After several days of debate in which the opposition to lawful access seemed half-hearted at best, the Conservatives woke up on Monday. MP after MP rose to argue, correctly, that Bill C-22 represents an unprecedented surveillance threat: mandated metadata retention (including location information) for up to a year, security vulnerabilities built into the interception architecture the bill requires, and a weakened legal standard for access to subscriber information. After days of debate with the government visibly struggling to defend its own legislation, this is precisely what the opposition should be targeting (coverage from day one, day two, day three).
Post Tagged with: "privacy"
Is Data De-Identification Dead?: Why the AI Privacy Risk Isn’t What It Learns, But What It Figures Out
In 1997, an MIT graduate student named Latanya Sweeney stunned the privacy world by matching publicly available voter rolls with hospital records stripped of names and addresses to identify the supposedly anonymous medical history of the then-governor of Massachusetts. Three years later, she expanded on that finding by demonstrating that 87 per cent of the U.S. population could be uniquely identified using just three data points: ZIP code, date of birth and gender.
My Globe and Mail op-ed notes that Ms. Sweeney’s work shaped privacy frameworks worldwide, which responded with de-identification standards designed to manage the risk by removing obvious identifiers, applying statistical tests and treating the resulting data as safe to use. Indeed, a core tenet of modern privacy regulation rests on the premise that de-identified data can be used, disclosed and commercialized without compromising individual privacy.
More Surveillance Demands to Come?: Government Admits Bill C-22’s Lawful Access Provisions Could Be Expanded
Debate on Bill C-22, the Lawful Access Act, continued this week with Public Safety Minister Gary Anandasangaree and Secretary of State for Combatting Crime Ruby Sahota leading the government’s case on Wednesday. I posted earlier on the first day of debate, which was notable for what the government chose not to say, as Justice Minister Fraser devoted just a single paragraph to the bill’s expansive metadata retention provisions and offered only process answers to questions about systemic vulnerability risks. The government continues to do its best to ignore the metadata issue, but the most alarming outcome of the debate was the admission that the current bill may only be the starting point, with support for an even broader scope in follow-up regulations or legislation.
The Lawful Access Debate Begins: Canadians Should Pay Attention to What the Government Isn’t Saying
When the government introduced Bill C-2 last year, it buried the lawful access provisions at the end of an omnibus border security bill and said as little about it as possible. The strategy failed, the provisions were abandoned after widespread criticism, and the government spent months consulting stakeholders before trying again. Bill C-22, the Lawful Access Act, is the follow-up attempt. If the first day of House debate on the bill is any indication, the approach hasn’t changed, as the government is once again hoping no one notices what is actually in the bill.
The Global Battle for Data Control: How the 2026 U.S. Report on Trade Barriers Targets Data Sovereignty Worldwide
My Globe and Mail op-ed last week argued that the U.S. is pursuing a two-pronged strategy on cross-border data: the CLOUD Act to assert legal access wherever data sits, and trade policy to pressure countries that try to move their data beyond that reach. This post provides the underlying data that the op-ed could not fit with a fuller picture of what the 2026 U.S. National Trade Estimate Report on Foreign Trade Barriers (NTE) actually says about cloud computing and data sovereignty across the globe.
Recent Posts
AI for All, Details to Follow: Government Releases a Big-Spending AI Strategy That Is Still Short on the Specifics That Matter 
New Privacy Rights in the Morning, Mandatory Metadata Retention in the Afternoon: How Bill C-22 Undercuts the AI Strategy Before It Launches 
From Making Web Giants Pay to Making Taxpayers Pay: Government Announces Plan to Kill the CRTC’s Online Streaming Ruling 
Digital Self-Sabotage: Why Canada’s AI Strategy Is Set to Fail Before it Even Launches 
Why Mark Carney’s Antisemitism Speech Did Not Meet the Moment
