TORONTO, ON –

Canada’s first serious attempt at federal AI legislation never became law. The Artificial Intelligence and Data Act, or AIDA, was introduced in 2022 as part of Bill C-27, the Digital Charter Implementation Act, 2022, but it died before it could complete the legislative process.

Bill C-27’s collapse was partly procedural and partly political, but it was also substantive: AIDA faced sustained criticism for being underdeveloped, vague, overly executive-driven, and insufficiently grounded in human rights, accountability, and independent oversight.

Ahead of Ottawa’s newly introduced Bill C-34, this article breaks the substance of the failed Bill C-27 and AIDA, and why Canada still has no standalone binding AI framework in 2026.

What AIDA was supposed to do

AIDA was Canada’s first proposed federal AI statute. It was bundled inside Bill C-27 alongside major private-sector privacy reforms, including the proposed Consumer Privacy Protection Act and the Personal Information and Data Protection Tribunal Act. Bill C-27 was introduced in June 2022 and passed second reading on April 2023 before moving to committee, where it remained without reaching report stage or third reading.

At a high level, AIDA aimed to regulate “high-impact” AI systems in the private sector by imposing duties on those responsible for designing, developing, or making such systems available for use. The proposal focused on identifying, assessing, and mitigating risks of harm and biased output, while also creating offences and administrative mechanisms around irresponsible AI practices and use.

The problem was ultimately that AIDA over-promised and under-delivered. It was branded as the federal standard for AI safeguards, yet left major questions to future regulation rather than clearly setting them out in the statute itself.

Why Bill C-27 and AIDA never happened

1. It died procedurally when Parliament was prorogued

The most immediate reason AIDA never became law is straightforward: Bill C-27 died after former prime minister Justin Trudeau resigned leading to the prorogation of Parliament in January 2025. The bill didn’t carry forward automatically, and the entire legislative package fell away before it could be passed by Parliament.

Bills can survive political turbulence when the government is committed to pushing them through and when the underlying content commands enough legitimacy to justify the effort. But AIDA had neither of those advantages by the time Parliament prorogued.

2. It attracted deep criticism on substance

AIDA was criticized for its vague drafting, limited consultation, and failure to define key concepts in a way that gave affected parties meaningful certainty. Since the bill delegated many of its aims to future regulations and ministerial discretion, Parliament was effectively being asked to approve an incomplete structure and trust that the details would come later. That is a serious problem in AI legislation, partly because policymakers do not yet fully understand the nature of the threats they are tasked to regulate, or how to effectively navigate the emerging AI legal landscape.

Businesses want clear compliance obligations. Civil society wants enforceable rights and real safeguards. Workers, creators, and marginalized communities want to know whether the law will actually prevent harm and protect their rights. AIDA struggled to adequately satisfy any of those objectives.

3. It was faulted for weak human-rights framing

One of the most persistent criticisms was that AIDA did not adequately integrate human rights protections or set meaningful limits based on human-rights impacts. In particular, it failed to address privacy harms, systemic bias, discrimination, dignity interests, or collective harms that fall outside neat economic categories.

This is especially important in Canada where AI issues increasingly intersect with employment, housing, public services, identity, surveillance, art, and platform power. A law that focuses only on quantifiable harms to individuals risks overlooking the wider systemic impacts that matter most in practice.

4. It prioritized “high-impact” systems without resolving what that meant

AIDA’s model centred on “high-impact” AI systems, but as a concept, it was too basic to function as a stable compliance trigger absent considerable legislative detail. If the law does not clearly tell businesses whether the tools they use, deploy, develop, or implement are inside or outside the regime, compliance becomes reactive, lobbying intensifies, and enforcement risks becoming inconsistent.

When viewed against the European Union’s AI Act, Canada’s proposal was rendered conceptually incomplete. The AI Act uses a comprehensive risk‑tiering model that clearly maps different obligations and prohibitions to specific categories of AI systems. Regardless of whether Canada were to ultimately adopt a similar approach, AIDA’s vagueness and lack of detail stood in sharp contrast to the EU approach.

5. It lacked satisfactory oversight

Accountability and independent oversight were prominent areas of concern. AIDA contemplated an AI and Data Commissioner, but broader commentary questioned whether the overall regime was sufficiently independent, transparent, and complaint-accessible for people actually affected by AI harms.

That matters because regulation is not only about telling companies what to do. It is also about giving the public a credible path to challenge misuse, seek explanations, and trigger investigations before harm becomes normalized or irreversible.

Why this matters for Canadian businesses and creators

The failure of AIDA left Canada in an awkward position. The country continues to invest in AI and has begun to heavily promote AI adoption, yet still lacks binding, economy-wide federal legislation targeted at private-sector AI systems. That gap is especially relevant for Diverge clients and readers.

In the absence of a revived AIDA-style law, a creator contract signed today may need to account for synthetic outputs, training restrictions, moderation obligations, and platform safety rules without the benefit of statutory protections designed to backstop these emerging risks. In practice, that means AI risks have to be managed indirectly through a scrambled collection of privacy law, IP, contracts, competition law, consumer protection, and platform terms rather than through a dedicated AI statute.

For businesses, that creates uncertainty. A business launching an AI-enabled service in Canada may face scrutiny under privacy, consumer protection, and online safety regulatory regimes before it ever sees a standalone federal AI statute. When the government does eventually enact AI-specific legislation, businesses will need to backlog compliance across their entire operations, which is a costly undertaking on its own.

Whether the issue is training data, synthetic content, AI-generated endorsements, automated moderation, or platform-facing disclosure obligations, the lack of federal AI laws does not equal a lack of AI risk. We need to think strategically about risk management and draw protections from multiple legal sources while the AI legislative landscape unfolds.

Looking ahead

Bill C-27 died for political and substantive reasons. AIDA left too much undefined, was overly dependent on future executive action, and too many core stakeholders doubted that the efficacy of its proposed governance framework.

Today, in June 2026, Ottawa has introduced Bill C-34, the Safe Social Media Act, which does regulate some AI-related risks, but in a very different way than AIDA, and for a very different policy purpose. Bill C-34 is narrower, more specific, and more politically framed around online behaviour, especially youth safety. It primarily focuses on addressing online harms, which necessarily brings in AI chatbots due of their role in facilitating dangerous virtual interactions and disseminating problematic content. As a result, I think we can expect Bill C-34 to impose real compliance obligations on some AI services while ignoring the broader question AIDA tried (albeit, unsuccessfully) to answer: what should Canadian law require of AI developers and deployers across the full lifecycle of high-stakes systems?

The key takeaway is that AI regulation is now moving on multiple tracks. One track is broad, still unresolved, and concerns whether Canada will eventually return to a comprehensive federal AI statute after AIDA’s collapse. The other is more immediate and issue-specific: online safety, harmful content, child restrictions, chatbot services, and privacy enforcement.

Keep an eye out for our next article breaking down the details of the federal government’s new AI Strategy, Bill C-34, and the critical gaps yet to be addressed. Coming soon!

Need help understanding the intricate contracts that govern your creative work, or want to build a strategy for IP protection? Diverge Legal is here to help.

If you’re ready for representation that understands the difference between a data point and your dream, contact Diverge today.