The lawful access debate in Canada has to date focused on privacy concerns such as access to subscriber information, mandatory metadata retention, and international production orders. But there is another dimension to Bill C-22 that has received less attention and may matter even more to the daily security of Canadians: the risk that the bill’s surveillance-capability requirements and lack of clarity about systemic vulnerabilities will make Canadians less secure. The international experience with similar laws is not reassuring, as it points to risks of hacking, removal of security features that protect users, and reduced investment and innovation. Bill C-22 heads in much the same direction.
Archive for April 8th, 2026
Recent Posts
The Law to Be Named Later: Bill C-34 Punts 50 Key Decisions to Cabinet and a Digital Safety Commission That Does Not Yet Exist 
Everything All At Once: Bill C-34 Combines Platform Duties, a Kids’ Social Media Ban, AI Chatbot Regulation, and a Powerful Digital Safety Commission Into a Risky “Trust Us” Bet 
Yet Another Trade Battle Brewing: Why a Kids’ Social Media Ban Could Put Canada on a Collision Course With the U.S. 
Everything You Wanted to Know About a Kids’ Social Media Ban (But Were Rightly Afraid to Ask): A FAQ on Age Verification and Mandated ID for Everyone 
Bill C-22’s Clause-by-Clause Problem: The Government Includes Agencies Seeking Lawful Access Powers But Blocks the Privacy Commissioner’s Return
