Kristen Pennington

Practice Areas

As a Certified Information Privacy Professional / Canada by the International Association of Privacy Professionals (IAPP), Kristen advises clients on a broad range of privacy and data security matters, from facilitating compliant cross-border data transfers to crafting robust privacy compliance programs and drafting internal and external-facing privacy policies. She regularly collaborates with counsel in other countries to advise on the Canadian component of multi-jurisdictional privacy projects. An area of particular expertise for Kristen is advising on the privacy and data security implications of complex commercial transactions, particularly involving the purchase or sale of businesses that offer novel products or technologies. Kristen regularly speaks about emerging privacy issues to high-profile organizations, including to the Ontario Bar Association and the New York City Chapter of the Association of Corporate Counsel, and has been cited by leading media sources, including recent interviews by Canadian Lawyer Magazine, Canadian HR Reporter and GRC World Forums. Her writing has been featured in the Canadian Privacy Law Review and the International Comparative Legal Guides to Data Protection and Cybersecurity, among other publications. Kristen has also acted as faculty for programs at Osgoode Hall Law School (York University) and Queen’s University.