Law 25 Is Now Enforced. Your AI Stack Probably Isn't Ready.
Quebec's Law 25 finished rolling out in September 2024. By May 2026 the CAI has teeth, and AI tools pull solo firms across three obligations most have not documented.
Law 25 Is Now Enforced. Your AI Stack Probably Isn't Ready.
Quebec's privacy reform finished rolling out in September 2024, and most solo practitioners spent the two-year ramp hoping it applied to someone else. It doesn't. The Commission d'accès à l'information now has the enforcement powers it spent the rollout warning everyone about, and the AI tools that entered every small firm in 2024 and 2025 hit three Law 25 obligations few small firms have documented.
Where Law 25 stands in May 2026
Law 25, formerly Bill 64, came in three waves. September 2022 forced every Quebec business holding personal information to appoint a person in charge and to notify the CAI of confidentiality incidents. September 2023 brought the heavy obligations: consent rules, privacy impact assessments, the section 17 transfer regime, and the administrative monetary penalty framework. September 2024 closed the system with data portability rights. Penalties run up to $25 million or 4% of worldwide turnover, whichever is higher.
By spring 2026 the CAI has shifted from outreach to action. The Commission issued AI-specific guidance in 2025, including a submission to Quebec's labour ministry: discourage emotional-analysis tools, conduct algorithmic impact assessments alongside PIAs, involve employees in the assessment process, and avoid fully automated decisions that significantly affect workers. That guidance is not binding, but Torys' read signals how the CAI will interpret the existing statute when an enforcement file lands.
Where AI tools meet Law 25
The three Law 25 obligations most relevant to AI were drafted before generative AI was a product anyone could buy. They map almost too cleanly onto a small firm pasting a discovery into ChatGPT.
Section 17. Before a Quebec organization sends personal information outside the province, it must conduct a written assessment weighing sensitivity, purpose, protections in place, and the legal regime of the destination. A US-hosted LLM is a section 17 transfer. Every prompt that contains a client name, a corporate filing, or a draft contract is a transfer event. A solo who ran 400 prompts through GPT-4 last year ran 400 transfer events with no assessment.
Section 12.1. Where a decision is made exclusively by automated processing and applied to an individual, the firm must inform that person, list the personal information used and the principal factors, and offer a route to human review. Most firm AI is currently advisory, but the line moves the moment a firm builds a tool that screens prospective clients, scores file priority, or auto-rejects retainer requests.
Section 18.3. Accountability follows the supply chain. If a firm entrusts personal information to a processor, it remains responsible and must impose written safeguards. Free-tier consumer LLMs have no enterprise terms, no DPA, and reserve the right to train on user inputs. They cannot meet section 18.3 on a paper analysis.
The small-firm reality
Most Quebec firms with three to fifteen lawyers do not have a privacy officer in any functional sense. The role is assigned to a managing partner who has not read the statute since articling. The PIA template sits in a folder nobody opens.
In that environment, AI adoption looks like this. A senior associate signs up for ChatGPT Plus with a personal email. A real estate clerk uses Claude.ai to summarize an Article of Agreement. A junior pastes a redacted discovery for plain-language rewriting and forgets to redact two pages. Each is a section 17 event. None are documented. None have a section 18.3 contract. The firm's consent form, last updated in 2019, says nothing about automated processing. A determined complainant could put the firm in front of the CAI with very little effort.
SupaCorp and compliance by design
SupaCorp is an entity-management product I am building for Canadian solo and small firms: incorporations, annual returns, minute books, registers, and multi-jurisdictional filings across federal, Ontario, BC, Alberta, and Quebec. It is in active development at supacorp.ca, and Law 25 sat on the desk during the architecture work rather than bolted on after a compliance audit.
The first choice is multi-tenant isolation enforced at the database layer. Every table ships with Postgres row-level security policies. Firm A cannot read Firm B's rows even if the application layer has a bug, even if a query gets routed wrong, even if a developer forgets to filter. That lets a small firm honestly answer the CAI's question about who can access client information: nobody outside the tenant, by database law. Section 18.3 accountability gets a technical answer instead of an aspirational policy.
The second choice is Canadian data residency and selective AI usage. Sensitive corporate records, including beneficial ownership data collected for federal and provincial transparency registers, sit in Canadian regions by default. Where AI features ship inside the product, the firm sees what data flowed, to which processor, under what DPA, with a section 17 transfer assessment generated as a byproduct.
The third choice is schema-level data minimization. SupaCorp collects only the fields a filing requires. A director's home address is captured for a federal annual return because the statute requires it; not collected for an Ontario filing that does not. Personal information is segmented by purpose, which lines up with the consent specificity rule and makes access and rectification requests a database query.
What to watch
The first CAI decision applying Law 25 to a small firm using AI is the document everyone wants to read. The Commission has been clear in guidance; it has not yet published a final monetary penalty that turns those expectations into precedent. Watch for that in the next twelve to eighteen months. It will probably involve a complainant whose personal information ended up in a vendor relationship the firm could not document.
Watch the algorithmic impact assessment move from CAI recommendation toward expected practice. Watch vendor terms: the AI tools that survive in the Quebec professional market will be the ones that ship Canadian hosting, real DPAs, and the ability to disable training on customer data. The rest will quietly stop appearing in firm procurement.