This sounds like it must be good news for consumers… But is it?
Here’s my humble opinion as a data scientist:
Human nature makes this a toothless law.
I don’t say this because I’m against the protection of personal data, just the opposite. There are major problems with the way the web has evolved since it was democratized – and particularly since it was commercialized. From a system devoted to sharing information between universities, it has become the heart of our communications, and the way we share our lives. That’s why it’s essential that we maintain a modicum of privacy in at least some facets of our existence. But our behaviour and the needs of the market unfortunately run counter to the noble sentiments espoused by this law and all those like it elsewhere in the world.
No one wants to give away their personal information, and yet we do it constantly . The majority of people (67% of adults in Quebec in 2017) have a Facebook account filled with details of their personal lives. But perception matters, and in the end the number one thing people want is to know that they have “control” over their personal data (rather than knowing that, on the corporate side, their data is protected.) 
The worst thing is that this law actually works to marketers’ advantage, because as much as the public says that they don’t want to share their information or see targeted ads, what they really want is the reassurance of a more transparent process . And the more control people feel they have over their data, the larger the quantity of data they are likely to give away . As a result, the marketing world can’t help but support this type of law that gives more power to the public, because over time it increases people’s confidence, and consequently allows for greater collaboration between the public and advertisers.
Unfortunately, this type of law tends to be very ineffective; the majority of European websites still don’t respect the GDPR, with 49% of websites still collecting data before obtaining consent from users . The funniest thing is that, law or no law, the industry that’s the most transparent in its use of personal data and that protects your data the most, is pornography (or “adult sites” as the author of the article puts it) . And in the end, even when your data is supposed to be protected, it still somehow manages to leak out to third parties, as happens regularly with email, from which data is constantly stolen .
Essentially, even if this draft bill comes to fruition, the final result might not meet expectations. People who believe themselves to be protected could end up voluntarily sharing their private data. Websites, through lack of resources, skills or scruples, will mostly flout the law. And countless unscrupulous individuals will continue to take advantage of security holes to help themselves to users’ data.
Moreover, the worst data leak in Quebec in recent years, at Desjardins, had nothing to do with our use of the Internet. There’s clearly still a lot of work to be done before we can say we’ve made the world a better place.
What do you think? I’d love to hear your thoughts.