Government data privacy update provides greater certainty for Canadians

By and Claude Guay | 4 minute read | January 6, 2021

IBM continues to demonstrate leadership in the protection of personal information

In November, Canada’s Minister of Innovation, Science and Industry Navdeep Bains introduced the Digital Charter Implementation Act of 2020, a proposed legislation intended to give Canadians more control over their personal information and improve data privacy.

If passed, the new bill (Bill C-11) would update Canada’s privacy protections, bringing them in line with other global approaches such as the European Union’s GDPR. The bill would also empower Canada’s privacy commissioner to compel companies to comply with data-protection rules, and, if necessary, order offenders to stop collecting personal information.

Bill C-11 is the latest move by the Federal Government to legislate components of the Digital Charter which was released last year. As economies around the world become increasingly interconnected, this legislation is timely. COVID-19 has accelerated the expansion of our digital footprint, making the protection of data even more critical.  Regulating these protections to ensure businesses are taking the right actions requires precision regulation that puts people at the centre of decision-making.

In a letter to U.S. Congress earlier this year, our CEO Arvind Krishna shared that our company had sunset its own general purpose IBM facial recognition and analysis products.  He also emphasized that:

“IBM firmly opposes and will not condone uses of any technology, including facial recognition technology offered by other vendors, for mass surveillance, racial profiling, violations of basic human rights and freedoms, or any purpose which is not consistent with our values and Principles of Trust and Transparency.”

Canadians have always put great emphasis on the privacy and security of their data and personal information. At IBM, we remain steadfast in our commitment to the responsible stewardship of data and openly support policymakers, industry, and other stakeholders in their measures to do the same. We believe organizations that collect, store, manage or process data have an obligation to handle it responsibility. That means: your data should be your data.

For more than a century, IBM has earned the trust of our clients by responsibly managing their most valuable data, and we’re earning the trust of society by ushering powerful technologies like AI into the world responsibly and with clear purpose. After decades of working with clients in some of the most highly regulated sectors across North America, I know first-hand that trust and transparency guide every digital interaction.

We take that trust very seriously and earn it every day by following these responsible principles and practices.

  • Data Ownership and Privacy

We believe our clients’ data is their own, and that government data policies should both reflect and prioritize this fact. While there is no single regulatory approach to privacy, IBM complies with data privacy laws in all countries, and we support global cooperation to strengthen privacy protections.

  • Data Flows and Access

The COVID-19 pandemic has accelerated the digitization of the global economy, and cross border data flows are more essential than ever. The best way to ensure the continued free flow of data is with strong digital trade provisions codified through trade agreements.

  • Data Security and Trust

Public-private partnerships and voluntary, real-time sharing of actionable cyber threat information between governments, business and academia should be mandatory to collaboratively prevent and mitigate cyber-attacks.

  • AI and Data

Artificial intelligence cannot replace human decision-making, judgement, intuition or ethical choices. And if we can’t explain why AI is making certain decisions, trust erodes. All companies should maintain transparency into their algorithm’s recommendations through the use of Explainable AI. Explainability requires visibility into how an AI model was built, who owns it and who validated it. What metrics were captured? Does the model follow policies? Are those policies upheld as new data comes in?

  • Data Skills and Jobs of the Future

Canadians are ready for data-driven changes that drive productivity, economic growth and job creation. IBM is leveraging our long-established education programming, from working with policymakers to modernize education systems through programs like P-TECH to emphasizing in-demand skills and preparing workers for jobs that don’t require a traditional degree. A key component of this work is understanding the critical role that security and privacy have in our digital economy.

What comes next?

Trust – digital or otherwise – requires reliability, credibility, transparency, security and most importantly – integrity. IBM Canada supports the intent of Bill C-11 and looks forward to working with the Government and industry to ensure that the final product balances the need to enhance trust with innovation and the power that comes with harnessing the new natural resource of our time – data.

Businesses must demonstrate that they can act in the best interests of society, while at the same time not sacrificing innovation. Generations of IBMers have done exactly that – earned the trust of clients and people through responsible data stewardship that solves some of the world’s greatest problems. As an industry leader, IBM welcomes the government’s pledge and will continue to demonstrate our commitment to the conservancy of private data ownership, and we encourage other organizations to do the same.


Claude Guay, President and General Manager, IBM Canada