Legal Issues in Privacy & Cyber Security
Compliance and Best Practices
November 19 - 20, 2019 · Toronto, Ontario
Featuring These Industry Experts
Ferris Adi, Instructor, Cyber Security Management Program/ University of Toronto School of Continuing Studies, Former Risk Manager, TD Bank
Ferris is a Senior Cyber Security and compliance manager with Rogers, Toronto. Before Rogers, Ferris worked as Security and Risk Manager at TD bank for four years. Ferris is an experienced professional with over 20 years
of experience specializing in information security governance, IT risk management, project management, compliance, operational risk, and enterprise infrastructure and operations for clients in the Telecom, financial services,
construction, engineering, and retail industries. Ferris has also performed information security functions for the most significant public and private companies in Canada, Aecon and Symcor and TD bank. Ferris is an instructor, Cyber
Security Management Program at the University of Toronto. Ferris developed leadership skills through his career, i.e., communicating effectively, thinking strategically and analytically and solving problems. Ferris holds a Master of
Business Administration - MBA-Project Management. Ferris is a Certified Information Systems Security Professional (CISSP). Ferris is a frequent speaker at cybersecurity conferences such as ISACA Canada, CIFI Toronto Conference, CISO
forum, data connectors and information security forum in Dublin, Ireland.
Imran Ahmad, Partner, Blake, Cassels & Graydon LLP
Imran is a Partner at Blake, Cassels & Graydon LLP with a specialization in privacy, cybersecurity and technology law. As part of his cybersecurity practice, Imran works closely with clients to develop and implement
practical strategies related to cyber threats and data breaches. He advises on legal risk assessments, compliance, due diligence and risk allocation advice, security, and data breach incident preparedness and response. In addition, Imran
acts as “breach counsel” in the event of a cybersecurity incident, such as a data or privacy breach. He also provides representation in the event of an investigation, an enforcement action or a litigation. Imran is the author
of Canada’s first legal incident preparation and response handbook titled Cybersecurity in Canada: A Guide to Best Practices, Planning, and Management (LexisNexis, August 2017). In his privacy law practice, he advises clients on
compliance with all Canadian federal and provincial privacy and data management laws. He has a particular focus on cross-border data transfer issues and enterprise-wide governance programs related to privacy and information governance.
Claude Baksh, Chief Compliance Officer, Chief Risk Officer, Chief Privacy Officer and Chief AML Officer, Computershare Canada
Claude Baksh is the current Chief Compliance Officer; Chief Privacy Officer and Chief AML Officer with Computershare Trust Company of Canada (“Computershare”); and the Chief Risk Officer for
Computershare’s North American businesses (excluding loan services) and the global Issuer Services Business. Reporting to the global Chief Risk Officer and the Board, he has responsibility for developing and leading the Canadian
Compliance and North American Risk strategies and implementing programs required to improve the Risk and Compliance capabilities across the organization while ensuring compliance with all applicable legal and regulatory obligations.
Claude has over 25 years of experience in compliance, operational risk, securities and governance areas. He provides seasoned judgment and a unique leadership style based upon integrity, respect and an unwavering commitment to achieving
results in the best interest of senior management, shareholders and the company overall. His experience has allowed him to develop an excellent understanding of financial services legislation, regulations and guidelines, including market
conduct and governance matters with significant exposure to Canada, U.S., U.K. and Asia Pacific risk and compliance environment.
Dr. Ann Cavoukian, Executive Director, Global Privacy & Security by Design Centre
Dr. Ann Cavoukian is recognized as one of the world’s leading privacy experts. Dr. Cavoukian served an unprecedented three terms as the Information & Privacy Commissioner of Ontario, Canada. There she created Privacy
by Design, a framework that seeks to proactively embed privacy into the design specifications of information technologies, networked infrastructure and business practices, thereby achieving the strongest protection possible. In 2010,
International Privacy Regulators unanimously passed a Resolution recognizing Privacy by Design as an international standard. Since then, PbD has been translated into 40 languages
Dr. Cavoukian was previously the Distinguished Expert-in-Residence, leading the Privacy by Design Centre of Excellence at Ryerson University. Dr. Cavoukian is also a Senior Fellow of the Ted Rogers Leadership Centre at
Ryerson University, and a Faculty Fellow of the Center for Law, Science & Innovation at Sandra Day O’Connor College of Law at Arizona State University.
