Richard practices technology and privacy law with a focus on artificial intelligence, privacy and security including cybersecurity, cloud computing, technology and business process outsourcing, applications development and software audits. Prior to returning to private practice, Richard was General Counsel at EDS Canada for 18 years where he headed a team of lawyers and contract professionals with responsibility for the legal aspects of EDS’ business in Canada. Richard is a member of the Executive Education Faculty of the Centre for Outsourcing Research and Education (CORE), is a former Director and President of the Canadian Technology Law Association and is a member of the ITechLaw Responsible AI Committee. Richard has been recognized in the Canadian Legal Lexpert Directory, as Consistently Recommended for Computer & IT Law and Technology Transactions and by Best Lawyers in Canada for Information Technology Law, Privacy and Data Security Law and Technology Law. Richard is Best Lawyers in Canada Lawyer of the Year for Information Technology Law in Toronto for 2020.
Paige Backman is a partner at Aird & Berlis LLP and the Chair of the firm’s Privacy & Data Security Group and Co-Chair of the Technology Group. Paige has developed expertise in data protection and technology related matters and is a prominent legal practitioner in these fields. Paige counsels multinational and domestic entities on compliance with Canadian privacy laws and cyber security, including cyber terrorism, preventing and managing data breaches, obligations on breach notification and processes surrounding complaints and investigations relating to breaches. Paige has been recognized in The Best Lawyers in Canada for her expertise in Privacy and Data Security Law.
Ms. Bertheau leads the business development activities for Aon’s Cyber Solutions, which include a broad spectrum of cybersecurity consulting services, risk mitigation strategies, incident response expertise, as well as the recovery of financial losses associated with a cyber attack. She is a frequent guest speaker and panelist at high-level conferences across the country on the topic of the evolving threat landscape. Connected to a global network of security, legal and insurance specialists, Ms. Bertheau facilitates discussions on cyber resilience with public and private sector clients to optimize investment decisions and design tailored risk transfer solutions.
Ian Birdsey is a Cyber and TMT specialist with more than a decade’s experience focusing on data protection matters (including data breaches), technology related disputes and media litigation. He is a partner in Clyde & Co’s UK cyber team, advising corporate, SME and insurer clients on managing domestic and international cyber incidents and data breaches, claims and recovery actions, regulatory investigations and subsequent litigation including group claims.
Ray is the Associate Partner for the Canadian Public Sector within IBM Security. Given his deep background in national security, as well as consulting within the realm of threats to organizational assets and activities, Ray is focused on assisting IBM clients to better identify and mitigate security risks in an integrated, strategic manner.
Previously, Ray was appointed as the first Security Advisor for the Province of Ontario. While reporting to the Secretary of Cabinet, Ray supported efforts to protect provincial assets from events that could adversely affect services, networks and facilities that are critical to Ontario’s economy, public safety and security.
Just prior, and during a five-year tenure as President of I-Sec Integrated Strategies, Ray delivered business intelligence solutions affecting core challenges such as cyber and insider threats, while guiding resilience building and opportunity pursuits with an emphasis exploiting geo-strategic foresight. He also consulted on global business strategies such as M+A opportunities with potential National Security risks.
At the outset of his career, and after five years in federal policing with the RCMP, Ray joined the Canadian Security Intelligence Service (CSIS) in 1984 and retired in 2012 as the Assistant Director responsible for the Intelligence Directorate. During his tenure at CSIS, Ray was involved in broad facets of security intelligence operations such as leadership for Intelligence Assessments, the Counter Terrorism Branch, as well as driving national security priorities pertaining to Operational Risk, Data Exploitation and Covert Operations.
Jennifer Brough has been an in-house lawyer at Vancity credit union since December 2010. Prior to then, she worked at law firms in Vancouver and in New York. She provides advice relating to contracts, IT issues, privacy, marketing and financial products and services.
Noemi is a Senior Manager in Deloitte’s Data Protection and Privacy practice in Toronto. She provides privacy and data protection advisory services for organizations seeking to deliver new and better services for their clients and the community, advising in the areas of regulatory compliance, data protection, information privacy, cybersecurity strategy, and risk management. She specializes in serving technology, healthcare, retail, and public sector clients participating in new initiatives that involve the collection or use of personal information.
IAPP profile: https://iapp.org/about/person/0011a00000RvglnAAB/
David Crane is a partner in the Business Law and Information Technology Law groups of the Vancouver office of McCarthy Tétrault LLP, a Canadian law firm. His practice focuses primarily on complex commercial transactions, in particular those involving technology and intellectual property. For over 15 years, David has been assisting clients in a wide range of sectors with their complex and strategic technology-related transactions, including technology procurement, business process and technology-based outsourcings, IT systems development, integration and implementation projects, inbound and outbound technology licensing, cloud (SaaS, IaaS, PaaS) services agreements, data sharing arrangements and strategic alliance arrangements. He also provides strategic advice with respect to privacy and data protection, cybersecurity (including data breach preparedness and response), technology and data commercialization, intellectual property, e-commerce, procurement, blockchain, artificial intelligence, anti-spam and social media. Earlier in his career, David practised as in-house counsel for a TSX-listed international technology product development company. David frequently speaks at industry and legal conferences and is a director on the Board of the Canadian Technology Law Association. He received a B.Comm. (Honours with Distinction) from the University of Manitoba in 1997 and his LLB from the University of British Columbia in 2001. He was called to the British Columbia bar in 2002.
