20th Annual Privacy and Security Conference Looking Back and Leading Forward in a Digital World Feb.6-8, 2019, Victoria, BC

General Information

Privacy and data protection is the number one issue businesses around the world are facing. Personal privacy is at the forefront of information sharing and social media requirements. For the past 20 years, the Privacy and Security Conference has been the number one conference on the issues of privacy and security globally.

Presented by the Offices of the CIO and Corporate Information and Records Management, Ministry of Citizens’ Services, Province of British Columbia, this three-day conference attracts over 1000 delegates and 100 international subject matter experts. It provides essential education, training and opportunities for CPD credits for individuals who are responsible for the transformation of the public and private sector into the new digital economy.

Reasons to Attend

  • Timely, motivational presentations from leading industry experts
  • Learn about current trends, issues and actions
  • Valuable CPD credits to maintain a variety of qualifications essential for your career
  • Unparalled networking opportunities
  • Informative 3-hour pre-conference educational sessions and 1.5-hour panel sessions
  • Get immediate answers and solutions to issues current in your organization

 

Conference Rates*

Early Bird registration by December 14, 2018 Regular registration after December 14, 2018
Public Sector $750.00 CAD (plus GST) $925.00 CAD (plus GST)
Private Sector $850.00 CAD (plus GST) $1,250.00 CAD (plus GST)

*We are pleased to offer our Alumni program, providing a special rate to past attendees. Delegates who have attended this conference before will receive the special public sector price of $675 or private sector price of $795 when they register on or before September 28th. Please contact us for the promo code if you did not receive it by email.

Registration Fees Include

  • 2 plated lunches
  • All coffee breaks
  • All keynotes, plenaries, panel sessions and applied sessions
  • Pre-conference educational sessions
  • Access to networking lounges
  • Networking reception Thursday evening
  • Conference notebook
  • Conference materials
  • On-line access to presentations post-event

Social Media

Stay connected and engaged in the conversation leading up to and during the conference by following along on Twitter. Use the event hashtag to follow others who are already posting, and include it in your tweets to add to the existing discussions. The hashtag for this year’s conference is #PSV20th and our twitter handle is @Reboot_Comm. We would appreciate you sharing your voice with our other followers.

Victoria Conference Centre

There’s nowhere in the world like Victoria. It’s small yet sophisticated; a technology leader and an historic capital city; a vibrant business community yet surrounded by nature. At its heart is the Victoria Conference Centre – an exceptional experience for delegates and world-class support for planners.

Victoria Conference Centre
720 Douglas Street
Victoria, BC
V8W 3M7

Keynote Speakers

Nikolas Badminton

Futurist & Strategic Advisor

Robert Barton

Distinguished Systems Engineer, Cisco

Dr. Ann Cavoukian

Three-term Information and Privacy Commissioner of Ontario; Distinguished Expert-in-Residence, Privacy by Design Centre of Excellence, Ryerson University

Pam Dixon

Executive Director, World Privacy Forum

Preston Hogue

Senior Director of Security Marketing, F5 Networks

Jeff Jonas

Founder & CEO, Senzing

Scott Jones

Head, Canadian Centre for Cyber Security

Michael McEvoy

Information and Privacy Commissioner for British Columbia

Pamela Snively

Chief Data & Trust Officer, TELUS

Sir Rob Wainwright

Partner, Deloitte North-West Europe

John Weigelt

National Technology Officer, Microsoft Canada

Speakers

Erinn Atwater

Research Director, Open Privacy

Nikolas Badminton

Futurist & Strategic Advisor

Amir Belkhelladi

Partner, Risk Advisory Leader - Eastern Canada, Deloitte

Dr. Colin J. Bennett

Professor, Department of Political Science, University of Victoria

Benjamin Bergen

Executive Director, Council of Canadian Innovators

Dayna Beuthin

Senior Privacy Investigator, Corporate Information and Records Management Office, Ministry of Citizens’ Services, Province of BC

Joni Brennan

President, Digital ID & Authentication Council of Canada (DIACC)

Bonnie Butlin

Co-Founder & Executive Director, Security Partners’ Forum

Scott Carroll

Senior Privacy Investigator, Corporate Information and Records Management Office, Ministry of Citizens’ Services, Province of BC

Jill Clayton

Information and Privacy Commissioner, Office of the Information and Privacy Commissioner for Alberta

Dr. John Comiskey

Professor, Monmouth University; Former Lieutenant, New York Police Department

Dr. Martin Dawes

Chief Scientific Officer and Co-Founder, GenXys Health Care Systems

Pam Dixon

Executive Director, World Privacy Forum

Kimberley Dray

Senior Information Security Analyst, University of Victoria

Joyce Drohan

Partner, Omnia Artificial Intelligence BC Leader, Deloitte

Dr. Jay Fedorak

Information Commissioner, Office of the Information Commissioner, Jersey (Channel Islands)

Michael Fenrick

Partner, Paliare Roland Rosenberg Rothstein LLP

Dr. Teri Fisher

Physician and Clinical Assistant Professor, University of British Columbia; Founder & Host, Voice-First Health and Alexa in Canada

Dr. David Flaherty

Former Information and Privacy Commissioner for BC

Dr. Robert Fraser

President and CEO, Molecular You

David Furlonger

Distinguished VP, Analyst, Gartner

J. William Galbraith

Executive Director, Office of the CSE Commissioner

Bob Gordon

Executive Director, Canadian Cyber Threat Exchange (CCTX)

Robin Gould-Soil

Chief Privacy Officer, HSBC Canada

Jane Hamilton

Senior Policy Advisor, Innovation, Science and Economic Development Canada

Megan Hetherington

Privacy Investigator, Corporate Information and Records Management Office, Ministry of Citizens’ Services, Province of BC

Najo Ifield

Member of the Executive Committee, Outreach Chair, Control System Cyber Security Association International

