There are significant differences between Canadian data protection legislation and what is in place in Europe, including European legislation on the reuse of public sector information. Some of those differences are due to updating, because of the process of reviewing, revising, updating, and producing directives with respect to new technologies. It seems to move forward more quickly and more effectively in Europe than it has done in Canada. The data protection laws at the federal and private sector levels in Canada have been neglected over the years and have been allowed to become considerably out of date. That's certainly one difference.
Another difference is the approach to or the conception of privacy in Europe, as compared to Canada, but I think it's English Canada as opposed to French Canada. I think in Quebec the approach to privacy is much more in line with the European approach to privacy, where privacy is seen much more as a human right rather than something that can be commodified and traded. In data protection frameworks such as PIPEDA, the Personal Information Protection and Electronic Documents Act, you see this idea that as long as people consent to things being done with their personal information, that's fine, and we know that consent has become unmanageable. Sometimes it seems that there isn't an underlying human rights principle that reinforces the value of personal information.
Those are the big differences that I see.