The CPPA is the modernized federal private-sector privacy law proposed under Bill C-27, intended to replace PIPEDA. It strengthens consent, introduces algorithmic transparency rights, materially raises penalties, and expands enforcement powers.
Once enacted, the CPPA will impose stricter standards on AI-driven automated decisions, profiling, and personal-information handling. Organizations should map current practices to CPPA expectations now to avoid a compressed remediation window at proclamation.
Where most organizations fall short
The Clariantix AI Trust Assessment™ maps organizational responses, evidence, risks, and recommendations to CPPA and other relevant governance and compliance frameworks. This helps leadership understand current gaps and prioritize remediation.
Regulatory Watch
Track the regulations, guidance, and supervisory signals shaping enterprise AI globally.
Open Regulatory WatchBoard & C-Suite Briefings
Concise briefings translating CPPA expectations into board-level actions.
View Executive Briefings