Eric Lavallée Partner, Lawyer and Trademark Agent

Eric Lavallée Partner, Lawyer and Trademark Agent

Office

  • Sherbrooke

Phone number

819 346-5712

Fax

819 346-5007

Bar Admission

  • Québec, 2010

Languages

  • English
  • French

Profile

Partner, trademark agent and member of Lavery’s Legal Lab on Artificial Intelligence (L3AI)

Eric Lavallée is a lawyer and trademark agent in the Business Law Group. He is the co-founder of the Lavery Legal Lab on Artificial Intelligence (L3AI). and has been involved in developing artificial intelligence solutions used internally at Lavery. 

As a result of his extensive experience in intellectual property (patents, trade-marks and software protection) Mr. Lavallée took on a special interest in developments related to artificial intelligence over the past few years.

Mr. Lavallée is regularly called upon to assist businesses of all sizes, growing businesses to large corporations in drafting licensing agreements and business contracts in high technology as well as implementing protection and due diligence strategies for their intellectual property needs.

He has developed leading-edge expertise in the analysis of the legal impact of the application and implementation of artificial intelligence in sectors related to his practise of law, namely privacy protection, corporate governance, licensing agreements, and development partnerships between companies.

His master's degree in physics and doctorate in electrical engineering have also led him to advise clients in the field of quantum technologies. 

Before joining Lavery in 2014, he worked as Vice-President of R&D at a company focused on nanotechnology research and development. He has four inventions to his credit relating to advanced lithography technologies for microelectronics. As a researcher, he has also authored 15 scientific articles and presented his work at international conferences in the United States, Europe, and Japan in the nanotechnology industry.

Distinctions

  • Lexpert Special Edition 2026 : Technology 
  • The Canadian Legal LEXPERT® Directory in the field of Intellectual Property, since 2026
  • The Best Lawyers in Canada in the field of Personal Data Protection, since 2026
  • The Best Lawyers in Canada in the field of Technology Law, since 2024
  • In 1997, he was awarded the Médaille du Mérite des Gouverneurs de la Faculté de génie de l'Université de Sherbrooke (University of Sherbrooke Faculty of Engineering Governors’ Achievement Medal). In 2009, he received the Prix du doyen de la Faculté de droit de l'Université de Sherbrooke (University of Sherbrooke Faculty of Law Dean’s Award) and the Prix du Barreau du Québec (Quebec Bar Award).
Best Lawyers 2026 Lexpert logo 2026

Education

  • LL.B., Université de Sherbrooke, 2009
  • Ph.D. in electrical engineering, Université de Sherbrooke, 2000
  • M.Sc. in physics, Université de Sherbrooke, 1996
  • B.Sc. in physics, Université de Sherbrooke, 1994

Boards and Professional Affiliations

  • College of Patent Agents and Trademark Agents (CPATA)
  1. Recent developments in workplace AI adoption

