Public Safety Minister Gary Anandasangaree has criticized major U.S. technology companies for misunderstanding his proposed lawful access bill, which aims to streamline police and intelligence agencies’ access to Canadians’ data during investigations. The bill, known as C-22, mandates telecommunication, internet, and social media firms to adjust their systems to facilitate law enforcement and CSIS access to data with a warrant. Additionally, it requires core providers to retain metadata for up to a year.
Law enforcement agencies and CSIS support the bill, citing challenges posed by outdated laws in the digital age. However, domestic privacy and civil rights advocates are scrutinizing the bill intensely. The legislation is now facing opposition from prominent tech companies like Apple and Meta (Facebook and Instagram’s parent company). Apple and Meta have raised concerns that the bill could compromise their encryption services, making them vulnerable to cyber threats.
During a recent parliamentary committee, Rachel Curran, Meta’s head of public policy in Canada, cautioned that the bill could turn private companies into surveillance tools for the government. The bill includes a provision exempting electronic providers from compliance if it introduces a “systemic vulnerability,” but critics argue the term is ambiguous and should explicitly prohibit actions that weaken encryption.
Apple, renowned for its encryption practices, warned that it might limit privacy services if the bill passes unchanged. The company previously removed its Advanced Data Protection program in the U.K. following government requests to compromise data access. Anandasangaree emphasized that tech giants are misinterpreting the bill’s safeguards regarding encryption.
In a significant development, two American congressional committees have voiced concerns about the Canadian bill’s implications. They fear the bill could expand Canada’s surveillance powers, posing risks to data privacy and security, especially for American companies operating in Canada. Anandasangaree acknowledged the need for more education on the bill’s safeguards to address these concerns effectively.
The bill’s technical assistance requirements stem from complaints by law enforcement and CSIS about inconsistent and unreliable data access from providers during time-sensitive investigations. The government asserts that the proposed changes would create a structured system for accessing information with proper legal authorization, akin to a filing cabinet. Anandasangaree expressed optimism about receiving bipartisan support for the bill’s passage.
