Industry Committee on Nov. 9th, 2023

Thank you very much.

Good afternoon, and thank you for the invitation to share my thoughts on Bill C-27 with the committee.

I am a partner at Davies Ward Phillips & Vineberg LLP, practising as a lawyer in the firm’s technology group. I am appearing today in a personal capacity, presenting my own views.

Recent years have seen significant technological developments related to machine learning. In part, these have come to pass because of another relatively recent development, namely, the vast amount of information, including personal information, that is now generated by our activities and circulates in our economy and our society. Together, these developments hold great promise for future innovation, but they also carry significant risks, such as risks to privacy, risks of bias or discrimination and risks relating to other harms.

I am, therefore, encouraged that a bill has been introduced that seeks to address these risks while supporting innovation. I will begin by making some remarks on the proposed consumer privacy protection act, CPPA, and by suggesting changes to certain provisions of the bill that could better support innovation involving machine learning while introducing important guardrails. I will then share some observations in relation to the proposed artificial intelligence and data act, AIDA.

In my view, there could be improvements made to the CPPA consent exception framework that would facilitate personal information exchange among, and collection by, private sector actors that wish to undertake socially beneficial projects, study or research. In particular, proposed sections 35, 39 and, in part, 51 could be combined and generalized so as to permit private sector actors to disclose and exchange personal information or to collect information from the public Internet for those purposes, study or research, provided that certain conditions are fulfilled.

Those could include conducting a privacy impact assessment, entering into an agreement containing relevant contractual assurances where applicable, and providing notice to the commissioner prior to the disclosure or collection. Noting that de-identified data is sufficient for the training of machine learning models in many cases and noting that de-identification is a requirement in proposed section 39, as currently drafted, but not in proposed section 35, I would note only that whether the information should be de-identified in a given case should be a factor in the proposed privacy impact assessment.

Suitably crafted, these changes could provide material but appropriately circumscribed support for section 21 of the proposed CPPA, which permits the use of personal information that has been de-identified for internal research and analysis purposes, and for proposed subsection 18(3), which permits use of personal information in its native form for legitimate interests, provided that an assessment has been undertaken.

With respect to the AIDA, I begin with the definition of the term “artificial intelligence system”. This definition is of fundamental importance, given that the entire scope of the act depends upon it. The current definition risks being overbroad. The minister’s letter proposes to provide better interoperability by introducing a definition that seeks to align with a definition used by the OECD, but the text provided differs from the OECD formulation and introduces the word “inference” in a suboptimal way. We also do not have the final wording.

There are also different definitions to consider in other instruments, including the European Union’s proposed AI act, the recent U.S. President’s executive order, and the NIST AI risk management framework, among others. Some of these do converge on the OECD’s definition, but in each case the wording differs.

I would recommend to the committee—or, at least, I would urge the committee—when it begins clause-by-clause review, to make a survey of existing definitions to determine the state of the art and to ensure that the definition ultimately chosen indeed maximizes interoperability yet also remains extensible to account for new techniques or technologies.

I would also recommend that the purpose clause of the AIDA, as well as other relevant provisions, be amended to include harms to groups and communities, as these may also be adversely affected by the decisions, recommendations or predictions of AI systems.

Finally, there should be an independent artificial intelligence and data commissioner. The companion document to the AIDA notes that the model whereby the regulator would be a departmental official was chosen in consideration of a number of factors, including the objectives of the regulatory scheme. However, since the scope of what is being left to regulation is so extensive, the creation of an independent regulator to administer and enforce the AIDA will counterbalance skepticism concerning the relative lack of parliamentary oversight and thereby help to instill trust in the overall regulatory scheme.

I will submit a brief for consideration by the committee, elaborating on the matters raised here. Machine learning technologies are poised to play a significant role in future innovation. Through legislation, we can achieve meaningful support for this potential while providing effective protections for individuals, groups and society.

Thank you for your attention. I welcome your questions.

Good afternoon.

Thank you for inviting me. I'm pleased to have the opportunity to share my thoughts on Bill C‑27 with the committee.

I am a partner at Borden Ladner Gervais, BLG, and a member of the privacy practice group. I am also the national lead of BLG's artificial intelligence, AI, group. I am appearing today as an individual.

My remarks will focus on the AI provisions in the bill, in both the artificial intelligence and data act, or AIDA, and the consumer privacy protection act, or CPPA.

To start, I want to say how important it is to modernize the federal privacy regime, something Quebec, the European Union and some of the world's largest economies have done recently.

I commend the government's commitment to AI legislation. In spite of the criticisms against AIDA, the bill has the advantage of putting forward a flexible approach. Nevertheless, some key concepts should be provided for in the act, instead of in the regulations. Furthermore, it is imperative that the government consult extensively on the regulations that flow from AIDA.

The first point I want to make has to do with the anonymized data in the CPPA. The use of anonymized personal information is an important building block for AI models, and excluding anonymized information from coverage by the act will allow Canadian businesses to keep innovating.

The definition of anonymization should, however, be more flexible and include a reasonableness standard, as other individuals and groups have recommended. That would bring the definition in line with those in other national and international laws, including recent amendments to Quebec's regime.

