Reboot Communications Limited HOME Reboot Communications: 'Delivering end-to-end conference management solutions.'
General Info Agenda Speakers Sponsors Info

11th Annual Privacy and Security Conference
"Navigating the Digital Ocean: Riding the Waves of Change"

February 9th - 10th, 2010

Victoria Conference Centre
Victoria, BC, Canada

Notional Agenda

* = invited

Monday, February 8, 2010

Pre-Conference Privacy and Security Workshops

9:00 - 12:00
  1. Privacy Workshop - Privacy and Access: An Overview of the Freedom of Information and Protection of Privacy Act

    An understanding of B.C.'s Freedom of Information and Protection of Privacy Act is essential for the proper administration and handling of records for organizations covered by the Act. This half day workshop offers an overview of the Freedom of Information and Protection of Privacy Act including a brief examination of requirements related to the protection of personal information and governing the right of access. Attendees can expect to gain a better understanding of the underlying principles of transparency and privacy and how to balance these fundamental concepts.


    Kash Basi, A/Manager, Strategic Privacy Initiatives, Knowledge & Information Services, Office of the Chief Information Officer, BC Ministry of Citizens' Services

    Joanne Gardiner, Senior Legislative and Policy Analyst, Knowledge & Information Services, Office of the Chief Information Officer, BC Ministry of Citizens' Services

11:00 - 1:00
  1. Securing Data AFTER it Leaves your Repository

    What if you could close the barn door after the horses have left and still corral all the horses?

    Join Oracle for a non-technical exploration of how to secure data after it leaves your repository. Oracle is able to offer this unique capability for both structured data (database) and unstructured data (documents, email, etc). This workshop will also review products capable of providing segregation of duty and real-time data access auditing for Oracle, DB2, IMS, and SQLserver databases, thereby alerting you when someone is trying to crack open the barn door in the first place.


    Simon Thorpe, Senior North American Sales Consultant, Oracle Corporation

    Spiros Angelopolous, Senior Sales Consultant, Oracle Corporation

1:00 - 4:00
  1. Privacy Breach Workshop - Privacy Breaches: What To Do When One Occurs

    A privacy breach can affect any organization, even if it has good privacy and security practices. Are you ready for a privacy breach and do you know what to do when one occurs? This workshop will detail the steps you need to take to address the breach and to minimize the negative consequences not only for your organization, but also for individuals whose information has been affected.


    Jason Eamer-Goult, A/Director, Information Practices, Knowledge & Information Services, Office of the Chief Information Officer, BC Ministry of Citizens' Services?

    Joanne Gardiner, Senior Legislative and Policy Analyst, Knowledge & Information Services, Office of the Chief Information Officer, BC Ministry of Citizens' Services?

  2. Security Workshop - "The Dark Side of Technology - Child Exploitation"

    Our children today are at risk of being stalked by sexual predators while sitting at their computers, in the safety of their homes. Child abduction, human trafficking, and the sexual abuse of children for the purposes of making and distributing child sexual abuse images is a rapidly growing, international, money-making cyber crime. It is the dark side of technology and the greatest tragedy of the digital age. The audience for this material has grown and reaches into every corner of the world, via the Internet.

    Through the integration of a number of specialized police services across B.C., child exploitation units have been developed to deal with cross-jurisdictional crimes. While the officers working in these specialized units come from different police forces, they go beyond jurisdictional mandates and work cohesively as a dedicated team. Their ultimate objective is to identify and assist child victims of sexual assault, identify those responsible for the abuse and to lay appropriate criminal charges for these acts and for the production and distribution of the images.

    This workshop will present an overview of the nature of Internet Child Exploitation offences and investigations and the use of technology to address this heinous type of crime against children. The workshop will also present information on the efforts to save the child victims, and to prevent this activity from affecting your family and community.

