When Parliament was prorogued in January, several major bills were left unfinished—each with the potential to reshape how Canadian businesses operate. With voters heading to the polls this April, a new government will inherit this unfinished agenda. Now is the time for companies to prepare for what comes next.

From artificial intelligence to digital finance, cyber security and privacy, and tax incentives and regulation, the decisions of Canada’s next government will reshape the regulatory landscape tech leaders operate in.

AI regulation reboot: Preparing for AIDA 2.0

The Artificial Intelligence and Data Act (AIDA), introduced as part of the shelved Bill C-27, aimed to regulate how businesses design, develop and deploy AI systems. It faced scrutiny for its broad scope and structure, but a new government may bring forward a revised or standalone version.

AIDA proposed a risk-based framework. High-impact systems—used in areas like hiring, healthcare and content moderation—would come with obligations for human oversight, risk assessment and transparency. General-purpose tools would also face documentation and audit requirements. Businesses using or developing AI should anticipate stricter accountability, with increased reporting and compliance demands. To help you decode AIDA, please see our primer.

AIDA was one piece of the puzzle in the federal government’s strategy. The government had also announced last April a $2.4-billion package of measures to secure Canada’s AI advantage (see our previous summary here), including $2 billion focused on AI compute and the development of a new Canadian AI Sovereign Compute Strategy. The looming election could now, according to The Logic, swing federal funding regarding AI by several billion dollars. The Conservative platform proposes cutting AI funding, targeting initiatives announced by the Liberals to expand AI compute capacity and national AI programs. This signals a potential shift in how future governments may swing in differing directions when it comes to supporting Canada’s AI ecosystem.

Now is the time to assess how AI is used in your operations and prepare for what’s next. Building a governance framework early can help your team stay ahead of new rules and reduce disruption down the line.  You can gain further insight into the future of Canadian AI legislation with our ongoing AI series, including a recent webinar with Mark Schaan of the Privy Council Office and Deputy Secretary to the Cabinet on artificial intelligence, dealing with what businesses can expect next and how they should prepare in a changing legal environment following the shelving of AIDA, as well as a recent webinar on how legal departments can effectively leverage AI.

Privacy and cyber security legislation return to the forefront

Bill C-27 also proposed overhauling Canada’s private sector privacy regime through the Consumer Privacy Protection Act (CPPA) and the creation of a new tribunal under the Personal Information and Data Protection Tribunal Act (PIDPTA). The CPPA sought stronger individual rights, new consent standards, rules for children’s data, and expanded enforcement powers for the Privacy Commissioner of Canada.

Meanwhile, Bill C-26—which introduced the Critical Cyber Systems Protection Act and amended other Acts—was set to impose obligations on operators of vital services and systems to report cybersecurity incidents and comply with cybersecurity standards. Though it was close to passage, it too died with prorogation.

The next Parliament is also expected to revisit online harms legislation. Bill C-63, which targeted harmful content online, would have imposed new responsibilities on digital service providers and introduced broad enforcement powers through a new Digital Safety Commission. While the Liberal and Conservative parties have presented competing visions, there is clear cross-party momentum to address online harm, making it a likely priority in the next Parliament.

While all parties agree PIPEDA reform is overdue, consensus on how to get there is lacking. A re-elected Liberal government may reintroduce C-27 with revisions, while a new government could pursue a different model. Similarly, C-26—or a version of it—may quickly return to the agenda given rising cyber threats. Companies should monitor developments closely and prepare compliance strategies, particularly if they operate in critical sectors.

Read more about what to expect from new privacy and cyber security legislation. 

FinTech crossroads: Open banking momentum interrupted, but not gone

Canada’s move toward open banking took a major step forward in 2024, with part one of the legislative framework passed. But the second half—needed to bring open banking to life—remains on hold. With the election just days away, the direction of travel depends on which party forms government. A Liberal-led government is expected to build on existing progress, while a Conservative-led one may revisit the framework entirely.

Either way, the shift to consumer-directed finance is coming. Financial institutions and fintechs should be reviewing their data-sharing models, preparing for new regulatory obligations, and thinking strategically about how to turn compliance into opportunity.

The broader digital finance agenda also remains in flux. While global financial hubs are moving quickly on crypto and blockchain regulation, Canadian policymakers have yet to set out clear priorities. That uncertainty presents both a challenge and an opportunity for businesses working to shape Canada’s role in the future of digital assets.

Read more about what to expect from upcoming financial sector reform.

Carrot and stick taxes anticipated

Canada’s Digital Services Tax (DST), effective since June 2024, imposes a 3 per cent levy on revenues from certain digital services, including online marketplaces, social media platforms and targeted advertising. Notably, the DST is retroactive to January 1, 2022, with the first payments due by June 30, 2025.

While the DST aims to ensure that digital service providers contribute their fair share of taxes in Canada, it has elicited concerns from the United States, which argues that the tax disproportionately affects American companies. This has led to trade tensions and discussions about potential retaliatory measures. Large businesses with some part of their operations in the digital space should assess their exposure to the DST. Prepare for Canada’s DST with our step-by-step guide.

Technology companies adjusting transfer pricing to mitigate U.S. tariffs risk audits due to potential deviations from arm’s-length profit margins, customs valuation conflicts (e.g., retroactive price adjustments) and outdated contractual risk allocations. Tax authorities may challenge unilateral cost-sharing measures or obsolete benchmarking studies, leading to double taxation or penalties. Mitigate risks by updating policies, aligning intercompany agreements with tariff cost-sharing terms, maintaining dual tax/customs documentation, and pursuing bilateral APAs to pre-empt disputes. Read more about APAs here.

Technology companies should also monitor the evolving landscape of federal incentives, including the expanded refundable clean technology investment tax credits (read more here) and potential enhancements to the SR&ED program (see more details here), which may see increased rates and improved refundability to stimulate R&D and commercialization of intellectual property in Canada.

Additional election promises included credits for qualifying AI adoption projects and a focus on innovation and digital sovereignty. To pay for all of this, expect increased compliance scrutiny.

Legal foresight is your competitive edge

Across every one of these issues—AI, privacy, cybersecurity, financial reform and digital taxation—the signal is clear: regulatory change is coming. For businesses, the next few months offer a valuable opportunity to plan ahead.

Early engagement with legal advisors can help clarify what’s likely to change, what your risk exposure might be, and how best to build flexible, forward-looking compliance strategies. When the new government takes shape, the businesses that are prepared won’t just be meeting new requirements—they’ll be setting the pace.

For any questions you may have about any of these upcoming pieces of legislation, please feel free to contact the authors or a member of our Artificial Intelligence Law, Privacy & Cyber Security, Financial Services & Technology (FSxT), National Tax or Tech groups.