Rachel St. John

Rachel St. John

Sociétaire, Respect de la vie privée et gestion de l’information

Personne-ressource: Respect de la vie privée et gestion de l’information



tél.: 403 260-7093



Admission(s) au barreau

Alberta, 2010

Ontario, 2010

New York, 2008


  • McGill University, B.C.L./LL.B.
  • Mount Allison University, B.A. (Honours)
  • Kwansei Gakuin University, Japanese Studies Certificate



(Ce profil n'est pas disponible en français. Nous sommes désolés des inconvénients que cela pourrait vous occasionner.)

Rachel advises clients on a broad range of privacy, data security and information-management matters, including information security-breach responses, cross-border data transfers, online and mobile marketing, behavioural tracking, employee monitoring and internal investigations, payment card systems, outsourcing transactions, health information privacy, data governance and strategic management of information assets.

Rachel also drafts and negotiates contractual agreements concerning information security, and develops policies, procedures and training programs. She counsels clients on compliance with federal, provincial and international privacy requirements, including the Personal Information Protection and Electronic Documents Act, Canada’s anti-spam legislation, Alberta’s Personal Information Protection Act and Health Information Act.

Rachel is a contributor to AccessPrivacy.com [.ca], an innovative online information tool that provides strategic guidance on key privacy issues. She is also currently an executive member of the Canadian Bar Association, Privacy and Access Section. 

Global Data Review

  • Global Data Review, 2018: 40 Under 40.

  • Canadian Bar Association
  • International Association of Privacy Professionals
  • Law Society of Alberta
  • Ontario Bar Association
  • The Law Society of Upper Canada (Ontario) 

  • Speaker, “Cybersecurity for the Legal Professional”, Canadian Bar Association, Alberta Branch, February 27, 2017.
  • Speaker, “Data Breach Management”, PIPA Connections Conference 2015, October 27, 2015.
  • Speaker, “Managing a Breach: Lessons Learned in the Employment Context”, Canadian Bar Association, Alberta Branch, October 21, 2015.
  • Speaker, “Privacy for Not-for-Profit Organizations”, PIPA Connections Conference 2014, November 13, 2014.
  • Speaker, “Privacy Law Update”, Canadian Bar Association, Alberta Branch, October 9, 2014.
  • Speaker, “Anti-Spam Update – Part II: Preparing for CASL Compliance”, April 28, 2014.
  • Speaker, “Anti-Spam Update – Part I: Preparing for CASL Compliance”, March 24, 2014.
  • Speaker, “Technology and Privacy Panel,” Alberta Mortgage Brokers Conference 2013, September 12, 2013.
  • Speaker, “Cookies and CASL: New Privacy Challenges for e-Marketing,” PIPA Conference, November 2, 2012.
  • Speaker, “Canada’s New Anti-Spam Law,” 2012 Access and Privacy Conference, June 14, 2012.
  • Speaker, “Health Privacy Enterprise Risk Management,” Western Canada Health Information Privacy Symposium (WCHIPS), April 30, 2012.
  • Speaker, “Anti-Spam Legislation,” Canadian Bar Association, Alberta Branch, Calgary, November 28, 2011.
  • Speaker, "Canada's Anti-Spam Law: A Practical Approach to e-Marketing,” PIPA Conference 2011, October 14, 2011.
  • Co-author, "Draft anti-spam regulations pose challenges,” The Lawyers Weekly, Vol. 31, No. 20, September 30, 2011.
  • Co-author, "Privacy Commissioner Calls for Enhanced Enforcement Powers,” The Lawyers Weekly, Vol. 3, No. 5, June 3, 2011.
  • Co-author, “PIPEDA Case Law Update: Federal Court Issues a Landmark Decision on Damages; Ontario Court of Appeal Deals with the Issue of Disclosure of Mortgage Information to a Third Party Creditor,” Eye on Privacy, OBA Privacy Law Section Newsletter, Vol. 11, No. 1, February, 2011.
  • Guest lecturer, “Privacy and Information Security,” Columbia University, April 26, 2010.
  • Guest lecturer, “Privacy and Information Security,” Columbia University, December 7, 2009.
  • Guest lecturer, “Into the Breach: A Legal Perspective on Data Security Incident Response,” John Jay College of Criminal Justice Center for Cybercrime Studies and Center for Business Preparedness, November 23, 2009.
  • Speaker, “Federal Breach Notification,” IAPP Privacy Academy, September 8, 2009.
  • Speaker, “Data Breach: Where Are We? Where Are We Going?” Annual ACM Northeast Digital Forensics Exchange, July 21, 2009.
  • Co-author, “Nevada updates encryption law and mandates PCI DSS compliance,” Lexology/ACC Newsstand, June 17, 2009.
  • Co-author, “The Boucher Bill: Shaping the Privacy Landscape in the U.S.,” Data Protection Law and Policy, Vol. 7:6. June 17, 2009.
  • Contributing author, “European Union Data Protection,” in Data Security and Privacy Law: Combating Cyberthreats. Cronin/Weikers (2008).