    Artificial intelligence (AI) is no longer merely a futuristic concept but a present-day reality—a practical business tool that is routinely used in management and production. Organizations are increasingly adopting generative AI and analytics solutions for tasks such as writing, sorting, decision-making, monitoring and evaluating. However, this is often done without any prior structured planning.  Employers now face the dual challenge of achieving productivity gains quickly while ensuring that AI does not pose legal, reputational or operational risks. The range of applications is expanding to include writing assistance, decision-making support, performance analysis, digital monitoring and incident and accident prediction. This raises questions of interest to both executives and the media. For example, who should be held responsible when the tool makes a mistake? What data is being used? How far can employers go in monitoring their employees?  If properly regulated, AI can support innovation and expedite its implementation, while also contributing to workplace well-being, health and safety. In Quebec, these benefits are particularly significant in the context of an aging population, labour shortages and increased pressure to boost productivity. Addressing this situation requires solutions that foster growth and competitiveness.  The use of AI systems in the workplace raises real and multifaceted challenges. These include protecting personal information and maintaining confidentiality, establishing liability and accountability where errors or failures occur, and considering the potential impact on workloads and the work environment.  Aware of the effect that digital transformation and AI are having on the workplace, the Minister of Labour launched a consultative process to assess whether existing legislation adequately addressed these developments. In October 2025, he tasked the Comité consultatif du travail et de la main-d’œuvre (the “CCTM”) with further exploring ideas and developing a shared vision regarding:  Consultation processes that factor in the implications of AI use in the workplace;  Ethical, governance and transparency principles in human resources decision-making;  The prevention of emerging occupational health and safety risks.1  CCTM report: Recommendations  The Avis du CCTM concernant les enjeux entourant l’implantation et l’usage des systèmes d’intelligence artificielle en milieux de travail au Québec [CCTM report on the implications of implementing and using artificial intelligence systems in Quebec workplaces] (“CCTM Report”) was released on April 29, 2026. The recommendations set out in the report regarding the implementation and use of AI systems in Quebec workplaces include, in particular:  Applying the current legal framework governing labour and employment law in Quebec; Preserving the essential role of human judgment—and the responsibility that comes with it—in automated decision-making processes;   Applying laws respecting the protection of personal information2 when developing, implementing and using AI systems, and prioritizing solutions that limit the use of electronic surveillance;  Implementing an algorithmic impact assessment process that would involve employees and take into account the impact of automated decision-making on fundamental rights and privacy;  Ensuring that organizations continue to support employee mobility and ongoing professional development;  Regulating algorithms through sound governance practices that promote transparency and explainability in algorithmic decision-making;  Placing emphasis on the need to pay special attention to discriminatory biases.   In its report, the CCTM also makes recommendations to the Commission d’accès à l’information, such as updating its guide on drafting privacy policies to include disclosure requirements regarding AI and surveillance technologies, and encouraging employers to inform employees of their intention to use partially or fully automated decision-making processes.  Lastly, the CCTM recommends that the Ministère du Travail develop, in collaboration with the CCTM, a guide to support the implementation of responsible, compliant and socially acceptable AI.  Guide released by the Ministère du Travail: 5 principles  Further to the recommendations made in the CCTM report, the Minister of Labour released, on June 12, 2026, a document titled L’intelligence artificielle au travail : Guide d’accompagnement pour une intégration responsable [A guide to using artificial intelligence responsibly in the workplace] (the “Guide”).  The Guide aims to ensure that AI is integrated into workplaces in a responsible, user-centric and collaborative manner. It sets out five (5) key principles designed to inform discussions and help organizations recognize the main issues, namely:  Respect for rights and freedoms in the workplace;  Protection of privacy and data governance;  Governance, participation and social dialogue;  Human oversight and transparency;  Sustainable development and well-being.  For each principle, the Guide provides examples of how AI is used in the workplace. It also highlights the associated benefits and challenges, and suggests practical steps to ensure that AI is adopted and used responsibly.  The Guide serves as a practical, evolving tool that organizations and labour market stakeholders are encouraged to tailor to their specific circumstances.   Accessible and regulated AI  While the adoption of AI in the workplace offers tangible opportunities for improvement, it also raises important issues that require careful oversight. With that in mind, the Guide aims to support the use of AI in a way that protects rights and users, while taking workplace considerations into account. It also aims to provide the various stakeholders involved with the tools they need to facilitate the adoption of AI at work.  A number of interesting challenges are likely to arise over the next few years, and Lavery’s highly qualified professionals are ready to help you deal with them. Contact the team today.  Comité consultatif du travail et de la main-d’œuvre, Avis du CCTM concernant les enjeux entourant l’implantation et l’usage des systèmes d’intelligence artificielle en milieux de travail au Québec, online: lien, April 9, 2026, p. 6. (In French only) Act respecting the protection of personal information in the private sector, CQLR c. P-39.1; Act respecting Access to documents held by public bodies and the Protection of personal information, CQLR c. A-2.1.

    Read more
  2. The Legal Pitfalls of Using Human DNA and Tissue in Quebec-based Biotechnology Projects

