What do you do?
I am an advocate first and foremost. My cybersecurity practice includes everything from breach coach work to appellate litigation, but at every stage, I am thinking strategically about how to best position my clients for a win.
My practice has always been at the intersection of civil litigation and public law. I have been defending class actions since the beginning of my career, with a focus on areas with significant regulatory or public policy issues. In 2012, the Ontario Court of Appeal recognised a new privacy tort of intrusion upon seclusion, which sparked a proliferation of privacy class actions in Canada. That was my gateway into a cybersecurity practice.
What’s keeping you busy?
Privacy class actions are a significant part of my practice, and I am excited to have two appeals in this area coming up. I have also been spending more time doing breach response work of late – the pandemic has unfortunately created a lot of new opportunities for threat actors.
What mentors or other influential figures have helped you get where you are today?
My partner Cathy Beagan Flood has been an important mentor and champion of mine. She was instrumental in developing my interest in privacy law, and has been a role model as a litigator and as a person. At every stage of my career, I have also been fortunate to have developed close bonds with peers who have encouraged me and taught me so much. I am indebted to Brian Duong, Livia Aumand, and Erin Hoult.
If you could change one data-related law, how and why would you change it?
In my view, Canadian privacy law currently does not adequately recognise that personal information varies significantly in its sensitivity and potential uses. As a result, a lot of judicial resources are being tied up litigating privacy cases where there are no losses and frankly, not much interest from affected persons. I hope we will get some clarity from courts soon, particularly regarding the scope of the privacy torts that are recognised in Canada.
How has covid-19 affected what you do?
While sometimes collaborating with team members can be more challenging while working remotely, it has also opened up new opportunities for me to work with my colleagues in our offices across Canada. When everyone is working at home, there’s not much difference working with someone in Vancouver instead of someone who would ordinarily be down the hall in Toronto!
What’s the next big thing – what data opportunities are companies now looking at?
The covid-19 pandemic has spurred a great deal of innovation, in digital products and data management. As vaccines roll out and everyone is turning their minds to what ‘getting back to normal’ might look like, a lot of companies are focused on how to keep that momentum going. I expect we are going to see a permanent shift in the way that many companies of all sizes use data analytics to remain agile and react quickly to changes in the marketplace.
What’s keeping companies worried at the moment – what are some key data risks?
Unsurprisingly, the pandemic has presented new cybersecurity issues for most organisations. In addition to the new IT security challenges associated with transitions to a primarily remote workforce, there has been increased activity from threat actors and new types of attacks.
At the same time, in Canada, the federal government and some provinces are embarking on the process of reforming their privacy and data protection statutes, which is something I expect companies will have a careful eye on.
What do you do to relax?
An ideal evening or day off for me usually involves listening to new music, enjoying a glass of red wine, or having a laugh with my “urban family” of friends – and ideally all three at once! I’m looking forward to going to concerts again post-pandemic.