Keith Jansa

Vice President, Standards and Innovation, CIO Strategy Council

Scott Jones

Head, Canadian Centre for Cyber Security

John Jordan

Executive Director, Emerging Digital Initiatives, Ministry of Citizens’ Services, Province of BC

Sheila Jordan

CIO, Symantec Corp

Dr. Satyamoorthy Kabilan

Vice President, Policy, Public Policy Forum; Former Director, National Security and Strategic Foresight, The Conference Board of Canada

Dom Kapac

Senior Security Analyst, Ministry of Transportation and Infrastructure, Province of BC

Vivek Khindria

CISO, Loblaws

Nathan Kinch

Co-founder and CEO, Greater Than X

Dr. Alena Kottova

Sessional Professor, University of Victoria, Faculty of Engineering; Vancouver Island University, Department of Computing Science

James Krull

Information Security Officer, Government Digital Experience Division, Ministry of Finance, Province of BC

Hayden Lansdell

Executive Lead, Integrated Data Division, Province of BC

Glenn Lanteigne

President & CEO, Tectonic Advisory Services Inc.

Dr. Victoria Lemieux

Chief Information Security Officer, Molecular You; Cluster Lead, Blockchain@UBC

Christian Leuprecht

Professor, School of Policy Studies, Queen’s University

Dave Lewis

Global Advisory CISO, Duo Security, Cisco

Holly Longstaff

Research Privacy Advisor, Provincial Health Services Authority

Dr. Catalina Lopez-Correa

Chief Scientific Officer & Vice-President Sectors, Genome BC

David Loukidelis

David Loukidelis Privacy & Access Consulting Services; former BC Information and Privacy Commissioner

Erwin Malzer

Healthcare Transformation Advocate

Drew McArthur

Principal, The McArthur Consulting Group

Michael McEvoy

Information and Privacy Commissioner for British Columbia

Dr. Kimberlyn McGrail

Scientific Director, Population Data BC; Associate Professor, UBC School of Population and Public Health

Coleman Mehta

Senior Director, Policy, Palo Alto Networks

Dr. Michele Mosca

Professor, Combinatorics and Optimization, University of Waterloo; Co-founder, Institute for Quantum Computing, University of Waterloo

Dr. Kenneth A. Moselle

Director, Applied Clinical Research Unit, Island Health

Shankar Narayan

Technology and Liberty Project Director, American Civil Liberties Union of Washington

Danielle Naylor

Senior Privacy Investigator, Corporate Information and Records Management Office, Ministry of Citizens’ Services, Province of BC

David O'Toole

President and CEO, Canadian Institute for Health Information

Cristina Onosé

Director of Government Relations, Canadian Marketing Association

Dr. Christopher Parsons

Research Associate, The Citizen Lab, Munk School of Global Affairs and Public Policy, University of Toronto

Ryan Patrick

Supervisor, Transportation Management Centre, City of Winnipeg

Gary Perkins

Executive Director, Chief Information Security Officer, Ministry of Citizens' Services, Province of BC

Ray Pompon

Principal Threat Research Evangelist, F5 Networks

Richard Purcell

CEO, Corporate Privacy Group

CJ Ritchie

Government Chief Information Officer, Ministry of Citizens’ Services, Province of BC

Yoel Robens-Paradise

VP, Clinical Systems Transformation and Health Information Management, Providence Health Care

Rachel Roy

Partner, Allevato Quail & Roy

Sherry Rumbolt

Senior Information Security Officer, Western Region, Department of National Defence

Karen Sandhu

Director, Diversity & Inclusion, ISACA Vancouver Chapter (SheLeadsTech Vancouver)

Dr. Stephanie Simmons

Assistant Professor of Physics and Canada Research Chair in Quantum Nanoelectronics, Simon Fraser University

Shelly Smith

Records & Information Management Coordinator, City of Winnipeg

Pamela Snively

Chief Data & Trust Officer, TELUS

Ajay Sood

VP, Country Manager, Symantec Canada

Jennifer Stoddart

Former Privacy Commissioner of Canada

Dr. Kelly Sundberg

Associate Professor, Mount Royal University

Rachel Tobac

CEO, SocialProof Security; Chair of the Board, Women in Security and Privacy (WISP)

Ashley Tolbert

Cyber Security Engineer and Researcher, Stanford University

Jeannette Van Den Bulk

Deputy Commissioner, Office of the Information and Privacy Commissioner for BC

Paul Vane

Deputy Information Commissioner, Office of the Information Commissioner, Jersey (Channel Islands)

Micheal Vonn

Policy Director, BC Civil Liberties Association

Mitch Wexler

Principal, Politrain Consulting

John Wunderlich

Chief Privacy Officer, JLINC Labs
Print Agenda

*Invited Speaker

Wednesday, February 6, 2019

8:00am

Registration Desk Opens

9:00am - 12:00pm Theatre

OneTrust presents:

9:00am - 12:00pm Saanich 1 Room

GDPR for Beginners

An interactive session which takes participants on a GDPR journey. It is all too easy to become embroiled in everyday data protection complexities. Attendees will benefit from getting back to basics and then diving a little deeper into a range of topics.

This is an opportunity to reinforce your GDPR knowledge; what is your understanding of each of the principles? Participants will have the opportunity to act as Information Commissioners to assess the correct applications of ‘Data Subject rights’. Cross-border transfers will be discussed and debated with attendees.

9:00am - 12:00pm Saanich 2 Room

BC Ministry of Citizens’ Services – Privacy, Compliance and Training Branch presents: Information Incident Tabletop Workshop

Improve your information incident response skills in an interactive workshop hosted by the Investigations Unit of the Privacy, Compliance and Training Branch. This tabletop workshop will focus on the information incident response process and cover the steps required for reporting, recovering, remediating, and preventing privacy breaches. Participants will have the opportunity to act as investigators during several hands-on simulations to develop their privacy knowledge-base and gain a better understanding of the resources available to them when involved in an information incident.