The CPPA should explicitly state that organizations can use an individual's personal information without their consent to anonymize the information, as is the case for de‑identified information.

Lastly, AIDA includes references to anonymized data, but it isn't defined in the act. The two acts should be consistent. AIDA, for instance, could refer to the definition of “anonymize” set out in the CPPA.

The second point I want to make concerns another concept in the CPPA, automated decisions. Like most modern privacy laws, the proposed act includes provisions on automated decisions. On request by an individual, organizations would be required to provide an explanation of the organization’s use of any automated decision system to make predictions, recommendations or decisions about individuals that could have a significant impact on them.

An automated decision system is defined as any technology that assists or replaces the judgment of human decision-makers. The definition should be amended to capture only systems with no human intervention at all. That would save organizations the heavy burden of having to identify all of their decision support systems and introduce processes to explain how those systems work, even when the final decision is made by a human. Such a change would increase the act's interoperability with Quebec's regime and the European Union's, which is based on the general data protection regulation.

Turning to AIDA, I want to draw your attention to high-impact systems. The act should include a definition of those systems. Since most of the obligations set out in the act flow from that designation, it's not appropriate for the term to be wholly defined in the regulations. The definition should include a contextual factor, specifically, the risk of harm caused by the system. For example, it could take into account whether the system posed a risk of harm to health and safety or a risk of an adverse impact on fundamental rights. That factor could be combined with the classes of systems that would be considered high-impact systems, as set out in the act.

Including a list of classes of systems that would de facto be considered high-impact systems, as the minister proposed in his letter, could capture too many systems, including those that pose moderate risk.

My last point concerns general purpose AI systems. In his letter, the minister proposed specific obligations for generative AI and other such systems. While generative AI has become wildly popular in the past year, regulating a specific type of AI system could render the act obsolete sooner.

Not all general purpose AI systems pose the same degree of risk, so it would be more appropriate to regulate them as high-impact systems when they meet the criteria to be designated as such.

Thank you very much. I would be happy to answer any questions you have.

Thank you, Mr. Chair and members of the committee, for having me here today on the important matter of reform of our privacy legislation and Bill C-27.

I'm a partner at the law firm of Clark Wilson in Vancouver, and I'm called to the bar in Ontario and British Columbia. I've been practising in the area of privacy law since approximately 2000. I've advised both private sector organizations in a variety of businesses and public bodies such as universities in the public sector. I've also acted as legal counsel before the Information and Privacy Commissioner for British Columbia in investigations, inquiries and judicial review.

With the limited amount of time we have, I'll be confining my remarks to the proposed consumer privacy protection act, specifically the legitimate interest exception, anonymization and de-identification, and the separate review tribunal. Hopefully, I'll have a bit of time to get into the artificial intelligence and data act, AIDA, with respect to high-impact systems.

I will of course be happy to discuss other areas of Bill C-27 and questions you may have. Also, subsequent to my presentation, I'll provide a detailed brief on the areas discussed today.

Starting with the proposed consumer privacy protection act and the legitimate interest exception, it's important to point out that arguably the leading privacy law jurisdiction, the EU with its GDPR, provides for a stand-alone right of an organization to collect, use and disclose personal information if it has a legitimate interest. Accordingly, if Canada is to have an exception to consent based on an organization's legitimate interest, it's important to look, in detail, at how that will operate and the implications of that exception.

First, to reiterate, the draft provisions in proposed subsection 18(3) are an exception to the consent requirements and not a stand-alone right for an organization as set out in the GDPR.

What's the significance of this? A stand-alone right generally is not as restrictively interpreted by the courts as an exception to an obligation from a purely statutory interpretation point of view. In short, the legitimate interest exception is very likely to be a narrower provision in scope than the GDPR's legitimate interest provisions.

A stand-alone right may be a means to circumvent or generally undercut the consent structure of our privacy legislation, which again is at the heart of our legislation and is a part of the inculcated privacy protection culture in Canada. Maintaining the legitimate interest provisions as an exception to the consent structure, on balance, is preferable to a stand-alone right.

Second, the exception is only for the collection or use of personal information and is not permitted for the disclosure of personal information to third parties. The prohibition on application of the exception to disclosure of personal information that is in the legitimate interest of an organization, in my view, doesn't make sense. While I'm in favour of the first instance of an exception over a stand-alone right, I think you have to expand this to cover disclosure as well.

The provisions in proposed subsection 18(3) expressly state that the legitimate interest of an organization “outweighs any potential adverse effect”. This is effectively a high standard of protection. The usefulness of this exception, if limited to only collection and use, is significant for organizations. For example, a business may have a legitimate interest in collection and use of personal information to measure and improve the use of its services or to develop a product. However, proposed subsection 18(3) prevents that organization from actually disclosing that personal information to a business partner or third party vendor to give effect to its legitimate purpose.

Finally, the point is that other jurisdictions allow for a legitimate interest of an organization to apply to disclosure of personal information as well as to collection and use. Specifically, again, that is not only the EU GDPR but also the Singapore law. I note that when you look at those pieces of legislation standing side by side, Singapore also has it as an exception. Singapore also has some case law that has moved forward.