Dr. Cavoukian is the author of two books, “The Privacy Payoff: How Successful Businesses Build Customer Trust” with Tyler Hamilton and “Who Knows: Safeguarding Your Privacy in a Networked World”
with Don Tapscott. She has received numerous awards recognizing her leadership in privacy, including being named as one of the Top 25 Women of Influence in Canada, named among the Top 10 Women in Data Security and Privacy,
named as one of the ‘Power 50’ by Canadian Business, she was awarded the Meritorious Service Medal by the Governor General of Canada for her outstanding work on creating Privacy by Design and taking
it global (May, 2017), named as one of the 50 Most Impactful Smart Cities Leaders, (November, 2017), named among the Top Women in Tech, (December, 2017), was awarded the Toastmasters District 60 Communication and
Leadership Award, (April, 2018) and most recently, named as one of the Top 100 Leaders in Identity for a second year in a row, (February, 2019).
Sandeep Deol, Legal Counsel - Information Management (Privacy) and Technology, Corporate/Commercial, University Health Network
As Legal Counsel, Information Management (Privacy) and Technology, with the University Health Network, Sandeep advises on a wide range of corporate/commercial matters for UHN’s hospital sites, focusing on technology
and privacy-related projects.
Prior to joining UHN, Sandeep has worked both in private practice and in-house, with ranging clientele, from start-ups to public companies. She focuses on providing strategic advice for technology and intellectual property
transactions, including procurement relationships, outsourcing, cloud computing, SaaS, and projects involving privacy law, and licensing.
She holds a business degree from York University, Juris Doctor from the University of Windsor and an LLM from Osgoode Hall Law School.
Charles Docherty, Assistant General Counsel, Canadian Bankers Association
Mr. Docherty completed his undergraduate degrees – BA and LLB, at the University of Ottawa, and later obtained a Master’s degree in Banking and Financial Services Law from Osgoode Hall Law School. His primary
responsibilities as Assistant General Counsel at the Canadian Bankers Association (CBA) include cyber-security, legal analysis and negotiation and drafting of agreements. His areas of focus include financial services regulation with
emphasis on Bank Act, litigation (including interventions on behalf of the banking industry), privacy, and constitutional issues.
David Goodis, Assistant Commissioner, Information and Privacy Commissioner of Ontario
David Goodis is Assistant Commissioner (Policy & Corporate Services) with the Information and Privacy Commissioner of Ontario. David is a graduate of Western University’s law school, and was called to the Ontario Bar
in 1988. David has represented the IPC in hearings before the Divisional Court, the Ontario Court of Appeal, and the Supreme Court of Canada. David recently authored the 2019 Annotated Ontario Freedom of Information and Protection of
Privacy Acts, and teaches administrative law and privacy law at Osgoode Hall Law School, and administrative law at the University of Toronto’s Faculty of Law.
Elspeth M. Hagan, General Counsel, Global Compliance, McCain Foods Limited
Elspeth Hagan is General Counsel, Global Compliance at McCain Foods Limited. During her time with McCain she has had primary accountability for legal and regulatory risk management in the high-growth and diverse region
encompassing Asia Pacific, Middle East and Africa. Elspeth has also managed legal partnership with innovation and technology stakeholders at McCain and more recently assumed global responsibility for compliance, including in respect of
privacy, cyber security, and information governance; anti-corruption; competition; trade sanctions; supplier risk; and code of conduct.
Prior to joining McCain, Elspeth was chief privacy officer and handled a variety of complex commercial and compliance matters in the energy, industrial, and health-care sectors of Siemens, a global engineering firm. She
has also practiced with McCarthy Tétrault (IT/IP) in Toronto and McInnes Cooper in Saint John. She has a JD from Osgoode Hall and completed undergraduate and graduate work at the University of Toronto. Elspeth is the national
of Women General Counsel Canada and an Atlantic Region Ambassador for Women Get on Board; she participates in many committees and boards feeding her passion for strong communities, museums and diversity. Elspeth enjoys living in the
beautiful Saint John River Valley with her husband and sons.
Vanessa Henri, Lawyer, Fasken Martineau
Vanessa specializes in data protection, information security and emerging technologies. She holds a Master of Law (LLM) from McGill University on the topic of cyberespionage, is a Certified Data Protection Officer (CDPO)
and is a lecturer at the University of St-Thomas, where she teaches corporate practices in cyber security. Her studies on the Dark Net were funded by the Quebec Bar Association and published in the Canadian Journal of Law and Technology.
