1.2 KiB
gate rules. The gate stack can encode "this data flow crosses a CCPA boundary"
gate rules. The gate stack can encode "this data flow crosses a CCPA boundary" and automatically enforce the opt-out at every data access. First-mover advantage is moderate (many CCPA tools exist) but none provide a deterministic, verifiable audit trail — they are all document-based.
Canadian provincial privacy (Quebec Law 25, Ontario PHIPA)
Quebec Law 25 (2023-2024 phased) is Canada's most aggressive privacy regulation — closer to GDPR than PIPEDA. Requires: privacy officer appointment, privacy impact assessments, consent modernization, data portability, right to de-index, algorithm transparency (automated decision-making disclosures). Penalties up to $25M CAD or 4% of global revenue.
Why it matters: The algorithm transparency requirement is unique — organizations must disclose how automated decision systems work. The gate stack's ACL2 proof log is a natural algorithm transparency artifact. First-mover advantage: this is a new requirement with no established vendor tooling.