Canada's Dependency on Foreign AI Infrastructure

Canada's public and private sectors are becoming deeply dependent on AI systems developed, operated, and controlled by a small number of US technology companies — primarily OpenAI (Microsoft), Google, Anthropic, and Meta — without commensurate domestic capacity or governance mechanisms to manage the risks of this dependency.

The scale asymmetry is stark. No Canadian organization has trained a frontier foundation model. Canada's largest AI company, Cohere (Toronto), is valued at approximately US$7 billion — less than 1% of OpenAI's $730 billion valuation. Canada controls less than 1% of global AI compute capacity. The Pan-Canadian AI Strategy, including the $2.4 billion commitment in Budget 2024 and an additional $925.6 million in Budget 2025, focuses primarily on research talent, commercialization, and compute infrastructure. These are important investments, but France alone announced EUR 109 billion in private AI infrastructure investment pledges at the February 2025 AI Action Summit — Canada's total sovereign compute investment is a fraction of what peer nations are committing.

The Government of Canada's own white paper on data sovereignty identified the US Foreign Intelligence Surveillance Act (FISA) as the "primary risk to data sovereignty," stating: "As long as a cloud service provider that operates in Canada is subject to the laws of a foreign country, Canada will not have full sovereignty over its data." The US CLOUD Act (2018) allows US law enforcement to compel disclosure of data held by US companies regardless of where it is stored. Canada and the US have been negotiating a bilateral CLOUD Act agreement since March 2022 — over three years with no agreement reached. CUSMA Article 19.12 prohibits data localization requirements, constraining Canada's ability to mandate that sensitive data stay in-country, and the US is pressuring Canada to maintain these provisions in the July 2026 review.

The AI compute supply chain is entirely foreign-controlled. NVIDIA designs the GPUs that power virtually all AI training and inference; TSMC in Taiwan fabricates them. Canada has zero domestic semiconductor fabrication capacity for AI-grade chips. A Foreign Policy analysis argued that "The Myth of AI Sovereignty" is exposed by the fact that every sovereign AI strategy depends on TSMC chips, creating an ultimate chokepoint.

Even Canada's flagship sovereign AI investment has sovereignty concerns. The $240 million federal investment in Cohere resulted in a data centre built and operated by CoreWeave — a US company subject to US jurisdiction. The Professional Institute of the Public Service of Canada characterized the arrangement as "privatization with a Canadian flag," noting that taxpayers fund Cohere's development, then pay again when Bell resells the AI services back to government. Meanwhile, OpenAI is actively seeking to build Stargate-like data centre capacity in Canada, and AI Minister Evan Solomon has expressed openness to "hybrid models" including US companies — creating a sovereignty paradox where the solution to US dependency may itself deepen US dependency.

The Munk School's "Sovereign by Design" assessment — the first systematic analysis of Canada's position across the AI technology stack — identified cloud infrastructure and compute hardware as two critical chokepoints and recommended a defensive CUSMA strategy ahead of the July 2026 review.

The strategic risk extends beyond data. If a geopolitical crisis disrupted Canada's access to US AI services, the resulting disruption would affect government operations, healthcare systems, financial services, and commercial operations simultaneously. Canada has no contingency plan for AI service disruption because the dependency has developed faster than strategic planning has adapted.