Vanessa has appeared as an expert in various media events and is sought after as a public speaker in key industry conferences around the world, including in Silicon Valley, Tokyo and Paris. Prior to joining Fasken, Vanessa was Director
of Legal and Data Privacy as well as a Data Protection Officer at Hitachi Systems Security, the division of the Hitachi Group which focuses on information security.
Michel Jutras, General Compliance Officer, Air Canada
Michel Jutras is a seasoned corporate legal and compliance professional and consultant.
He has extensive professional and business experience in multinational corporations operating in very diverse jurisdictions and industry sectors.
Michel joined Air Canada in 2013 as its General Compliance Officer.
Reporting to the Chief Legal Officer, Michel plays a key role in identifying and assessing compliance risk across the business and is responsible for developing effective and sustainable compliance and ethics programs for Air Canada.
Michel has also previously served as Compliance Leader at GE Capital Canada and as General Counsel, Corporate Secretary and compliance leader of a number of businesses within the Rio Tinto (UK) mining group for well over
He holds a B.A (History and Political Science) from the University of Ottawa and a Bachelor of Laws (Common and Civil Law) degree from McGill University.
Mark Hayes, Hayes eLaw LLP
Mark is one of Canada's best known technology, copyright and privacy lawyers. His practice focuses on commercial and litigation matters relating to intellectual property and copyright, entertainment and media, information
technology and Internet privacy and access to information. Mark has extensive experience with regulatory matters and Canadian federal tribunals, including the Copyright Board of Canada. Mark’s clients range from Fortune 500
companies to individual website operators, and include a number of industry associations. Mark has for several years provided pro bono legal services to Child Find Manitoba, the Canadian Centre for Child Protection and www.cybertip.ca,
the Canadian child pornography tip line.
Constantine Karbaliotis, Director, PWC Canada
Constantine Karbaliotis is an expert in global privacy compliance and privacy management, with numerous privacy credentials (CIPP/C/US/E, CIPT, CIPM and FIP), Constantine regularly speaks, teaches and participates
internationally at privacy events. Constantine recently joined as a director at PwC Canada in its privacy practice, after serving as Vice-President for Nymity, a software company serving privacy offices. Prior to that
Constantine was global chief privacy officer for Mercer where he managed the company's internal compliance and the development and implementation of privacy programs, policies, and initiatives. Before Mercer, Constantine led the global
privacy compliance program at Symantec, following his role as an executive consultant at CGI leading its privacy and security practice in Toronto. Before beginning his career in privacy, Constantine ran his own law practice. Constantine
holds a J.D. from Queen's University at Kingston, Ontario and was called to the Bar of the Province of Ontario in 1986.
Vance Lockton, Manager, Digital Compliance, Waterfront Toronto
Vance Lockton is the Manager, Digital Governance for Waterfront Toronto. In this role, he is focused on ensuring that strong privacy, cybersecurity, and data governance principles and protections are incorporated into
intelligent community developments on Toronto’s Eastern Waterfront, including the current Sidewalk Toronto project. Prior to coming to Waterfront Toronto, Vance spent 7 years with the Office of the Privacy Commissioner of Canada
(OPC) across a variety of roles, including policy development, business advisory and stakeholder relations functions. Vance has an M.Sc. in Computer Science and an M.P.P. in Public Policy; he also holds both the Certified Information
Privacy Professional/Canada (CIPP/C) and the Certified Information Privacy Manager (CIPM) from the International Association of Privacy Professionals (IAPP).
Iain Paterson, Managing Director, Cycura Inc.
Iain is a Cyber Security veteran with more than 16 years of experience in Information Security. He has designed and run security operations programs in large Banking, Healthcare, and Government organizations. His
experience as a practitioner brings a critical understanding of the needs and challenges of organizations and bridges the gap between technologist and senior management.
As Managing Director of Cycura’s professional services group, Iain acts as project executive on Offensive Security and Incident response initiatives.
Iain holds information security designations from ISC2, SABSA, and ISACA and an MBA from Athabasca University in Alberta, Canada.
Cycura Inc. is an Offensive Cyber Security R&D company headquartered in Toronto. We provide bespoke security engagements and services of a proactive and offensive nature. We specialize in zero-day vulnerability
research and exploit development, Red Team exercises, penetration testing, source code analysis, reverse engineering and breach response.
Our Goal: To enable Defenders to close the knowledge/experience gap between them and cyber criminals through proactive, offensive services and customized tools such as our Atomizer solution.
