Bill C-22: Tech Giants and U.S. Lawmakers Warn Canadian Surveillance Bill Threatens Encryption
Public Safety Minister Gary Anandasangaree said Apple and Meta are misreading safeguards in the legislation that would require companies to enable warranted access to data while preserving encryption. The bill has drawn warnings from the tech companies and a letter from two U.S. Republican congressional chairs citing risks to American users.
idropnews.comU.S. tech companies of misinterpreting his lawful access bill. He said large tech is using this as an opportunity to double down.
Anandasangaree added that tech giants are misinterpreting some of the safeguards already built in, including on ensuring that encryption is not in any way interrupted as part of Bill C-22. Anandasangaree said the letter's complaints show we have more education to do.
"We have to better inform not just Canadians, but all who are following the bill on the safeguards that are critically built into this bill," he said.
"We're expecting support from different parties. " Bill C-22 would require telecommunication, internet and social media companies to adapt their systems to enable police and CSIS easier access to data for investigations provided they have a warrant. It would also require core providers to retain metadata for up to one year.
The bill includes a line that says electronic providers are not required to comply if that would mean introducing a systemic vulnerability. The technical assistance demands arise from complaints from police and CSIS that dealing with providers is inconsistent and unreliable during some time-sensitive investigations.
The government says the changes would provide investigators with an organized system like a filing cabinet where certain types of information would be available with legal authorization.
Cbc reported the bill has the support of police chiefs across the country and CSIS. Apple and Meta weighed in publicly warning that the bill would compromise their encryption services and open them up to hackers. Rachel Curran, Meta’s head of public policy in Canada, warned the bill would conscript private companies into service as an arm of the government’s surveillance apparatus.
"It is not possible to build back doors to encrypted systems for law enforcement without creating vulnerabilities that will be exploited by malicious actors," according to Curran's prepared remarks. " Opponents argue the definition of systemic vulnerability is unclear and should be updated to clearly prohibit any actions that would weaken or break encryption.
Apple suggested it might withdraw some of its privacy services if Bill C-22 is passed as is.
Apple uses encryption to secure users' health data, the location of family members, messages, photos and financial data. "This legislation could allow the Canadian government to force companies to break encryption by inserting back doors into their products — something Apple will never do," Apple stated.
Last year after the British government asked it to enable access to the content via a back door. Two American congressional committees have taken notice of the Canadian bill. Republicans Jim Jordan, chair of the judiciary committee, and Brian Mast, who oversees the foreign affairs committee, sent a letter to Anandasangaree late last week.
The letter argued the bill would drastically expand Canada’s surveillance and data-access powers in ways that create significant cross-border risks to the security and data privacy of Americans. U.S. citizens — or risking exclusion from the Canadian market.
U.S. national security and economic interests by undermining trust in American technology and inviting reciprocal demands from other nations.
