“There is a lot of privacy law reform on the horizon,” says Schwartz Reisman Research Lead Lisa Austin, a professor of law specializing in the relationship between law and technology, including privacy legislation.

“A host of initiatives—in Canada and worldwide—are aiming to address challenges posed by the digital economy and new technologies like AI in an increasingly digital and data-rich world.”

Europe’s General Data Protection Regulation (GDPR) and California’s Consumer Privacy Act (CCPA) were both enacted in 2018, and the Ontario government launched a consultation on privacy law reform in August 2020, the same month that Brazil’s General Data Protection Law (LGPD) went into effect.

Many other instances of privacy law reform are cropping up around the globe, as data and new technologies become increasingly powerful, autonomous, and ubiquitous.

Here in Canada, the federal government introduced the proposed Digital Charter Implementation Act (also known as Bill C-11) in November 2020. It’s intended to strengthen privacy protections for Canadians by ensuring that citizens’ data is safe and privacy is respected, all while facilitating responsible use of data for public good and supporting innovation that bolsters the economy.

C-11 aims to update Canadian private sector privacy law by strengthening control over and transparency in personal information held by businesses. It also proposes new and rigorous sanctions for non-compliance, including the strongest privacy law fines among G7 nations. But it’s important to note that Bill C-11 is not yet law. It must still go through the legislative process before it’s enacted.

The House of Commons’ ETHI committee (the Standing Committee on Access to Information, Privacy and Ethics) is scheduled to start reviewing Bill C-11 at the end of January, and will call experts to testify on potential improvement and amendments.

 ➦ Read the Government of Canada’s C-11 press release and bill summary.

So what are the details of the proposed new legislation and others like it around the world? And what are the implications for citizens, technologists, businesses, and public policy?

Austin is launching a privacy discussion group with colleagues from a variety of academic disciplines—from computer scientists discussing “de-identification” of data to public policy experts commenting on granting access to data when it relates to health, social services, environmental protection, and other areas of public good.

We’ll be presenting a series of blog posts here on the Schwartz Reisman website in the coming months, each of which explore a particular aspect of privacy law reform, whether in Bill C-11 or elsewhere. For example:

• How do definitions of “personal information” and “de-identified data” map onto technical understandings and best practices in computer science and engineering?

• How should we regulate de-identified information?

• Organizations collecting people’s data are often required to provide explanations for why their algorithms made particular decisions, predictions, or recommendations with that data. How will this kind of algorithmic transparency be ensured?

Stay tuned for blog posts from a variety of perspectives on Bill C-11 and other privacy law reform initiatives around the world.

The series kicks off tomorrow with Austin’s post on “Who decides? Consent, meaningful choices, and accountability.”

Editor’s note: Bill C-11 failed to pass when Canada’s federal parliament was dissolved in August 2021 to hold a federal election. In June 2022, many elements of C-11 were retabled in Bill C-27. Read our coverage of C-27.

Browse stories by tag:

Related Posts