Stephanie Perrin, President

Stephanie Perrin established the company in 2003, and has gathered a group of associates to work on the Digital Discretion team who can deliver an outstanding range of services in privacy and access to information.  We like working together, and we enjoy the challenges that this field brings daily.

 Stephanie has worked for most of her career in information and privacy issues, having started in 1984 as one of the first federal Access to Information and Privacy Coordinators at the then-Department of Communications.  First president of the Canadian Access and Privacy Association, she helped establish the Canadian Standards Association’s Technical Committee on the protection of personal information in 1991.  She worked on the drafting committee of the Canadian Standards Association’s Model Code for the Protection of Personal Information, and also collaborated with Heather Black on the Personal Information Protection and Electronic Documents Act to incorporate this code in law for the private sector, acquiring in the process a deep grounding in the practical issues surrounding the interpretation of data protection law, and assessment of privacy risk.

 Stephanie has given countless speeches and presentations on data protection, privacy risk and impact assessment, privacy enhancing technologies, cryptography policy, risk management, values and ethics, and civil liberties.  She worked in International Relations for many years, representing Canada at the OECD on the committee dealing with privacy and security issues.  She also has participated in the Computers Freedom and Privacy Conference since 1992, chairing the CFP Conference in 2007 in Montreal.

 In 2000, Stephanie took a break from her government work to become Chief Privacy Officer for Zero Knowledge, a Montreal-based anonymity software company.  In 2003, she launched Digital Discretion, producing reports on matters ranging from identity theft to RFID, conducting risk assessments and training sessions, and developing privacy impact assessments and audits.  During this period she also worked as Research Coordinator for the On the Identity Trail project, a SSHRC-funded 4 Million dollar project on Identity led by Dr. Ian Kerr at the University of Ottawa.  In 2005, she returned to the federal government in Ottawa as Director of Policy and Research at the Office of the Privacy Commissioner, before moving to Service Canada as a Director of Risk Management Policy.  Now retired from the Canadian public service after thirty years of stimulating work, she has re-launched Digital Discretion as a top tier privacy and transparency consulting firm.

 Stephanie graduated from Carleton University with an MA in English literature, and is now pursuing doctoral studies at the Faculty of Information at the University of Toronto, where she is researching issues surrounding privacy-enhanced identity credentials.  Once her doctorate is finished, her next project will involve deciding whether to raise ostriches or alpacas on the farm where she lives in the Ottawa valley.

Dr. Jennifer Barrigar

Jennifer is a legal scholar and writer on privacy. She focuses on how people’s reputations can be used as a surveillance tool and to shape their identity online and off.  She has lectured and written on these issues for more than a decade, throughout the rapid evolution of social media and increasing online surveillance.

 For several years she served as Legal Counsel at the Office of the Privacy Commissioner of Canada. There, she participated in the initial application and interpretation of Canada's 2000 private sector Personal Information Protection and Electronic Documents Act (PIPEDA) and worked with international standards for privacy and data protection.  She has also taught law courses at the University of Ottawa and Carleton University.

She holds an LL.M. degree from the University of Ottawa, where she examined Canada’s federal private sector privacy law and its potential as an instrument of change. She also holds an LL.B. from Dalhousie University and an B.A. (Honours) from Carleton University.

 Along the way, she benefited from funding and other forms of support from the Social Sciences and Humanities Research Council, the University of Ottawa Faculty of Law, the Canadian Council of Administrative Tribunals, the Office of the Privacy Commissioner of Canada, the law firm of Gowlings, Lafleur Henderson, LLP, the Samuelson-Glushko Canadian Internet Policy & Public Interest Clinic, the Oxford Internet Institute and the Electronic Privacy Information Center.

Heather Black

Born and raised in Montreal, Heather is a graduate in English (1965) from Sir George Williams University (now part of Concordia University), and in common law (1974) from McGill University. She was called to the Ontario Bar in 1976.

 She practised law in the federal Department of Justice from 1976 to 2000, specialising in commercial, and information and privacy law.  Beginning in 1982, when she worked on the implementation of the federal  Access to Information and Privacy Acts, Heather acquired quite an extensive experience in information and privacy law. In the mid-nineties she began work with Stephanie Perrin on the project that ultimately culminated in the drafting and passage of the Personal Information Protection and Electronic Documents Act (PIPEDA) in 2000.