I think it would give a lot of comfort to this committee if it were to examine some of the case law from Singapore, as well as some of the more current case law from the GDPR regime. It does give some sense of what this means as a legitimate interest, which I can appreciate at first instance may seem rather vague and could be seen as a giant loophole. However, my submission is that's not the case.

The next item I'd like to talk about is anonymization and de-identification. Clarity on this issue has been sought for some time, and it's reassuring that the change from Bill C-11 to Bill C-27 introduced this idea, a concept of anonymization, as separate from de-identification. However, technologically and practically speaking, you're never going to reach the standard set out in the definition of anonymization, so why put it in the act in the first place? There's been some commentary on this, and I am generally in support of the recommendation that you should insert into that definition the reasonableness to expect in the circumstances that an individual can be identified after the de-identification process. Then the data is not anonymized and is still caught by the legislation and the specific requirements for the use and disclosure of such data.

In terms of use and disclosure, I also note that proposed section 21 confines the use to internal use by the organization. The utility of this provision could be remarkably limited by this, again compared to what our trading partners have, because in modern research and development you have the idea of data pooling and extensive partnerships in the use of data. If it's strictly for internal purposes, we could lose this important tool in a modern technological economy that relies on this. Therefore, I recommend that it be deleted as well.

Also, proposed section 39 would limit the disclosure of de-identified personal information to, effectively, public sector organizations—this is very restrictive—and consideration should be given to disclosing to private sector organizations that are really fundamentally important to our modern economy and research and development.

In terms of the separate review tribunal, I know that the Privacy Commissioner has been hostile to this and I recognize that the Privacy Commissioner performs an invaluable role in investigating and pursuing compliance with our privacy legislation. However, given the enormous administrative monetary penalties that may be awarded against organizations—the higher of 3% of gross annual revenue or $10 million—for breaches, clear appeal rights to an expert tribunal and review of penalties are required to ensure due process and natural justice standards and, frankly, to develop the law in this area.

It is also noteworthy that judicial oversight of the decision of the tribunal would be according to the Supreme Court of Canada's test in Vavilov, which is limited to a review on the reasonableness standard, which is a very deferential and limited review. It's been suggested that you try to limit these things from going on forever and ever. With judicial review, they would be limited. I know there was one suggestion that the ability to seek judicial review should jump right from the tribunal to the Federal Court of Appeal. I think that's fine if you want to expedite this and meet that concern. I think that's probably right, but I do like the structure of a separate review tribunal.

Finally, on artificial intelligence and the high-impact systems, I think the focus of that, in terms of identifying the concept of high-impact systems, is sound in structure and potentially generally aligned with our trade partners in the EU. However, the concept cannot be left to further development and definition in regulations. This concept needs extensive consultation and parliamentary review.

It is recommended that the government produce a functional analysis of a high-impact system from qualitative and quantitative impact, risk assessment, transparency and safeguards perspectives.

It's further recommended that distinctions be made between artificial intelligence research and development for research purposes only and artificial intelligence that is implemented into the public domain for commercial or other purposes. What I would not want to see come out of our AIDA legislation is that we have some sort of brake on research in artificial intelligence.

We are vulnerable and our allies are vulnerable to other international actors that are at the forefront of research in artificial intelligence. We should not have anything in our legislation to break that. However, we should protect the public when artificial intelligence products are rolled out to the public domain, and ensure that we are protected. I think that's a distinction that is missing in the discussion, and it's very important that we advance that.

Those are my submissions.

Thank you.

Thank you, Mr. Chair and members of the committee, for the opportunity to speak to Bill C-27.

I am the managing partner of INQ Law, where my practice focuses on data- and AI-related laws. I’m here in my personal capacity and the views presented are my own.

Every day, we are hearing new stories about the promise and perils of artificial intelligence. AI systems are complex computer programs that process large amounts of data, including large amounts of personal information, for training and output purposes. Those outputs can be very valuable.

There is a possibility that AI can help cure diseases, improve agriculture yields or even help us become more productive, so we can each play to our best talents. That promise is very real, but as you've already heard on this panel, that promise does not come without risk. Complex as these systems are, they are not perfect and they are not neutral. They are being developed at such a speed that those on the front lines of development are some of the loudest voices calling for some regulation.

I appreciate that this committee has heard quite a bit of testimony over the last several weeks. While the testimonies you've heard have certainly run the gamut of opinions, there seem to be at least two points of consistency.

The first is that Canada’s federal private sector privacy law should be updated to reflect the increasing demand for personal information and changes to how that information is collected and processed for commercial purposes. In short, it’s time to modernize PIPEDA.

Second, our laws governing data and AI should strive for interoperability or harmonization across key jurisdictions. Harmonization helps Canadians understand and know how to assert their rights, and it helps Canadian organizations compete more effectively within the global economy.

The committee has also heard opposing views about Bill C-27. The remainder of my submissions will focus on five main points to do with parts 1 and 3 of the bill.

Part 1, which proposes the consumer privacy protection act, or CPPA, proposes some important changes to the governance of personal information in Canada. My submissions focus on the legitimate interest consent exception and the definition of anonymized data, much of which you've already heard on this panel.

