logotype
logotype
Canadian Internet Governance Forum 2025
Canadian leadership through change
About CIGF
1
Executive summary
2
Discussion insights and priorities
3
Conclusion
4
Agenda
5
Presenting sponsor
6

The Canadian Internet Governance Forum (CIGF) is Canada’s premier multi-stakeholder forum for digital policy dialogue, dedicated to fostering open conversations about the most pressing public policy issues facing the internet. The CIGF is a recognized national initiative of the United Nations-convened global Internet Governance Forum (IGF). Since 2019, CIGF has convened hundreds of stakeholders—both virtually and in-person—from government, civil society, academia, the private sector and the technical community to tackle a wide range of issues and identify solutions grounded in common Canadian values.    

Each year, the CIGF reports on the national priorities identified by the Canadian internet community. The findings are submitted to the IGF Secretariat and shared at National and Regional Initiative (NRI) sessions hosted at the global IGF, as well as among domestic decision-makers.

2024

All-Hands Committee

CIGF is driven by a multi-stakeholder All-hands committee. 2024 members include:

The CIGF is inclusive and non-commercial in organizational structure and process development. CIGF 2024: Canada on the world stage was a free event, open to all, and took place in a hybrid format; the in-person component took place at The Collaboration Centre in Ottawa, ON.

Executive summary

On November 13, 2025, the Canadian Internet Governance Forum (CIGF) brought together a diverse set of stakeholders at The Collaboration Centre in downtown Ottawa to discuss the most pressing issues in internet governance.

Under the theme Canadian leadership through change, conference participants explored the myriad ways in which Canada can continue to evolve internet governance in a direction that reflects Canadian values at a moment when disruptive economic forces, transformative technological change and geopolitics are significantly reshaping the global internet landscape.

This report focuses on drawing out the common threads between the insights and recommendations put forward in different sessions. It outlines priorities for Canadian businesses, governments, technical operators, civil society groups, academics and end-users involved with internet governance domestically and abroad.

In multiple discussions, panelists reflected on the importance of building a sovereign digital future for Canada, exploring both challenges and possible solutions. While Canada has the potential to lead in this area through targeted investment in Canadian innovation and strategic partnerships with like-minded countries, Canada’s outdated privacy laws were singled out as a significant obstacle standing in the way of progress.

The continued advancement of artificial intelligence technology and the opportunities and challenges it presents was another recurring theme. Panelists discussed the future of AI governance, emphasizing the need to strike a careful balance between harnessing the transformative power of AI for innovation and protecting the rights of Canadians and Canadian organizations across all sectors. Participants also heard about the close connection between AI governance and Canadian digital sovereignty, as well as the ways cybercriminals are exploiting AI to launch increasingly sophisticated and damaging attacks against Canadian organizations, many of which are not adequately prepared to defend themselves.

Speakers also discussed the multistakeholder model for internet governance, taking the opportunity to reflect on the effectiveness of this approach ahead of the WSIS+20 review.[1] While acknowledging challenges with the current model, panelists reaffirmed the view that multistakeholderism delivers better outcomes than models led solely by multilateral institutions.

CIGF 2025 was livestreamed and proceedings in English can be found on the Canadian IGF YouTube channel.

[1] At the time of CIGF 2025 on November 13, 2025, the WSIS+20 review was still upcoming. The review subsequently took place in December 2025. 

Discussion insights and priorities

Building a sovereign digital future for Canada

The critical importance of Canadian digital sovereignty was a recurring theme explored in a dedicated panel at CIGF 2025 and in numerous conversations throughout the day. Facing a future marked by geopolitical uncertainty and the rapid acceleration of transformational technologies, including quantum computing and AI, participants heard that Canada needs to chart a path forward that protects our data, privacy and values, while ensuring that we remain connected to the global digital ecosystem.

As outlined in the Government of Canada’s white paper on digital sovereignty (published November 2025), digital sovereignty is defined as Canada’s ability to set and enforce rules governing its digital infrastructure, data and intellectual property. However, panelists stressed that achieving this goal is far more complex than simply determining where data is hosted and who controls it. Where the data is processed, how it moves, who can lawfully access it and under which regulatory rules and frameworks are all essential components of the digital sovereignty equation.

While panelists expressed broad agreement on many of the core elements of digital sovereignty, including infrastructure, data and the technology ecosystem, they highlighted the significant challenges Canada must overcome to secure its sovereign digital future.

Participants heard that privacy is a foundational pillar of digital sovereignty, as it determines who controls data, according to which rules, and in whose interests. It was also identified as an area where Canada is falling short with outdated privacy laws that are ill-equipped to address the unique challenges posed by today’s complex technology ecosystem. Panelists also noted that Canadians’ understanding of digital sovereignty remains limited, making meaningful engagement in public policy decisions and informed participation in the digital economy difficult.

