In Canada, data sovereignty is often cited as the rationale for building AI data centres. However, many of the companies building data centres in Canada are American-owned and connected with U.S.
I find the appendix the easiest part to parse. It basically lists their responses/mitigation attempts, and notes that they all basically fail to protect data sovereignty when stuff is foreign-centric. The encryption note doesn’t generally apply to live-service programs (eg. you “can” store fully encrypted cloud backups, so long as you control the keys – but not something like a portal for users to login/access regularly). They list masking, but also basically show it’s not realistic/practical, nor has it been attempted/tested in real world deployments. The rest are all “this mitigation doesn’t actually do anything for this issue”.
Can you give a link to the government white paper? Would like to read it.
Sure - here you go.
I find the appendix the easiest part to parse. It basically lists their responses/mitigation attempts, and notes that they all basically fail to protect data sovereignty when stuff is foreign-centric. The encryption note doesn’t generally apply to live-service programs (eg. you “can” store fully encrypted cloud backups, so long as you control the keys – but not something like a portal for users to login/access regularly). They list masking, but also basically show it’s not realistic/practical, nor has it been attempted/tested in real world deployments. The rest are all “this mitigation doesn’t actually do anything for this issue”.