*Max. 25 attendees – will be repeated in afternoon*

8:30am - 12:00pm Oak Bay Room

BC Ministry of Citizens’ Services – Information Security Branch presents: Breach the Network and Win 1st Prize (Basic Level)

Hack your way in at Victoria’s 20th Annual Privacy and Security Conference. Expect a fun, challenging, educational and team-building event, designed for people with entry-level to advanced hacking skills.

Teams of 4 will work together to break through cyber defenses, disrupt a virtual company and capture their secrets. Be part of the winning team and take home the coveted 1st prize.

Two sessions are scheduled for February 6th, 2019, each lasting 3.5 hours. The morning session deals with more basic level hacking skills while the afternoon session will discuss more advanced level attacks.

Participants play the role of the cyber criminals trying to break into the target organization's IT infrastructure. The target is composed of firewalls, routers, servers and desktops in a complex and realistic but safe environment. By working in teams everyone contributes the skills they have - and will learn from each other.

Teams work together to be the first to break through to each stage, gather points, and win the challenge. The network will be available throughout and the winner of the prize will be announced at the end of the conference.

Maximum 40 people for the workshop but the network will be open to all who wish to hack the lab network. However, only up to 5 teams can be registered so register early!

The first workshop on Basic level hacking skills will start at 8:30am and the Advanced level will start at 1pm.

Participants must bring their own laptop, laptops will not be provided. Recommended OS is Kali Linux.

Upon attending this workshop, participants will be able to:
• Understand how hackers use tools and techniques to exploit vulnerabilities in computer systems;
• Where authorized, use specific tools and techniques to test system security in their organizations;
• Understand how to better protect systems from attack;
• Call on others from the event for advice and help.

9:00am - 12:00pm Esquimalt Room

BC Ministry of Citizens’ Services – Privacy, Compliance and Training Branch presents: Unpacking PIAs

The Privacy Impact Assessment (PIA) is a helpful tool in any organization – when wielded properly. The PIA can make the difference between a privacy-invasive and a privacy-enhancing initiative – without compromising business objectives or adding significant costs. It can be an educational tool or serve business and project planning needs.

This workshop is for those who have never written a PIA and for the more seasoned PIA writers. You will walk away from this workshop equipped with a deeper understanding of the intent behind each section of the BC Government’s PIA template. In particular, you will be able to:
• Identify privacy risks within a project;
• Identify personal information, including the potential for the mosaic effect;
• Document the entire data flow of a project;
• Figure out if a project is a data-linking initiative or a common or integrated program;
• Write a compliant collection notice; and
• Identify personal information banks.

Join us for a lively discussion on PIAs so that the next PIA you draft will go smoothly.

9:00am - 12:00pm Sidney Room

BC Ministry of Citizens’ Services – Information Security Branch presents: Digital Trust Hands-On: Learn How to Join the Verifiable Organizations Network

A hands-on workshop covering both business and technical aspects of an organization becoming a participant in the Verifiable Organizations Network (VON). Attendees will gain insight into both business and technical aspects of a Hyperledger Indy based solution.

The attendees will learn how to deploy an organizational Hyperledger Indy based VON-X Issuer/Verifier service, so they can get hands-on experience about what it would take to on-board a permit service onto VON. Their service will issue Verifiable Credentials to TheOrgBook and enable a permitting workflow. The attendees will consider the business context - how would this affect existing workflows within their organizations, what would the value be to their business? They’ll also see the technical components in action - what’s involved in becoming an organization that consumes Verifiable Claims, and that issues Credentials.

Bring your laptop!

9:00am - 12:00pm Colwood Room

Ethics Pre-Conference Educational Training Session

1:00pm - 4:00pm Theatre

Microsoft Presents:

1:00pm - 4:00pm Saanich 1 Room

Sponsor - TBD

1:00pm - 4:00pm Saanich 2 Room

BC Ministry of Citizens’ Services – Privacy, Compliance and Training Branch presents: Information Incident Tabletop Workshop

Improve your information incident response skills in an interactive workshop hosted by the Investigations Unit of the Privacy, Compliance and Training Branch. This tabletop workshop will focus on the information incident response process and cover the steps required for reporting, recovering, remediating, and preventing privacy breaches. Participants will have the opportunity to act as investigators during several hands-on simulations to develop their privacy knowledge-base and gain a better understanding of the resources available to them when involved in an information incident.

*Max. 25 attendees *

1:00pm - 4:30pm Oak Bay Room

BC Ministry of Citizens’ Services – Information Security Branch presents: Breach the Network and Win 1st Prize (Advanced Level)

Hack your way in at Victoria’s 20th Annual Privacy and Security Conference. Expect a fun, challenging, educational and team-building event, designed for people with entry-level to advanced hacking skills.

Teams of 4 will work together to break through cyber defenses, disrupt a virtual company and capture their secrets. Be part of the winning team and take home the coveted 1st prize.

Two sessions are scheduled for February 6th, 2019, each lasting 3.5 hours. The morning session deals with more basic level hacking skills while the afternoon session will discuss more advanced level attacks.

Participants play the role of the cyber criminals trying to break into the target organization's IT infrastructure. The target is composed of firewalls, routers, servers and desktops in a complex and realistic but safe environment. By working in teams everyone contributes the skills they have - and will learn from each other.

Teams work together to be the first to break through to each stage, gather points, and win the challenge. The network will be available throughout and the winner of the prize will be announced at the end of the conference.

Maximum 40 people for the workshop but the network will be open to all who wish to hack the lab network. However, only up to 5 teams can be registered so register early!

The first workshop on Basic level hacking skills will start at 8:30am and the Advanced level will start at 1pm.

Participants must bring their own laptop, laptops will not be provided. Recommended OS is Kali Linux.

Upon attending this workshop, participants will be able to:
• Understand how hackers use tools and techniques to exploit vulnerabilities in computer systems;
• Where authorized, use specific tools and techniques to test system security in their organizations;
• Understand how to better protect systems from attack;
• Call on others from the event for advice and help.

