Privacy and Cybersecurity: Navigating Canada’s Evolving Legal Landscape

As far as David Goodis is concerned, there are few legal issues right now more important than the use – and potential abuse – of Canadian citizens’ private data.

Goodis has been an instructor at Osgoode since 2016, and he’s also one of the country’s foremost experts in privacy and cybersecurity . “Our data is being collected in greater amounts,” says Goodis, “and being used in new and more creative ways. And the laws surrounding it are evolving very fast. It’s just a fundamental legal issue of our time.”

So it’s not a surprise that Canada’s premier law school is getting ahead of that issue. Goodis is now joining Lyndsay Wasser – a partner at McMillan LLP, and head of that firm’s privacy and data protection group – as a co-director of Osgoode’s new continuing legal education (CLE) Certificate in Privacy and Cybersecurity Law.

The certificate program joins Osgoode’s LLM in Privacy and Cybersecurity Law, launched in 2019, in an effort to keep lawyers up to speed with an important and rapidly changing area of law.

“This is the reason Osgoode has developed these new programs,” says Goodis. “Understanding of cybersecurity in the legal profession still isn’t strong enough…not every lawyer can become a cybersecurity expert, but with data breaches on the rise and laws evolving, it’s important for many more to have a good solid background in it, to give informed advice to clients.”

Those data breaches range from small-scale cyber attacks to headline grabbing incidents, such as the LifeLabs hack several years ago, in which attacks on the medical-testing company compromised data belonging to millions of Canadians.

Then there’s the changing legislative landscape, with provincial governments and Ottawa rolling out new laws – including the federal Bill C-27 – that will significantly change the legal context in Canada.

“There’s an immense amount of guidance coming out of the various privacy commissioners,” says Wasser, “especially the office of the Privacy Commissioner of Canada. There are important cases happening all the time, court decisions and statutory changes. It’s almost a full-time job to keep up on all the various developments.”

Osgoode’s two-year LLM program is intended for professionals – both in law and in other fields, especially IT and business in general – who want to develop a thorough understanding of this fast-changing area, and plan to work directly in the field.

The CLE program is a quicker, five-week course designed for working professionals, including lawyers, IT consultants and managerial professionals, seeking a better understanding of the space. In five modules, it covers everything from the foundations of privacy law in Canada, to the up-to-date laws around data use and disclosure, to practical guidance on how to implement cybersecurity best practices.

The program also involves hands-on learning simulations with classmates, and one-on-one feedback from the program directors – who can offer not just academic expertise, but up-to-date real-world knowledge.

“The faculty are really experienced lawyers who can share the academic perspective – that is, what the laws say and the history – but also how this affects them and their clients,” says Wasser. “I think that’s a really valuable perspective for students from any field, who can learn from lawyers who are out there in the field, every day.”