    Biotechnology projects rely on sensitive genetic data and biological material Nowadays, innovation-driven companies involved in life sciences, research and biotechnology handle some of the most legally sensitive assets: human tissue, biological material and genetic data. Innovation models involving tissue engineering, biobanks or AI-based analytical technologies are now based on the transfer and use of biological data with high scientific and commercial value. Yet, many organizations still prioritize the scientific and operational aspects of their projects without giving sufficient consideration to the legal restrictions that arise when a project involves a person’s DNA or biological material. From a business standpoint, the risk is that an organization—whether a private company or a public institution—might develop a technology, but then be unable to market that technology because it does not hold the necessary rights to use the biological material and information involved. In Canada, and particularly in Quebec, laws that protect personal and health information have become central to such projects.1 We are no longer simply dealing with typical cybersecurity or privacy concerns. These laws directly affect how biological material is:  collected used transferred stored altered and potentially leveraged for commercial or collaborative research purposes2. Why DNA and human tissue are subject to a particular legal protection The highly sensitive nature of DNA and genetic data is no longer disputed. Canadian case law has long recognized the highly personal and private nature of this type of information.3 It also emphasizes the fact that human tissue and genetic data play a unique role in research and innovation projects because of the identification risks they carry, their scientific value, and the ethical and commercial concerns related to their use.4 This perspective is evident in section 2 of the Act respecting health and social services information5, for example, which defines health information as any information that concerns “any material taken from [a] person,” including biological material. Section 5 and following of this act set out the conditions under which such information may be used, disclosed or transferred in the context of research or collaboration involving third parties6  These obligations supplement those set forth in the Act respecting the protection of personal information in the private sector,7 which requires in particular that personal information be collected for specific and legitimate purposes, and that it be used in a manner consistent with the purposes for which it was originally collected.8 Artificial intelligence, genetic data and the risk of re-identification From a biotechnology perspective, the matter becomes particularly touchy when human tissue or genetic data, which was initially collected for clinical or scientific purposes, is then used for technology or artificial intelligence projects. In fact, many projects that utilize artificial intelligence require not only biological samples and DNA, but also phenotypic data, health information and family history information from the patients from whom the biological samples were obtained. As such, there is a real risk of data cross-referencing here that must be managed with full awareness of the potential impact on those individuals. In certain projects, combining DNA with family information could compromise the privacy of not only the individuals from whom the biological material was collected, but also their family members. This problem has already been raised in relation to genetic genealogy.9 Consent, health information and secondary uses tend to be overlooked A project that was initially intended for research purposes can quickly drift into secondary uses that extend beyond its original scope. However, consent obtained at the outset does not necessarily cover all future uses, particularly where derived data or analysis results are integrated into technology platforms or used to develop analytical tools.10 Research agreements and biological material transfer agreements constitute an essential governance mechanism Agreements have thus become the key governance mechanism. Biological material transfer agreements, collaborative research agreements and data-related provisions are no longer solely intended to protect intellectual property or commercial confidentiality. They also serve to define the processes involved in transferring biological samples, ensuring data traceability, imposing restrictions on reuse and meeting anonymization requirements.11 The rights relating to intellectual property, DNA and personal information are interconnected The interplay between biotech innovation, intellectual property and personal information protection raises complex legal issues. A genetic database or a biological model derived from it can be both a strategic business asset AND a collection of highly sensitive personal information. However, any intellectual property rights that may apply to the results, algorithms or analytical methods do not exempt organizations from the obligations set out in Quebec laws regarding the protection of personal and health information12. On the contrary, in order to market a technology, organizations must hold not only the necessary intellectual property rights but also the rights required under the legal framework governing health and personal information. The commercialization of a technology begins long before it is brought to market As organizations increasingly seek to leverage data from scientific research, issues related to the governance of human tissue, DNA and biological material should no longer be treated as a secondary consideration addressed only at the end of a project. They are becoming an integral part of the legal, operational and commercial framework of modern biotechnology projects and therefore deserve careful consideration from the outset. Summary 1. From a legal standpoint, DNA is considered to be health information In Quebec, biological material and genetic data are not merely instruments of research. Under the law, they are defined as highly sensitive “health information”. The collection, use and transfer of this type of information is strictly regulated and requires explicit, informed consent. 2. Intellectual property does not confer all rights to the holder Just because a company develops a high-performance AI algorithm or an innovative biological model does not mean it can circumvent Quebec’s privacy laws. Bringing biotech products to market requires holding the necessary intellectual property rights AND complying with the legal framework governing the use of health data. 3. The pitfall of project drift (secondary uses) Consent obtained at the outset of a clinical research project usually does not extend to future uses, such as the integration of data into AI platforms. Organizations that fail to establish a solid contractual framework (e.g., transfer agreements, anonymization clauses) from the start may never be able to market their technology. Act respecting health and social services information, CQLR c R-22.1, ss. 1, 2, 5, 44 to 49 and 77. Act respecting the protection of personal information in the private sector, CQLR c P-39.1, ss. 4, 5, 8, 12 and 14. R. v. Dyment, 1988 CanLII 10 (SCC), [1988] 2 SCR 417 Marie Hirtle and Bartha Maria Knoppers, Le stockage des éléments du corps humain, les droits de propriété intellectuelle et les autres droits de propriété, Industrie Canada, 2014. Act respecting health and social services information, supra, note 1, s. 2. Id., ss. 5, 44 to 49 and 77. Act respecting the protection of personal information in the private sector, supra, note 2. Id., ss. 4, 5, 8, 12 and 14. Clausius, K., Kenny, E. & Crawford, M. J. (2023). BILL S-231: The Ethics of Familial and Genetic Genealogical Searching in Criminal Investigations. Canadian Journal of Bioethics / Revue canadienne de bioéthique, 6(3-4), 44–56.  Act respecting health and social services information, supra, note 1, ss. 44 to 49; Act respecting the protection of personal information in the private sector, supra, note 2, ss. 12 and 14. Act respecting health and social services information, supra, note 1, ss. 48 and 49; Act respecting the protection of personal information in the private sector, supra, note 2, ss. 18.3 and 23. Act respecting health and social services information, supra, note 1, ss. 5 and 49; Act respecting the protection of personal information in the private sector, supra, note 2, ss. 12, 17 and 18.3.