Jennifer Davidson practices technology law and intellectual property law at Deeth Williams Wall LLP, advising clients on the various stages of commercializing innovations including outsourcing transactions, licensing, privacy and regulatory considerations, particularly with respect to emerging technologies and artificial intelligence. Jennifer also advises clients on a range of cybersecurity issues, including cyber incident planning and response, and counsels clients on intellectual property protection, predominantly in issues involving online brand protection.
Jennifer is a Board Member and Executive Member of the Canadian Technology Law Association, Vice Chair of the Ontario Bar Association (IP / IT Law Section), and a Toronto Council Member of Technion Canada. Jennifer is a frequent speaker and writes regularly on IT and IP law.
Rafael Eskenazi has been the Director of University of Toronto’s Freedom of Information and Protection of Privacy Office since 2006. From 1999 until 2006, Rafael was at the Ontario Ministry of Government Services Access and Privacy Office, which is responsible for FIPPA and MFIPPA. From 1991 to 1999, he was an appeals officer, mediator and acting adjudicator at the Information and Privacy Commissioner, Ontario.
Debra Finlay* is a senior partner in McCarthy Tétrault’s Business Law Group in Vancouver. She manages all aspects of complex commercial transactions for domestic, international, public and private sector clients. Her practice is primarily focused on the areas of private company mergers and acquisitions and corporate commercial law, including matters regarding data security and privacy. In 2019, Debra was named “Lawyer of the Year” in the area of Privacy and Data Security Law (Vancouver) and in 2020 she is also recognized as a leading Privacy and Data Security Law lawyer by Best Lawyers in Canada.
Debra is an active member of the community and currently sits on the Vancouver Symphony Orchestra’s board where she chairs the governance and nominating committee. She also sits on the board of The Bloom Group, an organization that focuses predominantly on responding to the urgent needs of Vancouver’s Downtown Eastside. Within McCarthy Tétrault, Debra led the development of a thought leadership program for clients and friends of the firm held at the Morris J. Wosk Centre for Dialogue. Some of the program’s topics included Vancouver’s crime and policing, arts and culture within the city, and the future of the Port of Vancouver.
Debra attended the University of Calgary obtaining her BA in 1988 and her LLB in 1992. She was called to the Alberta Bar in 1993 and the British Columbia Bar in 1994.
*denotes law corporation
John is an experienced IT Risk and Security transformation leader with over 30 years of experience. He brings over 25 years of pragmatic experience in helping clients to transform their IT risk and security organizations, solutions and processes to meet the ever changing regulatory and customer requirements. He brings extensive experience in working with financial institutions, including helping define their Digital Crown Jewels and identify and assess their key cyber and infrastructure security controls and solutions. He has assisted financial institutions in meeting their regulatory requirements, including responding to OSFI and HKMA cyber regulatory requests and assessments. John brings extensive knowledge in information security Risk Management, technical security architecture design, Cyber maturity assessments, application security, and security compliance.
John is a Chartered Accountant and holds the Certified Information Systems Auditor (CISA) and Certified Information Systems Security Professional (CISSP) designations.
Suzanne has built a strong practice in access and privacy law. She advises both public and private sector employers on their responsibilities as they navigate the implications of the Freedom of Information and Protection of Privacy Act (FIPPA), the Personal Information Protection Act (PIPA), the Personal Information Protection and Electronic Documents Act (PIPEDA) and other related legislation. Suzanne regularly provides one-on-one training to in-house privacy and access coordinators on responding to access requests, conducting internal investigations, and the use of internal system information. In addition to privacy law, Suzanne has extensive experience in education and health law. Suzanne has represented various healthcare and educational professionals and organizations, providing advice in a range of areas including employment, professional regulatory proceedings and compliance, court and administrative tribunal proceedings, procurement, and contract negotiations.
Patricia Kosseim brings to the IPC significant experience and a wealth of knowledge in the areas of privacy and access law, having worked in public, private and health sectors, and across various jurisdictions.
Prior to joining the IPC, Patricia was counsel in Osler’s Privacy and Data Management Group where she provided strategic advice to clients on matters of privacy, data governance and access law. She also led a number of thought leadership initiatives as national co-leader of Osler’s AccessPrivacy knowledge platform.
