My Globe and Mail op-ed last week argued that the U.S. is pursuing a two-pronged strategy on cross-border data: the CLOUD Act to assert legal access wherever data sits, and trade policy to pressure countries that try to move their data beyond that reach. This post provides the underlying data that the op-ed could not fit with a fuller picture of what the 2026 U.S. National Trade Estimate Report on Foreign Trade Barriers (NTE) actually says about cloud computing and data sovereignty across the globe.
Latest Posts
The Law Bytes Podcast, Episode 264: Jon Penney on Chilling Effects in the Digital Age
“Chilling effects” is a term people hear all the time: in court rulings, in debates over content moderation, in dealing with online harms, or in news coverage of surveillance and legal reforms. The focus is typically on how legal rules may make speaking out more challenging, risky, or even dangerous. But what if our understanding of chilling effects actually understates the issue?
Jon Penney is a law professor at Osgoode Hall Law School in Toronto and the author of a new book from Cambridge University Press titled Chilling Effects: Repression, Conformity, and Power in the Digital Age. The book forces us to rethink chilling effects with significant implications for a wide range of digital public policies. Jon joins the Law Bytes podcast to discuss the book and what his findings mean for future legal and regulatory reforms.
Heads They Win, Tails We Lose: What Lies Behind the U.S. Trade Battle For Control over Data
My Globe and Mail op-ed begins by noting that the Trump administration’s emphasis on tariffs continues to garner headlines, but a more consequential trade battle over data control is playing out with far less public attention. Last week, the U.S. released its annual report on trade barriers and for the first time, Canada was listed alongside dozens of other countries for seeking greater control over its own data. The message is clear: When countries enact laws that restrict where data is stored and who can access that information, the U.S. treats them as a trade threat.
Still Not a Privacy Law: Bill C-25’s Political Party Privacy Provisions Fall Short Again
The government’s treatment of political party privacy has been one of the most dispiriting digital policy stories in recent memory. Last year, it buried political party privacy provisions in Bill C-4, an “affordability measures” bill, that required far less of political parties than of virtually any other type of organization in Canada. The rules were designed primarily to shut down litigation in British Columbia that opened the door to applying the provincial privacy law to federal political parties. Bill C-4 ensured that provincial law would not apply and, for good measure, added a clause making the new rule retroactive to the year 2000. The Senate found the bill so outrageous that it sent it back to the House with a sunset clause that would give the government three years to develop something better. But the government rejected that too and rushed the bill to royal assent in a matter of hours with virtually no debate.
Two weeks later, the government introduced Bill C-25, an Elections Act reform bill that includes updated privacy provisions for political parties and which dropped just before Parliament took a holiday break.
Could Bill C-22 Make Canadians Less Safe? The Systemic Vulnerability Gap in Canada’s New Surveillance Law
The lawful access debate in Canada has to date focused on privacy concerns such as access to subscriber information, mandatory metadata retention, and international production orders. But there is another dimension to Bill C-22 that has received less attention and may matter even more to the daily security of Canadians: the risk that the bill’s surveillance-capability requirements and lack of clarity about systemic vulnerabilities will make Canadians less secure. The international experience with similar laws is not reassuring, as it points to risks of hacking, removal of security features that protect users, and reduced investment and innovation. Bill C-22 heads in much the same direction.
Recent Posts
The Global Battle for Data Control: How the 2026 U.S. Report on Trade Barriers Targets Data Sovereignty Worldwide 
The Law Bytes Podcast, Episode 264: Jon Penney on Chilling Effects in the Digital Age 
Heads They Win, Tails We Lose: What Lies Behind the U.S. Trade Battle For Control over Data 
Still Not a Privacy Law: Bill C-25’s Political Party Privacy Provisions Fall Short Again 
Could Bill C-22 Make Canadians Less Safe? The Systemic Vulnerability Gap in Canada’s New Surveillance Law
