Editor's note: The IAPP is policy neutral. We publish contributed opinion and analysis pieces to enable our members to hear a broad spectrum of views in our domains.
With my own personal discomfort crossing the Canada-U.S. border unless absolutely necessary, I've come to miss spending time with many friends and family members who live there. Luckily for me, some of those nice people have made, or are making, the trip north.
I live in Ottawa, which is a beautiful capital city with tons of galleries, museums and historical sites. My friends to the south are quite surprised by how cosmopolitan it is. And, while I know it isn't Europe, Ottawa is an easy destination to launch from if you're interested in also seeing Montreal, Quebec City, Toronto and even a long day trip to Niagara Falls, which is one of those places that as locals we don't think about very often, but that seems to say "Canada" to people we talk to from elsewhere.
We've also introduced to our friends some true gems in this region, like Mont-Tremblant, and they're making it an annual thing.
This new geopolitical world we find ourselves in came about rather quickly. And while some of our reactions may have been initially perceived as somewhat knee-jerk and that we would would eventually soften our "elbows up" stance, the Canadian patriotic persistence seems to not only be maintaining but even growing in momentum. The bonus, for us, is seeing such great enjoyment of the place we call home, our art, culture, food, sport and much more. And it's a good reminder of all the great stuff we have right at our doorstep.
This idea is playing out in our industry as well. By March of this year, I was having high-level discussions about data sovereignty with certain public officials. Even some of my private-sector clients that, if they were Canadian, wanted to lessen their reliance on American suppliers, or, if they were American, wanted to make efforts not lose Canadian clients.
This concept of data sovereignty might have been perceived early on as one of those knee-jerk reactions that would lose momentum over time. But I'm not sure that's the case.
Academic Michael Geist co-authored a paper published this week in the Canadian Medical Association Journal that recommended, among other things: "… a multipronged approach that includes encrypting health data by design, requiring health data be hosted on Canadian soil (data localization), inserting a blocking statute into privacy laws, and investing in the development of Canadian sovereign cloud servers to host health data."
Not surprising, considering the publisher of the journal, the paper focuses on health data. And it's true health data is particularly sensitive and, if not treated ethically, has the potential for misuse and greater harms. But you can say that about other types of data as well: financial, political, religious. Heck, even what you read or watch can be considered sensitive in the right context.
Will Geist and others influence this issue? What do you think is the right solution? Obviously, we aren't going to just stop using American tech — we love our cloud-based providers more than ever — so I'm curious to see how this plays out.
Meanwhile, start planning your next trip to Ottawa and when you come, please make sure to let me know so I can say hi.
Kris Klein, CIPP/C, CIPM, FIP, is the managing director, Canada, for the IAPP.
This article originally appeared in the Canada Dashboard Digest, a free weekly IAPP newsletter. Subscriptions to this and other IAPP newsletters can be found here.
