Digital Privacy and Security program

A woman studying a see through computer screen.

In today's digital landscape, cybersecurity and data privacy protection are vital. Increasingly, the products and services we all rely on depend on data and information technology. The Digital Privacy and Security program aims to make Canada a more secure and data-enabled nation while protecting the privacy interests of Canadians. The program offers multidisciplinary and diverse technical expertise to address the challenges faced by industry and institutions in Canada.

Areas of focus

Cryptography, secure computing and privacy-enhancing technologies
  • privacy-preserving technologies
  • confidential computing
  • post-quantum safe solutions
  • quantum safe communication
  • enabling beneficial uses of sensitive data
  • addressing core cybersecurity (software/ OS, enterprise, mobile and network security)
  • anomaly and attack detection
  • cyber-physical system security
  • security compliance
  • human centric cybersecurity
  • challenges raised by AI and machine learning algorithms
  • rapid threat actor identification without interception
Responsible AI
  • AI transparency and explainability, including aspects of interpretability, fairness and non-discrimination
  • Digital Model Evaluation (DiME) and responsible AI (RAI) assessments for risks including accuracy, bias, and leakage of sensitive information

What we offer

The Digital Privacy and Security program provides R&D and collaborative expertise to help solution providers and corporate end-users develop, identify and respond to risks and opportunities in digital privacy and security.

We work with clients to provide a variety of services and advice, including:

  • designs for next-generation cybersecurity and privacy solutions
  • independent assessments of third-party products
  • research collaborations to position Canadian businesses as leaders in IT security
  • development and assessment expertise to address complex challenges in responsible AI, including issues such as bias and accuracy

Why work with us

The NRC brings together extensive expertise not only in the IT-related domains of digital privacy, cybersecurity and responsible AI but also in the application domain industries in which these technologies are deployed. Our position as a non-regulatory government organization allows us to provide independent expert advice with an awareness not only of specific digital privacy and cybersecurity challenges but also the environment in which the technologies will ultimately need to function.

Benefits of working with us

  • dedicated R&D expertise to help develop solutions
  • special interest groups for sticky problems
  • linkages and public-private collaborations on questions of regulatory interest
  • integrated teams addressing complex multi-disciplinary challenges

Collaborate with us

We are interested in collaborating across a range of industries and technical readiness levels to offer digital privacy and security expertise. If you're interested in working with the NRC, send us an email expressing your interest at

Our technical expertise

NRC researchers have a strong track record and expertise in cybersecurity, responsible AI, cryptography, secure computing as well as privacy enhancing technologies at both the foundational and applied levels. They have participated in standardization efforts ( e.g. NIST and IETF), regularly publish and present their work in flagship forums ( e.g. ACM, ACNS and IEEE) and contribute to the open source software community. Current projects include developing quantum-secure vehicle-to-vehicle communications, privacy-respecting biometric authentication, system anomaly and attack detection and AI-powered cybersecurity monitoring, analysis and remediation systems.

  • design, implementation and cryptanalysis of cryptographic primitives, algorithms and protocols
  • public key, quantum and post-quantum cryptography
  • applications in secure and privacy-preserving systems and technologies, including quantum-secure communication and machine learning
Machine learning-based cybersecurity
  • intelligent and explainable intrusion detection systems
  • secure machine learning system development
  • secure software engineering for machine learning-enabled systems
  • malicious behaviour and anomaly detection
Core cybersecurity
  • human factors in cybersecurity
  • malware analysis
  • embedded systems security
  • malicious behaviour detection in cloud-based activity
  • usable cybersecurity (passwords, authentication)
Secure and privacy-preserving computing and technologies
  • homomorphic encryption and secure multiparty computation
  • biometric authentication
  • secure and privacy-preserving machine learning, data analysis, cloud computing and machine un-learning
  • security and privacy for emerging unconventional computing paradigms (fog computing, software-defined networking, 5G and 6G networks, quantum security)
Emerging challenges
  • malicious behaviour detection in cloud-based activity
  • effective public education of security concerns
  • use of social media and social engineering to facilitate attacks
Applications and services
  • applied AI in cybersecurity
  • security orchestration, automation and response
  • security testing, validation and measurements
  • cyberphysical system security
  • responsible AI considerations for detection of abusive online content
  • responsible AI considerations for reducing race and gender bias in AI-enabled text analysis
  • bias and accuracy assessment for AI models
  • AI model security and data leakage assessment

Featured projects

Securing vehicle-to-anything communication

Develop solutions to characterize and eliminate security gaps in future vehicular networks, with a special focus on privacy and quantum security to ensure reliability and performance for constrained communication networks.

Secure authentication systems using biometrics

Develop secure, efficient and privacy-aware authentication systems to strengthen cybersecurity in the aviation industry, including flight management systems, cabin crew devices and aircraft communications.

Host-based malicious behaviour detection

Deliver software for anomaly and attack detection and analysis in threat investigation, to improve the identification and prioritization of suspicious activity, increase detection rates and reduce false positives.

Automated generation of actionable intrusion reports

Develop an AI-powered decision support system for cyber threat analysis, capable of: monitoring the execution of complex distributed systems; identifying anomalous behaviours; diagnosing cause and effects; and providing intelligible threat reports and remediation strategies.

Robust machine learning and risk management

Generate an empirical framework to fill the gap between theoretical research and practical utilities in robust machine learning system development and security assurance, to meet the demands of trustworthy machine learning systems in areas such as smart airports and autonomous driving.

Contact us

Margaret McKay
Program Leader, Digital Privacy and Security Program

Marie-Frédérique Biron
Business Development Officer
Telephone: 514-209-0160

Target industries

The NRC's Digital Privacy and Security program works with partners in highly regulated industries and in fields that rely on secure systems to improve the lives of Canadians, for example:

  • finance
  • aviation
  • telecommunications
  • transportation
  • smart infrastructure
  • health and medicine

Related links