The Canadian government reiterated last week that we’re collectively moving forward with the revamp of the country’s federal privacy legislation, including an offshoot meant to curb (better control, some would say) rampant and unrestricted adoption of artificial intelligence (“AI”) throughout. At the same time, the bill at issue (named C-27) moved to the second reading stage, bringing us one step closer to a formal adoption of this piece of legislation.

Bill C-27 will reinforce personal information protection throughout Canada but updating a law that is now more than 20 years old and, many would say, quite outdated. The new version of the personal information protection statute at issue will include provisions meant to generally empower individuals in a way that allows them to exercise control over their data, something the current version of the legislation has largely failed to do. Though it’s not quite GDPR, many see this new version of the Canadian privacy legislation as a much needed shot in the arm for our federal privacy regime.

At the same time, this project will likely also include Canada adopting a whole new statute meant to better control the use of AI (e.,g. by businesses), including new rules to try and minimize scenarios where AI is implemented in a way that is incompatible with personal rights and freedoms as well as Canadian values.

The Canadian government clearly says it intends to move forward with all of these. Now, it’s mostly a question of going through the rest of the legislative process, but there’s little doubt that this thing will become law before long. Stay tuned.