Earlier this week, I appeared before the Standing Senate Committee on Transport and Communications as part of its study on AI regulation. This follows earlier appearances before the House of Commons Heritage and Industry committees on the same issue. The hearing led to robust exchanges with multiple Senators on the intersection of AI policy with issues such as privacy, copyright, online harms, and sovereignty. I plan to post clips from the hearing in a future Law Bytes podcast, but in the meantime, my opening statement provides a good sense of my views on AI regulation with respect to privacy, copyright, and the need for an AI Transparency Act. A video of the opening statement is embedded below, followed by the text.
Post Tagged with: "privacy"
Lawful Access Heads to Committee: The Opposition Found Its Voice, the Government Never Found Its Defence
After several days of debate in which the opposition to lawful access seemed half-hearted at best, the Conservatives woke up on Monday. MP after MP rose to argue, correctly, that Bill C-22 represents an unprecedented surveillance threat: mandated metadata retention (including location information) for up to a year, security vulnerabilities built into the interception architecture the bill requires, and a weakened legal standard for access to subscriber information. After days of debate with the government visibly struggling to defend its own legislation, this is precisely what the opposition should be targeting (coverage from day one, day two, day three).
Is Data De-Identification Dead?: Why the AI Privacy Risk Isn’t What It Learns, But What It Figures Out
In 1997, an MIT graduate student named Latanya Sweeney stunned the privacy world by matching publicly available voter rolls with hospital records stripped of names and addresses to identify the supposedly anonymous medical history of the then-governor of Massachusetts. Three years later, she expanded on that finding by demonstrating that 87 per cent of the U.S. population could be uniquely identified using just three data points: ZIP code, date of birth and gender.
My Globe and Mail op-ed notes that Ms. Sweeney’s work shaped privacy frameworks worldwide, which responded with de-identification standards designed to manage the risk by removing obvious identifiers, applying statistical tests and treating the resulting data as safe to use. Indeed, a core tenet of modern privacy regulation rests on the premise that de-identified data can be used, disclosed and commercialized without compromising individual privacy.
More Surveillance Demands to Come?: Government Admits Bill C-22’s Lawful Access Provisions Could Be Expanded
Debate on Bill C-22, the Lawful Access Act, continued this week with Public Safety Minister Gary Anandasangaree and Secretary of State for Combatting Crime Ruby Sahota leading the government’s case on Wednesday. I posted earlier on the first day of debate, which was notable for what the government chose not to say, as Justice Minister Fraser devoted just a single paragraph to the bill’s expansive metadata retention provisions and offered only process answers to questions about systemic vulnerability risks. The government continues to do its best to ignore the metadata issue, but the most alarming outcome of the debate was the admission that the current bill may only be the starting point, with support for an even broader scope in follow-up regulations or legislation.
The Lawful Access Debate Begins: Canadians Should Pay Attention to What the Government Isn’t Saying
When the government introduced Bill C-2 last year, it buried the lawful access provisions at the end of an omnibus border security bill and said as little about it as possible. The strategy failed, the provisions were abandoned after widespread criticism, and the government spent months consulting stakeholders before trying again. Bill C-22, the Lawful Access Act, is the follow-up attempt. If the first day of House debate on the bill is any indication, the approach hasn’t changed, as the government is once again hoping no one notices what is actually in the bill.
Recent Posts
AI Without Canada: Why the Heritage Committee’s AI Report Could Lead to Less Canadian Content in the Training Data 
Addressing the AI Policy Challenge: My Appearance before the Standing Senate Committee on Transport and Communications 
Lawful Access Heads to Committee: The Opposition Found Its Voice, the Government Never Found Its Defence 
Is Data De-Identification Dead?: Why the AI Privacy Risk Isn’t What It Learns, But What It Figures Out 
The Law Bytes Podcast, Episode 265: Jason Millar on Claude Mythos, Project Glasswing, and the Governance Crisis in Frontier AI