Canada has an opportunity to lead in digital sovereignty but this will require practical, coordinated action. Success depends on building on our technical, legal and industrial capabilities while bringing all stakeholders to the table to devise realistic solutions to mitigate the many risks. This process will involve backing Canadian innovation to build our digital capacity and capabilities, collaborating with like-minded partners in other jurisdictions and striking a delicate balance between retaining control over critical digital assets and rules, while remaining open, competitive and interconnected globally on Canadian terms.  

Key takeaways

  • Digital sovereignty is a strategic priority for Canada amid geopolitical uncertainty and rapid technological change
  • Canada must overcome significant challenges to secure its sovereign digital future, including outdated privacy laws and limited public awareness
  • Digital sovereignty extends beyond location and data ownership to include how data is processed, transferred and governed under legal and regulatory frameworks
  • Canada has an opportunity to lead in digital sovereignty with practical, coordinated action, including strengthening innovation and capacity and collaborating with like-minded partners
Cybersecurity in Canada

Cybersecurity in Canada was the subject of a panel discussion and featured in discussions among CIGF participants throughout the day. Canada’s cybersecurity environment continues to change at unprecedented speed, driven by advancements in AI, post-quantum computing and the commercialization of sophisticated new cyber tools, among other factors. The velocity of these changes is outpacing preparedness across industry, government and civil society, demanding new approaches, tactics and greater levels of collaboration to protect Canadians and Canadian critical infrastructure.

Canada faces an increasingly hostile environment. State-based adversaries are engaging in espionage activities, pre-positioning themselves to set up disruptive activities in the future or launching active disruptions now. Ransomware-as-a-service continues to expand, along with crypto-based payment systems, which allow attackers to hide their real-world identities. At the same time, a variety of powerful AI-driven digital tools are enabling highly sophisticated attacks and dramatically lowering barriers to entry for cybercriminals. In addition, evidence suggests that Salt Typhoon and Volt Typhoon, which are associated with China-based advanced persistent threat (APT) groups, are now persistent in telecom networks in the U.S. and elsewhere.

The commercialization of mercenary spyware, such as Paragon, is another key development in the cybersecurity landscape, giving bad actors the ability to compromise even the most highly secured devices and gain total visibility into a user’s digital footprint, locations and communications. Paragon is associated with new spyware abuses against civil society and journalists in Italy, continuing a troubling pattern of spyware abuse in democratic countries. Panelists highlighted recent research that suggests Canadian-based services may be customers within the mercenary spyware ecosystem.

Participants also heard that a significant portion of Canada’s cybersecurity risk now resides in the private sector, particularly in telecommunications networks and other critical infrastructure, making it more challenging for government to effectively address threats that exist outside public sector control.

To strengthen Canada’s security posture in this dynamic environment, Canada has introduced a new cybersecurity bill (C-8), which imposes new obligations on organizations in critical infrastructure sectors, including mandatory cybersecurity programs and a 72-hour incident reporting requirement.[1]

While this bill represents an important step forward, panelists highlighted the importance of giving organizations sufficient lead time to prepare for new obligations, continuing to create a culture of reporting rather than one driven by fear of penalties, and ensuring that organizations don’t experience data fatigue as a result of excessive or overlapping reporting requirements.

To address the many challenges, Canada must focus on improving training and awareness across sectors, expanding access to modern cybersecurity tools, strengthening collaboration between government, industry and civil society, and modernizing oversight frameworks to reflect current technological realities.

[1] Bill C-8 had been recently introduced at the time of CIGF 2025. The description reflects the bill’s status and obligations as discussed during the November 13, 2025 session. 

Conference participants heard that social media platforms are rife with misinformation and other harmful and illegal content. They also heard that social media is a key battleground in an online world increasingly marked by toxic interactions. As a result, the information ecosystem is in disarray and its conditions are rapidly evolving.  

It was noted how the introduction of new technologies, such as generative AI, can exacerbate problems by enabling bad actors to disseminate deepfakes and other new forms of misinformation quickly and easily. These activities spread false narratives, aggravate political polarization and undermine trust in institutions. CIGF panelists dissected these and other challenges and discussed various ideas for making social media better.  

Legislation has a significant role to play in improving social media, in particular by helping to reduce online harms. The Government of Canada had introduced Bill C-63, the Online Harms Act, which was developed to hold social media platforms accountable for harmful content, reinstate mechanisms for hate speech complaints, strengthen response to hate crimes and mandate reporting of child pornography.  

Panelists mostly agreed that this kind of legislation is a positive step but argued that legislation alone is not sufficient for improving online safety. Ongoing collaboration between government and social media companies, as well as the broader multistakeholder internet community, is critical to ensure that initiatives like Bill C-63 are as effective as possible.  

