Cross-border Data Flows in a Fragmented World

Geopolitical tensions, shifting trade relationships, and an expanding web of national data sovereignty laws are forcing privacy officers to rethink how — and where — their companies and institutions move data across borders.

Canadian companies operating internationally face pressure from multiple directions: EU adequacy requirements, U.S. executive orders affecting data access, emerging data localization mandates in key markets, and evolving obligations under PIPEDA and Quebec's Law 25. The result is a fragmented regulatory landscape that demands strategic thinking about data architecture, vendor relationships, and organizational risk tolerance, and not just implementing privacy through compliance checklists.

In this session, privacy leaders from Canadian companies and institutions with international operations will share how they are navigating these challenges.

What you will learn:

• How geopolitical developments are driving real changes to data transfer mechanisms and standard contractual clauses.
• How to stress-test vendor and cloud contracts against emerging sovereignty risks.
• How to engage boards and senior leadership on data residency decisions and business trade-offs.
• What a durable, resilient cross-border data transfer strategy looks like in 2026.

Sponsored by: FTI Consulting