The government of Canada has introduced the Digital Charter Implementation Act in the Parliament proposing three pieces of legislation related to privacy, data protection and artificial intelligence: the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act, and the Artificial Intelligence and Data Act (AIDA). While the first two acts are meant to strengthen Canada's legal frameworks for privacy and data protection, AIDA proposes new rules for the responsible development and deployment of artificial intelligence (AI). Taking a risk-based approach to regulating AI, the act requires entities responsible for AI systems to assess whether such systems are high impact, according to regulation to be developed by the government. AI systems designed as high-impact are subject to requirements related to risk management (i.e. the implementation of measures to identify, assess, and mitigate the risks of harm or biased output), monitoring of compliance with the risk management measures, record keeping, and notification of material harm.