    Workshop Host: Winn Schwartau, President, Interpact, Inc., Author of "Information Warfare", "CyberShock" and "Time Based Security"


    D/Cst. Rob Warren, Child Abuse Investigator, Family Protection Unit (FPU), Detective Division, Saanich Police Department

    Tom Ellis, Civilian Member of the RCMP, Technological Crime Analyst, Vancouver Integrated Technological Crime Unit

TUESDAY, February 9, 2010
7:30 - 8:30


8:30 - 8:35
Salon AB

Call to Conference

Master of Ceremonies Keith Baldrey, Global TV

8:35 - 8:45

Welcome Presentation/Opening Remarks

Honourable Ben Stewart, Minister of Citizens' Services. Introduced by Kim Henderson, Deputy Minister, Citizens' Services. Introduced by Dave Nikolejsin, CIO, Government of BC
8:45 - 9:50

Session 1 - Keynote Speaker

Mozelle Thompson, Independent Advisor Facebook former Commissioner to the US Federal Trade Commission

Social Technologies and the Information Transformation

A global rapid response to the catastrophic earthquake in Haiti; a populist revolution in Iran; and a historic election in America: What do they have in common? They each were transformed by social technologies that now give individuals more control over the timing and content of information than was even thought possible only two years ago. Although these technologies bear risks and opportunities, it is clear that they have permanently changed the online world as well as how we interact offline. My talk will begin the conference by looking at this transformation and how it challenges our traditional notions of privacy and security. We will also examine the opportunities these technologies present for the public and policy makers.

9:50 - 10:10
Upper & Lower Foyers

Morning Break

10:10 - 10:55

Session 2 - Concurrent Keynote Speakers

  1. Ira Winkler, President Internet Security Advisors Group, Author of "Spies Among Us", "Corporate Espionage" and "Through the Eyes of the Enemy"
    (Salon AB)

    Cyberwar: Target North America

    According to even mainstream headlines, we are engaged in a major cyberwar that threatens the foundation of the free world. Sadly, we are under attack, but the fact is that most people crying cyberwar really dont know what they are talking about. There is a clear distinction between cyberwarfare and what we are experiencing, and to protect ourselves, we need to understand the difference. This presentation covers these topics so that people can take the appropriate actions.

  2. Scott Shipman, Global Privacy Officer, eBay

    EU Data Transfers via Binding Corporate Rules.

    Come hear how eBay successfully implemented BCR's in 14 countries, for both Employee and Customer data transfers, in less than 1 year.

11:00 - 12:15

Session 3 - Concurrent Panel Sessions

Panel A: The Risks and Opportunities of Social Media

The overwhelming popularity of Facebook, youTube, and Twitter demonstrate how the public has embraced social technologies and incorporated them into their daily lives. While these tools can provide users with great public benefit, they also bear some risks. Our panel will discuss the opportunities and risks presented by Social Media - particularly with regard to information privacy and security. They will also be asked to brainstorm about how we might address these challenges while encouraging innovation.

Moderator: Mozelle Thompson, Independent Advisor Facebook former Commissioner to the US Federal Trade Commission


  1. Chris Conley, Technology & Civil Liberties Fellow, American Civil Liberties Union
  2. David Hume, Executive Director, Ministry of Citizens' Services, Province of British Columbia
  3. Patrick Gray, Senior Security Strategist, Cisco Systems
  4. David Kuo, Senior Manager, Accenture Technology Consulting - Security and IT Risk Practice

Panel B: State of the Privacy Nation - Tales from Private Sector Regulators

What keeps private sector privacy regulators up at night these days? What privacy nightmares are they experiencing? Hear from the experts about privacy complaint patterns, key cases of the year and how they have been resolved. Also hear the latest on the privacy struggles pertaining to ID scanning, biometrics and how the group navigates around cross-jurisdictional privacy complaints, keeping momentum while avoiding stepping on each other's toes.

