Artem Kobrin

Professional Summary

Privacy specialist with 10 years of experience, including over 5 years as a privacy specialist in the banking sector. Holder of multiple privacy certifications, including FIP, AIGP, CIPT, CIPM, CIPP/C/US/E/A, CDPSE, and OneTrust Fellow of Privacy Technology . Successful freelancer with experience serving over 200 clients from 60 countries. Co-author of the book on GDPR compliance. Strong technical background.

Work Experience

Privacy Legislative Compliance Consultant (Contract)

CIBC • Toronto, Canada  |  May 2023 – April 2025

• Privacy law consultancy, including Quebec’s Law 25 / Bill 64, with focus on consent frameworks, tracking technologies, privacy by default settings, de-identification and anonymization standards, AI and automated decision-making requirements.
• Privacy notice and disclosures reviews, consent, cookies and preference center configuration.
• Contributions to anonymization and de-identification frameworks, compliance checklists, and privacy design and default documentation, policy language development.
• Customization of privacy software tools for PIA / DPIA automation and data inventory.
• Internal guidance on deceptive design avoidance, privacy by design practices, and configuration of default privacy settings.
• Privacy impact assessments, transfer impact assessments and cross-jurisdictional analysis of privacy laws in North America (PIPEDA, CCPA / CPRA, other US state privacy laws) and the EU.

Senior Data Protection Specialist

PrivatBank • Kyiv, Ukraine  |  Jul 2020 – May 2023

• Data protection and GDPR compliance at the largest bank in Ukraine (~20 million clients).
• Establishment and maintenance of data protection and privacy program (e.g., consent management, privacy notices, register of processing (ROPA), legal bases assessments and LIAs, training and awareness campaigns, SARs, and data breach response mechanisms).
• Identification and mitigation of privacy risks and gaps, DPIA/PIA.
• Preparation and review of data protection agreements (C2C, C2P, controllership, SCC data processing agreements) and transfer impact assessments (TIA).
• Implementation of privacy by design, data protection, privacy controls, privacy metrics into policies, procedures, processes, and IT systems.

Cofounder

NGO “Privacy Hub” • Kyiv, Ukraine  |  Sep 2019 – May 2023

• Writing content on social media channel and articles on privacy and data protection for Ukrainian and international media outlets (for example, one of the last publications for the IAPP ).
• Planning and coordination of privacy and data protection events.
• Together with the Ministry of Digital Transformation and United Nations Development Programme (UNDP) co-created an educational mini-series on the protection of personal data and a data protection self-assessment tool for businesses to assess compliance with Ukrainian privacy law and the GDPR.

Upwork Freelancer (portfolio with +200 clients) and Legal Advisor

LegalPilot, TestPilot, FilmPilot • Estonia  |  Nov 2015 – May 2023

Education

Master of Arts in Law (Information Technology Law) 2015 – 2016 • University of Tartu • Tartu, Estonia

Exchange Student 2015 • The University of Oslo • Oslo, Norway

Master of Laws 2013 – 2015 • TSNUK and Mykolas Romeris University • Kyiv, Ukraine; Vilnius, Lithuania

Bachelor of Laws 2009 – 2013 • Taras Shevchenko National University of Kyiv (TSNUK) • Kyiv, Ukraine

Skills

• Language Proficiency: advanced proficiency in English; fluent in Ukrainian and Russian.
• Technical Skills: basic knowledge of information security, Python and R, and experience with creating Joomla and WordPress websites (HTML, CSS, SQL).

Privacy and AI Certifications

• International Association of Privacy Professionals (IAPP): Fellow of Information Privacy (FIP); Artificial Intelligence Governance Professional (AIGP); Certified Information Privacy Technologist (CIPT); Certified Information Privacy Manager (CIPM); and Certified Information Privacy Professional for Canada, US, Europe, and Asia (CIPP/(C/US/E/A).
• ISACA: Certified Data Privacy Solutions Engineer (CDPSE); in preparation for the Certified in Risk and Information Systems Control (CRISC).
• OneTrust: Fellow of Privacy Technology .
• Alberta Machine Intelligence Institute (Amii): Machine Learning Foundations 1 and 2.
• Center for AI and Digital Policy (CAIDP): completed AI Policy Clinic , Advanced Clinic , and Policy Group Clinic ; intensive courses covering AI History, Regulation, and Frameworks, including the CoE AI Treaty, OECD Principles, UNESCO Ethics, and the EU AI Act, and contributed to policy work.

Other Positions

• Chapter Chair at OneTrust PrivacyConnect.
• Expert Committee on the Development of Artificial Intelligence in Ukraine under the Ministry of Digital Transformation of Ukraine:
  • Assistance and consultancy on governmental AI White Paper, AI vocabulary, Voluntary code of conduct on AI, recommendations for lawyers, higher education institutions, and IT developers.
• EU AI Act Team Lead at the Center for AI and Digital Policy:
  • Lead the team in drafting responses to European Commission and other regulators’ consultations on the AI Act, including the Code of Practice, Prohibited Practices, and High-Risk AI systems to promote responsible AI.

Presentations and Publications

• Contributor to the Glossary of AI Terms in Ukraine ; Recommendations for responsible development of AI systems and responsible use of AI in Higher Education Institutions (in Ukrainian).
• Co-authorship of the book “GDPR Survival Guide” (in Ukrainian).
• Improving Privacy Compliance through AI: ChatGPT as a Case Study for Meeting Privacy Requirements .