It’s called the, General Purpose AI Code of Practice or GPAI.  The Code was published July 10, 2025, drafted by experts and designed to help industry comply with the AI Act’s obligations for providers of general purpose AI models.

The University of Waterloo allowed a third-party vendor to use vending machines on University property that had face detection technology.

Class Action filed by media companies, musicians and authors, the California District Court has decided that Anthropic’s Ai scrapping and learning from books and other sources purchased by Anthropic is allowed – however training on pirated copies of materials obtained for free is not.

Last year's meetings focused on data scraping, reminding Ai creators that even publicly available personal information is subject to Privacy Laws

GDPR has had an enormous impact.  Reports say that in 2021/22 alone, over $2 Billion Euros in fines were levied against the likes of Meta, Amazon, Tiktok -

a business that collects personal information from a customer is accountable for the personal information even when it’s stored in the cloud

Privacy breaches must be reported - large and small businesses - prosecution by A-G of Canada.

Organizations shall implement policies and practices to give effect to the principles of the Act.

Home Depot retained a history of the purchases made using a particular email address and information about those purchases. 

new rules allowing consumers to access their banking information

In this BC Class Action the Court awarded $15,000 per class member – which can add up fast depending on the number of people.

Privacy Commissioner investigates sports organization.

Alberta's new Privacy Act for public bodies, boards and institutions.

Canada has tabled legislation that would go farther than the European Union with fines.

Intended to increase the safety of young people online, Canada is considering laws

a credit card company retained personal information unauthorized. The Company was hacked, and they were sued in a Class Action approved

Federal law (PIPEDA) requires that companies designate an individual(s) to be accountable for the company’s Privacy compliance.

Section 10.1 of PIPEDA requires your company to report “any breach of security safeguards involving personal information. There are caveats

Let’s say you are a Business, and your sales and customers are with other Businesses. Are you subject to Privacy Laws?

Through the Discovery process, the Plaintiff wanted copies of documents that disclosed the names of employees who complained about him.