Notes from the IAPP Canada: A wonderful space for Canadian privacy professionals

Today, as part of its 25th anniversary, the IAPP is looking at its expansion into Canada. It's fitting because later today I'll recap our history and vision for the future at the inaugural Regina KnowledgeNet.

Looking back over the last 17 or so years, it seems obvious the IAPP would establish a strong presence in Canada. We had comprehensive privacy laws, one of which was recognized as adequate by the European Union. Canada was an early global leader in advancing the idea that privacy laws were actually a good thing. Our proximity to IAPP headquarters also made Canada, logistically, a natural place to invest in.

Canada has also always had a deep bench of privacy leaders. Former privacy commissioner of Canada Jennifer Stoddart tirelessly championed global interoperability, building bridges with international and domestic counterparts. Former privacy commissioner of Ontario Ann Cavoukian took privacy by design from an abstract idea to something organizations could actually use — and now it's even embedded into law in some jurisdictions. Former information and privacy commissioner for British Columbia Elizabeth Denham took on the massive challenge of leading the U.K. Information Commissioner's Office through Brexit and the pandemic. And in academia, Canada has consistently produced some of the most respected privacy experts — including Michael Geist, Valerie Steeves, Theresa Scassa, the late and great Ian Kerr, and so many others.

By 2007, any worry that privacy might not get off the ground as a profession had dissipated — thank goodness, since it was at that time that I left my secure job in government to launch my firm. The protection of personal information was becoming a very hot topic, with an evolving array of new and interesting challenges. I remember Rob Lowe's character on the "West Wing" saying privacy was the number one issue of our time.

There was no doubt IAPP Canada would grow. The demand was there, privacy in Canada was only becoming more complex and important, and we were home to some of the world's early global leaders in privacy. But seeing it develop into what it is today, with a dedicated curriculum, certification program and a well-established professional community, has been something wonderful to see and to be part of.

There wasn't a single moment when it clicked that IAPP Canada was here to stay, but it was more of a steady realization. I fondly recall a cross-country tour in the early days, when IAPP President and CEO J. Trevor Hughes, CIPP, and I did something like seven KnowledgeNets in seven days, from British Columbia to Quebec — and with plenty of stops in between to build momentum. The turnout, the energy and the depth of the discussions made it very clear that privacy professionals across Canada wanted and needed a community like this.

Then we held our first big Canadian event in Toronto, before IAPP Canada even officially existed. People loved having an event focused on privacy in Canada and they still do. The enthusiasm showed us that a dedicated IAPP Canada Symposium wasn't just possible, it was inevitable.

And then of course there's Hughes. When he and Peter Kosmala, CIPP/US, reached out to share ideas and help get things more officially off the ground, I didn't hesitate to get on the bandwagon … the enthusiasm was infectious. Hughes' leadership, vision and energy weren't just about launching IAPP Canada, they were about shaping the profession itself. And given that he's a proud Canadian, it was clear he understood the landscape from the start.

I think one of the IAPP's key contributions in Canada has been the strengthening of relationships between regulators and the profession itself, which I believe often results in greater cooperation and effective solutions. Canadian privacy commissioners have long emphasized the importance of well-trained privacy pros, including in their findings, and the IAPP was the first to offer structured, role-specific privacy training in Canada, giving people the opportunity to build their expertise and, in turn, helping privacy become a recognized profession.

But it's not just about the training. Through IAPP Canada events, certifications and networking opportunities, the IAPP has created a space for Canadian privacy professionals to connect, learn from each other and even influence the path forward on a myriad of privacy issues on a global stage.

It's been fun to look back through the IAPP's 25-year celebration, but it also makes me excited about what comes next. In the more immediate future, that's the IAPP Canada Symposium 2025 in Toronto in May. Looking forward to seeing many of you there, so make sure to register soon.

Kris Klein, CIPP/C, CIPM, FIP, is the managing director for Canada for the IAPP.