1:00pm - 4:00pm Esquimalt Room

BC Ministry of Citizens’ Services – Privacy, Compliance and Training Branch presents: How to be a Privacy Officer

Designating a Privacy Officer is a key aspect of any privacy management program, and empowering that Privacy Officer with clear role definition ensures success. But what does it mean to be a Privacy Officer? This workshop will walk through the roles and responsibilities of this type of position and provide tips on how to establish a privacy culture within your organization.

This workshop is useful for those currently in the role who want to sharpen their skills or those who aspire to be future Privacy Officers and want to learn more about the role. We’ll offer some practical tips along with insight into how Privacy Officers fit into an organization’s overall privacy management program.

This session will address topics such as:
• What is a privacy management program?
• PIAs, privacy breaches, training and contracts
• Program measurements
• Influencing a positive privacy environment

Join us for an informative discussion on this critical position.

1:00pm - 4:00pm Sidney Room

TBD

1:00pm - 4:00pm Colwood Room

BC Ministry of Citizens’ Services – Information Security Branch presents: YOU are the Alpha and Omega of a Secure Future: Explore, Understand and Practice Your Role in Advancing a Positive Cybersecurity

This seminar provides an opportunity to explore in depth the weakest link of cybersecurity – individual’s digital habits and behaviors. Through a number of practical activities and games we will address the ethical issues related to cybersecurity and test several simple ethical decision-making techniques and guides. Investigation of privacy and anonymity helps us to understand, navigate and manage the risks we are exposed to from malicious players. This workshop is a session with professional representatives who will provide different viewpoints from their positions in the industry and academia. In bringing theory and practice together for discussion, the audience will learn about real life experiences and key factors for achieving successful transition to ethically responsible digital citizen.

After attending this workshop, participants will be able to:

• Understand the digital landscape and the role individuals play in creating secure future.
• Realize that many of the questions to ask in respect of secure digital future are related to Ethics and ethical decision-making.
• Be familiar with simple ethical decision-making process
• Know what to expect from malicious players and recognize when targeted.
• Identify how and why an individual’s security may be in danger of being compromised.
• Understand the essential difference between privacy and anonymity.
• Understand the different professional perspectives on the impact of user’s digitally improper habits.
• Clearly understand how to implement and recommended to others the steps required of ethical digital citizens.
• Plan for managing personal digital footprint and adjust behavior respecting the realities of cyber-connected world.
• Understand and see in action a variety of methods to improve the quality of cybersecurity training in their organizations.

Thursday, February 7, 2019

7:30am

Registration & Networking Lounge Open

8:15am - 8:20am Carson Hall (Salon ABC)

Call to Conference - Master of Ceremonies

8:20am - 8:30am Carson Hall (Salon ABC)

Welcome Remarks

8:30am - 8:45am Carson Hall (Salon ABC)

Welcome Remarks

8:45am - 9:25am Carson Hall (Salon ABC)

Keynote Presentation: Big Data, Big Responsibility

The EU’s General Data Protection Regulation (GDPR) went into effect May 25, 2018. The new California Consumer Privacy Act (CCPA) comes into effect in 2020. With these and similar laws come big responsibilities for organizations. Jeff Jonas, data scientist and Privacy by Design (PbD) advocate, will do a deep dive into this new law and its ramifications to the data management community, including some "gotchas" that will likely cause even the best GDPR programs to unwittingly fall out of compliance.

9:25am - 10:00am Carson Hall (Salon ABC)

Keynote Presentation

10:00am - 10:15am Upper & Lower Foyers

Morning Break

10:15am - 10:45am Salon A

Concurrent Keynote Presentation by F5 Networks

10:15am - 10:45am Salon B

Concurrent Keynote Presentation by Deloitte

10:15am - 10:45am Theatre

Concurrent Keynote Presentation by IBM

10:50am - 12:05pm Salon A

Concurrent Panel Session - Panel A: Artificial Intelligence - Should Canada Be A Leader Developing Ethical Standards For AI?

Will Canada’s adoption of AI in the Public Sector ensure it is governed with clear values, ethics, and law in accordance with human rights? The government wants to use AI to predict outcomes and gain deeper insights into behavioural patterns and trends. The government wants to use AI to improve its interaction with citizens. The government wants to offload low-value tasks from employees and make business process more efficient.

How will artificial intelligence affect our lives? We could build a richer society and perhaps enjoy a shorter working week, but there are countless pitfalls to avoid and they are not trivial. Hamfisted moves that lead to routine exploitation in our daily lives that leave society more divided than ever and threaten the fundamentals of democracy.

10:50am - 12:05pm Salon B

Concurrent Panel Session - Panel B: GDPR: Why Should You Care?

With so many digital channels and technological advances, we provide and create more data than ever before and it’s vital this data is treated with respect. Organizations, both large and small, need to ensure they are taking the necessary steps in protecting their customers’ valuable information from exposure to potential threats around the world. Why is this necessary? Data Protection Agencies and customers around the world are demanding it…..and there are stiff penalties for ignoring these requirements. All companies, no matter where they are located, that have European customers and require access to personal data from Europe must comply with GDPR regulations, or face great financial consequences. Panelists will discuss the reasons behind GDPR regulations, how to ensure your organization is fully compliant and the risks of ignoring the requirements of this new piece of important legislation.

10:50am - 12:05pm Theatre

Concurrent Panel Session - Panel C: Should Your Health Data Be Managed on A Blockchain?

Blockchain has promise to overcome many of our current healthcare data and records management challenges. This includes overcoming digital health data silos, to providing users with greater control and security assurance of their health data/records, to streamlining the consent process for sharing of health data in healthcare research. But is it really stable and secure enough for our health data and medical records? Blockchain technology creates an immutable and transparent record of a transaction. Is it possible to reconcile these features with protection of personal privacy? It’s also complicated for the average user to use. Are people ready to take on this level of complexity?

