Support Centre

Canada

Insights

On September 27, 2023, Innovation, Science and Economic Development Canada (ISED) published a Voluntary Code of Conduct on the Responsible Development and Management of Advanced Generative AI Systems (the Code). In this Insight article, Christopher Ferguson and Anagha Nandakumaran, from Fasken, discuss the different measures of the Code and what this would mean for organizations. 

Artificial intelligence (AI) is transforming the way we work, learn, and communicate. The rapid development and adoption of new AI-based technologies have prompted regulators around the world to create policies and regulations governing its use, in an effort to ensure that AI is used in a responsible and ethical manner. Canada and the EU are among the many jurisdictions that have recently recognized the need for AI-specific regulation.

In April 2021, the European Commission published its proposed Artificial Intelligence Act (AI Act) as a framework for a coordinated European approach to addressing the challenges and concerns raised by the increasing use of AI. The following year, in June 2022, the Canadian government introduced Bill C-27 for the Digital Charter Implementation Act 2022 (Bill C-27), which aims to update existing federal private-sector privacy laws. In addition to privacy law reform, Bill C-27 also includes the Artificial Intelligence and Data Act (AIDA), Canada's first attempt to regulate AI through standalone legislation.

Both AIDA and the AI Act seek to encourage the responsible development and use of AI systems through a single regulatory framework. In this Insight article, Heather Whiteside, from Fasken, examines the similarities and differences between these legislative proposals, as currently drafted, in Canada and the EU.

In this Insight article, Sarah Nasrullah, from Norton Rose Fulbright LLP, delves into Canada's AI regulatory landscape, examining key aspects of the AI Act, enforcement mechanisms, penalties, and implications for organizations and individuals. It provides valuable insights into the evolving governance of AI technologies in the Canadian context.

In this report, OneTrust DataGuidance and Edwards, Kenny & Btay LLP provide a means of analyzing and comparing data protection requirements and recommendations under the General Data Protection Regulation (GDPR) and the Personal Information Protection and Electronic Documents Act (PIPEDA). 

The report, which was last updated in July 2023, examines and compares the scope, main definitions, legal bases, data controller and processor obligations, data subject rights, and enforcement capacities of PIPEDA with the GDPR. 

You can access the latest version of the report here.

In the field of cybersecurity and privacy regulations, Quebec has witnessed significant legislative changes in recent years. In this Insight article, Catherine Labasi-Sammartino and Anthony Hémond, from Borden Ladner Gervais LLP, provide valuable insights into these developments.

On 16 June 2022, the Government of Canada introduced in the House of Commons the Artificial Intelligence and Data Act ('AIDA') as part of Bill C-27, for An Act to enact the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act and the Artificial Intelligence and Data Act and to make consequential and related amendments to other Acts, also known as the Digital Charter Implementation Act 2022 ('DCIA 2022').

In this Insight article, OneTrust DataGuidance Research provides an overview of the AIDA, which is currently undergoing second reading in the House of Commons, and the wider perceptions of artificial intelligence ('AI') at a federal level in Canada. For an analysis of the DCIA 2022, you may read our Insight article Canada: Digital Charter Implementation Act 2022 - What you need to know.

Canada has an existing comprehensive federal private-sector privacy legislation, the Personal Information Protection and Electronic Documents Act 2000 ('PIPEDA'), which became law in 2000. Recently, changes to PIPEDA have been proposed via the draft language of Bill C-27 for the Digital Charter Implementation Act 20221 ('Bill C-27'). Kirsten Thompson, Partner at Dentons, takes a look into the proposed changes, and what impact Bill C-27 would have in areas such as penalties, artificial intelligence ('AI'), and data portability.

Both the Consumer Privacy Protection Act ('CPPA') and Québec's Act to modernize legislative provisions as regard the protection of personal information, 2021, Chapter 25 ('Law 25') aim to modernise privacy laws and introduce significant penalties and fines for non-compliance. Jasmine Samra and Antoine Guilmain, from Gowling WLG, focus on the accountability of organisations under both privacy regimes.

On 22 September 2022, various provisions of the Act to modernize legislative provisions as regard the protection of personal information, 2021, Chapter 25 ('Law 25') (formerly known as Bill 64) entered into force. Law 25's legal effect is staggered, with separate provisions entering into force in September 2022, September 2023, and September 2024. OneTrust DataGuidance provides an overview of the provisions which affect private bodies entering into force in September 2023 and September 2024

On 22 September 2022, various provisions of the Act to modernize legislative provisions as regard the protection of personal information, 2021, Chapter 25 ('Law 25') (formerly known as Bill 64) entered into force. Law 25's legal effect is staggered, with provisions entering into force in September 2022, September 2023, and September 2024. In part one of this series OneTrust DataGuidance provides an insight into the provisions of Law 25 which affect private bodies and entered into force on 22 September 2022. Part two will examine the provisions which will enter into effect in September 2023 and September 2024.

The COVID-19 pandemic has fundamentally altered how nearly every industry in the world operates. From temporary accommodations to more permanent changes, the paradigm shift of the pandemic has been palpable. The proliferation of work-from-home arrangements has enjoyed robust traction over the last two years. However, removing employees from their more supervised work environments and leaving them to work from the comfort of their own homes may understandably come with concerns about employee productivity and the use of work devices away from the workplace. Jennifer L. Hunter and Christopher Dias, from Lerners LLP, discuss the new legislation on electronic employee monitoring and how this may impact both employers and employees.

On 16 June 2022, Bill C-27 for An Act to enact the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act and the Artificial Intelligence and Data Act and to make consequential and related amendments to other Acts, also known as the Digital Charter Implementation Act 2022 ('DCIA 2022'), was introduced in the House of Commons, where it passed first reading. This comes after a similar bill, Bill C-11 for the Digital Charter Implementation Act, 2020, failed to pass in 2021. The DCIA 2022 is divided into three main parts, with the aim of enacting three new Acts, namely the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act, and the Artificial Intelligence and Data Act.

In this article, OneTrust DataGuidance Research provides an overview of each part of the DCIA 2022 and its main provisions, focusing on the key developments and considerations for businesses.

Feedback