Skip to content

Instantly share code, notes, and snippets.

@bryanpaget

bryanpaget/StatCan Data Sovereignty Strategy.md

Last active September 8, 2025 17:26
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save bryanpaget/33c0356d50cfb57b0fe1c9e1cd8cfaf8 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save bryanpaget/33c0356d50cfb57b0fe1c9e1cd8cfaf8 to your computer and use it in GitHub Desktop.
Download ZIP
StatCan Data Sovereignty Strategy
Raw
StatCan Data Sovereignty Strategy.md

StatCan Data Sovereignty Strategy

Core Recommendation

StatCan must implement a Canadian-controlled data platform as our primary infrastructure for sensitive data, with Microsoft Fabric used only for specific, non-sensitive applications.

Why This Matters

Legal Requirements

  • Canadian laws mandate complete control over citizen data
  • Statistics Act and Privacy Act require data protection under Canadian jurisdiction
  • Treasury Board Directive (2023) requires sensitive data to reside in Canadian infrastructure

Risk Considerations

  • Commercial clouds expose data to foreign legal orders (U.S. CLOUD Act)
  • Microsoft's own reports confirm compliance with non-Canadian legal requests
  • Fabric's U.S.-based management creates unacceptable jurisdictional exposure

Technical Realities

  • Commercial providers cannot guarantee zero foreign access to systems
  • Only Canadian-hosted solutions provide full audit control and physical security
  • Open-source platforms offer transparency and customization options

Conclusion: Commercial clouds violate our legal obligations and create unacceptable risks.

Our Solution: Canadian Data Platform

What We're Proposing

  • A data platform hosted entirely within Canadian borders
  • Built on proven open-source technology (Apache Iceberg, Ranger)
  • Fully auditable by Canadian security experts
  • Complete control over physical infrastructure and access

Key Advantages

  • Compliance: 100% alignment with Canadian laws and directives
  • Security: Physical control with no foreign access points
  • Cost Efficiency: lower long-term costs vs. commercial clouds
  • Flexibility: Customizable to meet specific StatCan needs
  • Innovation: Enables advanced analytics while maintaining sovereignty

Implementation Approach

  • Phased deployment using existing infrastructure
  • Minimal disruption to current operations
  • Clear timeline with measurable milestones
  • Expert Canadian partners for support

When Microsoft Fabric is Acceptable

Appropriate Uses

  • Public datasets and aggregated statistical outputs
  • External collaboration portals
  • Development and testing environments
  • Non-sensitive analytics projects

Required Safeguards

  • Data must be encrypted before transfer
  • Canadian-managed access controls with no foreign administrators
  • Real-time audit logging to Canadian systems
  • Annual security assessments by Canadian authorities

Important: Fabric should never be the default choice or used for sensitive citizen data.

Key Benefits of Our Approach

Risk Mitigation

  • Eliminates foreign jurisdiction exposure
  • Ensures compliance with all Canadian regulations
  • Protects against unauthorized data access

Operational Excellence

  • Maintains world-class analytics capabilities
  • Provides scalable infrastructure for growing data needs
  • Enables innovation without compromising security

Strategic Advantages

  • Positions StatCan as a leader in data sovereignty
  • Sets standard for other government departments
  • Builds public trust in data protection
  • Avoids vendor lock-in and long-term dependency

Financial Impact

  • Significant cost savings over commercial alternatives
  • Predictable pricing without hidden fees
  • Investment in Canadian technology and expertise
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment