I’ve been saying this here in BC for years now, yet every company and the government itself all use Microsoft, all data is stored in SharePoint, and these days if I even bring it up, I get rolling eyes. I’m the fucking CTO and I haven’t been able to push this one out because we apparently just want our data in US hands.
There should be very severe penalties to anybody that does this.
Headline says “stored in Canada”.
Subtitle says “data storage supplier is subject to the laws of another country”.
Make up your mind.
There’s no contradiction there. This broke over the summer: Microsoft Admits: US Law Supersedes Canadian Sovereignty — Microsoft representative says US CLOUD Act comes before other country’s sovereignty.
LOL
The first is about the physical storage location of data.
The second is about the nationality of the storage’s owning entity.
Haven’t read it yet, but I assume storing data is like storing merchandise. Whether Amazon stores data in server located in Canada, or books in warehouse located in Canada, it’s probably similar. In any case, Canadians should store their data with a Canadian company having their servers located in Canada. I’ll read the article later.
So if Canada makes some law that just says we have whatever jurisdiction or authority over whatever matter in whatever nation, our law supersedes their law.
That’s the logic.
This is false.
They are simply allowing the corps do do as they please.
So reading through the white paper, they didn’t really report on the more interesting output from it… paper’s here.
Appendix A is interesting, in that they list out their mitigation against foreign control / methods of trying to protect Canada’s digital sovereignty. And basically every item has a con that says it doesn’t actually help against foreign laws (unauthorized and un-reported access to Government of Canada data by foreign interests/govts).
The long and short, is essentially that you need companies that are in Canada, and only accountable to Canada, for their cloud products provided in Canada. You need control of the stack. That’s a really tall order.
Yeah well…I’ve been privy to these discussions at Computing Canada for over a decade but the Trudeau Liberals were not willing to pay for this. Trudeau was horrible for tech in Canada, he set us back a decade.
Oh, I know as well. But I wouldn’t say it’s stopped with Trudeau’s exit, and I’m not sure about the start point. I’m currently watching a slow moving train wreck in the financial industry, as most of Canada’s Credit Unions move to outsource their online banking to an Indian company – with Regulators offering absolutely no hesitation / road blocks. Canada’s Credit Unions had data center colosites across the country, but now its all in US cloud providers. Like, they literally moved all the cheque processing into Microsoft Azure this year – so even after shit hits the fan and the gov starts faking alarm over US aggression, the gov is still rubber stamping critical industries moving more shit out of Canadian control. Hell, the CEO of Central1 received Business In Vancouver Awards for abandoning a Canadian stack, and pushing it all off-shore – she literally got awards for presiding over the FAILURE of 1/3 of the services her organisation offers to its ‘customers’. Add to that, that the Board of Central1, which is made up largely of “big Credit Union” people like Vancity, and which presided over this strategic failure for the industry, voted to boost their salaries a ton and to consolidate more power with fewer board members (so they can fail more efficiently, with fewer roadblocks! they get like >$100k per year now, for what’s essentially a part time job that they do on the side of their regular jobs). Go figure.
Carney has previously, and is currently in my view, still in favour of this sort of shift. When he was at the BoC, he started the process of killing Canada’s local / smaller financial institutions, and selling out to American big tech. People like Carolyn Rogers, then regulator of BC’s provincial system now #2 at the BoC, helped to enact his vision – she basically set about to kill off the small/medium sized Credit Unions in the province, a process that’s seen the count of CUs drop to like 25 or so (the counts basically halved in the past decade). She’s the one whining about Canadian’s lack of productivity, even though while acting as BC’s financial regulator, she outsourced all her departments audit work to international audit firms. Her screwing that up so badly, is likely the reason she failed upwards out of the BC system – she got skewered by MLAs for her mismanagement of her department and outsourcing contracts a short time prior her “promotion”. She’s also been ‘promoted on’ from numerous positions between then and becoming the #2 at the BoC, moving quickly enough that her impact on the orgs she worked for would be minimized.
Anyhow, those smaller FIs that govs been killing off were also really important for financing things like riskier personal businesses / small businesses – in the past, they’d take those sorts of risks with far fewer hurdles than the banks required, helping to bolster the small business sector which employed a huge number of Canadians. Of course, the government is now trying to figure out why it seems harder for small businesses to get financing… it’s like the gov is too dense to realise that it’s because of the gov’s actions. The solution will almost definitely be “open banking” paired with “let foreigners / fintech conglomerates control the financing!”.
Before the Trudeau hate train gains too much speed, how would any of the other parties stated policies have compared?
I haven’t seen a lot of policy statements from the opposition parties on data sovereignty (beyond language about it being a generally good idea).
how would any of the other parties stated policies have compared?
Harper at least kept budgets inflation corrected. Trudeau actually cut biomedical research by not increasing the budget, and Carney is set to cut it further because CDN scientists can no longer leave to the US. Practically, with inflation in science much higher than consumer inflation, grants are at 50%, with success rates below 15%. Then, they have the nerve to say Canadian economy is not productive. They want us to pull innovation out of our asses, and when it does mysteriously happen, 99% of it gets developed in the US or sold off to US companies.
NDP? They have never had any real support of research and avoid it in policy. Greens -irrelevant.
Aside from Chretien, no PM has taken science seriously in 60 years.
What a terribly written article. Either the paper was self-contradicting, or this journalist made it appear that way with these 2 paragraphs.
It warns the federal government can only maintain full legal control if it delivers the service itself, or uses service providers that operate completely under Canadian jurisdiction.
It says storing data in Canada, or using a Canadian supplier, would not guarantee foreign courts wouldn’t have jurisdiction.
Doesn’t name the paper or link the source clearly so I can read the paper for myself. Is this CTV’s typical writing standard? Ambiguous like they didn’t understand the assignment?
It’s not contradictory really, though the lack of a link to the white paper is definitely lazy journalism. I’m ‘guessing’ the paper is here: https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/cloud-services/digital-sovereignty/gc-white-paper-data-sovereignty-public-cloud.html . I haven’t read through that yet, so its just a guess.
The statement you say is contradictory isn’t, in that they differentiate between “operate completely under Canadian jurisdiction” from businesses just ‘storing data in canada’, or ‘using a canadian supplier’. For example Telus is one of our big telcos. Telus has significant business ties to US companies, in that their email is just reselling either Microsoft or Google, and their VoiP is just reselling US Ring Central (even uses the same servers for call routing). Telus is currently a “Canadian” company that is effectively just a US software supplier, that has data ‘reside’ in Canada when it’s demanded by client/regulatory requirements. Telus is beholden to US laws and regulations. Even the data that Telus has “residing” in Canada, is potentially subject to US laws and regulations – that’s what the Cloud Act solidified: basically the US govts authority to coerce any business that wants to do business in/with the US, to give up that company’s data from anywhere in the world.
When it comes to something like AI and training on user data – companies like Microsoft and Google don’t really care all that much about Canada’s legislation / sovereignty, especially as the US is letting them write their own regulation down south. So any email that goes through US tech giant servers, is likely getting ingested / processed by US AI’s, with US laws / trends in mind.
Edit: link to the paper if you want to read it yourself
