The federal government has introduced Bill C-27, or the Digital Charter Implementation Act, which is meant to build “a foundation of trust” in our digital world. The centerpieces of Bill C-27 include new legislation meant to strengthen privacy protection and create new rules for responsible AI. Unfortunately, this strategy for public trust has left out Indigenous voices. What has been absent is serious consultation with Indigenous communities and any attention at all to whether Bill C-27 is consistent with the federal government’s obligation to implement the United Nations Declaration on the Rights of Indigenous Peoples (UNDRIP). Trust in our digital world, as in our analog world, must address the urgent goals of reconciliation.

Both within Canada and globally, the movement towards Indigenous Data Sovereignty calls for data laws that recognize Indigenous authority over Indigenous data and data governance according to Indigenous worldviews. Indigenous data is a broad category that encompasses data about individuals, communities, intellectual property, and data about lands and resources. Because of its breadth, Indigenous data is currently regulated under a myriad of laws, including Canada’s privacy statutes. However, this landscape of Canadian data laws ignores the principles of Indigenous self-determination and self-government.

Indigenous governments require access to data needed to govern. Privacy statutes provide pathways to such access, whether by enabling data flows from the private sector to government institutions or by enabling data flows between different types and levels of government institutions. But the new proposed privacy legislation—like the existing Personal Information Protection and Electronic Documents Act (PIPEDA)—treats some forms Indigenous government the same way it treats banks and telecoms. Indigenous governments should not be regulated as if they were part of the federally regulated private sector. Nor should they necessarily be made subject to the public sector legislation. For one thing, public sector legislation also required an overhaul for consistency with UNDRIP. But more importantly, we need to create legislative pathways to recognize Indigenous data laws.

“Indigenous data should be governed according to Indigenous laws and values. Although this will take time to implement, there is no excuse for ignoring potential short-term steps to improve non-Indigenous laws.”

Indigenous data should be governed according to Indigenous laws and values. Although this will take time to implement, there is no excuse for ignoring potential short-term steps to improve non-Indigenous laws. For example, there are a number of provisions in the new proposed privacy law that permit the disclosure of personal information for research purposes. Such provisions already exist in our current laws. However, there are no guardrails to require that where this is the information of Indigenous persons that the research adhere to OCAPⓇ principles (Ownership, Control, Access and Possession)—a set of principles developed by the First Nations Information Governance Centre and already operationalized in research across the country.

Other provisions of the new proposed privacy law permit the disclosure of “de-identified information” without knowledge or consent for “socially beneficial purposes.” However, again, there is no requirement that where this information pertains to Indigenous communities that there be authorization from those communities. There are better models to follow—including BC’s new Anti-Racism Data Act, which has a number of provisions requiring consultation and collaboration with Indigenous peoples.

There are many other provisions that should be re-examined through an Indigenous Data Sovereignty lens.

In its original consultations regarding the Digital Charter, the federal government indicated that it heard from Indigenous Peoples and received the message that the goal of Indigenous Data Sovereignty needed to be respected, including frameworks like the OCAPⓇ principles, and that digital and data transformation must be assessed through the lens of Canada’s obligations to implement UNDRIP. Unfortunately, none of this translated into Bill C-27’s implementation of the Digital Charter. This is unacceptable.

Indigenous Data Sovereignty requires a fundamental rethink of many of Canada’s data laws, not just those laws proposed in Bill C-27. But the need for a comprehensive future plan should not be an excuse for the lack of a current plan of any kind. The path towards reconciliation includes our digital world and it needs to start now.

Want to learn more?

• Read our summary of five key things Canadians need to know about the implications of Bill C-27.

• Read commentary by Lisa Austin, Aleksandar Nikolov, Nicolas Papernot, and David Lie on why the CPPA’s reliance on deidentified data techniques falls short in ensuring best practices for data privacy.

• Read commentary by Michael J.S. Beauvais and SRI Faculty Affiliate Leslie Regan Shade on how Bill C-27 will impact youth privacy.

• Read commentary by Matthew Marinett about how Bill C-27 will affect the governance of online platforms.

• Read commentary from Jamie Duncan and Wendy H. Wong on why Canadians need data and privacy legislation that protects us not just from individual dangers, but collective harms as well.

• Read an article from U of T News on John Borrows’ appointment as Loveland Chair in Indigenous Law at U of T's Faculty of Law.

About the authors

John Borrows is the Loveland Chair in Indigenous Law at the University of Toronto Law School. His publications include, Recovering Canada: The Resurgence of Indigenous Law (Donald Smiley Award best book in Canadian Political Science, 2002), Canada's Indigenous Constitution (Canadian Law and Society Best Book Award 2011), Drawing Out Law: A Spirit's Guide (2010), Freedom and Indigenous Constitutionalism (Donald Smiley Award best book in Canadian Political Science, 2016), The Right Relationship (with Michael Coyle, ed.), Resurgence and Reconciliation (with Michael Asch, Jim Tully, eds.), Law’s Indigenous Ethics (2020 Best subsequent Book Award from Native American and Indigenous Studies Association, 2020 W. Wes Pue Best book award from the Canadian Law and Society Association). He is the 2017 Killam Prize winner in Social Sciences and the 2019 Molson Prize Winner from the Canada Council for the Arts, the 2020 Governor General’s Innovation Award, and the 2021 Canadian Bar Association President’s Award winner. He was appointed as an Officer of the Order of Canada in 2020. Borrows is a member of the Chippewa of the Nawash First Nation in Ontario, Canada.

Lisa Austin is the Chair of Law and Technology and a professor in the University of Toronto’s Faculty of Law. Austin is an associate director at the Schwartz Reisman Institute for Technology and Society, and was previously a co-founder of the IT3 Lab at the University of Toronto, which engaged in interdisciplinary research on privacy and transparency. Austin's research and teaching interests include privacy law, property law, and legal theory. She is published in such journals as Legal Theory, Law and Philosophy, Theoretical Inquiries in Law, Canadian Journal of Law and Jurisprudence, and Canadian Journal of Law and Society. She is co-editor of Private Law and the Rule of Law (Oxford University Press, 2015), in which distinguished Canadian and international scholars take on the general understanding that the rule of law is essentially only a doctrine of public law and consider whether it speaks to the nature of law more generally and thus also engages private law. Austin's privacy work has been cited numerous times by Canadian courts, including the Supreme Court of Canada. She is also active in a number of public policy debates in Canada. In 2017, Austin received a President’s Impact Award from the University of Toronto.

Browse stories by tag:

Related Posts