0a8e77e949
- Moved everything from ideas/passepartout/ to projects/passepartout/ - Moved legal structures to projects/flags/ - Created missing _index.org files for all subdirectories - Stripped redundant passepartout- prefix from filenames - Rewrote root _index.org as generalized brain index (projects + concepts) - Updated Hugo nav to Projects/Concepts - Updated build script section descriptions - Deleted stale ideas/passepartout-economics.md orphan
1.2 KiB
Quebec Law 25
gate rules. The gate stack can encode "this data flow crosses a CCPA boundary" and automatically enforce the opt-out at every data access. First-mover advantage is moderate (many CCPA tools exist) but none provide a deterministic, verifiable audit trail — they are all document-based.
Canadian provincial privacy (Quebec Law 25, Ontario PHIPA)
Quebec Law 25 (2023-2024 phased) is Canada's most aggressive privacy regulation — closer to GDPR than PIPEDA. Requires: privacy officer appointment, privacy impact assessments, consent modernization, data portability, right to de-index, algorithm transparency (automated decision-making disclosures). Penalties up to $25M CAD or 4% of global revenue.
Why it matters: The algorithm transparency requirement is unique — organizations must disclose how automated decision systems work. The gate stack's ACL2 proof log is a natural algorithm transparency artifact. First-mover advantage: this is a new requirement with no established vendor tooling.