    Read more
  3. Behind the Scenes of Sports, Data Never Takes a Break

    The World Anti Doping Agency suffered a data breach in 2016­—a vivid illustration that even the most prominent sporting institutions are not immune to cyber incidents. The authorities have now formalized what was previously just an observation: In a bulletin published in 2024, the Canadian Centre for Cyber Security warned that the entire sports ecosystem—spectators, athletes, organizations and government representatives—is the target of cyberattack campaigns.  Malicious actors will attempt extortion through business email compromise, ransomware attacks, phishing, malicious websites and search engine poisoning, among others. Take heed, as when an incident occurs that is serious enough to require a report to the authorities, it is often too late to establish sound governance and engage in due diligence. The sporting competitions of today are producing massive amounts of data. The quantity is staggering, and the data itself almost Orwellian. Check the tables below to see for yourself. Data collected on athletes  League Information collected NFL Performance data (statistics, position and movement metrics, speed, and passing, rushing and receiving yards) Medical and/or health data (examinations, injuries, concussion protocols) Substance screening data Data on disciplinary actions and investigations Professional and contractual data Travel, logistics and security data NHL Performance data Medical and/or health data (examinations, injuries, concussion protocols) Substance screening data Data on disciplinary actions and investigations Professional and contractual data Travel, logistics and security data MLB Performance data Medical and/or health data (examinations, injuries, concussion protocols) Substance screening data Data on disciplinary actions and investigations Professional and contractual data Travel, logistics and security data   Collection of customer information online  League Information collected NFL  Information provided by individuals  Identifiers: name, email, address, telephone number, date of birth; unique identifiers (username, password, SSN and other government identifiers if required, e.g. for awards) Demographic data and other protected categories: gender, race, ethnicity, sexual orientation Financial and commercial information: payment data, purchase history Real-time geolocation; precise geolocation Communication and marketing preferences Favorite team and inferences about preferences Audio, electronic and visual information (e.g., photos provided) Biometric data, if you opt for biometric authentication at the stadium; with consent and additional notice if required Information about your contacts (name, email) that you share; if authorized, access to your contacts, calendars and photos Search queries Content posted (comments, forums) Professional and employment information Education information Information that may be health-related (e.g., accessible seating) Correspondence, waivers, consents and other information sent Automatic collection  Device and network identifiers and technical data: IP address, MAC address, advertising identifiers, device type, browser, OS Usage: page views, links clicked, browsing journeys, application usage data Tracking and emails: cookies, pixels, tags, interaction with emails (opened emails, clicks) Social media (if linked): data received according to your settings and the platform’s policy Logs and traffic: server logs, stadium Wi-Fi traffic Video and audio recordings: CCTV and pictures taken or video recorded during events   NHL  Information provided by individuals Identifiers and contact information (name, email, telephone number, address, date of birth) Commercial information (payments, purchases, services) Demographic data (language, age, gender, race, ethnicity, household composition and income) Preferences (favourite team, favourite players) Photos and/or videos Content, feedback (comments, surveys) Contact information of friends Application data (resume, references, checks permitted) Automatic collection Activity and interactions (content viewed, bids, purchases, time spent, cookies, tags), access methods (browser, OS, IP address, browsing history before and after) Device information and identifiers (type, unique identifiers, local content if allowed) Location (GPS, Bluetooth, Wi-Fi, cells) Inferences about preferences Commercial information about transactions (e.g., timestamps) Collection from third parties Member clubs (ticketing, login credential, usage logs) Fanatics, NHL Shop, NHL Auctions (name, email, items purchased; marketing engagement statistics) Other business partners, public sources, commercial sources (data brokers) Connected social media (according to the platform’s settings and policies) NHL teams* Contact information: name, email address, home address, gender, date of birth, telephone number (e.g., ticket purchase, ticket transfer, account creation, inquiries, contests, promotions) Demographic data and preferences (age group, race, gender; preferred events, preferred products, e.g., surveys) Health data related to accessibility needs Video surveillance in venues (security; sharing limited by law) Anonymous traffic analysis and device counting (cameras, technological devices; Wi-Fi); statistics that can be shared with partners Depersonalized web analytics (Google Analytics); opt-out option Online advertising and/or remarketing (Google, Facebook, LinkedIn, etc.) through cookies; opt-out mechanisms (platform settings; DAAC) Geolocation through applications if enabled Social media: profile data and authorized interactions Technical data (IP, browser, OS, resolution, location, language, origin, keywords, pages viewed, data entered, ads viewed), identifiers (IDFA, AAID), connection information (operator, ISP, Wi-Fi); ability to recognize a device) MLB Information provided by individuals Identifiers and contact information: full name, email address, home address, telephone numbers, date of birth Security and authentication: password Payments: payment details Demographic data: demographic characteristics Content and recordings: voice recordings, audiovisual recordings Preferences and interests: information about your interests and preferences Activity and event related data: information requested for an activity or event (e.g., emergency contact) Sensitive personal information: as defined by applicable laws (e.g., racial or ethnic origin; health information such as disabilities or allergies) Automatic collection  Technical and usage data: IP addresses, device data, usage data Location and contacts: location data; contacts saved on your mobile device Collection from third parties Data from third parties and integrations: information provided by other companies if individuals connect their services * This data is collected about website users, people who visit venues, people who apply for jobs or participate in contests, people who submit drafts.   