Canada’s Lawful Access Bill Sparks Privacy Debate Amid Fast-Track Passage
The Canadian House of Commons passed Bill C-22 on Thursday before breaking for the summer, approving a motion to expedite the legislation and end debate in the Public Safety Committee. The committee was forced to approve the bill shortly before midnight without debating dozens of outstanding amendments. The amended bill will now be presented to the Senate.
What the Bill Does
The legislation would give law enforcement agencies the ability to more quickly and easily access digital information for investigations under a court order. However, provisions that would allow the public security minister to secretly order electronic service providers to retain user metadata and provide access to their systems have raised alarm among privacy advocates, academics, technology companies, and opposition parties.
Government Dismisses Concerns as “Tinfoil Hats”
At a press conference outside the House of Commons on Thursday, Government House Leader Steven MacKinnon accused the Conservatives of “obstruction” during the committee’s debate while defending the decision to fast-track the bill.
“The Conservatives used to be the party of law and order,” he told reporters. “This is a very real set of criminal justice reforms. What it has hit from conservatives is this wall of conspiracy theory, frankly paranoia, that I know a lot of other conservatives are resisting.”
“I hope that the conspiracies and the tinfoil hats will go away in time, but we can now say with certainty that the Liberal Party is the party most clearly committed to law and order in the country.”
Privacy Advocates Push Back
The Canadian Civil Liberties Association rejected MacKinnon’s comments, noting that it had carefully reviewed the legislation and compared it to other Five Eyes allies’ lawful access arrangements in its recent analysis with the University of Toronto’s Citizen Lab on how the bill raises significant privacy concerns.
“We did our homework,” said Tamir Israel, CCLA’s director of privacy and surveillance issues. “Some of the methods they use to minimize the privacy concerns that some of these proposals raise actually undermine confidence that when this system actually comes into force and is used in secret, the right kind of balance will take place.”
Amendments Address Metadata Retention and Encryption
The bill was passed on Thursday with government changes that would shorten the maximum time period for metadata retention from one year to six months. The amended bill also clarifies that nothing in the bill should be construed to “require an electronic service provider to decrypt encrypted user information.” Companies including Apple and Google had warned that the bill could weaken encryption.
Another change states that these orders must be reviewed by the independent National Security and Intelligence Review Agency within 30 days of their issuance.
Fundamental Flaws Remain, Critics Say
Israel said that while the amendments appear to add “superficial improvements” to the bill, the fundamental flaws of this legislation are still intact.
“The ability to impose these requirements on service providers without public oversight and without broad scrutiny from the technical community means that this framework is simply not capable of addressing the kinds of problems we will see,” he said, including potential “really broad security vulnerabilities.”
Tech Companies Threaten to Leave Canada
That potential has led a number of companies, from Signal and NordVPN to DuckDuckGo, to say they could scale back their services or leave Canada entirely if C-22 is passed as written.
“It is irresponsible to introduce a framework like this that we know will be used for decades for technologies we cannot currently even imagine, but is broad enough to adopt them without the proper oversight and infrastructure in place,” Israel added.
Opposition Criticizes Fast-Tracking Process
The bill was fast-tracked after the Public Safety Committee only managed to consider and pass about a dozen amendments in 25 hours, clause by clause, alongside officials from the government, the RCMP, and the Canadian Security and Intelligence Agency.
The Liberals had argued it could take until the end of 2028 to pass the remaining changes at this pace, while police and CSIS said the powers granted by the bill were urgently needed to modernize their criminal investigation methods.
Conservative MP Frank Caputo, vice chair of the committee, lamented the move to shut down debate during the final session on the bill late Wednesday night.
“Make no mistake, one day a court will examine the words we put on paper here and decide the constitutionality of those words,” he said. “And we are expected to adopt these words without debate. For me this is unacceptable.”
NDP MP Jenny Kwan, who represented her party during the committee’s inquiry, also criticized the process, saying the amended bill “failed to resolve the central problem: Canadians are still being asked to trust broad surveillance powers, secret orders and future regulations that Parliament itself has never fully considered.”
“Canadians deserve laws that protect both public safety and fundamental rights,” Kwan said in a statement Thursday. “Instead, the government chose to curtail committee debate while dozens of amendments were still being considered. The Carney government’s centralizing approach continues.”
Historical Echoes
Earlier this week, Public Security Minister Gary Anandasangaree said it was “time to choose” to stand with law enforcement and crime victims in passing C-22 amid delays in committee. Those comments echoed his Conservative predecessor Vic Toews, who said in 2012, as the Harper government pushed through its own lawful access legislation, that critics — including Liberals — “can either be on our side or on the side of the child pornographers.”
