In November 2020, the Canadian government introduced Bill C-11, the Digital Charter Implementation Act, 2020(DCIA). This long-awaited bill follows years of consultation and calls for reform and, if passed, would significantly overhaul Canada’s federal privacy laws.




The current federal privacy statute, the Personal Information Protection and Electronic Documents Act (PIPEDA), has been in force since the early 2000s and has only seen one significant amendment since that time. As a result, Canada has lagged behind the standards set by European countries, who have been the global leaders in privacy protection. Specifically, Europe’s General Data Protection Regulation (GDPR) sets out a stringent regime for data protection and imposes steep penalties for non-compliance. It has generally been viewed as a role model for other countries.



Bill C-11 seeks to modernize the existing framework for protection of personal information in the digital age, sets out more stringent requirements for private sector companies, and aims to bring Canada more in line with the GDPR.


Key components of the DCIA include as follows:

Additionally the bill provides significant consequences for non-compliance. For the most serious offences, companies could face fines of up to 5% of global revenue or CAD $25 million, whichever is greater.


As of the date of posting, Bill C-11 is still making its way through the House of Commons and will be subject to further debate and revision.


Businesses operating in Canada, including direct sellers, should closely monitor the progress of Bill C-11 and ensure that they are prepared to meet these anticipated new privacy law requirements.


Do you require assistance in this area?  If so, please click here.


Want a PDF copy of this blog?