How leagues are structured Regarding privacy and personal information, we must look at how sports leagues are organized to understand who does what. In most cases, sports leagues are non-profit organizations or corporations. An entire framework of rules is built around these structures, defining both how governance is done and what business model is used. First, there are the articles of association and by-laws, which dictate governance, team admissions, voting rights, and the powers of the commissioner or board of directors. There are also the sporting and competition regulations regarding eligibility, game schedules, transfers, drafts, salary caps and cost control mechanisms. The leagues also adopt integrity and security policies against doping, betting and manipulation, harassment and abuse, as well as commercial agreements covering broadcasting, sponsorships, ticketing and data leveraging, among others. There can also be collective agreements with players’ associations and formal dispute resolution mechanisms. In this environment, the league plays a central role. It generally has the power to adopt, interpret and amend its rules; admit teams; manage expansion and relocation projects and changes of control; as well as the power to impose sanctions such as fines, point deductions, suspensions or exclusions. It also centralizes strategic commercial rights, media rights, trademarks and data, and it implements revenue-sharing policies designed to maintain a competitive balance between teams. Personal information: the roles of each Teams In day-to-day relations with athletes and customers, teams are generally the main point of contact. They sign contracts with players, sell tickets, manage subscriptions and operate online stores and loyalty programs. In practice, teams are often the ones that collect personal information, that explain what the information is used for, that decide what information needs to be collected and that put in place security and incident management measures. Teams must therefore be able to clearly inform athletes and customers about the purposes for which personal information is collected, the means by which it is collected, the categories of information collected, who receives the information, and the rights that  athletes and customers have. Teams must limit collection to what is necessary. They must ensure that information is accurate; they must obtain valid, manifest, free, informed and explicit consent for sensitive information such as health or biometric data; they must implement security measures adapted to risks; they must manage and report confidentiality incidents likely to cause serious harm; they must respond to requests for access and rectification; and they must stringently govern the sharing of information with service providers and mandataries. Athletes and customers often see the team as the true holder of their data. Leagues The role leagues play regarding personal information is more difficult to understand, as it varies depending on activities. When a league directly collects information from an individual, for example through an official application, a broadcasting platform or a transactional site for its own purposes, it must assume responsibilities comparable to those a team has. This is what MLB Advanced Media does, for example, defining itself as a “data controller” with respect to its customers’ data. But in many cases, the league acts behind the scenes. In some respects, it acts as a mandatary for the teams, negotiating and signing technology contracts, broadcasting agreements and other commercial agreements that will be used by the teams. In other respects, it acts as a service provider, offering centralized technology platforms, ticketing systems, data infrastructure and shared administrative services. Under Quebec law, these two roles—mandatary and service provider—are treated the same: The team can transmit to the league the information it needs to perform the mandate or service contract without having to ask for the consent of each person again, provided that a written agreement imposes clear measures to protect privacy, limits the use of data to the sole purposes of the mandate or service and governs data retention. The league must also promptly inform a team’s privacy officer of any privacy breach or attempted privacy breach and allow the officer to conduct checks. Also, teams and the league can always choose to base certain exchanges of information on the explicit consent of athletes or customers. However, such consent must be genuinely explicit, free, informed, given for specific purposes and presented separately when asked to be given in writing. Conclusion Although professional leagues are the ones in the spotlight, the same logic applies to amateur or non-professional sports organizations. In all cases, the relationship between the league, the team and the athlete or customer must be clearly governed from a privacy standpoint. Sports organizations should map the flow of personal information, harmonize the information messages they give to the those concerned, establish a standard agreement governing the sharing of information between teams and the league, provide simple mechanisms for access and rectification, and have key employees trained in privacy matters. Incorporating these points into articles of association, by-laws and team and league agreements will reduce risks and strengthen the confidence of athletes, parents, fans and business partners. Yet, a fundamental question still remains: Given that by law, data can only be collected for serious and legitimate reasons (necessity criterion), is the mass of information currently collected in the sports ecosystem really warranted? Sports organizations will have no choice but to delve into this strategic issue. 

