Businesses investing in, financing or operating data centres face a complex matrix of laws and regulatory requirements. Ensuring compliance is important for lender and investor due diligence and is crucial to avoiding fines, penalties and contractual or regulatory breaches that can significantly impact the business and any investment in, or financing of, data centres.

The Minister of Public Safety recently announced Canada’s first Sensitive Technology List (STL). The STL identifies the government’s priority categories of new technologies for regulation to safeguard Canadian national security.

Canada’s proposed artificial intelligence (AI) legislation, the Artificial Intelligence and Data Act, died on the Order Paper earlier this year when Parliament was prorogued. While the future of AI legislation in Canada remains unclear, the federal government remains committed to strengthening Canada’s global position and approach to AI as a leader in the field.

Developing high-performance generative AI systems and other AI systems based on machine learning often requires access to vast amounts of data for training (AI training data) and improving their accuracy and performance, and data scraping is an approach that is taken to generate large enough data sets.

Increased regulatory burdens on asset management businesses have resulted in additional cost pressures. However, regulation has also required more pricing transparency, which has led to an increasingly competitive market, with investors demanding either ultra-low cost or increasingly bespoke investment solutions.

Individuals have the right to receive meaningful information about solely automated decisions with significant effects under the General Data Protection Regulation (GDPR). This includes decisions that will impact an individual’s finances or employment.

The EU AI Act’s prohibitions came into effect on 2 February 2025 and carry fines of 7% worldwide annual turnover for non-compliance. The prohibitions at Article 5 and accompanying recitals (particularly recitals 28-44) set out a complex set of provisions.

The European Commission (EC) published a communication on an EU toolbox for safe and sustainable e-commerce, complementing investigations under the DSA into e-commerce platform Shein, and a coordinated investigation by the EU's Consumer Protection Network.

The EU’s AI Act imposes extensive obligations on the development and use of AI.

The EU AI Act’s obligations begin to apply from 2 February. The first obligations to apply are the prohibitions, which ban the provision or use of AI in some scenarios. Fines are up to 7% of total worldwide annual turnover for non-compliance.