Patricia served for more than a decade as senior general counsel and director general at the Office of the Privacy Commissioner of Canada in Ottawa. During that period, she was responsible for advancing a number of major cases before the federal courts and the Supreme Court of Canada; advising on critical privacy investigations; appearing before parliamentary committees on significant legislative bills; developing national and international policies; leading a national research funding program; and, overseeing a technology analysis team and laboratory.
Patricia has also held executive positions at Genome Canada and the Canadian Institutes of Health Research, where she developed and led national strategies for addressing legal, ethical, and social aspects of health research and genomics technologies. She began her career in Montreal practicing in the areas of health law, civil litigation, human rights, privacy, and labor and employment with a leading national law firm.
Patricia has published and spoken extensively on matters of privacy law, health law, and ethics. She has taught part-time at the University of Ottawa Faculty of Law and has held many professional appointments and board memberships, including as member of the Board of Governors of the Ottawa Hospital; chair of the Board of Directors of the Ottawa Hospital Research Institute; vice-chair of the Research Integrity Committee of les Fonds de recherche du Quebec; member of the National DNA Databank Advisory Committee; and member of various expert working groups of the Organization for Economic Co-operation and Development.
Patricia obtained her business and law degrees from McGill University in Montreal, and a Master’s Degree in Medical Law and Ethics from King’s College, University of London.
Patricia is a member of the Law Society of Ontario, as well as the Barreau du Quebec. She is fluently bilingual in both official languages.
When she is not in the office — either physically or virtually — Patricia enjoys all-season, outdoor activities with her family, and their dog Rocky.
Len is a lawyer and Senior Claims Analyst in AIG Canada’s Financial Lines group, focusing on D&O, Cyber, and Employment Practices matters. Recently, in response to both internal and client needs, Len’s handling of cyber breach events has increased substantially, Prior to joining AIG, Len practiced commercial litigation at Cassels Brock & Blackwell LLP with a focus on corporate restructuring and insolvency.
Alexandra focuses on complex commercial and securities related matters focusing on regulatory compliance, transactional litigation and investigations and crisis management, including assisting clients experiencing a data breach or cybersecurity incident. She has significant experience working on behalf of financial institutions as well as mining, resource, health sciences and technology companies.
Alexandra has appeared before the British Columbia Supreme Court, the British Columbia Court of Appeal and the Supreme Court of Canada, as well as before a number of administrative tribunals, including the British Columbia Securities Commission, the Investment Industry Regulatory Organization of Canada and the Mutual Fund Dealers Association of Canada.
Susy Mendoza began her career at Nordstrom as a generalist, where she learned the ropes by supporting supply chain, brand divisions, e-comm and social media. Eventually she focused her practice on helping clients with compliance in the marketing, technology and digital spaces. She’s currently in-house counsel as a Senior Director at lululemon, where she manages the global compliance and privacy programs, technology contracting, and legal operations.
Mikel Pearce has spent his entire career servicing the insurance industry, both in private practice, and as in-house counsel. Mikel provides services to clients on both defence and coverage issues, on a variety of specialty lines insurance products, especially including Cyber and Privacy matters. Mikel has handled breaches of all shapes and sizes for a variety of organizations, and continues to help his clients navigate the ins and outs of privacy breaches.
Christopher has been working in cyber risk for twenty years, within a broad international client base. He has experience ranging from developing global information risk management methodologies to practically applying these frameworks to build and strengthen organizations’ cyber security programs. He helps to manage cyber risk in organisations, understanding the interrelationship with other risk disciplines and assisting with gaining business buy-in, through the assessment itself to reporting back to the board. For a number of years he led the Information Security Forum’s research into information risk, guiding the transition into cyber risk. With the ISF, he interfaced with practitioners from across the globe and became a leading authority within the field.
As General Counsel and Chief Privacy Officer at Vancouver Coastal Health (VCH), Steven manages legal risks in a board range of areas from commercial contracts and medical staff relations to privacy compliance and data governance.
As CPO, he has spent the last 10 years at VCH finding ways to facilitate the use of innovative technologies that enhance healthcare service delivery while addressing privacy and security risks. He led the development of the General Health Information Sharing Agreement (GHISA), an overarching agreement signed in 2013 between the BC Ministry of Health and all BC health authorities, which sets out a legal, policy and governance framework to manage the sharing of health information across the province for provision of care, research, quality improvement and healthcare planning. He played a key role in influencing recent changes to the Freedom of Information and Protection of Privacy Act that reformed its data residency provisions to better support health innovation and technology adoption.
Currently, he continues to provide leadership on various provincial committees that are building an access management framework to facilitate and govern information sharing for Primary Care Networks, a new model of health care that creates more coordination between acute and primary care providers to deliver more integrated, wholistic care to patients.
In addition to a Bachelor of Laws degree from UBC, Steven holds a Masters in E-Business law from Osgoode Hall Law School and a Bachelor of Commerce degree from UBC.