The purpose of this paper is to determine whether the Canadian data protection regime will be found adequate under the European Union’s (“EU”) General Data Protection Regulation (“GDPR”). The question above will be analyzed by using both the legal doctrinal and comparative method. In order to reach a conclusion as to adequacy the legal test found in s. 42(2) of the GDPR will be used, which emphasizes adequacy in privacy legislation, oversight mechanisms and national security. This analysis will indicate that the Canadian privacy regime is at risk of being found inadequate. However, the analysis will also show that there are strong arguments to be made for why the Canadian data protection regime is still adequate. Throughout the paper there will be recommendations, which will illustrate ways that the Canadian government can improve its data protection mechanism, in order to increase its odds of being found adequate under the GDPR. Finally, there will be a finding of adequacy and explanation as to why the EU Commission will likely find in Canada’s favor.