Moderator: Mary Carlson, Deputy Registrar of Lobbyists, Office of the Privacy Commissioner of British Columbia


  1. Dan Caron, Legal Counsel, Office of the Privacy Commissioner of Canada
  2. Catherine Tully, Executive Director, Office of the Information and Privacy Commissioner for British Columbia
  3. Jill Clayton, Director, Personal Information Protection Act, Office of the Information and Privacy Commissioner, Alberta

Panel C: Biometrics - What Can We See Now?
(Salon C)

Biometric technologies are beginning to hit the mainstream, touted as ideal for enhancing identity authentication, access controls and fraud detection. Ironically, however, the same technologies that can enhance trust can also undermine it when deployed improperly. Biometric data are exceedingly personal data: unique and permanent identifiers that can serve as both usernames and passwords. As this personal data is collected, used, retained and shared across networked environments by more and more actors for more purposes, how will the security threats that undermine the reliability of biometric systems be overcome? Equally significant, how will individual privacy be assured? Specific privacy concerns include function creep, expanded surveillance, tracking, profiling and potential discrimination, data misuse, the negative personal impacts of false matches, non-matches, system errors, and failure, and of insufficient oversight, openness and accountability in biometric data systems, as well as the potential for collection and use of biometric data without individual knowledge, consent, or control. All of these privacy risks can undermine user confidence, which can lead to a lack of acceptance and trust in biometric systems. Is there a positive-sum way out? Come hear our panelists and find out!

Moderator: Ann Cavoukian, Ph.D, Information and Privacy Commissioner for Ontario


  1. Mary Collins, International Biometric Group, New York
  2. Robin Wakefield, Senior Security Analyst, Oracle Corporation
  3. Winn Schwartau, President, Interpact, Author of "Information Warfare", "CyberShock" and "Time Based Security"
  4. Sponsor
12:15 - 1:30

Keynote Luncheon Address

Ritchie Leslie, Director Western Canada, TELUS Security Solutions

Securing Government: A Canadian Perspective

TELUS, a Canadian leader in IT security research, has recently published the results of its 2009 national security study, co-developed and funded with the Rotman School of Management at the University of Toronto. Highlights of the 2009 Rotman-TELUS Joint Study on Canadian IT Security Practices will be presented.

Find out:

  • How some organizations have been able to increase their security budget despite the challenging economic climate
  • Why attacks on the public sector have increased and what top performers have done to manage this
  • What security issues are driving investments in the public sector across Canada
  • What is considered "good enough"
1:30 - 2:15

Session 4 - Keynote Speaker

Ann Cavoukian, Ph.D, Information and Privacy Commissioner for Ontario

Privacy by Design: The Gold Standard - Let's Raise the Bar

In the future, we will need to adopt a different paradigm – legislation alone will no longer be sustainable as the sole model for ensuring the future of privacy. We must turn to positive-sum paradigms such as Privacy by Design: proactively embedding privacy into emerging technologies, accountable business practices and networked infrastructures that intersect with personally identifiable information. The Commissioner’s Privacy by Design was not developed as a theoretical construct. It was developed to introduce real change into everyday lives, always with the goal of advancing practical privacy. Dr. Cavoukian will explain how her vision of Privacy by Design and PETs Plus can help to transform your privacy problems into privacy solutions.

2:20 - 2:50

Session 5 - Business Breakouts

  1. Symantec - Speaker: Terry Harper, Principal Systems Engineer, Symantec

    "Anatomy of a Breach"

    Today's IT Security teams face many threats. Traditionally they have been focused on Keeping the bad stuff out but more and more they are faced with keeping the good stuff in. Whether it is threats from malicious insiders or honest mistakes being made by well meaning employees Organizations are more focused than ever on Protecting their sensitive information. Join Terry Harper and learn how Symantec is leading the world in Prioritizing Data Protection.

