Metadata retention has emerged as one of the biggest lawful access concerns, with requirements that providers retain metadata for all subscribers for up to one year. As I argued before the Standing Committee on Public Safety and National Security last week, when retained at scale, the retention becomes a comprehensive surveillance map of virtually every Canadian with information on where and when they go and who they interact with. Under Bill C-22, this data would apply to every subscriber regardless of suspicion. The government’s Charter Statement remarkably fails to address the regime, despite the fact that bulk retention frameworks of this kind have been struck down by the European Court of Justice in Digital Rights Ireland and Tele2 Sverige, and by Germany’s Federal Constitutional Court.
Archive for May 15th, 2026

Law Bytes
Episode 275: David Loukidelis on Why Stripping Privacy Enforcement from Canada’s Privacy Commissioner in Bill C-36 is Unnecessarily Risky Policy
byMichael Geist

June 22, 2026
Michael Geist
Search Results placeholder
Michael Geist on Substack
Recent Posts
Outdated Data and Dubious Comparisons: Digging into the Government’s AI Strategy Adoption Claims
Why Being Locked Out of Frontier AI is The Sovereignty Threat Canada Missed
Blocked Twice: How Bill C-34’s Kids’ Social Media Ban Would Compound the Online News Act’s Harm to Young Canadians’ News Access
The Law Bytes Podcast, Episode 275: David Loukidelis on Why Stripping Privacy Enforcement from Canada’s Privacy Commissioner in Bill C-36 is Unnecessarily Risky Policy
The Data on Australia’s Social Media Ban: The Better the Privacy Protection, The Less Effective the Ban

