Listen to this article
Estimated 5 minutes
The audio version of this article is generated by AI-based technology. Mispronunciations can occur. We are working with our partners to continually review and improve the results.
Public Safety Minister Gary Anandasangaree accused U.S. tech giants of “misinterpreting” his lawful access bill, which promises to give police and spies faster access to Canadians’ information during investigations, as the proposed legislation faces growing backlash south of the border.Â
Bill C-22 would require telecommunication, internet and social media companies to adapt their systems to enable police and the Canadian Security Intelligence Service (CSIS) easier access to data for investigations, provided they have a warrant. It would also require core providers to retain metadata for up to one year.Â
The bill has the support of police chiefs across the country and CSIS, who have long argued they are stymied by outdated legislation in a digital world.Â
But the bill’s demands on private companies have also drawn fierce opposition from some of the biggest tech companies in the world, and from two American congressional committees.
Apple and Meta, the company behind Facebook and Instagram, recently weighed in publicly, warning that the Liberal government’s bill would compromise their encryption services and open them up to hackers.Â
During a parliamentary committee last week, Rachel Curran, Meta’s head of public policy in Canada, warned the bill would “conscript private companies into service as an arm of the government’s surveillance apparatus.”
The bill includes a line that says electronic providers are not required to comply if that would mean introducing a “systemic vulnerability.” But opponents argue the definition of systemic vulnerability is unclear and should be updated to clearly prohibit any actions that would weaken or break encryption.
“It is not possible to build back doors to encrypted systems for law enforcement without creating vulnerabilities that will be exploited by malicious actors,” according to Curran’s prepared remarks.Â
“Weakening encryption affects not only the target of an investigation, but all Canadians who rely on secure communications for banking, accessing healthcare, running their businesses, or simply communicating with loved ones.”Â
In a statement last week, Apple, which uses encryption to secure users’ health data, the location of family members, messages, photos and financial data, suggested it might withdraw some of its privacy services if Bill C-22 is passed as is.
The company removed its strongest data security tool — the Advanced Data Protection program — from customers in the U.K. last year after the British government asked it to enable access to the content via a back door.
Public Safety Minister Gary Anandasangaree said ‘we have to better inform’ Canadians and all stakeholders about Bill C-22, Ottawa’s proposed lawful access legislation, which faces pushback from U.S. tech companies.
“This legislation could allow the Canadian government to force companies to break encryption by inserting back doors into their products — something Apple will never do,” said Apple in its public statement.
“At a time of rising and pervasive threats from malicious actors seeking access to user information, Bill C-22, as drafted, would undermine our ability to offer the powerful privacy and security features users expect from Apple.”Â
During a news conference Wednesday, Anandasangaree said large tech is “using this as an opportunity to double down.”
“Tech giants are misinterpreting some of the safeguards that are already built in, including on ensuring that encryption is not in any way interrupted as part of Bill-22,” he said.Â
U.S. congress committees now paying attentionÂ
Two American congressional committees have also taken notice of the Canadian billÂ
In a letter to Anandasangaree late last week, Republicans Jim Jordan, chair of the judiciary committee, and Brian Mast, who oversees the foreign affairs committee, argued the bill would “drastically expand Canada’s surveillance and data-access powers in ways that create significant cross-border risks to the security and data privacy of Americans.”
“American companies operating in Canada would face a difficult choice: compromising the security of their entire user base — including U.S. citizens — or risking exclusion from the Canadian market,” it said.Â
“Either outcome harms U.S. national security and economic interests by undermining trust in American technology and inviting reciprocal demands from other nations.”
Anandasangaree said the letter’s complaints show “we have more education to do.”
“We have to better inform not just Canadians, but all who are following the bill on the safeguards that are critically built into this bill,” he said.
The technical assistance demands in the bill arise from complaints from police and CSIS that dealing with providers is inconsistent and unreliable during some time-sensitive investigations.Â
The government says the changes would provide investigators with an organized system “like a filing cabinet, where certain types of information would be available with legal authorization.”Â
“We’re expecting support from different parties,” said Anandasangaree. “And we expect to get this done.”
About the Author