Personalized medicine relies upon the application of big data analytic techniques. Can these techniques be applied to data that is decentralized and distributed over a blockchain network? This panel discussion considers active research on the application of blockchain technology to the management health data and records. Each of the panelists is actively engaged in research to answer these questions whether our health data should be managed on a blockchain and, if so, how it should be managed.

10:50am - 12:05pm Salon C

Concurrent Panel Session - Panel D: Shining a Light on the Encryption Debate

In a world of increasing cyber threats, access to and the use of strong encryption technology is essential to secure digital transactions, ensure public safety and protect national security interests. However, the same data encryption that protects us also makes it difficult for police and other state agencies to gather intelligence on those who might be instigating the cyber threats in the first place. Strong data encryption protects individuals and their right to privacy, but some governments have called for limits on the public availability of this technology. Do the interests of national security override the right to personal privacy, or should individual rights be maintained at all costs, even if it is to the detriment of a country and its government?

12:05pm - 1:20pm Carson Hall (Salon ABC)

Luncheon Keynote Presentation: The Citizen Panopticon: Security and Privacy in 2030

Nikolas Badminton will discuss how our current trajectory towards a world where data, privacy, surveillance, and our human rights is being undermined by big tech and bigger government. He'll also talk about how we can prepare for a more equal future and empower people to be in charge of their own destinies.

12:05pm - 1:20pm Crystal Ballroom

Networking Luncheon

1:20pm - 1:55pm Carson Hall (Salon ABC)

Keynote Presentation by OneTrust

2:05pm - 2:35pm Salon A

Applied Session - TBD

2:05pm - 2:35pm Salon B

Applied Session by Cisco - Zero Trust & The Flaming Sword of Justice

Security breaches pervade the headlines. What was seen as a rare instance just 5 years ago now seems to occupy the daily news cycle. A lot of these data breaches are made possible due to missteps and misconfigurations. There are many security issues that are introduced into website authentication mechanisms that further compound the security issues in addition to enforcing bad behavior by the end users. Security debt is a real problem for the vast majority of organizations in the world today and the attackers will utilize this to their advantage. In addition to keeping system hygiene at front of mind defenders need to focus on proper network zone segmentation or, as it more popular term these days, zero trust networks. The old conceptual style of a castle wall and moat to defend a network was deprecated several years ago. As a result of the dissolution of the traditional perimeter a stronger focus has to be placed on the strength of authentication, authorization and trust models for the users.

The antiquated notion of an information security practitioner running through the office brandishing their flaming sword of justice above their heads screaming “thou shall not pass” has at long last reached the denouement. Whether you are responsible for the security in a financial organization or one that makes teddy bears it is necessary to adapt and learn to trust but, verify.

2:05pm - 2:35pm Salon C

Applied Session - Privacy Engineering: Myth, Aspiration or Job Description?

Privacy in the enterprise is moving front and center to operational concerns. A privacy program can move beyond legal compliance and build privacy into infrastructure, operations, and development the typical purview of process improvement consultant, network/systems administrators, and software engineers. Standards and practices are emerging for this new field which some are calling privacy engineering. This keynote will share with you how these disparate disciplines can come together to take your privacy program to the next level.

2:05pm - 2:35pm Theatre

Applied Session by IBM

2:05pm - 2:35pm Saanich Room

Applied Session - TBD

2:35pm - 2:50pm Upper & Lower Foyers

Afternoon Break

2:50pm - 4:05pm Salon A

Concurrent Panel Session - Panel A: FinTech: Perils and Opportunities

The rapid and often disruptive development of technological advances is fundamentally changing the financial landscape by altering the interaction between customers and providers of financial services, lowering the barriers for new entrants, and enabling the emergence of new business models and ecosystems. Banks have to adapt to the new competitive environment by becoming trusted custodians of clients’ financial data while at the same time intelligently analyzing their data and behavior to anticipate needs and deliver tailor-made solutions while ensuring they mitigate and manage cyber risk.

2:50pm - 4:05pm Salon B

Concurrent Panel Session - Panel B: Women in Technology: Creating a New Normal

What would a more gender-inclusive technology sector look like and act like? This engaging panel will discuss the unique challenges and barriers women in technology and security face today. They’ll share their advice on how to break stereotypes, how to get more women into tech and how to promote and support women already in the field. Join us for a nuanced discussion on redefining the new normal.

2:50pm - 4:05pm Theatre

Concurrent Panel Session - Panel C: Smart Cities: Soon to Be a Reality, But Are We Ready for Them?

The 21st-century knowledge-based and data-driven economy is all about IP and data. “Smart cities” are the new battlefront for big tech because they serve as the most promising hotbed for additional intangible assets that hold the next trillion dollars to add to their market capitalizations. “Smart cities” rely on IP and data to make the vast array of city sensors more functionally valuable, and when under the control of private interests, an enormous new profit pool.

As the world becomes increasingly digital, almost all aspects of our lives will be affected, including the cities we live in and how they are managed. Private companies have developed the technology and are ready to forge ahead to demonstrate how emerging technologies can make cities more affordable, easier to travel within and more environmentally sustainable. Government has fallen behind in this area, as it scrambles to keep up with the pace of change. Rules and regulations need to be quickly put into place surrounding the data this new technology generates. Who does this data belong to? Who has access to it? Where is it stored? Who will benefit from the data? Who monetizes the data and what are some of the ethical issues surrounding it?

2:50pm - 4:05pm Salon C

Concurrent Panel Session - Panel D: Healthcare: Protecting the Most Sensitive Data

Electronic health records and other advances in health information technology can enhance and facilitate access to information, clinical investigations, diagnosis, treatment, and patient outcomes allowing doctors, medical researchers and patients around the world to benefit from this information.

There is no doubt that access to data can improve healthcare immensely, but what are we doing to protect people’s valuable personal information from those who seek to use it for destructive purposes? Data breaches occur on a daily basis, continually putting our sensitive information at risk. Doctors and hospitals are ultimately responsible for protecting this information, but how do they ensure privacy and instill confidence in their patients?

