Law Enforcement Request Policy

Effective Date: May 4, 2026

Purpose

Procedures for handling law enforcement requests for user data, and the narrow circumstances under which Rideau AI may proactively disclose information.

Proactive Disclosure (Without Warrant)

Rideau AI may proactively disclose personal information without user consent under two distinct PIPEDA provisions:

PIPEDA 7(3)(d): Suspected Law Contravention

We may disclose personal information on our own initiative to a government institution where we have reasonable grounds to believe the information relates to a contravention of the laws of Canada or a province that has been, is being, or is about to be committed. This covers situations where our content safety systems detect evidence of criminal activity (e.g., CSAM, credible threats of violence, fraud).

PIPEDA 7(3)(e): Emergency Threatening Life, Health, or Security

We may disclose personal information to a person who needs it because of an emergency that threatens the life, health, or security of an individual. Mandatory notification: If the individual whose information is disclosed is alive, we must inform them in writing without delay of the disclosure.

Both provisions are exercised carefully and conservatively. The decision to disclose is always made by a person, never automated.

What does NOT meet this threshold:

  • Hypothetical scenarios
  • Creative writing (fiction, screenplays)
  • Academic or research discussion
  • General questions about sensitive topics
  • Vague statements without specific targets or timelines

Process for Proactive Disclosure

  1. Automated detection flags content that may indicate a crime or imminent danger
  2. Human review required. No automated disclosure.
  3. Mike Brown (Privacy Officer / sole operator at launch) assesses the situation
  4. Determine which PIPEDA provision applies: 7(3)(d) (suspected crime) or 7(3)(e) (emergency threatening life/health/security)
  5. Consult legal counsel before disclosing
  6. If disclosure is warranted: report to local police in the user's jurisdiction (fastest response for imminent threats; use IP/location data to determine jurisdiction) or RCMP if the threat is federal in nature or jurisdiction cannot be determined
  7. Document the decision, rationale, PIPEDA provision relied upon, and what was disclosed
  8. Preserve all relevant data
  9. If 7(3)(e) was relied upon: notify the individual in writing without delay that their information was disclosed (mandatory statutory requirement). This notification may be delayed only if a specific non-disclosure order exists.

Reactive Disclosure (With Legal Process)

Valid Legal Instruments (Canada)

  • Production order (Criminal Code s. 487.014): most common
  • Preservation demand (Criminal Code s. 487.012): requires preservation of computer data for 21 days
  • Search warrant (Criminal Code s. 487)
  • Court order (various provisions)
  • Mutual Legal Assistance Treaty (MLAT): for foreign government requests. The foreign government applies to the Canadian Department of Justice, which then obtains a Canadian production order or warrant to serve on us. We receive and respond to the Canadian legal instrument, not the foreign request directly.

Invalid / Insufficient

  • Informal police requests (no legal obligation to comply)
  • Foreign subpoenas without MLAT
  • US National Security Letters (not applicable in Canada)
  • US CLOUD Act warrants directed at Rideau AI (we are a Canadian company, not subject to US jurisdiction)

Response Process

  1. Receive legal instrument
  2. Verify authenticity and jurisdiction
  3. Assess scope. Challenge overbroad requests.
  4. Consult legal counsel
  5. Produce only data within scope of valid instrument
  6. ALE limitation: Conversation content is ALE-encrypted. We hold the keys and can decrypt when compelled by a valid Canadian legal order. We can also produce: account metadata, usage data, session data, security events, and violation history without decryption.
  7. Notify user unless legally prohibited by a specific non-disclosure order or gag order attached to the legal instrument. Note: a sealing order on the court file does not automatically prohibit notifying the user. Look for explicit non-disclosure language in the instrument itself. Consult legal counsel if unclear.
  8. Document compliance

CLOUD Act Considerations

  • Canada has no CLOUD Act executive agreement with the US
  • US CLOUD Act warrants may reach data stored by US-headquartered cloud providers (e.g., Microsoft Azure)
  • Rideau's mitigation: ALE encryption keys are held exclusively in Canada on infrastructure controlled by Rideau AI. Azure does not have the keys and cannot decrypt conversation data. A CLOUD Act warrant directed at Microsoft would yield only encrypted ciphertext.
  • For foreign governments to access decrypted data: They must obtain a Canadian court order through mutual legal assistance processes. This is the core jurisdictional protection ALE provides.

What We Can Produce

Data Type Decryption Required? Notes
Account information (email, name, country, preferences) No Stored in plaintext
Conversation content Yes (ALE) Requires valid Canadian legal order
File uploads and extracted text Yes (ALE) Same as conversation content
Usage events No Model, tokens, timestamps
Session metadata No Login times, IP hashes (irreversible after 24h)
Security events No Rate limiting, auth failures (90-day retention)
Violation history No Per-message flags (365-day retention)
Compliance Vault evidence Yes (encrypted) CSAM evidence, restricted access

Transparency Reporting

When the business reaches sufficient scale, Rideau AI will publish an annual transparency report including:

  • Number of law enforcement requests received
  • Legal basis for each (production order, warrant, court order, MLAT)
  • Number complied with, challenged, or withdrawn
  • Number where user was notified
  • Number of proactive disclosures (PIPEDA 7(3)(d) and 7(3)(e))

The report will NOT include details that could identify users or compromise ongoing investigations.