First, the new exceptions to consent in the bill are welcome. Not only do they provide flexibility for organizations to use personal data to advance legitimate and beneficial activities, but they also align Canada’s law more closely with those of some of our key allies, including internally within Canada, such as Quebec’s Law 25, more specifically. Critically, they do so in a manner that is reasonably measured. I agree with earlier testimony that you've heard in this committee, that the application of the legitimate interest exception in the CPPA should align more closely with other notable privacy laws, namely Europe's GDPR.

Second, anonymized data can be essential for research, development and innovation purposes. I support the recommendations put to this committee by the Canadian Anonymization Network with respect to the drafting of the definition of “anonymize”. I also agree with Mr. Lamb's submissions as to the insertion of existing notions of reasonable foreseeability or a serious risk of reidentification.

As for part 3 of the bill, the proposed artificial intelligence and data act, first, I support the flexible approach adopted in part 3. I caution and recognize that the current draft contains some major holes, and that there is a need to plug those holes as soon as possible. As well, any future regulation would need to be subject to considerate consultation, as contemplated in the companion document to AIDA.

Our understanding of how to effectively promote the promise of AI and prevent harm associated with its use is evolving with the technology itself. Meaningful regulation will need to benefit from consultation with broad stakeholders, including, importantly, the AI community.

Second, Minister Champagne, in the letter he submitted to this committee, proposes to amend AIDA to define “high impact” by reference to classes of systems. The definition of high impact is the most striking omission in the current draft bill.

The use of a classification approach aligns with the EU's draft artificial intelligence act and supports a risk-based approach to AI governance, which I support. When the definition is ultimately incorporated into the draft, it should parallel the language in the companion document and provide criteria on what “high impact” means, with reference to the classifications as illustrated.

Finally, I support the proposed amendments to align AIDA more closely with OECD guidance on responsible AI. Namely, this is the definition in proposed section 2 of AIDA, which has also been adopted by the National Institute of Standards and Technology in the United States in its AI risk management framework.

To the extent that Canada can harmonize with other key jurisdictions where it makes sense for us to do so, we should.

I look forward to the committee's questions, as well as to the comments from my fellow witnesses.

Thank you for the invitation to appear before this committee for its important review of Bill C-27.

This bill includes significant proposed amendments to Canada's privacy laws at the same time as it introduces a proposed oversight regime for artificial intelligence. The AIDA component warrants focused study by the committee. Certainly, as you've heard from my co-witnesses, there's a lot to consider there. However, I will restrict my comments to the privacy components.

I am a privacy and regulatory lawyer. My practice over the past 25 years has included advising private sector organizations—both for-profit and non-profit—as well as government and Crown agencies. I address all relevant areas, including individual privacy, employee privacy and health privacy.

In these introductory comments, I will focus on one impactful area of the bill, which you have heard some comments about already: de-identified and anonymized information. I'm hoping to provide some clarification as well as my thoughts on how the proposed provisions can be improved.

The proposed treatment of such information in Bill C-27 is critically important. Firstly, it clarifies a category of information that, while not being fully identifiable and therefore available for specific uses without consent, is still deemed appropriate for protection under the law. Secondly, it provides for a category of anonymized information that can be used more broadly for research purposes, innovation and policy development.

The first category, de-identified information, is governed by all of the law's privacy protections, subject to certain specific exceptions. Conversely, the second category, anonymized information, is stated to not be subject to the law. However, as I will mention, this stipulation—that it's not subject to the law—is not the end of the story. The law will and should continue to provide oversight over anonymized information. This is a point that is sometimes missed. I certainly heard it raised as a concern in previous comments. I think it's very important to understand that, however we define the term—and we've heard a number of comments here—it will continue to be subject to the law.

I have a number of recommendations for improvement.

First, with respect to de-identified information, the definition should be amended to stipulate appropriate processes to ensure no person can be directly identified from the information. Additionally, proposed section 74 of the CPPA, which addresses technical and administrative protections, should be amended to include, as an additional criterion, the risk of re-identification.

Secondly, the definition of anonymized information should be amended to make more explicit the processes required for anonymization. With its law 25, Quebec got it right in this area. I recommend aligning with Quebec's approach, which stipulates that the generally accepted best practices for anonymization should be those set out in appropriate regulations. Such regulations should include transparency, risks of re-identification, accountability and guardrails for downstream uses. The Quebec law also recognizes that it is not possible, from a practical perspective, to say that anonymized information cannot be re-identified. The CPPA provision should reflect the same approach. Additionally, there should be a requirement for the organization performing any anonymization process to conduct a re-identification risk analysis. This is a proposed requirement in Quebec's regulations governing anonymized information.

Thirdly, the applicability of the law's protections for de-identified information is a bit of a complicated area. I can certainly go into it in more detail during questions, if you like. Currently, the CPPA provides that de-identified information is personal information, except for certain provisions, where it will not be considered personal information.

This is the wrong approach. Instead, as recommended by the OPC, a simple statement should be made that all de-identified personal information remains personal information. Also, the list of exceptions in the bill is confusing. To make it simpler and clearer, many of the exceptions should be omitted entirely—they are not needed. I can explain that in more detail if you wish.