4:15pm - 5:15pm Carson Hall (Salon ABC)

Panel Session - 20 Years of Privacy & Data Protection

5:15pm - 5:20pm Carson Hall (Salon ABC)

Day 1 Closing Remarks

5:20pm - 6:00pm Upper Foyer

Networking Reception

Friday, February 8, 2019

7:45am

Registration & Networking Lounge Open

8:30am - 8:35am Carson Hall (Salon ABC)

Administrative Announcements

8:35am - 8:55am Carson Hall (Salon ABC)

Opening Introductions

8:55am - 9:30am Carson Hall (Salon ABC)

Keynote Presentation

9:30am - 10:05am Carson Hall (Salon ABC)

Keynote Presentation by Microsoft

10:05am - 10:25am Upper & Lower Foyers

Morning Break

10:25am - 10:55am Salon A

Concurrent Keynote Presentation by Cisco: Security in the Age of Cyberwarfare

As the world is becoming hyperconnected new efficiencies and opportunities are emerging, however this increases the risk of cyberattack. In both industry and government innovative strategies are being developed to leverage cybersecurity architectures to protect critical infrastructure effectively and efficiently.

Rob Barton will lead us through a series of instructive use cases to highlight the opportunities and threats.

10:25am - 10:55am Salon B

Concurrent Keynote Presentation by TELUS

10:25am - 10:55am Theatre

Concurrent Keynote Presentation by PwC

11:00am - 12:15pm Salon A

Concurrent Panel Session - Panel A: Politics and Privacy Regulation

The Facebook/Cambridge Analytica controversy reveals that political parties and campaigns thrive on personal data. Politicians require businesses and public agencies to follow privacy laws to ensure personal information is kept secure and not improperly used. However, in Canada at least, political parties are not subject to the same level of scrutiny when it comes to how they collect, store and use people’s data. A House of Commons committee has recently recommended significant changes to Canada’s privacy laws, including tighter restrictions on political parties, in order to protect Canadians’ privacy and the country’s democratic voting system. Should political parties be subject to the same privacy protection rules as apply to government agencies and the corporate sector? Or are there essential differences that call for a different set of expectations and legal requirements?

11:00am - 12:15pm Salon B

Concurrent Panel Session - Panel B: Genetic Privacy and Genomic Driven Medicine – “Big Pharma Would Like Your DNA”

Precision medicine allows medical professionals to analyze a person’s genetic makeup and target treatments based on their specific needs. This new technology will not only assist in diagnosing and preventing genetic diseases, but it will also help prevent adverse drug reactions, the 4th leading cause of death in Canada. While the idea of individualized healthcare brings great hope, there are still a number of hurdles that must be overcome. In order for precision medicine to be successful, individuals must be willing to give up their genetic privacy to be used for scientific purposes. How will this valuable data be stored and protected and how can we be sure our genetic data cannot be used against us in the future?

11:00am - 12:15pm Theatre

Concurrent Panel Session - Panel C: Is Canada a Global Leader in Cyber Security?

The Government of Canada’s national cyber security strategy outlines a working relationship with the provinces and private sector to improve cyber security in the country. The strategy promises a commitment to support advanced research, foster digital innovation and assist in developing cyber skill and knowledge to position Canada as a global leader in cyber security.

Cyber security is driving innovation and economic activity in Canada and contributes $1.7 billion to Canada’s GDP and provides over 11,000 jobs. The global cyber security industry is expected to grow 66% by 2021. Governments, academia and the private sector can collaborate to create new opportunities, investment and foster leading-edge research and development.

This panel will discuss the new Government of Canada cyber security strategy and outline the benefits and challenges it provides in positioning Canada as a global leader in cyber security.

12:15pm - 1:30pm Carson Hall (Salon ABC)

Luncheon Keynote Presentation

12:15pm - 1:30pm Crystal Ballroom

Networking Luncheon

1:40pm - 2:10pm Salon A

Applied Session: The CX of Privacy: A Practical Workshop

With privacy moving to the forefront of people's minds all around the world, many organisations are scratching their heads - searching for ways make data sharing (or a lack of it) valuable, meaningful and engaging for their customers. This goes beyond static policies. It's about operationalising strong data ethics. It's about bringing to life proactive privacy and security. It's about making privacy part of the value proposition. It's privacy as a competitive advantage.

“Years ago I urged people to embed Privacy, by Design. With trust at an all-time low, it's now time to design for trust. And the best way to overcome the trust gap is with Data Trust by Design. This is an essential ingredient to enabling user empowerment."
— Ann Cavoukian, Ph.D., LL.D. (Hon.), M.S.M. Privacy by Design Centre of Excellence, Ryerson University

In this hands on workshop Nathan Kinch, CEO of Greater Than X, will guide you through a practical Data Trust by Design activity. Together we'll produce trustworthy outputs that inform, empower and enable people to make simple and active choices about how their data is an isn't used.

1:40pm - 2:10pm Salon B

Applied Session by TBD

1:40pm - 2:10pm Salon C

Applied Session

1:40pm - 2:10pm Theatre

Applied Session by PwC

1:40pm - 2:10pm Saanich Room

Applied Session by RSA

1:40pm - 2:10pm Oak Bay 1

“Real-World” De-Identification of Transactional Data Extracted from Electronic Health Records - Breaking the Curse of Dimensionality