In crafting new protective laws, regulations need to be technology-neutral and principles based.  Regulators should monitor technological and legislative developments to keep up with the rapid pace of technology developments. Using a consultative approach to build trusted relationships with various communities, including youth and marginalized groups, is vitally important for getting it right. There’s also an opportunity for Canada to learn from the experiences of other countries, such as Australia, France and Germany, who have implemented similar legislation. 

As several panelists argued, education is another critical ingredient for mitigating this very complex problem, a fact that regulators have been slow to acknowledge. With robust digital literacy education, users develop a more thorough understanding of technology and what it can and can’t do, as well as the responsibilities they have as users of that technology. This enables them to better protect themselves from online harms.  

Key takeaways

  • Canada’s cybersecurity landscape is evolving rapidly with threats outpacing preparedness across every sector
  • The threat environment is increasingly hostile, driven by factors that include the commercialization of mercenary spyware, ransomware-as-a-service and AI-enabled attacks
  • Strengthening Canada’s security posture requires coordinated action, including improved training and AI tools, balanced and practical regulatory implementation and stronger collaboration between government, private sector and civil society
AI governance: the next frontier for digital policy

As Canada continues to advance its AI governance strategy, it must strike a careful balance between harnessing the transformative potential of AI to drive innovation and ensuring robust digital protections to safeguard public trust and best serve national interests. There was broad agreement on this among thought leaders who participated in the dedicated panel, and CIGF participants continued to discuss AI governance during conversations throughout the event.

At a foundational level, Canada’s AI governance framework rests on three key pillars: data, people and power. Canada must assert itself as an effective and responsible steward of data, while also creating an environment in which people can build and augment AI-related skills to thrive in an increasingly AI-driven economy. At the same time, thoughtful discussions are required to build Canada’s digital resilience, while exercising power and influence globally through technocratic cooperation with our key allies. 

As AI continues to evolve rapidly, it’s critical for the multistakeholder community to move beyond a monolithic view of the technology and instead assess its diverse sectoral applications, use cases and technologies individually. Using this approach, the specific impacts and risks of each can be used to create appropriate mitigation measures.

Participants heard that AI governance is closely linked to digital sovereignty, with panelists discussing many innovative ways Canada can promote its sovereignty through effective regulation and by leading in carefully targeted areas of AI development. Acknowledging that no country can own the entire AI supply chain, panelists emphasized the importance of making strategic AI investment choices that will position Canada for leadership within specific domains. Examples discussed include the development of AI models that leverage Canada’s diverse health data sets, as well as the creation of resilient backup frameworks to protect Canadians against potential foreign restrictions on cloud access or advanced AI models.

The discussion also highlighted Canada’s “AI trust gap” which has thus far limited widespread AI adoption, according to independent research. To bridge this gap, panelists pointed to the urgency of implementing programs that increase AI adoption by individuals and organizations in the public and private sectors, while fostering a culture that enables a new generation of breakthrough AI innovators.

As Canada continues to evolve its AI governance framework and make informed choices about where its focus will be in the global AI ecosystem, panelists argued that careful consideration should also be given to the ways in which the chosen approach reflects and promotes Canada’s democratic values, including openness, tolerance and pluralism, globally.

Key takeaways

  • Canada must balance AI innovation with strong safeguards to maintain trust and global partnerships
  • Successful AI governance requires responsible data stewardship, AI skills development, digital resilience and strategic global cooperation
  • A targeted, sector-specific approach to AI governance is essential, with strategic investment in Canada’s areas of strength to enhance digital sovereignty and global leadership
  • Canada’s “AI trust gap” can be closed through increased adoption, innovation and policies that promote democratic values
Towards WSIS+20

In the lead up to WSIS+20 in December 2025, the twenty-year review of the UN’s first World Summit on the Information Society (WSIS), CIGF participants took the opportunity to reflect on lessons learned since the inaugural summit and examine the relevance of the multistakeholder model in an era defined by fragmented platforms and rapidly shifting geopolitics.[1]

WSIS+20 represents an important opportunity to reaffirm and strengthen the multistakeholder model of internet governance, which brings together the technical community, government, the private sector, civil society and academia to facilitate dialogue to ensure the internet remains free, open and interoperable.

Across multiple sessions, participants heard that the global internet is at a critical moment. No longer just a communications network, the internet represents an arena where economics, technology and geopolitics collide. This presents challenges for the multistakeholder community to prove its worth, especially as governments increasingly seek to assert control in the name of sovereignty through the multilateral UN process.

Despite these challenges, panelists reaffirmed the view that multistakeholderism delivers better outcomes—faster, more credible and more effective—than models led solely by multilateral institutions. In a Canadian context, participants heard that the Canadian government depends on consultations with the Canadian multistakeholder community to shape its WSIS negotiating positions. A key objective during these negotiations is to maintain multistakeholderism as a core element of the process.

