gbrain: sync converted org-mode brain files

2026-05-23 06:35:21 +00:00
parent 3f38e87f4f
commit 44299599f9
38 changed files with 1248 additions and 856 deletions
--- a/ideas/compliance/quebec-law-25.org
+++ b/ideas/compliance/quebec-law-25.org
@@ -0,0 +1,25 @@
+:PROPERTIES:
+:ID:       auto-quebec-law-25
+:CREATED:  [2026-05-23 Sat]
+:END:
+#+title: gate rules. The gate stack can encode "this data flow crosses a CCPA boundary"
+#+filetags: :passepartout:compliance:framework:quebec:
+
+gate rules. The gate stack can encode "this data flow crosses a CCPA boundary"
+and automatically enforce the opt-out at every data access. First-mover
+advantage is moderate (many CCPA tools exist) but none provide a deterministic,
+verifiable audit trail — they are all document-based.
+
+** Canadian provincial privacy (Quebec Law 25, Ontario PHIPA)
+
+Quebec Law 25 (2023-2024 phased) is Canada's most aggressive privacy
+regulation — closer to GDPR than PIPEDA. Requires: privacy officer appointment,
+privacy impact assessments, consent modernization, data portability, right to
+de-index, algorithm transparency (automated decision-making disclosures).
+Penalties up to $25M CAD or 4% of global revenue.
+
+Why it matters: The algorithm transparency requirement is unique — organizations
+must disclose how automated decision systems work. The gate stack's ACL2 proof
+log is a natural algorithm transparency artifact. First-mover advantage: this
+is a new requirement with no established vendor tooling.
+