Opinion: How the next government can protect Canada’s information ecosystem

Taylor Owen is the Beaverbrook Chair in Media, Ethics, and Communication at McGill University and the host of The Globe and Mail’s Machines Like Us podcast. Helen A. Hayes is a PhD candidate at McGill University, and a senior fellow at the Centre for Media, Technology and Democracy.

In light of direct attacks on Canadian sovereignty from the U.S. government, and the Hogue Commission’s findings that disinformation threatens the very existence of our democracy, the failure to protect Canada’s information ecosystem must be seen not just as a concern for tech policy but as a national security vulnerability. What’s more, Canadians now view the United States as a greater foreign interference threat than Russia, China or India. It’s clear: protecting ourselves online must be a priority for the next government.

It’s not that Justin Trudeau’s government didn’t try. But, despite years of work, nearly its entire digital agenda failed when Mr. Trudeau prorogued Parliament in January to allow for a Liberal leadership race. The Online Harms Act (Bill C-63), new consumer data protections and AI regulations (Bill C-27), and updates to the Telecommunications Act, including its new cybersecurity rules (Bill C-26), all failed to make it off of the order table.

Without regulation, the Canadian information ecosystem has become vulnerable to American antagonism, political radicalization, foreign interference and unreliable information. As a result, the safety and sovereignty of our digital lives has never been more precarious.

The next government will urgently need to pick up the pieces. But what should they do?

Given that efforts to protect our digital infrastructures were spread across multiple cumbersome bills, we suggest pulling core components from each into one piece of legislation that can immediately shore up Canada’s digital defences.

To do this, we need a clear-eyed assessment of why Canada’s digital laws keep failing. Policies to make our online lives safer require multiple approaches – including data privacy, transparency and accountability rules, competition mechanisms and support for reliable information – but these measures were embedded in separate bills with overly broad policy goals. This resulted in a series of internal conflicts (i.e. C-27 both incentivizing AI investment and overseeing AI safety) and bills working at cross-purposes (i.e. C-63 and C-27 establishing separate regulators with different requirements for online safety and AI safety), leaving them vulnerable to drift and opposition from lobbyists.

We therefore must separate policies protecting our information ecosystem from broader digital governance needs. Instead of tabling multiple large tech bills again, the government should pull the core components needed to protect our information ecosystem into one piece of purpose-built legislation when Parliament returns: The Tech Accountability and Sovereignty Act.

By using C-63 as its foundation, the Act would map key elements from previous, disparate attempts at legislation onto the widely accepted core provisions of C-63: the duties to act responsibly, protect children and make certain content inaccessible to users.

Adding data-privacy provisions from C-27 to the duty to protect children, for example, could better hold platforms accountable for design features that exploit young people’s data for profit. The regulation of consumer-facing AI tools (from C-27), including chatbots, could also be integrated into the labelling provision of the duty to act responsibly, which called on platforms to clearly label content posted by an automated program or amplified by bots.

To bolster the capacity of the government to monitor and address concerns about the information ecosystem, C-63′s transparency requirement should be expanded to include the creation of a national observatory, as called for by the Hogue Commission. An independent arm’s-length national observatory would enable researchers to use the data provided by the regulated services to help Canadians better understand the information ecosystem and therefore hold tech companies accountable for their design, safety and moderation decisions. To fight foreign interference we must understand it, and this would provide the capacity to do so.

Drawing from C-26, the Act could likewise consider how Canadian telecommunications systems can be better secured, including by addressing Canada’s capacity to build and control its own information infrastructures. It could, for example, also require that regulated services conduct risk assessments and report on cybersecurity incidents to the national observatory.

With these provisions, the Act would immediately shore up our country’s information ecosystem, streamline regulatory enforcement and give Canada a clear voice at international tables where ecosystem integrity is fast becoming a priority.

The digital world is shifting rapidly, and so too must our efforts to govern it. If the past federal government showed a desire for tech regulation, the next must prove that its efforts can be targeted, effective and brought online quickly. If digital governance fails to evolve, Canada doesn’t just risk stagnating – it risks becoming irrelevant in the face of an uncertain digital future and an unchecked American government.