Ollie is a Partner at global law firm, Kennedys. He co-leads the data breach response team and has played an integral role in developing the firm’s global cyber practice. He has acted as breach coach for a wide variety of data breach incidents across all major sectors, including e-commerce companies, the leisure industry, professional service firms, healthcare entities and financial institutions.
Ollie also regularly advises a wide range of organisations on data privacy and security risks, and assists them with developing GDPR-compliant privacy policies and incident response plans. He also hosts a cyber podcast (Cyber Sounds) and is a regular speaker at cyber industry events.
Nicole Henderson is a Partner in the Litigation & Dispute Resolution group at Blake, Cassels & Graydon LLP.
Nicole litigates class actions and other complex disputes, including in the areas of cybersecurity, product liability, and competition. She also practises public law, including constitutional, administrative, regulatory and freedom of information matters.
In her cybersecurity practice, Nicole frequently advises organizations dealing with a data breach or information security incident. She also represents defendants in privacy class actions and regulatory investigations arising out of cybersecurity incidents.
Prior to joining Blakes, Nicole clerked at the Federal Court of Appeal.
Ms. Himo also advises clients daily on privacy matters arising from the collection, use and disclosure of personal data, privacy compliance programs, security breaches, cross-border discovery and investigations, cross-border data flow requirements, behavioural advertising, as well as compliance with Canada’s anti-spam legislation in a wide variety of industries.
She is also a breach coach who is frequently retained to advise clients with regard to cyber security breaches, assisting with forensics experts, public relations firms and various other specialists in the clients’ efforts to contain such breaches and to advise them on their notification requirements to the regulators across Canada. She is named as breach coach on numerous panels of various insurance carriers.
She also practises in commercial litigation, including in the context of class actions, in the areas of privacy law, access to information, as well as banking, directors and officers liability and corporate restructurings. She has also been involved in multijurisdictional fraud cases.
She chaired our Canadian cyber security, privacy and access to information team and served as Montréal litigation chair.
Sylvia has over 15 years‘ experience providing strategic, risk management and compliance advisory services, serving both the public and private sectors. She advises executive teams on data-driven digital strategies to support major business transformations in alignment with new regulations, policy and data governance trends, having successfully deployed data analytics platforms and national data registries.
Her specialty is transforming existing corporate compliance and privacy programs in response to internal audits, regulatory findings and investigations. She often deals with Privacy Commissioners remediating compliance orders, and has advised on some of the largest, high-profile data breach investigations.
Sylvia is a lawyer by training and often advises on the intersection of emerging technologies, trustworthy AI, ethical use of data, privacy and regulatory expectations. Her privacy career began at the Information Privacy Commissioner’s Office where she conducted extensive pan-Canadian privacy reviews involving consent management, cross-border data flows, data sharing models and outsourcing issues, and amended privacy regulations to enable registries to operate seamlessly for eHealth initiatives. She has advised organizations extensively on Privacy by Design and CASL requirements.
Sylvia launched the Privacy by Design Certification Program together with Dr. Ann Cavoukian, former provincial privacy regulator, for readiness against the new General Data Protection Regulation (GDPR), having successfully certified several global organizations for proof of compliance to privacy regulators.
Professional and Industry Experience – Highlights
- Interim Chief Privacy Officer, LifeLabs
- Canadian Chair, ISO PC/317 (31700) Consumer Protection: Privacy by Design for Consumer Goods and Services
- Advisor, CIO Strategy Council, CICSO 101:2019 Automated Decision Systems using Machine Learning, Ethics by Design and Ethical Use
- Advisor to Minister Bains’ Roundtable Consultations for Canada’s National Digital Strategy
- Special Advisor to the International Council on Global Privacy and Security by Design, advising on the deployment of privacy enhancing technologies involving AI, Big Data, & Ethics by Design
- Participant & Advisor, CPA Canada Foresight Roundtable: Reimaging the Profession
Digital Transformation, GDPR/PIPEDA/PHIPA/CASL/GLBA/HIPPA Compliance, Regulatory Change Management, Regulatory Exam Preparation & Remediation, Risk & Maturity Assessments, Audits and Control Frameworks, Enterprise-wide Compliance and Privacy Training Programs, Privacy and Compliance Strategy, Multi-Stakeholder Engagement/Management involving Modernization and Regulatory Issues Management, Privacy Target Operating Models, Ethical & Responsible Use of Data, Privacy Governance, Cross-Border Data Transfers, Data Residency/Localization Rules, Privacy Certifications, Data Sharing Agreements, Consent Frameworks, Incident & Breach Response.
Danielle Miller Olofsson is Chief Access to Information and Privacy Officer at Hydro Quebec where she is responsible for designing and overseeing the implementation of the organisation’s privacy and access to information programs. Prior to joining Hydro Quebec, Danielle worked as a lawyer advising clients on privacy compliance strategies. She holds a LLM from the Université de Montreal as well as a BcL and a LLB from McGill University. She teaches a Masters level class on technology and data protection at the Université de Montreal. She has published a number of articles and two books on the topic of privacy. Danelle holds IAPP certifications in Canadian, US, and European privacy laws as well as in privacy program management.
Carole is a managing partner at INQ Data Law. Carole’s practice concentrates on privacy, cyber readiness, data governance and artificial intelligence (AI) risk management. She regularly counsels clients on a wide range of matters related to privacy, cyber readiness and breach response, data governance, ethical AI and responsible innovation. Prior to founding INQ Law, Carole was co-lead of the national Cybersecurity, Privacy and Data Management group at McCarthy Tétrault. She has represented clients before all levels of court in Ontario as well as at the Supreme Court of Canada.
Carole plays an active role in shaping data law, policy and standards in Canada and globally. She is the co-chair of the government’s Exposure Notification application on behalf of the federal government. She also co-chairs the data governance working group for the Data Governance Standardization Collaborative at the Standards Council of Canada. She is a member of the Data Governance Working Group for the Global Partnership on AI, as well as an advisor to several AI start-ups.
In 2018, Carole was appointed by the federal Minister of Innovation to serve as one of six Digital Leaders in the national data and digital transformation consultations. As a Digital Leader, she led consultations with businesses, academics, civil society and industry associations to inform the first national Digital Charter that was announced on May 21, 2019. The Digital Charter has led to significant proposed reforms to Canada’s federal private sector privacy law.
Carole regularly teaches, speaks and writes on topics related to data law and AI. She is also co-editing a book on AI and law that will be published by Thomson Reuters in 2021.
Molly leads the privacy practice group at Torys. Her practice focuses on digital innovation, cyber-security, data protection and ethics, and privacy litigation. She regularly advises clients on privacy law compliance in their businesses and in the context of commercial transactions, as well as on data security best practices, breach response, regulatory investigations, and privacy class action defence. She represents clients in administrative proceedings under access to information, anti-spam, and privacy legislation, as well as in the context of civil litigation. Her dual call allows her to provide advice on personal information handling and marketing regimes that reflect and comply with Canadian and American privacy legislation.