My final comment is to address, as I mentioned a couple of minutes ago, a concerned voice by some stakeholders that the statute's anonymization regime should be made expressly subject to oversight by the Privacy Commissioner. I know you've heard that from at least one witness and maybe others here. In my view, such a provision is not required. The commissioner will have oversight over an organization's compliance with the anonymization rules, whatever they are. Also, and very importantly, if anonymized information does become identifiable—and that's this whole risk of reidentification—all of the statute's protective provisions again will apply with full vigour, and the commissioner will have oversight. Actually, there are two routes whereby the commissioner will or may continue to have oversight.

In sum, my recommendations are as follows.

First, the definition of “de-identified” information should be made more rigorous, including addressing the risk of reidentification. Secondly, the definition of anonymized information should be amended to make more explicit the processes required to achieve anonymization, and these should be set out in regulations, including a requirement for risk assessment. Finally, the regime for applicability of the CPPA's protections for de-identified information should be made clearer, in particular, stating that all such information remains personal information.

I will be happy to elaborate and answer any questions you have regarding these comments or any other provisions of the bill.

I understand your concern, and my sympathies are with the interpretation of this legislation as consumer protection legislation. I think the status of the current law to date is that that's what it is, so courts and potentially a tribunal will look at the facts of any case from that perspective. I think that should give you some reassurance. If there's some need to be more expressive about that and to bolster that, I would be in sympathy with that and your concerns.

With proposed subsection 18(3), my suggestion was to start looking at some of the case law that's coming out of the GDPR, that jurisdiction, and Singapore. You get an idea of how that's to work.

One of the potential things you can investigate is that, if you're going to get rid of implied consent, you're going to have to have a very robust “legitimate interest” exception and—

Sure, I'd be happy to do that.

Potentially it could be interpreted that way, and that's why I think there's an added reason to delete it.

On high-impact systems, if you look at AI law in different parts of the world, you see the governance applies to systems that are likely to cause a significant risk of harm.

There are lots of AI systems that we are using every day, like our GPS, that do not have a significant risk of harm to an individual, thus they should not be subject to the kind of governance oversight that we're talking about in AIDA.

The importance of “high-impact” is that it is a trigger to determine when governance is required, as stipulated in the law.

High risk is defined in the E.U. as a criticality of risk or, in the letter from Minister Champagne, when you're touching on elements of harm or bias—unjustified, unlawful bias—that can harm at scale an individual or property. In the case of the amendment, you have a number of different classes of systems or classes of use cases.

I want to be clear. We're not talking about a high-impact system; we are talking about a system used in a high-impact context.

I agree with Carole's comments, essentially.

No. It is very confusing. There's a provision, I remember, in a proposed section of the bill, that says basically that de-identified information is not personal information except for these sections, and it's a laundry list of about 20. That's what I'm talking about.

That's right. Half of them in their language use the term “de-identified information”. You don't have to turn around and say it isn't “not personal information”. It just reads that way. That's really what I'm talking about.

It's essentially the same point. I was just leading on from that point I just made. It goes back to Bill C-11, which really tried to suck and blow at the same time. It defined a term of “de-identified information”, which if you read it, inherently said it's outside the statute, because it's not personal information—it cannot reasonably identify an individual. However, the statute went on to actually have several provisions, really some of which are still here, that said these apply; these are rules for de-identified information. That was crazy.

I'm sorry, but I lost track. Ask your question again.

It's personal information. That's the point. The point is that there are really three levels: personal information, de-identified information and anonymized information. There are different levels of identifiability, let's call it.

Personal information is fully identifiable. De-identified information, consistent with both the GDPR and the law in Quebec, does not include a direct identifier, but it may be re-identified. It has a risk of impacting individuals. The statute says that it is still personal information.

However, it has certain specific exceptions that are totally taken out of the view of the statute. The way it reads now is that it continues to be personal information. You don't need to say that. You can just say that it is de-identified information.

That means that, one, it is personal information and two, it's governed by the statute. That is de-identified information.

The anonymized level is theoretically outside the application of the statute altogether, but as I mentioned, that isn't the whole story; there are still rules that apply to it.

I think you would have to get to the GDPR standard of a stand-alone right. If you don't have implied consent, you're going to go for a stand-alone right for that legitimate interest.

I'm fine with the structure as it is, with legitimate interest as an exception. I think that's a balancing. If you get rid of implied consent, I think you're heading down the path, then, of a stand-alone right.

Well, there are safeguards that are put in place for the use of that exception. There is a test that needs to be met, depending on the exception that you're going to apply. There are safeguards, such as a legitimate interest analysis, that are detailed in the draft bill. All of that is in addition to requirements for a privacy impact assessment or something that looks like it.

There is an analysis that has to go into effect. In addition, at first instance, you have to meet the threshold test of reasonableness. Is the use or collection within the reasonable expectation of the individual?

Ultimately, you may have to submit that brief to the Privacy Commissioner if there is a question.

This is all to say that there are reasonable safeguards put in place to prohibit the flagrant misuse of that consent exception.

I agree with it, yes, absolutely.

It's consistent with the point I was making earlier. If you look at jurisdictions such as the United States and the EU, the EU has a robust artificial intelligence act that is to be passed, we're told, any day now.

