Privacy is a 360 degree issue; the best advisors can tell you how it looks from all the angles your organization needs to know about.
Our Team brings a depth of experience that we venture to say is unrivalled in the field of information rights. We have all worked in this field for over ten years, most of us over 25 years, and have been in key roles developing, implementing, interpreting, and writing about information law and policy. We bring a wealth of different pers
Our Team brings a depth of experience that we venture to say is unrivalled in the field of information rights. We have all worked in this field for over ten years, most of us over 25 years, and have been in key roles developing, implementing, interpreting, and writing about information law and policy. We bring a wealth of different perspectives to our field, having worked at the political level, as public servants and legal counsel, as reporters, as representatives of Civil Society, as academics, and within corporations in various capacities.
Digital Discretion Inc. was founded in 2003 by Stephanie Perrin, as consulting firm providing advice in the application of privacy law, the development of privacy policy, and in practical matters of implementation. Working with a number of associates, the company produced reports on policy matters ranging from identity theft to RFID, performed risk assessments and training sessions, and drafted privacy policies and privacy impact assessments. The company was dormant between 2005 and 2013 while she returned to the federal government to work in various capacities on privacy policy, risk management, and ethics. Digital Discretion is now active again, providing advice and guidance in information law and policy.
Stephanie Perrin established the company in 2003, and has gathered a group of associates to work on the Digital Discretion team who can deliver an outstanding range of services in privacy and access to information. We like working together, and we enjoy the challenges that this field brings daily.
Stephanie has worked for most of her career in information and privacy issues, having started in 1984 as one of the first federal Access to Information and Privacy Coordinators at the then- Department of Communications. First president of the Canadian Access and Privacy Association, she helped establish the Canadian Standards Association’s Technical Committee on the protection of personal information in 1991. She worked on the drafting committee of the Canadian Standards Association’s Model Code for the Protection of Personal Information, and when that standard was proposed as the basis of the first federal law covering privacy in the private sector, she worked with her legal Counsel Heather Black to develop the approach. The Personal Information Protection and Electronic Documents Act (PIPEDA) was tabled in Parliament in 1998, passed into law in 2000, and the two when on to write a book on the
interpretation of that law in practice in 2001.
Throughout her career Stephanie has given countless speeches and presentations on data protection, privacy risk and impact assessment, privacy enhancing technologies, cryptography policy, risk management, values and ethics, and civil liberties. She worked in international relations for many years, representing Canada at the OECD on the committee dealing with privacy and security issues. She also has participated in the Computers Freedom and Privacy Conference since 1992, chairing the CFP Conference in 2007 in Montreal.
In 2000, Stephanie took a break from her government work to become Chief Privacy Officer for Zero Knowledge, a Montreal-based anonymity software company. In 2003, she launched Digital Discretion, producing reports on matters ranging from identity theft to RFID, conducting risk assessments and training sessions, and developing privacy impact assessments. During this period she also worked as Research Coordinator for the On the
Identity Trail project, a SSHRC-funded 4 Million dollar project on Identity led by Dr. Ian Kerr at the University of Ottawa. In 2005, she returned to the federal government in Ottawa as Director of Policy and Research at the Office of the Privacy Commissioner, before moving to Service Canada as a Director of Risk Management Policy. Now retired from the Canadian public service after thirty years of stimulating work, she has re-launched Digital Discretion as a top tier privacy consulting firm. Stephanie graduated from Carleton University with an MA in English literature, and received her PhD from the Faculty of Information at the University of Toronto in 2018.
Born and raised in Montreal, Heather is a graduate in English (1965) from Sir George Williams University (now part of Concordia University), and in common law (1974) from McGill University. She was called to the Ontario Bar in 1976.
She practised law in the federal Department of Justice from 1976 to 2000, specialising in commercial, and information and privacy law. Beginning in 1982, when she worked on the implementation of the federal Access to Information and Privacy Acts, Heather acquired quite an extensive experience in information and privacy law. In the mid-nineties she began work with Stephanie Perrin on the project that ultimately culminated in the drafting and
passage of the Personal Information Protection and Electronic Documents Act (PIPEDA) in 2000.
In 2000, Heather moved two blocks away to the Office of the Privacy Commissioner of Canada (OPC). A year later, she was appointed General Counsel at the OPC and, in 2003, was promoted to Assistant Commissioner with primary responsibility for private sector privacy. In that capacity she worked actively with the Asia Pacific Economic Cooperation (APEC) organization, and travelled extensively in Canada and abroad to give countless presentations on privacy issues.