 In 2000, Heather moved two blocks away to the Office of the Privacy Commissioner of Canada (OPC).  A year later, she was appointed General Counsel at the OPC and, in 2003, was promoted to Assistant Commissioner with primary responsibility for private sector privacy. In that capacity she worked actively with APEC and she traveled extensively in Canada and abroad to give countless presentations on privacy issues.

 She co-authored The Personal Information Protection and Electronic Documents Act: an Annotated Guide with Stephanie Perrin, David Flaherty and Murray Rankin. The guide was published in 2001 by Irwin Law.

 Heather retired from the public service in 2007 and has since been working as a consultant, including being a member of the External Advisory Board for the Office of the Information and Privacy Commissioner of British Columbia. She lives in Ottawa with her Norwich terrier Rufus.

Robert Gellman

With a 1970 B.A. from the University of Pennsylvania and a 1973 J.D. from the Yale Law School, Bob has been immersed in data protection and privacy issues for far too many years he cares to remember.

 Bob worked for 17 years on the staff of the Subcommittee on Government Information of the U.S. House Committee on Government Operations.  During that time, he was responsible for all information policy activities including privacy, the Privacy Act of 1974, health privacy, the collection and dissemination of electronic data, the Freedom of Information Act and other matters.

From 1996 to 2000, Bob was a member of the National Committee on Vital and Health Statistics, an advisory committee of the U.S. Health and Human Services Department. He chaired its Subcommittee on Privacy and Confidentiality from 1996 to 1998.

Since 1995, Bob has also worked as a privacy and information policy consultant with clients that included large and small companies, trade associations, government agencies (U.S. and others), NGOs and privacy advocacy organizations. He has been a member of the Editorial Board of Government Information Quarterly since 1996, and has served on the Advisory Board of the Privacy Rights Clearinghouse since 2005. He was Executive Director of the Virtual Magistrate Project from 1996 to 1998 and, in 2012, he was named Senior Fellow at the Center on Law and Information Policy, at the Fordham University School of Law.

In addition to being camera-shy, Bob is one of the few people over the age of 12 in his country who does not own a cellphone.

Harry A. Hammitt

Harry Hammitt is editor/publisher of Access Reports, a biweekly newsletter on the Freedom of Information Act (FOIA) and open government laws and policies.  He is the primary editor of Litigation Under the Federal Open Government Laws, published by the Electronic Privacy Information Center (EPIC).

He received his B.A. from the University of Michigan in 1975.  He holds an M.A. in journalism from the University of Missouri and a J.D. from George Washington University Law School.  He has worked as an information specialist for the Consumer Product Safety Commission, and for FOI Services, a third-party requesting company that deals primarily with businesses in the food and drug industry.

He became editor of Access Reports in 1985, and then publisher in 1989.  He has written and lectured extensively on access and privacy issues in both the United States and Canada.  He is a past president of the American Society of Access Professionals and has conducted that organisation’s annual seminar on business information issues for more than ten years.  He was inducted into the FOI Hall of Fame at the Freedom Forum in Arlington, Virginia, in 2001.

From 2009 to 2012, he worked as a consultant on FOIA issues for the Department of State in Washington, D.C.

Dr. Chris Pounder

Chris Pounder has been a Director at Amberhawk Training Ltd since the founding of the company in 2008. Amberhawk Training specialises in data protection, freedom of information and information security training.  In 2012, Chris was appointed to two government advisory committees: the Identity Assurance, Privacy and Consumer Advisory Group (advising the Cabinet Office on “privacy friendly” use of identity assurance techniques) and the Data Protection Advisory Panel (advising the Ministry of Justice on its approach to the EU’s Data Protection Regulation and Directive in the field of law enforcement).

Chris's career in data protection dates back to 1978. He has spoken at numerous conferences on data protection and related matters and also writes the occasional freelance article for the IT-related Press and the academic journals in the field of security and data protection. He has also given oral and written evidence before various Parliamentary Select Committees where issues of privacy, data protection and security have arisen (e.g. ID Cards, Surveillance, Computer Misuse Act, data retention policies, supervision of the national security agencies). He was also asked to give a presentation to European MEPs when the European Parliament was discussing the proposed Data Protection Regulation.

Prior to Amberhawk, Chris joined Masons Solicitors in July 1999 as part of its growing Data Protection and Privacy Team; Masons merged with Pinsents to form PinsentMasons in 2006. He is mentioned by name in Chambers 500, where the latter recognised PinsentMasons' Data Protection team as being in the "First Tier". Prior to that, Chris held the Data Protection Officer post at Cap Gemini and the Greater London Council where he advised MPs on the Data Protection Act 1984.

© Digital Discretion 2013