The only thing I would say to that is first of all, it has turned out, as the European Union discovered when it enforced these GDPR data privacy rules, that by passing them in one place, you do force the social media companies to act in other places. The GDPR rules in Europe have had a cascading effect around the world. It's not totally useless to do it even as a single country, but of course it would be much more powerful and much more effective to do it as several countries.
One of the things I'd love Canada to think about is whether North America and Europe, as the pillars of the western NATO alliance, should be thinking about adding a kind of disinformation or information security aspect to the alliance, maybe not within NATO, maybe alongside NATO. There's really a common interest in trying to figure out how to protect democracy in these circumstances.
On the one hand, it's not useless to do it by yourself; it can have an impact. On the other hand, adding this and expanding the concept of security to include this, I think, would protect all of our democracies.