She co-authored The Personal Information Protection and Electronic Documents Act: an Annotated Guide with Stephanie Perrin, David Flaherty and Murray Rankin. The guide was published in 2001 by Irwin Law.
Heather retired from the public service in 2007 and has since been working as a consultant, including being a member of the External Advisory Board for the Office of the Information and Privacy Commissioner of British Columbia. She lives in Ottawa with her Norwich terrier Teddy.
Robert Gellman is an attorney specializing in privacy law, graduating from Yale in 1973, and working in Washington D.C. Robert worked for 17 years on the staff of the Subcommittee on Government Information of the U.S. House Committee on Government Operations.
During that time, he was responsible for all information policy activities including privacy, the Privacy Act of 1974, health privacy, the collection and dissemination of electronic data, the Freedom of Information Act and other matters.
From 1996 to 2000, Robert was a member of the National Committee on Vital and Health Statistics, an advisory committee of the U.S. Health and Human Services Department. He chaired its Subcommittee on Privacy and Confidentiality from 1996 to 1998.
Since 1995 he has been working as a privacy consultant, publishing extensively on international information privacy and access issues, particularly with respect to fair information practices, medical privacy and the HIPPAA regulations, anonymization, and big
data issues.
Digital Discretion can make it easy for your organization to meet customer expectations for
the protection of personal information, to manage your information assets, and to fulfill your
legal obligations. Not every organization can afford to have a dedicated Chief Privacy
Officer to manage those risks, so we offer a tiered CPO service to help you manage your
privacy obligations and risks.
Stephanie Perrin and Heather Black worked for several years on the drafting of PIPEDA, and then wrote a text explaining it, entitled The Personal Information Protection and Electronic Documents Act, an Annotated Guide (Irwin Law, Toronto, 2001). Black went on to become first legal Counsel at the Office of the Privacy Commissioner, interpreting the new law, and then the Assistant Commissioner for PIPEDA until her retirement in 2008. We know this law well, and we can guide you through compliance with it and with provincial law which is substantially similar. Digital Discretion’s associates have knowledge and experience in privacy matters around Canada and around the globe. If your organization needs to confront any privacy law, problem, or need, Digital Discretion can help you decide what to do, can help you do it, and can do it for you. If we don’t think we can do it, we will tell you so and steer you to people who can.
When I founded Digital Discretion in 2002, I set up a blog called Indiscretions.. It seemed
like the right name where one could offer frank comments about privacy. However, some of
my most indiscreet colleagues, or shall we say most forthright and fearless, immediately lined
up to post their views. Since I was still an employee of the federal government, and the law I
spent the previous years working on was only just coming into force, I decided that discretion
would be the better part of valour, as the saying goes, and I backed off the blog.
During the past ten years, blogging has certainly grown up, for better or for worse. I still
wonder who reads all these blogs, and if you are wondering why you should read this one,
here is why.
We intend to use this blog to post commentary that examines in depth little known facts,
history, and current issues having to do with privacy and access to information. Sometimes
we will be controversial, sometimes (we hope) insightful, and sometimes just old and
grumpy. Our intent is that all of our blog posts be well-informed, and polite. That’s why we
are operating a moderated blog.
To start this off, I want to explain the name Digital Discretion. It is not, as a dear friend and
colleague teased back in ’02, a dating or escort service. The phrase came out of my efforts to
shepherd a well-framed, properly balanced data protection law for Canada through
Parliament. I know that no matter how carefully drafted or well-intentioned your proposal is,
once a law is on the books, the results can be not what you expected. Some things that you
thought would be illegal are found to be legal, and vice versa. This is the way of all laws.
But while a data protection law is important and necessary, the boundaries of the law are not
the only touchstone for determining whether any given conduct or activity is proper. Just
because it is legal, doesn’t make it right. Some things are in bad taste. Some things are
immoral. Some things are just plain greedy. Every time you make a decision about the
processing of personal information, you are exercising discretion.
That’s what Digital Discretion offers to help clients to do. Whatever you do must be
something legal, of course, but it should otherwise also be appropriate for your business and
your customers. That’s where the discretion comes in. Lawyers anywhere can tell you
what’s legal. Digital Discretion has the best lawyers for privacy for that purpose, but we
offer more than that. We help clients to do the right thing. Doing the legal thing is
mandatory. Doing the right thing is discretionary. Now that everything is digital and casts a
shadow that can last for years, you have to exercise digital discretion. We are here to help.
As for the blog….we may at times be indiscreet, but we will always try to help!
Copyright © 2024 Digital Discretion - All Rights Reserved.
Powered by GoDaddy
As Data Protection and Privacy Experts, we choose not to use cookies or allow for tracking on our websites. Have a nice day.