Look at the Canadian context. The application of a governance framework is triggered when there is a high-risk scenario, meaning that not every single AI system will be subject to the same kind of oversight and rigour as a system that would fall within that high-risk category. That allows for a little more flexibility in the way we manage high-risk use cases. It does put more emphasis on a thoughtful approach to the types of intended purposes these systems are put to.

I would agree with that.

At its core, it is similar in that it takes a risk-based approach to governing artificial intelligence. Our draft law is much more bare bones than what you see in the EU context. The EU AIA, the artificial intelligence act, is far more prescriptive than what we have in AIDA. There are some distinct differences between our approach and our draft law and theirs.

At the core, we're looking at a risk-based approach that seeks to govern the data inputs, the models themselves and the outputs of those models throughout the life cycle of the AI system. At its core, that is consistent not only with the EU but with approaches we see in the U.S. as well.

If you look at the draft of AIDA, much of it is an accountability framework. It is a series of assessments with accountability that overlays when that high-impact trigger is reached.

I agree that a flexible approach is useful in a context in which you have so much changing so quickly, so I support that flexible approach, recognizing, as I said in my opening remarks, that there are some distinct holes in this particular draft.

I think that one thing that has been discussed at length and is an important discussion is bias. The legislation and the discussion have moved around issues of bias to ensure cultural protection. Bias in any way in that regard in the legislation should strive not to prejudice any group, sector or community in our society. Of course, French language rights are very important and should be understood and protected.

Are you speaking with respect to the privacy legislation or the artificial intelligence legislation?

I didn't get the translation for that, unfortunately.

It's particularly in the context of the artificial intelligence act, but it can be in whatever context you want.

Again, I think that the issues are issues of bias. I think that's where your concern should be in ensuring that French language rights are protected and that artificial intelligence isn't in any way biasing French as a common language of discourse in our country.

Innovation, as you saw from my remarks, and research and development are fundamental. We have to be very careful as we move forward with this legislation.

My remarks were to carefully distinguish between research and development and artificial intelligence that's rolled out in a public domain or for consumer purposes. While I agree with my colleague that the benefits are enormous for the public, we also have to be very careful that, in restricting, managing and regulating how that is rolled out to the public, we do not foreclose leading-edge research into artificial intelligence.

Again, I would emphasize that this is not a pleasant world we live in at times. The stakes for who has the commanding heights of artificial intelligence are extraordinarily high. We should do nothing to restrict that, and we should make sure that our country and our allies are at the front end of that research and development.

We want to protect our public from the pernicious effects of artificial intelligence.

You raised some issues of language rights and bias. That's a very important discussion to make sure that we protect our public, maintain our democratic values and ensure that the fundamental issue of privacy is preserved in our country.

I have two points to make in response to what you said.

The first is that generative artificial intelligence, generative AI, is the nature of artificial intelligence that we see today through ChatGPT and other types of tools. That is typically considered a general purpose AI, for which, in the letter of the minister, an amendment is proposed to be defined as high-impact systems, which means that it would fall within the governance structure of AIDA. Arguably, it would serve to protect the rights of authors and content creators, because there would be the necessity to govern the use of those systems.

My colleague, Mr. Joli-Coeur, disputed that it should, in fact, be governed separately. I have sympathy for his positions. We are seeing measures that could be put in place to mitigate some of the risks coming up more and more—content provenance and being able to trace watermark content in its original form so we can understand if that content has ever been manipulated or changed in any way that could be problematic to an author or to a content creator when they put their systems online.

In addition, through an entirely separate process, we are undergoing a Copyright Act review, so these types of conversations are very much alive in Canada and in other jurisdictions as well.

I just want to add that this is one of the reasons I think AIDA should address the concerns of groups, the harms that could be effected against groups or communities. This is a great example.

No, not really.

I'd just like to make one sort of general comment. My expertise hasn't focused on AIDA. I've read it. I'm familiar with the European legislation. People have mentioned that it has holes and that it's like part of the EU legislation—part of it. It has the framework, but what it doesn't have.... I apologize; I'm not up to date on the minister's letter on this. What the European legislation does is define levels of risk, right down to no risk, right? They have something like four levels. Why don't we have that? It makes sense.

It's like we're operating with one hand behind our back to build this. If I were going to say...and I'm not coming with any opinions on what to do. I think it's a huge quandary for this committee and Parliament as to what to do with AIDA. There's no question about that. It just strikes me: Why aren't we there? I mean, if you read the EU act, which isn't in force.... It's still in the process. There's quite a bit of process to get it into law, but it's there. It's the act. You read it and you see these levels, and they have responses and levels of oversight and care. We should be doing that.

Sure. The level of damage that I would address is confusion if we don't align them—confusion for Quebeckers, primarily, if we end up with some different standards. This actually applies elsewhere than the categories of de-identified information. Anonymized information is the main focus. It just makes sense to align across the country.

There are two points. I mean, really, I guess I can describe it by “two points”.

