I think if you have to scramble to change a law in the time of a pandemic, it might lead you to consider that perhaps that law wasn’t such a good one in the first place. 

This is exactly what the government of British Columbia has had to do amid the COVID-19 lockdown to create additional exceptions to their outdated data localization law.

The temporary exceptions to the law ostensibly allow for a greater number of instances in which personal information can flow outside of Canada if it is necessary as part of fighting the virus.

The fact that it’s taking a pandemic for the lawmakers in British Columbia to realize this is perplexing. Their stubborn reluctance to remove the barriers they have in place has been frustrating. Frustrating on many fronts, including the fact that these barriers and their exceptions are confusing and difficult to interpret. While I appreciate the intent is to protect citizens’ information from being accessible in other countries, in the end, I think it simply leads to greater uncertainty and drives up the costs of doing good things with data. I mean, is someone from British Columbia really much safer, privacy-wise, than someone from Ontario?

The new North American free trade agreement (you can choose whichever acronym you like for it), contains a provision making it a violation of the agreement to require data localization regimes. 

I wonder if this will have any effect on the situation in British Columbia (and, don’t forget, Nova Scotia has a similar law). I hope that, post-pandemic, this all leads to a healthy discussion and review of these laws to ensure they continue to protect people while recognizing certain digital realities of the 21st century.