This was a big week for my hometown, Ottawa. A number of relevant events took place and it feels like the momentum keeps building, though I’ve been saying that for about 25 years now.
To kick things off, at the beginning of the week, the Organisation for Economic Co-operation and Development gathered academics, policy leaders, industry folks and government leaders to talk about the future of its work. I was out of town, but I’ve heard the meetings were productive and that we can expect more news from the OECD in the near future.
Quick history refresher: In 1980, the OECD published the model framework for the protection of personal information. That same year, "Call Me" by Blondie topped the charts, shoulder pads and acid wash were in — I'm confused, are they back in? — and phones were stuck to the wall instead of our hands. The OECD's model framework included eight principles and, at the time, were seen as near perfect. Many countries and jurisdictions, including Canada, used them as the foundation for their data protection laws. Well, it's 2025 and a lot has changed since 1980 — except acid wash apparently. I'm encouraged to see the OECD is willing to review and re-visit their work to try and keep it as relevant today as their thought leadership was back in 1980.
On Wednesday and Thursday, the Office of the Privacy Commissioner of Canada hosted the data protection authorities as part of the G7 meetings held in Canada. To cap things off, there was a dinner hosted by Centre for Information Policy Leadership where our federal Privacy Commissioner, Philippe Dufresne, and Kate Jones from the U.K. Digital Regulation Cooperation Forum spoke about the future of regulatory enforcement and the growing need for meaningful collaboration.
It was enlightening for me to learn that even in Canada, our provincial and federal offices face some barriers they're interested in breaking down. Some regulators in Canada have more generous budgets and resources than others, so wouldn't it be great if they could find ways to increase knowledge and resource sharing with those offices that, for example, can't have an in-house technology lab to keep on top of AI and cyber developments?
I think this issue is relevant way beyond our privacy regulator community and should be a consideration for any regulatory body dealing with industries involved in data — and who isn’t? So, while some jurisdictions like Canada and the U.K. have started to build bridges and reduce barriers that exist with the competition, consumer protection, telecommunication and copyright regulators, there's still much work to be done. Aside from privacy, and while we're at it, I'd very much like to see the elimination of the trade barriers that prevent us from buying wonderful wines from different parts of the country. C'mon people. It's time to realize that these things are arbitrary, costly and anti-Canadian. Let's share our wealth in privacy and otherwise!
A couple of weeks ago, I wrote about how I think our regulators would benefit from more direct exposure to better understand the motives, pressures and compliance obligations that some of my clients endure. I even volunteered to arrange lunch and learns with, for example, the companies hired to negotiate with organized crime syndicates to return or destroy personal information they've stolen.
I got the sense from some of the proactive remarks at the CIPL dinner that workshops of this nature might be something industry and regulators would be willing to entertain, which I think is good progress. They do not want to be seen as having blinders on, they do want to learn, and they want their findings to carry weight. Let’s see if this idea gathers more steam.
And today, while this newsletter is hitting your inbox, I'll be attending an OPC Symposium organized on the heels of the G7 meetings, but this event is open to the public. We will be discussing the myriad of issues that our children and youth face in this era of exponentially rapidly changing technology that is almost all based on processing personal information.
As someone who was born in the 1970s, I’ve sometimes thought I’m witnessing some of the most dramatic changes in human society in all of history. But I suspect my kids, and their kids, are in for even more. Time, as always, will tell.
Kris Klein, CIPP/C, CIPM, FIP, is the managing director, Canada, for the IAPP.
