My Globe and Mail op-ed begins by noting that the Trump administration’s emphasis on tariffs continues to garner headlines, but a more consequential trade battle over data control is playing out with far less public attention. Last week, the U.S. released its annual report on trade barriers and for the first time, Canada was listed alongside dozens of other countries for seeking greater control over its own data. The message is clear: When countries enact laws that restrict where data is stored and who can access that information, the U.S. treats them as a trade threat.
Latest Posts
Still Not a Privacy Law: Bill C-25’s Political Party Privacy Provisions Fall Short Again
The government’s treatment of political party privacy has been one of the most dispiriting digital policy stories in recent memory. Last year, it buried political party privacy provisions in Bill C-4, an “affordability measures” bill, that required far less of political parties than of virtually any other type of organization in Canada. The rules were designed primarily to shut down litigation in British Columbia that opened the door to applying the provincial privacy law to federal political parties. Bill C-4 ensured that provincial law would not apply and, for good measure, added a clause making the new rule retroactive to the year 2000. The Senate found the bill so outrageous that it sent it back to the House with a sunset clause that would give the government three years to develop something better. But the government rejected that too and rushed the bill to royal assent in a matter of hours with virtually no debate.
Two weeks later, the government introduced Bill C-25, an Elections Act reform bill that includes updated privacy provisions for political parties and which dropped just before Parliament took a holiday break.
Could Bill C-22 Make Canadians Less Safe? The Systemic Vulnerability Gap in Canada’s New Surveillance Law
The lawful access debate in Canada has to date focused on privacy concerns such as access to subscriber information, mandatory metadata retention, and international production orders. But there is another dimension to Bill C-22 that has received less attention and may matter even more to the daily security of Canadians: the risk that the bill’s surveillance-capability requirements and lack of clarity about systemic vulnerabilities will make Canadians less secure. The international experience with similar laws is not reassuring, as it points to risks of hacking, removal of security features that protect users, and reduced investment and innovation. Bill C-22 heads in much the same direction.
Why the Verdict on Social Media Defective Design Harming Children Gets the Instinct Right But the Law Wrong
A California jury’s decision last week to hold Meta and YouTube liable for harms to a young woman’s mental health has been greeted as a watershed moment. Child safety advocates have called it Big Tech’s “Big Tobacco moment.” Parents who lost children to what they attribute to social media addiction embraced outside the courthouse. Commentators who have long argued that social media companies bear responsibility for the damage their services inflict on young users see the verdict as vindication.
My Globe and Mail op-ed notes that the instinct behind the decision is understandable. The evidence at trial was damning, as internal Meta documents showed the company knew Instagram was harming adolescents but continued targeting them anyway. But the legal theory the jury endorsed – that social media platforms are defectively designed products – is the wrong tool for a real problem, and building on it risks undermining the very accountability the strategy seeks to deliver.
Scoping in the Tech Giants: Bill C-22’s International Production Order and the Shift to a Less Privacy-Protective Cross-Border Disclosure System
While much of the focus on lawful access and subscriber information has centred on the reduced standards for obtaining an order for such information from Canadian telecom and Internet providers, there is another new production order deserving of attention (see earlier posts on domestic subscriber information standards and mandatory metadata retention). Bill C-22 introduces a new mechanism for Canadian courts to authorize police to request subscriber information and transmission data held outside the country directly from foreign platforms such as Google, Meta, and other services that provide communications services to the public. The provision is presented as a tool to modernize cross-border investigations, but in practice, it is likely to reduce privacy safeguards.
Recent Posts
Heads They Win, Tails We Lose: What Lies Behind the U.S. Trade Battle For Control over Data 
Still Not a Privacy Law: Bill C-25’s Political Party Privacy Provisions Fall Short Again 
Could Bill C-22 Make Canadians Less Safe? The Systemic Vulnerability Gap in Canada’s New Surveillance Law 
Why the Verdict on Social Media Defective Design Harming Children Gets the Instinct Right But the Law Wrong 
Scoping in the Tech Giants: Bill C-22’s International Production Order and the Shift to a Less Privacy-Protective Cross-Border Disclosure System