  2. CA - Speaker: Tim Brown, Sr. Vice President, Chief Architect and Distinguished Engineer, CA Security Management

    The Reality of User Centered Identity

    User Centric Identity continues to gain momentum. Standards are coming together. In this session we will present a quick refresh for people on how User Centric Identities work and what standards exist. We will talk about how the standards have progressed and what to expect in the future. One of the key issues facing User Centric Identity is adoption; we will talk about the inhibitors and how the cloud presents new opportunities to drive adoption.

  3. Microsoft - Speaker: Mohammad Akif, National Security and Privacy Lead Microsoft Canada

    Securing your Assets

    Windows 7 introduces a number of security improvements which allows an organization to improve compliance with regulations, reduce chances of attack and improve auditing. Join Mohammad Akif, National Security and Privacy Lead for Microsoft Canada to learn how your organization can utilize Windows 7 to have better control and protection for your assets, whether it is data stored in machines issued to mobile employees or information contained in the cloud, Windows 7 allows the business to choose from a spectrum of choices.

  4. IBM - Speaker: Dan Powers, Vice President, IBM's Internet Security Systems

    "Leveraging Specific Technologies to Address Cloud Risk"

    The planet is becoming more instrumented, interconnected and intelligent. For many organizations this offers, new possibilities, new complexities and NEW RISKS. As more organizations start to focus on Cloud solutions to enable their business and cut costs, the number 1 initial inhibitor is around security risk. IBM is unparalleled in the breadth of end to end Security solutions offered that address Cloud Risk. Join Dan Powers, Vice President, IBM's Internet Security Systems in a discussion around specific security solutions that include products and services such as a integrated managed security solutions, Network Server and endpoint solutions etc.

2:50 - 3:10

Afternoon Break

3:10 - 4:25

Session 6 - Concurrent Sessions

Panel A: Cloud Computing - the Current Forecast

The Internet is no longer just a communications network. It has become a platform for computing - a vast interconnected virtual supercomputer. And we are its programmers and subjects. What decisions and choices can we collectively make to ensure that appropriate levels of privacy, security and trust are built into Cloud computing architectures and services? Questions about data security and accountability tend to dominate Cloud and "Web 2.0" discussions, and are important areas, but what about privacy? How can individuals maintain effective access and control over their personal data, held and processed by others in the Cloud? Are there opportunities to apply Privacy by Design principles? Come hear this panel of experts and find out!

Moderator: Ann Cavoukian, Ph.D, Information and Privacy Commissioner for Ontario


  1. Brian Duckering, Senior Product Manager, End Point Virtualization, Symantec
  2. Joel Weise, Information Systems Security Association - Chairman of the ISSA Journal Editorial Board
  3. Tim Brown, Vice President and Chief Architect for Security Management, CA
  4. Michael Legary, Founder and Chief Innovation Officer, Seccuris

Panel B: Navigating the Unchartered Waters of E-Health in Canada - A View from the CPO's Bridge

The intentionally-provocative premise of this interactive panel is that Electronic Health Records pose a very grave challenge to the privacy interests of Canadians, because their proponents and funders are not adequately implementing privacy risks management strategies, including privacy and security policies and procedures; Chief Privacy Officers with adequate staff, resources, authority, and reporting relationships; on-line privacy training for all staff; Threat Risk Assessments; privacy breach management policies and procedures; on-line, real-time auditing of all information handling activities; and complaint handling procedures and policies.

Moderator: David Flaherty, Information Policy Consultant & Principal, David H. Flaherty Inc


  1. Bobbylynn Stewart, Privacy Officer, Saskatoon Health Region
  2. Miranda Paquette, Privacy Manager, MD Physicians Inc. Ottawa
  3. Joe Alhadeff, Vice President, Global Public Policy, Oracle
  4. Mimi LePage, General Counsel and Chief Privacy Officer, Canadian Institute for Health Information

Panel C: Knock, Knock - Verifying Identity Online for Services?
(Salon C)

Moderator: Frank Work, Information and Privacy Commissioner for Alberta


  1. Dave Nikolejsin, CIO, Government of BC
  2. Mark MacCarthy, Professor at Georgetown University (Faculty for RFID Consortium) former policy VP at VISA
  3. Jules Cohen, Director, Trustworthy Computing, Microsoft
4:30 - 5:15

