in 2004, shortly after the Personal Information Protection Act (PIPA) came into force. As a Portfolio Officer with the PIPA Team, she was responsible for investigating and mediating privacy complaints and requests for review. She then moved into the role of Director - PIPA where she headed up the Office's team in the Calgary Office.

As a privacy consultant for a number of years, Jill assisted organizations in health care, oil and gas, telecommunications, non-profit and other sectors with their privacy compliance implementation activities, including: compliance audits, policy development, privacy impact assessments, and training and awareness.

Robert Johnson
Founder, Chief Executive Officer
NAID

Robert Johnson is founder and Chief Executive Officer of the National Association for Information Destruction (NAID), a 16-year old non-profit watchdog organization originally formed in the U.S. to develop standards and ethics for the information destruction industry. Johnson has since spearheaded the expansion of NAID to Canada, Europe and Australia and serves as Executive Director of NAID-Canada in addition to his other responsibilities. NAID now has over 1000 member companies worldwide.
Johnson had advised governments and privacy authorities all over the world on the development of privacy legislation that takes safe information destruction into account. He is also a frequent speaker on these topics at conferences in North America, Europe and Australia.

The management of privacy issues associated with new technologies is complicated by their rapid evolution. Point in time PIAs are not well suited to such change. A better alternative is provided by a comprehensive IT privacy governance regime at the enterprise level. Such a regime can provide a basis for the evaluation of any technology, old or new. This presentation will describe a methodology for such a regime.

Chairperson
Adam Kardash
Partner
Heenan Blaikie

Adam Kardash is co-head of Heenan Blaikie’s National Privacy and Information Management group, and Managing Director and Head of Access Privacy, a Heenan Blaikie consulting services company.

Adam has extensive experience in the privacy law area, and regularly advises on a broad range of data protection issues and privacy compliance initiatives. He assists in-house counsel and Chief Privacy Officers of organizations in the private, health and not-for-profit sectors on conducting privacy impact assessments and privacy and security reviews/audits; drafting privacy policies, practises and procedures; undertaking privacy compliance initiatives; managing security breaches; representing organizations on privacy regulatory investigations, and the drafting and negotiation of service provider arrangements involving personal information, including transborder data flows.

Adam and Priscilla Platt co-authored and launched Heenan Blaikie’s electronic guide to Ontario's public sector access and privacy legislation. The guide, AccessPrivacy.ca, is an innovative tool to assist institutions and the public to understand the developments of the law in these areas.

Alec Campbell
President
Excela Associates Inc.

Alec Campbell is the president of Excela Associates Inc., which provides privacy consulting services across Canada from its base in Edmonton, Alberta. Before establishing Excela in 2006, Alec held senior privacy positions in the Government of Alberta and Alberta’s Office of the Information and Privacy Commissioner. In the Commissioner’s office, he led the development of that office’s privacy impact assessment process. At the Government of Alberta, he founded the Information Access and Protection of Privacy Certificate Program at the University of Alberta and led government IT privacy functions, including the development of the award-winning GAEA Privacy Architecture.

Privacy professionals are acutely aware that a privacy regime cannot be successfully implemented within an organization unless it is supported by an overarching culture of privacy. Building a culture of privacy starts with the hiring of the right employees or contractors, is supported by the right training and awareness and is reinforced by appropriate monitoring for compliance. This session with provide steps privacy professionals can take to minimize the possibility of hiring high-risk employees, provide guidance on the development of training and awareness programs to ensure that all employees and contractors are aware of and commit to their privacy-related obligations and the mechanisms organizations can use to monitor compliance with the organization’s privacy policies.

Chairperson
Rick Klumpenhouwer
Manager, Consulting Services
Cenera

Rick Klumpenhouer, Manager Consulting Services, Cenera. Rick has over 20 years experience in various aspects of information management, archives, and privacy. He holds a Masters degree in history from the University of Western Ontario and a Masters in Archival Studies from the University of British Columbia. He was Executive Director of the Legal Archives Society of Alberta from its founding in 1990 to 1997. He was Coordinator, Records Management later Information Management and Privacy at the Calgary Health Region between 1997 and 2002, when he joined Denham and Associates as a privacy consultant. He has been with Cenera since September 2003.

