Data Privacy Day is coming up on January 28, 2025. According to The Council of Europe, “In 2006, the Committee of Ministers of the Council of Europe decided to designate 28 January as Data Protection Day. This day is now celebrated worldwide, under the name ‘International Data Protection Day’ or ‘Privacy Day.’
In other words, the event marks the anniversary of the opening to signature of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (ETS No. 108), thus raising awareness on the need to respect and protect individual’s privacy and highlighting the role of Convention 108 for transborder data flows in the world.”
In short, data privacy and data protection are topics that are important to individuals and businesses alike… perhaps never more so than they are today.
Richard Copeland, CEO of Leaseweb USA, and Roger Brulotte, CEO, Leaseweb Canada, have both told Digital Journal why it is important for consumers and businesses to note data privacy day.
Copeland explains: “In 2026, data privacy stops being an abstract compliance challenge and becomes a direct function of architectural decisions. Trusted Execution Environment technologies are finally viable at scale, and that changes how organizations think about where their most sensitive workloads live.”
Citing the risks, Copeland states: “When you can lock down data at the hardware and memory level, you’re no longer beholden to a single cloud provider for safety. You gain the freedom to run distributed, high-value workloads across multiple clouds, edge locations, and on-prem environments without sacrificing confidentiality or control. It’s a fundamentally different approach to privacy – one built on verifiable isolation rather than trust in the provider’s perimeter.”
The current technological trend of AI is presenting some immediate risks, observes Copeland: “At the same time, AI’s shift from simple automation to agentic workflows is exposing the weaknesses of large, multi-tenant hyperscale environments. As AI continues to become more and more critical, the less tolerant organizations are of unpredictable billing, noisy-neighbour issues, opaque GPU allocation, or cascading failures triggered by one overloaded service.”
There has also been a shift in approach from criminals: “Likewise, attackers are evolving too, using AI to exploit precisely those blind spots. That’s why we’re seeing momentum toward regional and bare-metal infrastructure where the environment is cleaner, the performance is transparent, and the blast radius is smaller. For enterprises that care about privacy and operational resilience, 2026 is the year infrastructure strategy becomes inseparable from data protection and privacy strategy.”
Brulotte focus on the day-to-day impact of AI on everyday life: “In the coming year, we will see that data privacy becomes a practical engineering issue, not a theoretical one. As AI moves from “nice to have” to a hard requirement for running the business, organizations are being forced to look closely at where their data actually lives and who ultimately controls it.”
In terms of the point of fissure, Brulotte finds: “The moment companies start training or fine-tuning models on sensitive datasets, they realize quickly that their existing on-prem gear will not cut it and that simply pushing everything to a hyperscaler introduces its own set of privacy and jurisdictional risks. That is why we’re seeing such strong momentum toward Canadian sovereign GPU infrastructure. It keeps training data, model artifacts, and intellectual property inside Canadian borders and under Canadian legal protections. The new collaboration cycle, where labs and universities build models and companies commercialize them, only reinforces that shift. When the geography, the governance, and the infrastructure are aligned from day one, privacy becomes easier to manage.”
Brulotte adds: “Companies are finally acknowledging something the industry has danced around for years, at the same time, hyperscalers were never designed to guarantee sovereignty or continuity for Canadian data. Recent outages and policy changes have made that painfully clear.”
Pinpointing the risk and offering a counter-solution, Brulotte finds: “Relying on one global provider concentrates risk, and it pushes organizations into complex, multi-tenant environments where they have little visibility and even less control. That is why a growing number of Canadian businesses are moving toward hybrid and multi-provider strategies. They want infrastructure built around their needs, not around someone else’s product catalogue. They want predictable performance, clear jurisdiction, and human support – not a ticketing portal. In 2026, the organizations that lead on data privacy will be the ones that diversify deliberately, build for control instead of convenience, and stop assuming that the biggest provider is automatically the safest choice.”