    Read more
  4. Anatomy of AI projects from the vantage point of export controls

    In a previous Bulletin, the authors broadly outlined the legal framework that applies to export controls, as well as the challenges surrounding large language models in artificial intelligence in an era of knowledge sharing. Given that a number of legal and geopolitical developments covering various aspects of this topic took place in 2025, a brief overview is timely on the potential implications for the development of your AI projects, with a special mention of generative AI (or “GenAI”), as the new year begins. What are export controls? Export controls establish rules designed to curb the risk of transferring military, strategic and dual-use (civilian and military) goods and technologies to destinations deemed contrary to national security interests. Such technologies can take on various forms, ranging from physical hardware to technical information. In Canada, export controls are based on a licensing system, under which permits are given based on a series of items listed on the Export Control List (“ECL”) under the Export and Import Permits Act (“EIPA”). To find out if parts of your AI projects are subject to export controls, you should primarily (but not exclusively) refer to that list and to the guide prepared to better understand the list. Key events in 2025 Order SOR/2025-89  On March 7, 2025, an Order amending the ECL was published in the Canada Gazette, in an effort to include emerging technologies that are increasingly faster and more scalable, the capabilities of which raise concerns about potential adversarial military applications.1 Of particular interest in this context, subitem 5506(1) of the schedule to the ECL has been replaced by a number of paragraphs and subparagraphs. But what do these changes mean for AI projects in practice? The amendments made to subitem 5506(1) do not target AI applications (algorithms, models, data), but rather: extreme ultraviolet (“EUV”) lithography equipment, namely EUV masks and reticles making it possible to use this technology to manufacture advanced integrated circuits; cryogenic cooling equipment and ultra-sensitive amplifiers for quantum computers; advanced semiconductor materials; development and production softwares related to certain of the foregoing technologies.2 In other words, subitem 5506(1) targets the industrial toolbox used to build advanced computers, in particular through its inclusion of EUV lithography, which is used for cutting-edge integrated circuits and quantum computers that are revolutionizing the world of advanced computing. It can therefore be said that these rules affect the AI industry because of a form of hardware dependence, since tight control over these infrastructure manufacturing technologies necessarily affect the ability of a country or company to develop and operate advanced AI. In sum, these latest amendments are simply the continuation of those made in the previous year’s Order, which targeted the fields of quantum computing and advanced semiconductor manufacturing in particular (GAAFETs, representing next-generation integrated circuits).3 It has yet to be ascertained how the aforementioned orders will directly affect typical GenAI projects (model development, AI SaaS services, etc.). Those who will experience the more direct repercussions are suppliers of advanced computing equipment and businesses doing R&D on semiconductors, integrated circuits and quantum computing. Notice to Exporters No. 1159 Apart from the technical components, a certain complexity arises when we understand that the definition of a “technology” subject to export controls within the meaning of the law is meant to be broad, and that it includes technical data, technical assistance and information necessary for the development, production or use of an item appearing on the ECL. In other words, the scope of the technologies concerned goes beyond simple physical components or equipment. This is especially true given the proliferation of often cross-border cloud-based solutions, which make technical knowledge accessible digitally and circulate it far and wide. Given this context, it is appropriate to read the Guidance on the movement to and storage of controlled technology in the Cloud (Notice to Exporters No. 1159), published in November 2025 by the Government of Canada. The document was prepared to clarify instances when the use of cloud services constitutes a transfer of controlled technology under the EIPA, requiring a permit.4 In summary, the guidelines state that: it may be considered a transfer if a controlled technology is disclosed from a place inside Canada to a place outside Canada; a controlled technology is considered disclosed if it is sent from Canada and stored in a foreign location in a way that creates a reasonable possibility that a person located outside Canada would be in a position to examine that technology; a reasonable possibility means more than a mere possibility, but less than the standard of “more likely than not”; the location of servers hosting controlled technology only matters if it affects the reasonable possibility that the technology could be disclosed outside Canada; in general, it is considered a transfer when a person located outside Canada holds decryption keys or routine access rights that create more than a remote possibility that the technology may be examined, or when a cloud service provider creates an unencrypted backup copy that contains controlled technology to restore a system after an incident, and that such copy is stored on servers outside Canada where foreign administrators can access it; when cloud services are used, both the owner of the controlled technology and the cloud service provider have a degree of care and control of the technology. Thus, not only is there a risk of knowledge sharing where items directly listed on the ECL are involved (whether to manufacture them or otherwise), but the possibility of violating export controls also exists because of the interaction between cloud services and the knowledge that could be transferred (within the meaning set out above), if the cloud contains information about or relates to a controlled technology. Considerations regarding GenAI What about GenAI projects? Despite all of the above, these projects may still suffer indirect repercussions, and not only on highly technical components. You will need to exercise a certain degree of caution regarding the compliance of your GenAI projects because of the amount of information they can accumulate through the various layers of their structure. Training data There are the data used during the GenAI’s learning phase, before it is rolled out. The amount of this data can be massive, and it can be structured or unstructured. It is used to provide a knowledge base for the model and enable it to produce relevant outputs when it is given inputs. The learning phase is risky if the datasets contain controlled technical information and if the data can be regurgitated or combined when users use the GenAI. The GenAI’s weights, filters, and other operating parameters These parameters can be compared to physical control buttons—they are adjusted during the GenAI’s training and during the configuration of the solution that uses it. They determine how much each input element will influence the response and refine the model (i.e., the structure that allows the GenAI to interpret inputs and generate outputs). In the United States, weights in particular are a hot topic considering the country’s export policy, under which they can constitute key parameters for the most advanced AI models. Inputs This is the data provided by users to generate relevant outputs (e.g., text, images, structured data) when the GenAI is already rolled out. Such data is used to trigger a response or behaviour from the model. Just like with training data, inputs will be critical depending on the use made of the model and the information disclosed to obtain a response. Conditions consistent with legal requirements must be provided to prevent the model from being contaminated by sensitive data after it is rolled out, especially if it stores all the inputs provided to it for its continued learning. Outputs This is what GenAI generates in response to inputs. Outputs can be in the form of text responses or images, codes, or even data-based predictions. Given the above, it will be challenging depending on the datasets conveyed by the GenAI, to ensure that outputs do not violate export controls, as they could make it possible to indirectly obtain information the direct access to which would otherwise be prohibited. Conclusion We can imagine that the recent changes to export controls in Canada are just the beginning of an effort to address new concerns arising from this rapidly changing and ever more powerful technology. Export controls are also not devoid of a diplomatic context. For now, making AI subject to export controls seems to be the preferred mechanism to curb the exponential powers of such technology in Canada. The extent to which this will be done remains to be seen and will be interesting to follow. Government of Canada, Order Amending the Export Control List: SOR/2025-89 (March 7, 2025): Canada Gazette, Part II, Volume 159, Number 7: Order Amending the Export Control List: This is not an exhaustive list, but rather a few relevant examples that apply to advanced computing. Government of Canada, Order Amending the Export Control List: SOR/2024-112 (May 31, 2024): Canada Gazette, Part II, Volume 158, Number 13: Order Amending the Export Control List: Government of Canada, Notice to Exporters No. 1159 – Guidance on the movement to and storage of controlled technology in the Cloud (amended November 10, 2025): Notice to exporters no 1159 – Guidance on the movement to and storage of controlled technology in the Cloud

    Read more
  1. Lexpert recognizes eight partners as leading lawyers in Canada in its special Health Sciences edition.

