The Information and Privacy Commissioner of Ontario (IPC) and Ontario Human Rights Commission (OHRC) released their joint Principles for the Responsible Use of Artificial Intelligence in January 2026. These non-binding guidelines urge public and private organizations to embed privacy and human rights protections across the AI lifecycle, from design to decommissioning, aligning with Ontario’s Enhancing Digital Security and Trust Act (EDSTA) and the Ontario Public Service Responsible Use of Artificial Intelligence Directive. While not legally enforceable, the principles will inform IPC and OHRC assessments of AI compliance, emphasizing six interconnected standards.
Core Principles Explained
- Valid and Reliable: AI systems must undergo independent testing for accuracy and deliver consistent performance across Ontario’s diverse communities. Ongoing lifecycle checks are essential, with high-quality input data critical to prevent biased outputs.
- Safe: Expect robust cybersecurity and harm-prevention measures protecting health, the economy, and the environment. New uses require comprehensive assessments, with unsafe systems decommissioned after impact reviews.
- Privacy Protective: Adopt privacy-by-design from the outset, minimizing personal data through de-identification or synthetic alternatives. Notify individuals of AI use and provide access, correction, or opt-out options for high-risk decisions.
- Human Rights Affirming Proactively mitigate discrimination under the Ontario Human Rights Code and avoid Charter breaches, such as excessive surveillance of social movements. Adjust biased data and tailor applications to diverse groups.
- Transparent: Make systems visible via public documentation (e.g., impact assessments), understandable (explaining operations and errors), explainable (detailing how/why outputs arise), and traceable (logging models, data, and monitoring).
- Accountable: Implement human-in-the-loop governance, designate overseers, conduct privacy/human rights/algorithmic assessments, and enable whistleblower reporting to independent bodies.
Litigation Risks for Insurers
At Flaherty McCarthy LLP, we are tracking the implications of AI-driven processes, particularly in insurance, such as claims handling and risk assessment, human rights applications, or class action exposure.
Adopting the IPC-OHRC principles, emphasizing validity, safety, privacy, human rights, transparency, and accountability, offers organizations a practical way to mitigate these risks through documented assessments and governance.
