The OUSTR singled out two provinces, British Columbia and Nova Scotia, for their privacy laws that prohibit the export of personal data by government agencies.
But while governments can avoid sensitive data moving through U.S. servers, most Canadians don’t have the same luxury. Some 90 per cent of Canadian internet traffic is routed through the U.S.
The head of the Canadian Internet Registration Authority, which administers the .ca domain, has suggested Canada build its own internet exchange points to avoid U.S. surveillance.
The issue of cloud-based storage of personal data has raised concerns for years among some Canadian privacy experts. Many point to the controversial USA Patriot Act, the 2001 law passed in the wake of 9/11 that greatly expanded the U.S. government’s ability to monitor communications.
According to OUSTR documents recently obtained by the B.C. Freedom of Information and Privacy Association, major U.S. corporations have complained to trade representatives about Canadian privacy laws.
Canadian officials were reportedly reluctant to allow data storage in the U.S. due to "privacy concerns stemming from the Patriot Act."
However, recent revelations about Canada’s cooperation with U.S. electronic surveillance (see here, here and here) have made some privacy experts question whether Canadians’ data is safe from prying U.S. eyes even in Canada.
The European Parliament issued a report earlier this year calling for a review of data-sharing with Canada, which it said was “involved on a large scale in mass surveillance of electronic communications” and may have co-operated with the U.S. on surveillance of EU citizens.
U.S. Pushes Canada To Loosen Privacy Laws