Data is collected by primarily national cross-Canada organizations intermingling the data. Are we going to come up with some rules that just somehow hive off Quebec data for these cross-nationals? That's not going to happen. It's going to be intermingled. Yes, there are possible systems that could do it and put in rules, but it doesn't make sense. I'll rephrase that. Organizations will not want to have to come up with a separate category of information for Quebec, different from the rest of the country. It's not exceptional to basically have the same rules apply. I'm talking about anonymized information.

The other thing is that I have spent a lot of my career advising marketers. I know that they don't like to say, “Well, actually, our higher standard rules apply just to Quebec residents.” How will that happen? It's not going to happen. You're going to have those companies saying, “No, we're going to the highest standard.”

Thirdly, I will say that I think Law 25 is going to inform privacy standards across the country de facto, and it is informing this committee and what we're doing here. That, hopefully—

I don't buy into that, actually. I heard it at a conference today—that if we don't get these rules right, nobody is going to come to Canada. That isn't going to happen. Marketers know that.

No. I would phrase it this way, Mr. Masse. It will impact companies, because it will be more costly, more complicated or whatever to come up with the compliance mechanisms. That's the biggest impact on organizations' collecting data if we don't align the standards.

Are you asking me? Okay.

Yes, the commissioner should be independent, absolutely, and appointed by Parliament.

Sure, I will. This was part of my opening statement.

It's actually imperative that we have some independence from the ministry for the artificial intelligence and data commissioner. A parliamentary officer sounds like a good way to effect this, as long as it's at arm's length in some way, so that there is someone outside the ministry who is going to be looking after all these regulations and actually calling them on it.

I don't want to overstate what I know would work or wouldn't work as a mechanic in terms of embedding it in the law. I think it would, but take that with a grain of salt, because I'd have to do my own legal analysis on that.

I would just reiterate my initial comments that I support a separate tribunal. Despite the misgivings of the Privacy Commissioner, I think that would be a useful forum and protection for the development of the law in this area.

That is correct.

I think your concern is correct, and I do worry about the wording, particularly in proposed subsection 18(3).

The member of Parliament, Mr. Perkins, raised that issue. I think you should delete the word “internal” from that proposed subsection 21. I am concerned about the ability to pool.

I think the privacy management program effectively does deal with privacy by design. It forces organizations to develop their policies. It forces organizations to consider privacy impacts. I think overall that achieves what you want.

If we didn't have privacy management programs, then I think you would have to have something like privacy by design to ensure that we're developing a culture in all organizations that recognizes the impacts of privacy on individuals.

To the first point, I don't know. I don't know why it wasn't included in the original draft, so I don't have an answer to that. It wasn't part of the consultations that I was part of.

To the second point, sensitive information has always been, and remains, a contextual analysis of factors that look at things like health information, financial information and the degree to which there are elements of the information that should be protected.

Biometric data would constitute sensitive information as well. By and large, thinking about the contextual analysis, I would typically include that there.

If you look at Law 25 in Quebec, you will see a definition of sensitive information that I think can be very informative, so to my fellow witness's point, I think that is important.

I would support that.

I want to start by saying I think there is real value to being able to use data for good, so the inclusion of this provision is important and I support it.

The definition as provided relates to “health, the provision or improvement of public amenities or infrastructure, the protection of the environment or any other prescribed purpose”. To the extent that it is not sufficient, there are opportunities to include a more defined and precise definition in the long run.

However, as an initial inclusion, I am comfortable with what we have here.

I agree that there should be a possibility to use de-identified data for socially beneficial purposes. I think some of my colleagues on this panel have suggested extending this permission to also disclose personal information for socially beneficial purposes to more than just, essentially, public sector organizations, and even to other private organizations.

Generally, yes. There are some discrepancies, which were outlined today.

I think, from a general perspective, Quebec will meet the substantially similar threshold. There could be improvements for interoperability that would help organizations, as we've mentioned. The notion of anonymization and its definition are one example, but generally speaking, the bill is broadly aligned.

I could go back to the suggestions I put forward in my speaking notes.

The definition of anonymization is too strict. It should be more flexible. There should be a reasonableness standard there that would align with Quebec's and other global standards.

Perhaps the other one is the one I mentioned about automated decision-making. Restrict the definition a bit to cover only decisions that are made and that are replacing a human—only decisions where there is no human in the loop.

I agree with many of the other witnesses here today in supporting a change to the definition of anonymization to align more with Quebec's definition and maintain some interoperability there. Given the way it's drafted now, it's an impossible standard.

The other—and I'll make reference to my opening remarks—would be to change the consent exception framework for public interest purposes. That includes proposed sections 35 and 39. I think, in this regard, we could take some inspiration from Law 25, which inserted a new framework for disclosures by private sector entities to other private sector or public sector entities. That includes undertaking a privacy impact assessment and entering into an agreement with the other party. In the case of Quebec, it's actually submitting the agreement to the Commission d’accès à l’information. In the case of Bill C-27, it's adapting the language from proposed paragraph 35(c), which suggests notice to the commissioner at the very least.

In addition to allowing for information exchanges among private sector entities, which could be beneficial, I think it could also be extended to include taking information from the public Internet. As we know, machine learning technologies, in many cases, can benefit from having access to this, provided that some appropriate guardrails are in place, as suggested.

