A new government white paper has raised concerns that Canada cannot maintain full legal control over federally-stored data if its cloud or data storage provider is subject to foreign laws. The report, prepared for the Treasury Board, highlights that true data sovereignty is only possible if the federal government manages its own services or works exclusively with providers fully under Canadian jurisdiction.
The paper emphasizes that most cloud providers must comply with the laws of every country in which they operate, creating conflicting legal obligations. It also points out that storing data in Canada or choosing a Canadian company does not fully shield government records from foreign legal reach. For instance, the U.S. Cloud Act allows American authorities to access data held by U.S. companies—even if stored in other countries—if required for law enforcement.
The federal government, led by Prime Minister Mark Carney and AI Minister Evan Solomon, has been exploring the concept of digital sovereignty, with Solomon calling it one of the "most pressing policy and democratic issues of our time." However, the exact definition remains in flux. Ottawa has already spent close to $1.3 billion on cloud services from U.S. firms like Amazon, Microsoft, and Google since 2021, including sensitive defense applications.
Solomon has acknowledged the risks of foreign access but says strict judicial warrants are required for such data retrieval. He also announced a 27-member task force in September to draft recommendations for a refreshed AI strategy—a move that has drawn criticism for being industry-heavy.
On Monday, experts and civil society groups issued an open letter urging the government to restructure the task force and extend the public consultation deadline, arguing that current efforts overlook the real risks posed by AI technologies.
Even Canadian firms like Bell and Telus, eager to participate in the federal "sovereign cloud" push, face complications due to reliance on U.S. tech. As Jennifer Pybus of York University notes, if U.S. companies are involved in any part of the data pipeline, foreign access remains possible.
A missile strike on an energy facility in Russia's Belgorod area raises alarms over security and inf
The US launched strikes on missile sites and Iranian vessels in southern Iran while peace negotiatio
Sheikh Mohamed bin Zayed's debt relief initiative grants AED 834 million to help 2,339 retirees acro
Andrei Svechnikov scored the overtime winner as the Carolina Hurricanes defeated the Montreal Canadi