At the same time, panelists cautioned against an overly narrow focus on internet governance that risks overlooking broader issues, including technology transfer, data, AI and related issues. They also stressed the importance of not losing sight of the broader WSIS vision of harnessing information technologies for development, including connectivity, capacity building, financial mechanisms, and building confidence and security in the use of these technologies.

The discussion also touched on the importance of bringing the Global South into the WSIS process as well as ongoing efforts of the Young Digital Leaders of Canada and other groups to advocate for youth to be included as a unique and distinct stakeholder within internet governance.

[1] This section reflects the timing of the CIGF 2025 discussion, which occurred before the December 2025 WSIS+20 review. The report was finalized after that review had concluded.

Key takeaways

  • The internet’s role has expanded beyond communications, deepening the tension between multistakeholder governance and government-led multilateral control
  • Participants emphasized that multistakeholderism delivers more effective outcomes
  • WSIS+20 represents a pivotal moment to assess progress since 2003 and reaffirm and strengthen the multistakeholder model of internet governance
  • Participants advocated for a broader focus on development, AI, data, technology transfer and greater inclusion of both the Global South and youth in internet governance.

Conclusion

There was broad recognition among participants at CIGF 2025 that the internet is at a critical moment. Within today’s complex geopolitical, technological and economic environment, governments are taking steps to assert greater levels of control in the name of sovereignty and challenge the dominant multistakeholder model of internet governance.

In the face of these challenges, keeping the internet free, open and interoperable is critical, and participants reaffirmed that it can only be accomplished by extending and strengthening the current multistakeholder model. Canada and its fellow democracies must continue to work through the WSIS+20 process to strike a balance between being secure and sovereign, but also global and open.

Achieving this balance is central to securing a sovereign digital future for Canada, which will require strengthening our legal, technical and industrial capabilities while remaining globally connected and interoperable on Canadian terms. With advancements in AI continuing to accelerate, it will also involve a concerted effort to close Canada’s AI trust gap and lead through responsible data stewardship and sector-specific approaches to AI risk and innovation.

Across discussions on digital sovereignty, cybersecurity, AI and the future of multistakeholder governance, CIGF 2025 participants consistently emphasized the need for coordinated, pragmatic and values-driven action.

Taken together, CIGF 2025 highlighted a clear path forward. Canada has an opportunity to lead through collaboration, strategic investment and principled governance at a defining moment for the global internet.

AGENDA

  • 9:00 A.M.
  • Canadian Leadership Through Change
    Vass Bednar
  • 9:10 – 9:30 A.M.
  • Keynote 1
    Byron Holland, CIRA
  • 9:45 – 10:30 A.M.
  • Panel 1: Canadian Digital Sovereignty: The Government of Canada’s Digital Agenda

Speakers

    • Michael Geist, University of Ottawa 
    • Vass Bednar, Canadian Shield Institute 
    • Mira Gillis , Youth IGF
    • Ulrike Bahr-Gedalia, Marie-Julie Desrochers, Coalition pour la diversité des expressions culturelles (CDEC) 
    • Moderator: TBD
  • 11:00 A.M. – 12:00 P.M.
  • Panel 2: Cybersecurity in Canada

Speakers

  • Jon Ferguson, CIRA 
  • Emily Laidlaw, University of Calgary 
  • Andre Arbour, ISED 
  • Kate Roberson, Citizen Lab 

    Moderator: Brent Arnold, Capstan Legal 

 

  • 1:35 – 2:35 P.M.
  • Panel 3: AI governance: the next frontier for digital policy ​

Speakers

  • Stephanie King, Le Centre d'expertise International de Montréal en intelligence artificielle  
  • AJ Bhadelia, Cohere (TBD) 
  • Mark Schaan, ISED 
  • Jaxson Khan, Munk School
  • Moderator: Victoria Kuketz, Catalyst and Public Policy Forum 
  • 2:45 P.M - 3:45 P.M.
  • Panel 4: Towards WSIS +20

Speakers

  • Charles Noir, CIRA 
  • Dana Cramer, Young Digital Leaders of Canada 
  • Isra Rosas, ISOC 
  • Becky McGilley, ICANN 
  • Kelly Anderson, GAC
  • Moderator: Jenna Fung , Open Media/ Youth IGF 
  • 3:45 - 5 P.M.
  • Townhall: what’s on the audience’s mind?

Speakers

  • Vass Bednar, Canadian Shield Institute 
  • Victoria Kuketz, Catalyst and Public Policy Forum 
  • 5 P.M.
  • Closing and thanks

Presenting sponsor

Thank you to CIRA, the Canadian Internet Registration Authority, for making this event a success. 

 

View the photos from CIGF 2025

Gallery