Skip To Content
Rachel St. John

Rachel St. John

Associate, Privacy and Data Management

Key Contact: Privacy and Data Management

Contact Information

tel: 403.260.7093



Bar Admission
  • Alberta, 2010
  • Ontario, 2010
  • New York, 2008
  • McGill University, B.C.L./LL.B.
  • Mount Allison University, B.A. (Honours)
  • Kwansei Gakuin University, Japanese Studies Certificate

Rachel advises clients on a broad range of privacy, data security and information-management matters, including information security-breach responses, cross-border data transfers, online and mobile marketing, behavioural tracking, employee monitoring and internal investigations, payment card systems, outsourcing transactions, health information privacy, data governance and strategic management of information assets.

Rachel also drafts and negotiates contractual agreements concerning information security, and develops policies, procedures and training programs. She counsels clients on compliance with federal, provincial and international privacy requirements, including the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s anti-spam legislation (CASL), Alberta’s Personal Information Protection Act (PIPA) and Health Information Act.

  • Clio

    Clio in its record-setting US$250 million Series D equity financing from TCV and JMI

  • Find More

Global Data Review

  • Global Data Review, 2018: 40 Under 40.

  • 2019 Privacy Year in Review and 2020 Look Ahead

    Speaker, Calgary, January 23, 2020

  • Canadian Bar Association, executive member of the Privacy and Access Section
  • International Association of Privacy Professionals (IAPP)
  • Law Society of Alberta
  • Ontario Bar Association
  • The Law Society of Ontario

Previous Speaking Engagements

  • Incident Preparedness and Ransomware, AB Privacy & Access Law Section - South Meeting, Canadian Bar Association – Alberta Branch
    Speaker, Calgary, September 23, 2019
  • 2018 Privacy Year in Review and Trends and Predictions for the Year Ahead, South Section Meeting, Canadian Bar Association – Alberta Branch
    Speaker, Calgary, February 25, 2019
  • Privacy Year in Review 2018, South Section Meeting, Canadian Bar Association – Alberta Branch
    Speaker, Calgary, January 24, 2019
  • CBA Seminar: Cybersecurity for the Legal Professional
    Speaker, Cybersecurity for the Legal Professional, Calgary, February 27, 2017
  • Calgary Breakfast Seminar Series: Cybersecurity and Incident Management
    Speaker, Cybersecurity, Calgary, February 17, 2016
  • Data Breach Management, PIPA Connections Conference 2015
    Speaker, October 27, 2015
  • Managing a Breach: Lessons Learned in the Employment Context, Canadian Bar Association,
    Speaker, Alberta Branch, October 21, 2015
  • Privacy for Not-for-Profit Organizations, PIPA Connections Conference 2014,
    Speaker, November 13, 2014
  • Privacy Law & Tech & IP– South Section Meeting, Canadian Bar Association – Alberta Branch
    Speaker, October 9, 2014
  • Anti-Spam Update – Part II: Preparing for CASL Compliance
    Speaker, April 28, 2014
  • Anti-Spam Update – Part I: Preparing for CASL Compliance
    Speaker, March 24, 2014
  • Technology and Privacy Panel, Alberta Mortgage Brokers Conference 2013
    Speaker, September 12, 2013
  • Cookies and CASL: New Privacy Challenges for e-Marketing, PIPA Conference
    Speaker, November 2, 2012
  • Canada’s New Anti-Spam Law, 2012 Access and Privacy Conference
    Speaker, June 14, 2012
  • Health Privacy Enterprise Risk Management, Western Canada Health Information Privacy Symposium (WCHIPS)
    Speaker, April 30, 2012
  • Anti-Spam Legislation, Canadian Bar Association, Alberta Branch
    Speaker, Calgary, November 28, 2011
  • Canada's Anti-Spam Law: A Practical Approach to e-Marketing, PIPA Conference 2011
    Speaker, October 14, 2011
  • Privacy and Information Security, Columbia University
    Guest lecturer, April 26, 2010
  • Privacy and Information Security, Columbia University
    Guest lecturer, December 7, 2009
  • Into the Breach: A Legal Perspective on Data Security Incident Response, John Jay College of Criminal Justice Center for Cybercrime Studies and Center for Business Preparedness
    Guest lecturer, November 23, 2009
  • Federal Breach Notification, IAPP Privacy Academy
    Speaker, September 8, 2009
  • Data Breach: Where Are We? Where Are We Going?, Annual ACM Northeast Digital Forensics Exchange
    Speaker, July 21, 2009



  • Co-author, “Canada,” Data Protection and Privacy, International Series, Third Edition. August 2016.
  • Co-author, "Draft anti-spam regulations pose challenges,” The Lawyers Weekly, Vol. 31, No. 20, September 30, 2011.
  • Co-author, "Privacy Commissioner Calls for Enhanced Enforcement Powers,” The Lawyers Weekly, Vol. 3, No. 5, June 3, 2011.
  • Co-author, “PIPEDA Case Law Update: Federal Court Issues a Landmark Decision on Damages; Ontario Court of Appeal Deals with the Issue of Disclosure of Mortgage Information to a Third Party Creditor,” Eye on Privacy, OBA Privacy Law Section Newsletter, Vol. 11, No. 1, February, 2011.
  • Co-author, “Nevada updates encryption law and mandates PCI DSS compliance,” Lexology/ACC Newsstand, June 17, 2009.
  • Co-author, “The Boucher Bill: Shaping the Privacy Landscape in the U.S.,” Data Protection Law and Policy, Vol. 7:6. June 17, 2009.
  • Contributing author, “European Union Data Protection,” in Data Security and Privacy Law: Combating Cyberthreats. Cronin/Weikers (2008).