John Jager
Vice President, Research Services
Nymity

John Jager, CIPP/C, is an accredited and experienced privacy professional who has been Nymity’s Vice President of Research Programs for 3 years. His experience in privacy includes 2 years as the Chief Privacy Officer at Sears Canada Inc. John is the chair of the Canadian Marketing Association’s Privacy and Ethics Committee. John delivers Nymity’s Breach Response Training Workshops and has created Nymity’s Breach Response Centre, a component of PrivaWorks.

Whether you are the new Chief Privacy Officer, or an old one whose just been tasked with making sure “we don’t get sued due to privacy”, this session is for you. We will discuss, in layman’s terms, how to map out a privacy architecture in a ‘clouded’ world; some of the tools used to compromise your data; dealing with the worst offenders: trusted or incompetent insiders; and what kind of action plan you need to take once a privacy breach is discovered.

Chairperson
LeRoy Brower
Assistant Commissioner, Policy & Adjudication
Office of the Information & Privacy Commissioner for British Columbia

LeRoy Brower joined the Office of the Information & Privacy Commissioner, as the Assistant Commissioner, Policy & Adjudication in early 2011. He is formerly the Director, Health Information Act (HIA) for the Alberta Office of the Information and Privacy Commissioner. Over the past six years he has led the health team in providing oversight of the HIA. This role involves investigation of privacy complaints, mediation of access requests and reviewing and commenting on privacy impact assessments submitted to the Commissioner. LeRoy has previously held FOIP positions within the Alberta Government as: FOIP Coordinator, Municipal Affairs; FOIP Advisor, Environment & Energy; and FOIP Coordinator, Social Services. LeRoy was a child abuse investigator for Social Services prior to becoming involved in the field of privacy.

Rachel Hayward
Portfolio Officer
Office of the Information and Privacy Commissioner of Alberta

Rachel Hayward has worked in the privacy field for 10 years. Currently she is working as a Portfolio Officer with the Office of the Information and Privacy Commissioner of Alberta. In her role Rachel is the OIPC representative for health research, PCNs, the Health Quality Council of Alberta and several other Health professional bodies.

Prior to her current role Rachel was a manager with Deloitte with a focus on privacy and risk management. In this role she worked with provincial, national and international organizations to help them achieve their privacy goals and requirements.

Rachel holds a master's degree in public administration and is certified information privacy professional.

Tara Perverseff
Portfolio Officer
Office of the Information and Privacy Commissioner of Alberta

Tara Perverseff is a Portfolio Officer with the Office of the Information and Privacy Commissioner of Alberta, and formerly a Senior Consultant with the Calgary office of Deloitte & Touché. Tara’s experience in records management includes data classification reviews, records management program reviews, vital records identification, the creation of a records management program framework, and policy development. Tara’s work in the area of privacy is cross-jurisdictional including experience with Provincial and Federal legislation, standards, and guidelines across Canada. Her work on privacy includes the development of policies, procedures, and guidelines, privacy program design review, and extensive work with privacy gap and impact assessments and the identification and remediation of risk. Tara has a Master of Arts Degree in Sociology from the University of Calgary specializing in Criminology and Media.

Many privacy observers are considering the "Internet of Things" as the newest technological development to raise an array of privacy concerns. While the Internet of today connects billions of people, the Internet of Things refers to the connection of billions of objects and devices through sensors, RFID tags, near-field communications, and other technologies. This panel will describe examples of the Internet of Things, with an emphasis on the explosion in the amount of personal information that will be created, collected, used, disclosed and otherwise managed as a result. The discussion will then focus on a consideration of appropriate privacy governance frameworks that will enable society to reap the vast potential of these emerging technologies while at the same time respecting individual privacy.

Chairperson
Darrel Woods
Portfolio Officer
Office of the Information and Privacy Commissioner for British Columbia

Darrel Woods has been a Portfolio Officer with the Office of the Information and Privacy Commissioner for British Columbia since 2005. He previously practised law in a Victoria partnership and as a sole practitioner with an emphasis on personal law and alternate dispute resolution, particularly mediation. He was a founding member of the CBABC Alternate Dispute Resolution subsection and of the Victoria Collaborative Family Law Group.

Adam Kardash
Partner
Heenan Blaikie

Adam Kardash is co-head of Heenan Blaikie’s National Privacy and Information Management group, and Managing Director and Head of Access Privacy, a Heenan Blaikie consulting services company.