Session 7 - Concurrent Keynote Speakers

  1. Dan Powers, Vice President, IBM's Internet Security Systems

    Managing Risk: Cloud Security Strategies

    For many organizations, developing a Cloud strategy and plan could be critical to the future of the organization, but the #1 issue for most organizations with respect to the Cloud is the issue of Security risk. IBM's Dan Powers, VP of Internet Security Systems, will share perspectives, ideas, and actionable steps to help organizations address Cloud associated risks.

    This Keynote address will cover the following:

    • Cloud Brief- What is the Cloud, types of Cloud, why Cloud ?
    • What are the Cloud security issues of today ?
    • Common pitfalls to avoid in the Cloud
    • Leveraging security as a Cloud enabler (business innovation)
    • Strategies to deploying effective Security in the Cloud.
    • Addressing Cloud Risk- Where does an organization start ?
  2. Fred Cate, Distinguished Professor and C. Ben Dutton Professor of Law Director, Center for Applied Cybersecurity Research, Indiana University and Senior Policy Advisor, Centre for Information Policy Leadership, Hunton & Williams LLP
    (Salon AB)

    Private Data in Public Hands

    Governments have developed an insatiable appetite for personal data, and have invested significantly in systems to collect, store, and share those data. Increasingly, personal data are collected through or from the private sector, frequently across borders, and often with the effect of undermining private-sector privacy "promises" and avoiding legal privacy protections. This session will address the government's growing demands for personal data and its impact on individuals and on businesses and other private-sector entities.

Wednesday, February 10, 2010
8:40 - 8:45
Salon AB

Administrative Announcements

Master of Ceremonies Keith Baldrey, Global TV

8:45 - 9:30

Session 8 - Keynote Speaker

Art Gilliland,Vice President of Product Management, Symantec

"Crime & Carelessness: Gaps that enable the theft of your most sensitive information"

"Information is power and money. Our professional lives revolve around building, inventing and working with more valuable information. How we protect and manage this information is core to the success of our economy, organizations, corporations and our personal lives. In this presentation we will explore how a criminal industry now larger than the international drug trade works to steal our information. Targeting areas of operational weakness, these organizations effectively steal more than $600 Billion of information every year. There are best practices to follow and we will discuss ways in which technology, process and education can greatly hinder what will continue to be an active attack on our most valuable resource: information."

9:35 - 10:15

Session 9 - Concurrent Keynote Speakers

  1. Daniel J. Solove, Professor of Law, George Washington University Law School
    (Salon AB)

    Understanding Privacy

    Privacy is one of the most important concepts of our time, yet it is also one of the most elusive. As rapidly changing technology makes information more and more available, scholars, activists, and policymakers have struggled to define privacy, with many conceding that the task is virtually impossible. Professor Daniel J. Solove will discuss his latest book, Understanding Privacy, and offer a comprehensive theory for how to understand the meaning and value of privacy. In addition to addressing privacy more coherently, his theory provides practical guidance for policymakers in business and government.

  2. Mohammad Akif, National Security and Privacy Lead Microsoft Canada

    Beyond the Firewall

    The threat landscape for security is evolving at a fast pace, the threats are becoming more dynamic and increasingly sophisticated using social engineering techniques. However, IT security teams have failed to adapt to this new dynamic environment, focusing instead on firewalls - both the perimeter network defense, and the organizational firewalling of IT security departments. In order to be successful in the current environments, IT and business leaders must recognize the shift away from a closeted, isolated security team focusing on moats and towers, and into a responsive, risk based team that enables the organization to meet its goals while effectively managing risk.

    In this Keynote, Mohammad Akif will share the latest data about the security landscape and discuss prevention best practices. He will also discuss how IT and business leaders need to evolve their thinking and their teams to meet the reality of the modern threat landscape.