This presentation focuses on data de-identification challenges associated with research uses of transactional datasets extracted from electronic health records (EHRs) for the express purpose of deriving information products capable of informing decision-making at the level of individual patient care. When information used to derive such products (e.g., clinical prediction models) are transactional by nature and architecture (e.g., EHR data extracts) then the analytical work will almost invariably require high-dimensional (multivariate) datasets. These data must preserve distinguishing features of patients, and they are vulnerable to what has been termed the “curse of dimensionality”, which manifests as unacceptably high levels of information loss when ‘classic’ statistically-based data de-identification methods are employed. Nevertheless, when access adjudicators require an ‘objective’ demonstration that data to be disclosed are ‘free’ of Personal Information, of necessity some version of a classic method is likely to be invoked, in which case the curse may impact decisively on data integrity and access. The Applied Clinical Research Unit (ACRU) in Island health is developing a “meta-de-identification” model (principles, procedures, and operational definitions) that wraps around statistically-based de-identification protocols. The additional components delineate a structured procedure for translating statistical estimates of re-identifiability (theoretical risk) into a contextualized assessment of the likelihood of risk actualization. As well, this meta-framework challenges the usual assumption that full de-identification must precede researcher access. An inverted de-identification workflow leverages off knowledge generated by researchers’ modeling activities, performed with nominally de-identified data, to set utility constraints on more robust data de-identification protocols intended to support open access. This workflow, supported by the “meta-de-identification” model, is designed break the curse of dimensionality as it relates to de-identification of transactional health datasets. The model will be illustrated with “real-world” de-identification scenarios keyed to work currently undertaken by the ACRU.

1:40pm - 2:10pm Oak Bay II

Addressing Privacy Concerns as we use Innovation, Connectivity & Data For Service Improvement

Just over one year ago, the City of Winnipeg unveiled its new Transportation Management Centre (TMC) a leading-edge facility which monitors all 650 signalized intersections across the city and can remotely respond in real-time to signal malfunctions and unexpected traffic incidents to improve traffic flow as well as provide real-time traffic information to drivers using the Waze app. The TMC combines new technologies with connectivity to modernize how we manage traffic flow.

Remote access to cameras with the ability to zoom as far as three kilometres from where they are mounted, along with sharing information through crowdsourcing apps has raised significant privacy concerns.

https://winnipeg.ctvnews.ca/city-addresses-privacy-concerns-surrounding-new-traffic-centre-1.3257524

This case study will describe how information and data flows through the TMC’s technologies, the types of records captured, eg.311 reports, waze notifications, etc., and the role of a privacy officer/records manager to take steps to identify and mitigate privacy concerns through the development of a comprehensive privacy protocol and records management guidelines which ensure compliance with FIPPA and PHIA regulations.

Learning Objectives:

1. An overview of the TMC’s records management program associated with privacy, including the development and use of tools such as privacy impact assessments, awareness training, protocols, guidelines, access controls and information sharing agreements
2. Understanding the role of records management and information governance associated with the TMC operations, and Smart City technologies.
3.How to ensure records management and privacy protection receives senior management support and attention

1:40pm - 2:10pm Esquimalt Room

Applied Session

2:10pm - 2:25pm Upper & Lower Foyers

Afternoon Break

2:25pm - 3:40pm Salon A

Concurrent Panel Session - Panel A: Quantum Computing Will Create Jobs but Which Ones?

Quantum computing is the attempt to harness the laws of quantum mechanics to build incredibly powerful computers that can perform some incredibly demanding computational tasks, tasks so demanding that they would otherwise take the age of the universe to perform.

What are quantum computers good for? Experts have some ideas, like optimizing shipping logistics, breaking modern encryption methods, discovering a complex molecule for a drug, or designing fertilizers. Industry needs to make the computers more accessible to everybody, not just quantum physicists. What opportunities by harnessing quantum technology for next generation cryptography/security will enable a secure set of tools to re-establish the status quo, but also make things better? What are the security challenges and how do we protect privacy?

2:25pm - 3:40pm Salon B

Concurrent Panel Session - Panel B: The Ethics of Integrated Data

If data is the new oil, is it being ethically extracted, consumed and made available? The integration and subsequent use of new data for evidence informed policy or decision making is beginning to make its appearance in the public sector – a true sign it has arrived. How much do we know about what is happening in this space and how, and would we agree with it if we did know?

Recent revelations of Stats Canada’s use of private banking information has thrown this conversation into the national spotlight. Are citizens more upset that it is happening or that they didn’t know that it was happening? This sets the stage for the great debate of how best to balance an individual’s privacy and the public interest that is served by population-level information being made available in de-identified format to inform public policy decisions.

2:25pm - 3:40pm Theatre

Concurrent Panel Session - Panel C: Cloud Computing: Strategies for Responsible Adoption of Cloud Services

Cloud is here and it’s not going away. It’s the present and the future. Organizations must have a digital strategy that incorporates leveraging cloud services or risk missed opportunity and lost relevance. Employees are subscribing to and using cloud services on a daily basis whether their organizations know it or not. What expectation is there that organizations are aware and managing use of cloud services? Are organizations that continue to defend their use of traditional and on-premise hosted solutions becoming losing relevance? Is there any time where cloud is not an appropriate direction? What are examples of successful adoption strategies? Where are successful organizations on the adoption path?

Increasingly, organizations are adopting Cloud First policies recognizing it is unrealistic to maintain resources necessary to meet client demands for innovative solutions. After conducting its own Privacy Impact Assessment, the New Zealand Privacy Commissioner issued a statement that they “… have evaluated the risks and believe that [cloud services] offer … better data security than [they] can deliver [them]selves.” Attend this session to find out how to responsibly adopt cloud services while keeping onside with privacy, security, legal, compliance, and risk.

2:25pm - 3:40pm Salon C

Concurrent Panel Session - Panel D: CLX Forum Authors’ Panel Discussion

3:50pm - 4:30pm Carson Hall (Salon ABC)

Keynote Presentation

4:30pm - 4:45pm Carson Hall (Salon ABC)

Closing Remarks & Announcements

Title Sponsor

Platinum Sponsors

Gold Sponsors

VIP Reception & Dinner Sponsors

Conference Sponsors & Exhibitors

Event Partners

Fairmont Empress Hotel Room Block

If you need to make accommodation arrangements, the Fairmont Empress is offering a special conference rate of $179/night for Corporate reservations and $159/night for Government reservations. Please note that this room block ends January 11, 2019.