    On July 8, 2026, Lexpert recognized the expertise of two partners in its 2026 edition of Lexpert Special Edition: Health Sciences. Anne Bélanger, Laurence Bich-Carrière, Myriam Brixi, Chantal Desjardin, Alain Y. Dussault, Isabelle Jomphe, Eric Lavallée et Marie-Nancy Paquet are recognized among Canada’s leading practitioners, highlighting the firm’s excellence and strategic role in the health sciences sector. Anne Bélanger is a partner in the Litigation group. She has recognized expertise in hospital and professional liability, representing, among others, health-care institutions, the Director of Youth Protection, and various professionals. She also handles civil litigation on behalf of insurers, particularly in property and casualty insurance and coverage matters. Laurence Bich-Carrière is a member of the Quebec and Ontario bars. She practises within the Litigation and Dispute Resolution group in a broad civil and commercial litigation practice, with a specialization in complex litigation (class actions, appeals, extraordinary remedies, and private international law). Chantal Desjardins is a partner, lawyer, and trademark agent. She advises and represents clients in intellectual property (trademarks, industrial designs, copyright, trade secrets, and domain names), including in the examination of applications, oppositions, and litigation in Canada and internationally. She also negotiates licences and technology agreements and advises on advertising, labelling, and compliance matters, including under the Charter of the French Language. Alain Y. Dussault is a partner, lawyer, and trademark agent in the Intellectual Property group. His practice focuses primarily on IP litigation (patents, trademarks, copyright, and industrial designs), including large-scale, multi-jurisdictional matters across several industries. He represents clients before Quebec courts, the Federal Court, and the Supreme Court of Canada, and also advises on the registration, management, and protection of IP rights. Isabelle Jomphe is a partner, lawyer, and trademark agent in the Intellectual Property group. She advises on trademarks, industrial designs, copyright, trade secrets, and technology transfers, as well as advertising law, labelling, and compliance with the Charter of the French Language. Recognized for her strategic and practical approach, she is involved in clearance and filing work, oppositions, and litigation in Canada and internationally. Eric Lavallée is a lawyer and trademark agent at Lavery (Business Law) and co-founder of the Lavery Legal Lab on Artificial Intelligence (L3IA), where he contributed to the development of internal AI solutions. His intellectual property and technology law practice leads him to advise companies on licensing, commercial agreements, protection strategies, and due diligence, as well as on legal issues related to AI implementation (personal information, governance, and partnerships). He holds a master’s degree in physics and a PhD in electrical engineering, and also has experience in quantum technologies and R&D in nanotechnology. Marie-Nancy Paquet is a partner in the Litigation group. Her practice focuses primarily on civil liability, including large-scale class actions, as well as health and social services law, life and health insurance, and contract management. A former senior executive at a CIUSSS, she advises and represents institutional clients before civil and administrative courts, particularly in matters involving hospital liability, access to information, and administrative law. She is also a speaker on issues relating to civil liability, persons law, and health law. This recognition by Lexpert is evidence of the quality and depth of the expertise offered by Lavery, confirming its commitment to providing tailored solutions to its clients in the health sciences sector. About Lavery Lavery is Quebec’s leading independent law firm. It has more than 200 professionals based in Montréal, Québec City, Sherbrooke, and Trois-Rivières, who work every day to provide the full range of legal services to organizations doing business in Quebec. Recognized by the most prestigious legal directories, Lavery’s professionals are at the heart of developments in the business community and are actively involved in their communities. The firm’s expertise is frequently sought by numerous national and global partners to assist them in matters governed by Quebec jurisdiction.

    Read more
  2. Seven partners recognized as leading lawyers in Canada by Lexpert in its Special Edition in Technology