10:15 - 10:35
Upper & Lower Foyers

Morning Break

10:35 - 11:50

Session 10 - Concurrent Panel Sessions

Panel A: Mobile Life

This panel will discuss the ramifications of mobility as it relates to work, play, education and collaboration. Tied into all of this are three aspects: 1. Awareness by both the user and the parent company, agency or university as it relates to security of the data and the individual user and how do we raise that level of awareness. 2. Marketing - how do we get our message across, tell our story - traditional aspects are falling by the wayside 3. How do we get ahead of this new wave of communicating with our peers, customers and others?

Moderator: Patrick Gray, Senior Security Strategist, Cisco Systems


  1. Michael Brown, Director of Product Management, BlackBerry Security, RIM
  2. Christian Richard, Chief Technology Officer, secureNFC
  3. Frank Work, Information and Privacy Commissioner for Alberta

Panel B: Internet Profiling - Who is Following Your Cyber Footsteps?
(Salon C)

From the perspective of threat detection and surveillance, profiling raises a plethora of political, social, economic and technical conundra and disagreement. This panel will look at several of the policy issues that are raised when we examine protection of the individual, corporate and national interests. It will also address another aspect to internet profiling which is being carried out by the private sector for "Behavioral Marketing" purposes – what are the ramifications of internet profiling for targeted advertising?

Moderator: Winn Schwartau, President, Interpact, Inc., Author of "Information Warfare", "CyberShock", and "Time Based Security"


  1. Peter Reid, Chief Privacy Officer, HP
  2. Nicole Ozer, Technology and Civil Liberties Policy Director, American Civil Liberties Union
  3. Constantine Karbaliotis, Information Privacy Lead, Symantec
11:50 - 1:00

Luncheon Address

Joe Alhadeff, Vice President, Global Public Policy, Oracle

Privacy and Security in Shared Services Environments

Today information is less tied to any particular physical jurisdiction and more services are being combined behind portals and other user interfaces. These "shared services solutions" may include elements of global sourcing, information sharing and consolidation in order to deliver new services, optimize resources and improve service levels. As we continue to develop new and beneficial business models that take advantage of these developments, we have to continue to understand how to promote and safeguard privacy and security. This session will focus on strategies of promoting privacy and security in these new services and technical solutions.

1:00 - 1:30

Session 11 - Keynote Speaker

Jennifer Stoddart, Privacy Commissioner of Canada

The Future of Privacy Regulation

Jennifer Stoddart, now in her final year as Canada's Privacy Commissioner, will review major trends in privacy regulation over the past decade. Is the deployment of new and popular technologies such as social networking sites and street-level imaging driving a restructuring of global privacy regulation? What are the challenges, and where are we headed?

1:30 - 2:00

Session 12 - Business Breakouts

  1. Sierra Systems - Speakers: Bill Young, Director, Strategic Technology & Corporate Projects, Ministry of Public Safety and Solicitor General and Christopher Litton, Director, Justice Practice, Sierra Systems

    Navigating the information sharing and identity management needs of clients in BC's Integrated Justice System

    Jurisdictions around the world are facing complex challenges as they try to introduce electronic information access and sharing solutions to meet the highly-sensitive service delivery needs of clients within the criminal justice system. In Canada, offenders travel through a justice system that can involve three levels of government (municipal, provincial, and federal) as well as other sector and service partners - all with differing needs, priorities, policies and legislation. There are increasing volumes of electronic information about and for clients as they move through police, crown, courts, and corrections. The need to share or allow authorized access to highly-sensitive information in this multi-stakeholder environment raises the bar on the need to ensure that this information is managed, protected and shared in a lawful, privacy protected and person-oriented manner.??BC is leading the way with projects including the BC Corrections Integrated Corrections Offender Network (ICON) project, and is working with the provincial identity management, biometric authentication, information access layers and inter-sector information sharing initiatives. The principal ICON Project Directors (BC Corrections and Sierra Systems) will discuss the challenges and solutions that are being proposed to address a common problem facing all jurisdictions across Canada.

