Now that Data Privacy Day, 28 Jan., is behind us, how did you celebrate? This year's theme was "Put Privacy First." For those of us in the privacy community, it's an important opportunity to raise awareness — not just internally within our organizations, but also with the public. It's also a chance to reflect on our work in protecting it, and for many of us, how we even ended up in this field in the first place.
Each Data Privacy Day, I find myself looking back on my own path to privacy. My major in university was geographic systems — I was fascinated by the intersection of data and mapping. Later, when I was working as a junior associate at a law firm, I pitched the idea of writing a book about privacy law in Canada — which is still updated and published annually, by the way.
At the time, a few people told me I would never make a living practicing in privacy law. Well, today, it's a growing field — just look at the rapid expansion of the IAPP's membership globally. Privacy professionals are responsible for more than ever, and assuming other critical and related responsibilities like artificial intelligence and data governance.
And there really isn't one single, clear cut route to becoming a privacy professional, which I think is one of the things that makes our community diverse, interesting and multidisciplinary.
For chief privacy officers, Data Privacy Day is a critical moment in time — one day a year when privacy is in the spotlight, offering them the chance to drive attention to privacy and highlight their role in helping their organizations achieve compliance. Many organizations took advantage of the day to hold internal learning events, using it as an opportunity to educate and encourage buy-in across all levels.
Regulators also marked the day. Information and Privacy Commissioner for British Columbia Michael Harvey called for amendments to the Personal Information Protection Act, Information and Privacy Commissioner of Ontario Patricia Kosseim hosted and broadcast an in-person event on the power of privacy enhancing technologies, and Saskatchewan Information and Privacy Commissioner Ronald Kruzeniski brought together regulators from multiple provinces for a webinar.
The Office of the Privacy Commissioner of Canada joined that webinar and also spoke with the federal access to information and privacy community, in addition to sharing a 79-page report from the Global Privacy Assembly's Policy Working Group on privacy as a fundamental human right, which included recommendations for reinforcing that idea.
As part of its efforts on Data Privacy Day, the IAPP updated its Global Privacy Law and DPA Directory showing 144 countries now have data protection laws in effect and several KnowledgeNet chapters — including Ottawa, Vancouver and Victoria — held events. If you haven't joined a local KnowledgeNet chapter yet, it's a great way to connect with peers. There are chapters across Canada, including in Montreal, Toronto, Calgary, Edmonton, Halifax, St. John's, Waterloo and Quebec City — so find one near you and get involved.
On 28 Jan., I spent time reflecting on how I got here, but I was also knee-deep in privacy audits, privacy impact assessments, breaches and event planning — including supporting the IAPP in its work to finalize the program for the IAPP Canada Privacy Symposium 2025.
We all know privacy isn't really a one-event-a-year thing. So please remember to mark your calendars for Symposium in Toronto, taking place 11-15 May 2025. Registration opens in February.
Kris Klein, CIPP/C, CIPM, FIP, is the managing director for Canada for the IAPP.
This article originally appeared in the Canada Dashboard Digest, a free weekly IAPP newsletter. Subscriptions to this and other IAPP newsletters can be found here.