Yes. If we were to undertake the suggestion to combine or generalize proposed sections 35 and 39, to make it a bit more like the framework in Quebec's Law 25, which begins at section 21 of that law, then it would involve what is styled in that law as “privacy impact assessments”. That isn't a concept that figures, as such, in Bill C-27, but I think it's been discussed to some extent at this committee already. It's been broadly outlined. It's understood. You're examining the disclosure in this case, or the collection.

I suggest that after seeing what kind of privacy impact it has, you do a proportionality analysis and many other things besides that. If an agreement is entered into between the parties to the exchange, it should have certain contractual assurances around how the information is to be handled throughout its life cycle for this purpose. Finally, notice should be given to the commissioner.

As I said, in Quebec's case, you actually submit the agreement to the commissioner, and then you can activate or operationalize that agreement only after 30 days, giving the Quebec commissioner time to respond, presumably. Once the commissioner has notice, they can of course simply request the agreement. They can request the privacy impact assessment and undertake any other steps. The important thing is to provide notice, so that the commissioner is aware.

Can you just repeat the question?

I fully agree with my colleague's point that you can combine proposed sections 35 and 39. It can be an effective way to more flexibly use personal information in a responsible manner, but you would do so with the governance of the privacy impact assessment in place, so that there is a thoughtful and measured approach to identifying the data that you'll be collecting, the justification for that data, the potential privacy risks associated with that use, and then a clear plan to mitigate those risks.

I would very much support that proposal.

Do you mean in advance of the collection?

I'm not necessarily sure about that. I don't know if it's reasonable that it would be tabled with the commissioner in advance, but I do support the application of the privacy impact assessment as a tool to mitigate risk.

If I've misunderstood anything, please let me know.

Number one, I am very empathetic to the concerns of small and medium-sized businesses when it comes to the level of compliance. That is part of the reason it is very important that we harmonize wherever possible, because part of the challenge with compliance is the degree to which there is nuance.

Let me just give you a very small example. Right now, if you look at AI law alone that is bubbling up in different jurisdictions, you have the EU, which has a robust law. Then you have Canada, and you have different jurisdictions as well. You have China, Singapore...a number are considering laws. Then, in the U.S. alone, there are 200 bills that were tabled from the city level to the federal level, so to the extent that we can minimize the complexity of compliance, we are far better off.

When it comes to the kinds of enforcement measures that you find in AIDA, one of the most striking to me is the criminality component, which I am most concerned about, because it does set us apart as an outlier. We don't see that in other laws around the world. I would recommend striking that, to be honest. Get rid of the criminality component, and really align AIDA, from an enforcement and a penalty perspective, as closely as possible with other leading jurisdictions.

I hope I fully answered your question.

Most of the holes that need to be plugged are found in the minister's amendments, in the letter that was tabled by the minister and read together with the companion documents. If you were to take it all together and we were to see a bill that addresses all of those different points, my suspicion is that it would be a fairly good, fulsome bill. I haven't seen it, and I don't know, but I suspect that we would be in a position where we are much more comfortable with some of those gaping holes.

I'm not sure I fully align with that.

Where there is criminal activity, it's typically already covered in the Criminal Code. The issue with AIDA as it's currently constructed is that it is intended to be an accountability framework for high-impact systems. In this current construct, it sets Canada apart with the criminality component. If you are engaging in criminal activity, we already have a statute in place that covers that activity and provides the necessary oversight and actions that would be taken.

The Biden executive order is not law. We would have to actually see what the U.S. is capable of passing as law.

In the Canadian context, you have fines that are stricter than what you would find under the EU context, so you already have a significant deterrent, from the monetary perspective.

In terms of the level of criminality that I understand we are concerned about from the constituents you're speaking with, I would go back to the point that we have the Criminal Code in place, which would deter that behaviour already.

Did I participate in the...?

Okay.

I participated in the national consultations on data and digital literacy, I think it was, in 2018. I participated as an innovator—as one of the innovation leads.

I did not participate in the drafting of the digital charter, nor in the white paper to reform PIPEDA that came out at that time. I have not participated in the drafting of any of these laws, neither Bill C-11 nor Bill C-27.

I'm not sure I'm in the best position to comment on whether the two bills should be separated, but what I will say is that they are conceptually linked. Much of what goes into the AI bill does depend on the type of data that it relies upon, which then touches on part 1 of that bill. There are distinctions, for sure, and there are conceptual linkages that I think are important. I do appreciate that part 1 has been subject to substantially more consultation than part 3 has.

I'm sorry. I'm listening, but could the translator repeat it? It was at low volume.

That's a good question.

I think it sets, largely, an excellent standard. That would be the way I would characterize it.

In comparison with this bill.... I think the bill could learn from Law 25 in a number of areas. Certainly, anonymization and de-identifying are one. There are others, and we haven't touched on those today, in which Quebec provides what I will call a higher standard, a more rigorous standard of privacy.

Actually, I just wanted to correct the record, because I understood that you were asking me, “Were you part of drafting?”, but if you were asking, “Are you part of any of the consultation processes?”, I was part of some of the consultations, but I was not part of drafting. I just wanted to correct the record.

[Inaudible—Editor]