Adam has extensive experience in the privacy law area, and regularly advises on a broad range of data protection issues and privacy compliance initiatives. He assists in-house counsel and Chief Privacy Officers of organizations in the private, health and not-for-profit sectors on conducting privacy impact assessments and privacy and security reviews/audits; drafting privacy policies, practises and procedures; undertaking privacy compliance initiatives; managing security breaches; representing organizations on privacy regulatory investigations, and the drafting and negotiation of service provider arrangements involving personal information, including transborder data flows.

Adam and Priscilla Platt co-authored and launched Heenan Blaikie’s electronic guide to Ontario's public sector access and privacy legislation. The guide, AccessPrivacy.ca, is an innovative tool to assist institutions and the public to understand the developments of the law in these areas.

John Salloum
Lawyer, Privacy and Information Management
Heenan Blaikie LLP

John Salloum practises with Heenan Blaikie’s Privacy Law and Marketing and Advertising Law groups. John advises on the marketing, packaging, and labelling of an array of consumer products, including regulated products such as food and alcoholic beverages. He reviews advertising and promotional materials for all media, with an emphasis on new media such as mobile browsing and text messaging, as well as promotional contests, games and sweepstakes, misleading advertising issues, and compliance with consumer protection legislation.

John also advises clients regularly on the management and retention of personal information, on best practices and the management of security breaches, and on regulatory compliance under privacy legislation.

Chairperson
Elizabeth Denham
Information and Privacy Commissioner, British Columbia
Office of the Information and Privacy Commissioner for British Columbia

Michael Geist
Professor
University of Ottawa

Dr. Michael Geist is a law professor at the University of Ottawa where he holds the Canada Research Chair in Internet and E-commerce Law. He has obtained a Bachelor of Laws (LL.B.) degree from Osgoode Hall Law School in Toronto, Master of Laws (LL.M.) degrees from Cambridge University in the UK and Columbia Law School in New York, and a Doctorate in Law (J.S.D.) from Columbia Law School. Dr. Geist has written numerous academic articles and government reports on the Internet and law and was a member of Canada's National Task Force on Spam. He is an internationally syndicated columnist on technology law issues with his regular column appearing in the Toronto Star and the Ottawa Citizen. Dr. Geist is the editor of In the Public Interest: The Future of Canadian Copyright Law, published in 2005 by Irwin Law, the editor of several monthly technology law publications, and the author of a popular blog on Internet and intellectual property law issues. Dr. Geist serves on the Privacy Commissioner of Canada's Expert Advisory Board, on the Canadian Digital Information Strategy's Review Panel, and on the Information Program Sub-Board of the Open Society Institute. He has received numerous awards for his work including the Les Fowlie Award for Intellectual Freedom from the Ontario Library Association in 2009, the Electronic Frontier Foundation's Pioneer Award in 2008, Canarie's IWAY Public Leadership Award for his contribution to the development of the Internet in Canada and he was named one of Canada's Top 40 Under 40 in 2003.

Chairperson
Drew McArthur
Principal
The McArthur Consulting Group

Drew retired in late 2007 after a rewarding 35 year career with TELUS that spanned many functions, including operations, customer service, marketing and most recently as Vice President Corporate Affairs and Chief Compliance Officer. As Chief Compliance Officer, Drew was responsible for legal and regulatory compliance for all of TELUS’ operations, reporting to the Audit Committee of the Board of Directors. The responsibilities of this role included ensuring TELUS had the appropriate controls, policies and measurements in place to be compliant with many areas of law and regulation, including CRTC regulations, insider trading, competition law, privacy and record retention. He has many years experience dealing with compliance and privacy issues of a practical nature, and has worked throughout Canada to represent industry and other stakeholders in various initiatives.

Most recently, Drew played a pivotal role working with many stakeholders to develop information breach notification guidelines, which have been adopted by the Office of the Privacy Commissioner of Canada and provincial privacy commissioners.

Drew continues to work in the field of privacy and compliance, providing the unique perspective of a practical understanding of policy development and brings it to life within a large, complex organization with many diverse operational units.

David Loukidelis
Deputy Attorney General
Government of British Columbia (and Former Information and Privacy Commissioner for British Columbia)

The government of BC has appointed former Information and Privacy Commissioner David Loukidelis Deputy Attorney General for the province, leaving the position of Information and Privacy commissioner vacant until an acting commissioner is appointed.

Loukidelis has been Information and Privacy Commissioner for the province since 1999. He has also served as Registrar of Lobbyists.

A legislative committee will select a new Information and Privacy Commissioner. In the interim, an acting commissioner will be named.