On January 21st, the Ottawa Chapter of the IAPP KnowledgeNet co-hosted an extremely interesting panel discussion with the Organization of Women in International Trade (OWIT) Ottawa chapter and the Canadian Bar Association's International Law Section. Titled “Border Crossings: The Convergence of Trade, Privacy, and Cybersecurity in a Global Market Place,” the evening was held at the BLG Offices at the World Exchange Plaza in Ottawa and focused on the cybersecurity and privacy challenges faced when conducting international business. After the discussion, and several valuable questions from the audience, the discussions continued over drinks and appetizers.

After an introduction to the IAPP by Ottawa Co-chair Abigail Dubiniecki, CIPM, Amela Trhulj, a trade and economic counsellor with the Delegation of the European Union to Canada, presented on the privacy challenges and opportunities the lucrative EU market presents, in reference to the EU GDPR and the new Comprehensive Economic and Trade Agreement (CETA) between Canada and the EU. Following Amela, Wendy Wagner, President of OWIT-Ottawa and a partner with Gowlings, discussed the direct connection between privacy and trade, illustrating with examples under the Trans-Pacific Partnership, and in relation to export controls. 

Privacy challenges that the TPP raise include an effort to harmonize data protection laws across members states while prohibiting data localization restrictions. The objective is to promote the free flow of data across borders by establishing a minimum threshold for data protection laws that all TPP members must reach. While this threshold is lower for certain TPP members, such as Canada, it is higher for others. Rather than acting as a race to the bottom, she observed that this would actually require certain TPP members to harmonize up, by requiring them to meet these minimum standards. Wendy also touched on the Safe Harbour decision, noting that Canadian companies are not immune, since much of the data Canadian companies process will cross the Canada-U.S. border, whether through software or cloud as a service arrangements.

The roundtable continued with Francis Castonguay, a senior cybersecurity advisor for Cyber Risk Services with Deloitte taking the the microphone to discuss cybersecurity challenges. In addition to being an "ethical hacker," Castonguay demonstrated his extensive knowledge on the subject with a very interesting presentation, that brought in the wealth of his experience with cyber operations in the Canadian Armed Forces. Finally, to end the presentation, Kevin LaRoche, a partner with BLG's Intellectual Property and Cybersecurity Groups, spoke to the duty of care a company must be able to demonstrate in relation to cybersecurity practices. He cautioned that simply having state of the art technology is not enough. Using a short court room video, Mr. LaRoche plainly demonstrated the risk of litigation that resulted from a knowledge gap between what senior management thinks it is supposed to know in relation to the security of a customer's private data, such as what data a company collects, where it is located, and what companies must know and do to meet that duty of care. 

The evening concluded with informative discussions and networking over light snacks and drinks, which brought together the mix of privacy, cybersecurity and trade professionals who attended the KnowledgeNet. Many thanks to panel speakers and participants, and to the Canadian Bar Association's International Law Section and OWIT for co-hosting this event. For more information about OWIT, please click here for their newsletter and to learn more about the work they do to foster international trade and the advancement of women in business.