The Act outlines three risk categories to be applied to AI: • Unacceptable risk: applications and systems such as government- run social scoring like those used in China, are banned. • High-risk applications: recruitment tools like those that rank applicants, are subject to specific legal requirements. • Neither banned nor high risk: applications not explicitly banned or high-risk are largely unregulated. Companies should monitor adoption of the Act across the globe, as the Act may become a global standard, similar to the GDPR.
CANADA
Personal Information Protection and Electronic Documents Act (PIPEDA)
In 2020, Canada’s federal Minister of Innovation, Science and Industry submitted Bill C-11, An Act to enact the Consumer Privacy Protection Act and the Personal Information and Data Protection Tribunal Act and to make consequential and related amendments to other Act, more simply referred to as the Digital Charter Implementation Act, 2020, (“CPPA”) for consideration in the House of Commons. As of December 31, 2023 the CPPA had not yet become law. Under the CPPA, the federal privacy commissioner would have the power to investigate and prosecute any organization that violates the framework imposed by the CPPA. The penalties would also be more severe than those imposed by PIPEDA. This would be one of the strictest privacy laws in the world, comparable to the GDPR or the California Consumer Privacy Act.
162
Made with FlippingBook - Online Brochure Maker