Cycura’s mission is to protect our customer’s intellectual property by providing individualized cyber security services, conducting cutting edge vulnerability research, and enabling customers to discover
unknown vulnerabilities efficiently.
Recent Media Article: https://issuu.com/mohawkcollege/docs/momentummagazinespring2019/18
Holly Shonaman, Chief Privacy Officer, Royal Bank of Canada
Holly has enjoyed a 20+ year RBC career and is responsible for the privacy risk management program across all businesses and functions. The program is supported by an enterprise team as well as a UK/EU Data Protection
Officer and Privacy Officers worldwide.
Holly has held a variety of roles at RBC, including strategy, sales strategic initiatives, communications and risk oversight. She began her RBC career as a lawyer with an M&A and bank regulatory focus. She holds a bachelor
and masters of law, and is a Certified Information Privacy Manager.
Pam Snively, VP, Chief Data & Trust Officer, TELUS
Pamela Snively is TELUS’ Chief Data & Trust Officer. She leads the team responsible for privacy and, more broadly, data governance. Pamela is charged with enabling and supporting TELUS’ commitment to earning
and maintaining customer trust through demonstrably accountable and ethical data practices.
Pamela participates in a number of national and international think-tanks and governance bodies related to privacy and data governance, including serving as a Board member for the Information Accountability Foundation, on
the Privacy Advisory Committee for the Sidewalk Labs Waterfront Toronto project, and on the Privacy and Data Advisory Committee for the Canadian Marketing Association.
Isaac Straley, Chief Information Security Officer, University of Toronto
Isaac holds the inaugural appointment of chief information security officer (CISO) at the University. In this dynamic role, Isaac reports to the chief information officer (CIO), and has oversight of the tri-campus
Information Security program for the University of Toronto, ensuring that the U of T’s networks, systems, and information are protected in a way that enables the missions of the university. In his last role, Isaac was at the
University of California, Irvine for 13 years, where he held a dual post of both CISO and privacy officer.
Sylvia Kingsmill, Partner, National Lead, Privacy, Regulatory & Information
Sylvia has over 15 years‘ experience providing strategic, risk management and compliance advisory services, serving both the public and private sectors. She advises executive teams on data-driven digital strategies to
support major business transformations in alignment with new regulations, policy and data governance trends, having successfully deployed national health registries, patient portals and data analytics platforms.
Her specialty is transforming existing corporate compliance and privacy programs in response to internal audits, regulatory findings and exams. She often deals with Privacy Commissioners remediating compliance orders, and
has advised on some of the largest, high-profile data breach investigations.
Sylvia is a lawyer by training and often speaks about the intersection of emerging technologies, trustworthy AI, ethical use of data, privacy and regulatory expectations. Her privacy career began at the Information Privacy
Commissioner's office (for Ontario) where she conducted extensive pan-Canadian privacy reviews involving consent management, cross-border data flows, data sharing models and outsourcing issues, and amended privacy regulations to enable
registries to operate seamlessly for eHealth initiatives.
Sylvia launched the Privacy by Design Certification Program together with Dr. Ann Cavoukian, former provincial privacy regulator, for readiness against the new General Data Protection Regulation (GDPR), having successfully
certified several global organizations for proof of compliance to privacy regulators.
Professional and Industry Experience - Highlights
- Canadian Chair, ISO PC/317 (31700) Consumer Protection: Privacy by Design for Consumer Goods and Services
- Advisor, CIO Strategy Council, CICSO 101:2019 Automated Decision Systems using Machine Learning, Ethics by Design and Ethical Use
- Interim Chief Privacy Officer for a Canadian non-for-profit health organization with global operations
- Special Advisor to the International Council on Global Privacy and Security by Design, advising on the deployment of privacy enhancing technologies involving AI, Big Data, & Ethics by Design
Erica Zarcovich, General Counsel and Chief Privacy Officer, Cancer Care Ontario
Erica Zarkovich is the General Counsel, Chief Privacy Officer & Corporate Secretary of Cancer Care Ontario (CCO). CCO is the Ontario government’s advisor on the cancer and renal systems, as well as on access to care
for key health services and is one of the key agencies being amalgamated into Ontario Health (OH). Prior to her position at CCO, Erica worked at a Bay Street law firm practising corporate law. Erica holds an HBSc from Trinity College,
University of Toronto, an LLB from Queen’s University, and an LLM from Osgoode Hall Law School. She lives in Toronto with her husband and two children.