Please contact the hotel directly at (250) 384-8111 to book a room or book online using the following links:

Government Reservations – https://book.passkey.com/go/PSCGOV0219
Corporate Reservations – https://book.passkey.com/go/privacysecurityconfcorp2019

Fairmont Empress
721 Government Street
Victoria, BC
V8W 1W5

https://www.fairmont.com/empress-victoria/

It has been brought to our attention that individuals are contacting sponsors and speakers, citing the Reboot Privacy & Security Conference, to offer hotel reservation services. To be clear, these individuals are not in any way affiliated to our conference, and are not authorised to use the Reboot Communications name. No one should contact you directly to book your hotel room or to offer you a special discounted rate. If you receive one of these calls, it is a scam. They are not affiliated with Reboot Communications or the Privacy & Security Conference. Thank you to those who have alerted us to this matter. To book your room in a safe manner please follow the information on this page only.

YYJ Airport Shuttle Discount

If you are needing transportation from the Victoria International Airport to Downtown Victoria/Empress Hotel why not consider using the YYJ Airport Shuttle.

When booking the shuttle online or over the phone please use the promo code REBOOT20. This will give you 20% off tickets.

For more information please visit their website at www.yyjairportshuttle.com or call them at 1-855-351-4995.

Harbour Air Seaplanes Discount

Flying in from Vancouver or Seattle for the conference? Arrive in style in Victoria’s Inner Harbour with Harbour Air. Subject to availability, attendees will receive a 20% discount on their goFlex and goGold fares for confirmed travel to/from Victoria between February 4 and 10, 2019. Please note that all rates are subject to tax and fees. This offer cannot be combined with any other offers or promotions or be paid by Airbucks or TurboBucks and cannot be applied to private charters.

In order to receive this special discounted rate, attendees can contact the Reservation Department directly by phone at 1.800.665.0212, by e-mail at reservation@harbourair.com or online at www.harbourair.com and quote the promotional code ‘P&SC02-19’. Also be advised that you will need to provide a copy of your conference registration upon check-in.

All schedules and location information can be accessed through their website at www.harbourair.com.

Testimonials

Celebrate 20 Years of Privacy and Security Solutions!

Why should you attend? Here’s what past attendees of the conference are saying:

One of the strongest conferences globally on the issues of both privacy and security.” – Elizabeth Denham, UK Information Commissioner

I’ve heard from many delegates over the years that this is one of the best privacy and security conferences that they attend anywhere.” – Ian Bailey, Assistant Deputy Minister and Chief Information Officer, Ministry of Attorney General, Province of BC

It’s a great gathering of privacy professionals, security professionals, information management professionals, regulators, civil society.” – Jill Clayton, Information and Privacy Commissioner of Alberta

We’ve partnered with Reboot to create a venue where privacy and security, people who have mutual goals in terms of protecting information, meet together, share information, become more collaborative in their practices and end up being more united in the ways they approach their goals. Great learning opportunities for the two professions … You also have other kinds of representation: public sector, private sector, health care, technology, civil society. All of these different groups have different perspectives and we all have very common goals, just different ways of getting there. So that sharing is very, very helpful.” – Richard Purcell, CEO, Corporate Privacy Group

“I love the conference. This is one of the most well executed and also impactful conferences that I go to each year … It is one of the best executed security conferences on the globe.” – Preston Hogue, Senior Director of Security Marketing, F5 Networks

I find the attendees to be a very wide spectrum, from the technical to the purely policy-oriented, and I get to learn and see things from a different perspective. For me, that is very valuable.” – Winn Schwartau, Security Theoritician & Author

This is the #1 professional development opportunity for privacy and security experts on the west coast.” – Gary Perkins, Chief Information Security Officer, Province of BC

It’s one of the few conferences I love coming to every year, because it’s an opportunity to learn more from a privacy and security perspective. You get the chance to see and listen to peers in the industry, talking about issues that really matter to us in the security and privacy world.” – Tim McCreight, President, Risk Rebels

Call for Speakers

Please note that the call for speakers closed September 28, 2018.

The Advisory Board for the 20th Annual Privacy and Security Conference is pleased to announce that the Call for Speakers is now closed.

Subject matter experts working within the privacy and information security communities are invited to submit papers on their area of expertise. Of particular interest are briefs on cutting-edge subjects and themes suitable for presentation in either a panel session, applied session, workshop or keynote address. Presented by the Province of British Columbia’s, Ministry of Citizens’ Services, this three-day conference draws an international audience focused on policy, programs, law, research and technologies aimed at the protection of privacy and security.

Date: February 6-8th, 2019
Location: The Victoria Conference Centre, Victoria, British Columbia

2019 Conference Suggested Topics (not exhaustive):

  • Advanced Robotics
  • Artificial Intelligence
  • Augmented & Virtual Reality
  • Big Data Analytics
  • Biohacking
  • Blockchain
  • Cloud Computing
  • Crypto Currency
  • Cyber Security
  • Dark Web
  • Data Encryption
  • ePrivacy Regulation
  • Ethics
  • GDPR
  • Genetic Privacy & Precision Medicine
  • Healthcare Privacy & Security
  • Internet of Things
  • Mobile Privacy & Security
  • Open Data
  • Politics and Privacy Regulation
  • Quantum Computing
  • Ransomware
  • Sensor Cities
  • Social Media in Elections
  • Voice First Technology

Deadline:

All entries must be received by midnight of September 28th, 2018. Invited speakers will be notified by October 31st, 2018.

Submissions:

Submissions will be accepted electronically using the form below.

Presentation Types:

  • Issue papers: An executive or management briefing on a prominent issue or aspect of information privacy or security.
  • Case studies: Descriptions of a specific information privacy or security situation or incident, or research results. Names of organizations can be kept anonymous to maintain confidentiality if necessary.
  • Research: Results or developments in cutting edge research on new information privacy and security technologies.
  • Sociological/ Philosophical perspective: A candid and/or introspective look at the impacts of new technological developments on privacy, security, social consciousness, or social functioning.

Have Questions or Need More Information?