Re: Be careful what you wish for indeed...
Maybe but that doesn't change the main point that Canadian subsidiary has no legal access to the data. Even if they technically could access it which is questionable at best it would probably be illegal even under Canadian law and certainly under French law. To me this sound like state sponsored mob tactics, commit a crime for us or else... The subsidiaries are there to limit liabilities for situations like this where one overreaching government thinks they rule the planet. Sadly most companies fold under pressure of financial loss in that country and governments get what they want, here at least the EU legislative wont let them just bend over openly because GDPR fines are also insanely large if the person of interest is EU citizen.
If I project the same situation on Canadian mother and Russian subsidiary you wont like the situation one bit. How would you like if for example Russian court ordered Canadian bank that also operates in Russia via a subsidiary to release all your personal data to them with dubious explanation of why they need them? Not very much I would imagine. Most people would be probably angry at the company and demand how could they give uncontrolled access to the subsidiary they as a client have no contractual relationship with, followed by screams about how that cant be legal.
For me at least this is the preferred outcome and the democratically elected government can go sulk in corner. I am by no means defending corporate interest only advocating for personal freedoms of citizens from overreaching foreign government apparatus.
Biting the hand that feeds IT
