The Canadian government has introduced Bill C-36, the Protecting Privacy and Consumer Data Act (PPCDA), marking one of the most significant overhauls of the country’s private-sector privacy framework in decades. The proposed legislation seeks to modernize Canada’s privacy regime by strengthening individual rights, enhancing protections for children, and introducing a new enforcement structure with substantial regulatory authority.Among the key reforms, the bill would formally recognize privacy as a fundamental right, expand consumer control over personal information, strengthen consent requirements, and establish mechanisms allowing individuals to request the deletion of personal data held by organizations. The legislation also introduces heightened obligations for organizations handling children’s data and addresses emerging concerns linked to AI-driven decision-making and digital profiling.
A notable feature of Bill C-36 is the proposed creation of the Digital Safety and Data Protection Commission of Canada, which would assume responsibility for private-sector privacy enforcement. The new regulator would be empowered to investigate complaints, issue binding orders, and impose significant penalties for non-compliance, including fines linked to global revenue for serious violations.
The reforms arrive as Canada advances its broader digital policy agenda, including initiatives focused on AI governance, digital sovereignty, and online safety. Policymakers have positioned the legislation as an effort to balance innovation and economic growth with stronger consumer protections and greater accountability for organizations operating in the digital economy.
FTF Insight