  2. Oracle - Speaker: Spiros Angelopoulos, Senior Sales Consultant, Oracle Everyone is talking about data governance. What is it and how can you achieve sound data governance? Securing and protecting data requires a holistic approach, taking into consideration the broad range of data threats. Organizations need to understand these threats and develop a comprehensive strategy security policy. Come see how to tackle the challenge of data governance head on. Don't let a data breach happen to you
  3. Cisco - Speaker: Terry Singleton, Security Product Sales Specialist, Cisco

    Building a Pervasive Access Policy in a Borderless Network

    The heart of a borderless network is enabling anyone and anything to communicate at anytime and anywhere in the world, but communication is not just about enabling connectivity. A secure borderless network should enable the appropriate level of access: connecting the right user, the right device, at the right place, at the right time, to the right net work with the proper level of authorization. That’s the role of a pervasive access policy. Join Cisco to learn about innovations and technologies used to enable a pervasive access policy in today’s borderless networks.

  4. Deloitte - Speaker: Simon Tang, National Leader, Canadian PCI Service Offerings, Deloitte.

    "PCI: Current industry trends and compliance approaches"

    Most organizations have been through the gap analysis stage on their way to becoming compliant with the Payment Card Industry Data Security Standard (PCI DSS). As they continue to identify and address gaps between their current security controls and PCI DSS, many are asking 'is compliance even achievable?'

    During this session, we will:

    - Discuss industry trends and what are some of the issues most organizations are facing
    - Discuss the prioritized approach to PCI DSS achieving compliance
    - Evaluate alternative solutions and technologies to achieve compliance by reducing the scope or eliminating the need for PCI
    - Facilitate discussion with respect to current practices employed by session attendees complying with the requirements

2:00 - 2:20

Afternoon Break

2:20 - 3:35

Session 13 - Concurrent Sessions

Panel A: Privacy and Smart Grids
(Salon A/B)

An overview of smart grids and some of the significant security and privacy implications, including: work underway in the US spearheaded by NIST to identify security and privacy risks and controls, the Google Power Meter technology, and issues in geospatial systems needed to manage crews, customer information systems, and load management systems, and the security controls needed to protect that information.

Lead Speaker: John Sabo, Director, Global Government Relations, CA, Inc. and President, International Security Trust and Privacy Alliance (ISTPA)


  1. Betsy Masiello, Policy Analyst, Google
  2. Martin Kyle, Principal, Sierra Systems
  3. Gail Magnuson, International Privacy Consultant & President of Gail Magnuson LLC
  4. Ed Minyard, Partner, Accenture Technology Consulting

Panel B: Enforcement and Oversight Under the Electronic Commerce Protection Act (ECPA)
(Salon C)

This panel will discuss the enforcement regime that will be established under the Electronic Commerce Protection Act, as proposed, with a focus on the role of the Office of the Privacy Commissioner of Canada.

Moderator: Shaun Brown, Counsel, Law Office of Kris Klein


  1. Andre Leduc, Industry Canada
  2. Carman Baggaley, Senior Strategic Policy Advisor, Office of the Privacy Commissioner of Canada
3:35 - 4:30

Session 14 - Keynote Speaker

Michael Calce, "Mafiaboy", &
Craig Silverman, Author of the book Mafiaboy

After launching attacks that paralyzed the websites of Amazon, eBay, CNN and other major Internet properties in 2000, Michael Calce, aka "Mafiaboy" then 15 years-old, was apprehended after an investigation by the RCMP and FBI. Using his experience as a cautionary tale, Calce will address the audience along with Craig Silverman, author of "Mafiaboy".

Michael and Craig will examine past security issues: where we were, where we are and the current state of the industry, and will also take questions form the audience.


Closing Remarks

Kim Henderson, Deputy Minister, Citizens' Services