Blog

Legal and technical analysis for regulated-sector buyers navigating AI compliance under PHIPA, MFIPPA, and Law Society of Ontario guidance.

LegalHealthcare IT Directors

Why AWS Canada Is Not Actually Sovereign (And Why It Matters for PHIPA)

Geographic residency is not legal sovereignty. The CLOUD Act (18 U.S.C. § 2713) can compel AWS to hand over data from Canadian servers. Ontario clinics storing PHI on AWS Canada remain exposed.

2026-06-10·8 min read

Read →

ComplianceLaw Firm Managing Partners

What the Law Society of Ontario's Cloud Guidance Actually Requires From Your AI Vendor

The LSO requires lawyers to understand where data is processed, who has access, and what happens on subpoena. Most AI tools fail all three. Here is what genuine compliance looks like.

2026-06-08·7 min read

Read →

TechnicalTechnical Buyers & Compliance Officers

Cryptographic Attestation: What an Ed25519 Sovereignty Receipt Actually Proves

A policy promise is not proof. An Ed25519 signature is. We explain the exact mechanism behind our attestation documents and why your auditor can verify them independently.

2026-06-05·9 min read

Read →

FinanceCanadian Startup Founders & CTOs

SR&ED and Canadian AI Infrastructure: What Counts as Qualifying Expenditure

SR&ED covers work to resolve technological uncertainty. Building a sovereign inference stack qualifies. Running a commercial API on top of it does not. The line matters for claim structuring.

2026-06-01·7 min read

Read →

Get notified of new posts

We publish 1–2 posts per month on sovereign AI, Canadian compliance frameworks, and regulated-sector AI adoption.

Subscribe via email