    On June 3, 2026, Lexpert recognized the expertise of three partners in its 2026 edition of the Lexpert Special Edition: Technology. Étienne Brassard, Chantal Desjardins, Alain Y. Dussault, Alexandre Hébert, Isabelle Jomphe, Eric Lavallée, and André Vautour are recognized among Canada’s leading lawyers, highlighting the firm’s excellence and strategic role in the technology law space. Étienne Brassard practises business law, with a focus on corporate finance, mergers and acquisitions, and corporate law. He advises companies locally and internationally on private financing transactions in all forms, whether traditional or convertible debt or equity investments. Chantal Desjardins is a partner, lawyer, and trademark agent. She supports clients in protecting and defending their intellectual property rights, including trademarks, industrial designs, trade secrets, copyright, and domain names, in furtherance of their business objectives. Ms. Desjardins advises on the protection and management of IP assets and represents clients during application examination, as well as in opposition proceedings and litigation, in Canada and internationally. She also negotiates licences, contracts, and technology transfers, and advises on advertising, labelling, and compliance matters, including with respect to the Charter of the French Language. Alain Y. Dussault is a partner, lawyer, and trademark agent in Lavery’s Intellectual Property group. His practice focuses primarily on intellectual property litigation, and he has extensive experience in patents, trademarks, copyright, and industrial designs. He has acted in large-scale matters, including multi-jurisdictional disputes, for clients across a range of industries, including pharmaceuticals, agri-food, electronics, forestry, and entertainment. He has represented clients in complex disputes before Québec courts, the Federal Courts, and the Supreme Court of Canada, and also advises them on registration matters, Alexandre Hébert is a partner in the Business Law group and specializes in mergers and acquisitions, corporate financing, and venture capital. He advises SMEs and investment funds, particularly in innovation and technology, including in cross-border transactions. Recognized for his business-advisor approach, he supports clients with legal and strategic guidance tailored to their growth objectives. Isabelle Jomphe is a partner, lawyer, and trademark agent in Lavery’s Intellectual Property group. Her expertise includes trademarks, industrial designs, copyright, trade secrets, and technology transfers, as well as advertising law and matters relating to labelling and the Charter of the French Language. She is recognized for her strategic advice and practical approach across all aspects of intellectual property law, primarily in trademarks. She advises clients in particular on search and filing strategies, opposition proceedings, and litigation, both in Canada and abroad. Eric Lavallée is a lawyer and trademark agent at Lavery (Business Law) and co-founder of Lavery’s Legal Lab on Artificial Intelligence (L3IA), to which he contributed by developing internal AI solutions. His practice in intellectual property and technology law leads him to advise businesses on licensing, commercial agreements, and IP protection and due diligence strategies, as well as on legal issues related to the deployment of AI (privacy, governance, and partnerships). He holds a master’s degree in physics and a PhD in electrical engineering, and also has solid experience in quantum technologies and nanotechnology R&D. André Vautour practises in the areas of corporate and commercial law, with a particular interest in corporate governance, strategic alliances, joint ventures, investment funds, and mergers and acquisitions of privately held companies. About Lavery Lavery is Québec’s leading independent law firm. It has more than 200 professionals based in Montréal, Québec City, Sherbrooke, and Trois-Rivières, who work every day to provide the full range of legal services to organizations doing business in Québec. Recognized by the most prestigious legal directories, Lavery’s professionals are at the heart of developments in the business community and are actively involved in their communities. The firm’s expertise is frequently sought by numerous national and global partners to assist them on matters governed by Québec jurisdiction.

    Read more
  3. 42 partners from Lavery ranked in the 2026 edition of The Canadian Legal Lexpert Directory

    Lavery is proud to announce that 42 partners are ranked among the leading practitioners in Canada in their respective practice areas in the 2026 edition of The Canadian Legal Lexpert Directory. The following Lavery partners are listed in the 2026 edition of The Canadian Legal Lexpert Directory: Asset Securitization Brigitte M. Gauthier Banking Étienne Brassard Class Actions Laurence Bich-Carrière Myriam Brixi Marie-Nancy Paquet Construction Law Laurence Bich-Carrière Nicolas Gagnon Marc-André Landry Ouassim Tadlaoui Corporate Commercial Law Étienne Brassard Jean-Sébastien Desroches Christian Dumoulin Alexandre Hébert Édith Jacques Paul Martel André Vautour    Corporate Finance & Securities Josianne Beaudry          René Branchaud Corporate Mid-Market Étienne Brassard Jean-Sébastien Desroches Alexandre Hébert Édith Jacques    André Vautour Employment Law Benoit Brouillette Frédéric Desmarais Simon Gagné Richard Gaudreault Marie-Josée Hétu Guy Lavoie Josiane L’Heureux Zeïneb Mellouli Environment Valérie Belle-Isle Family Law Caroline Harnois Awatif Lakhdar Elisabeth Pinard Infrastructure Law Nicolas Gagnon Insolvency & Financial Restructuring Yanick Vlasak Insolvency Litigation Jean Legault      Ouassim Tadlaoui Yanick Vlasak Jonathan Warin Intellectual Property Chantal Desjardins Alain Y. Dussault Isabelle Jomphe Eric Lavallée Labour (Management) Benoit Brouillette Brittany Carson Simon Gagné Richard Gaudreault Marie-Josée Hétu Marie-Hélène Jolicoeur Guy Lavoie Carl Lessard Zeïneb Mellouli Litigation - Commercial Insurance Dominic Boisvert Martin Pichette Litigation - Corporate Commercial Laurence Bich-Carrière Marc-André Landry Litigation - Product Liability Laurence Bich-Carrière Myriam Brixi Medical Negligence Anne Bélanger Mergers & Acquisitions Josianne Beaudry    Étienne Brassard       Jean-Sébastien Desroches Christian Dumoulin Alexandre Hébert Édith Jacques Mining Josianne Beaudry           René Branchaud Occupational Health & Safety Josiane L'Heureux Professional Liability Marie-Nancy Paquet Judith Rochette Technology André Vautour Workers' Compensation Marie-Josée Hétu Josiane L'Heureux Guy Lavoie Carl Lessard

    Read more