RSS

Dontsurveil.me

laurex1 pts1 comments

Canada is about to weaken every lock on your private messages — dontsurveil.me

Skip to content

dontsurveil.me

01

← All Announcements<br>Threat vectors<br>Act

01

Bill C-22 • Canada • May 2026

For the last decade, your messages have had a lock on them.

Only you, and the person you're talking to, hold the key. Not the app. Not the company. Not the government. You probably don't think about it. That's the whole point — it just works.

Until, possibly, the end of this summer.

What Bill C-22 would do

Every messaging app in Canada would be required to build a second key.

With Bill C-22, the government would hold the copy. The lock you trust would no longer be a lock only you can open. It would be a lock the locksmith was ordered to duplicate.

The paradigm shift

Today

Only you have the key.

Even the app's own engineers can't read your messages.

If a court demands the content, Signal has nothing to hand over.

A hacker who breaks in finds noise, not your conversations.

If Bill C-22 passes

A copy of the key must exist.

The provider must build a way in, even when they don't want to.

A court can demand the content. The provider must comply or be fined.

A hacker who finds the way in walks through it. It has happened.

Why this is about you

It touches almost everything you do online.

It's tempting to read a bill called "Lawful Access" as something that affects other people. In practice, the architecture it would build sits inside the apps and services you use every day.

If you text family or friends

Every message you send through Signal, iMessage, WhatsApp, or Messenger becomes legally reachable. Today, the company can't read them. Under this bill, it would be required to be able to.

If you message a doctor or therapist

The confidentiality you assume when texting your clinic, scheduling a sensitive appointment, or messaging through a patient portal relies on the same encryption this bill weakens. Health-care apps are in scope.

If you talk to a lawyer

Solicitor-client privilege depends on confidential communication. End-to-end encryption is how that promise gets enforced in practice today. A backdoor doesn't recognize privilege.

If you're a journalist or source

Source protection becomes structurally harder. A backdoor doesn't distinguish between a whistleblower exposing corruption and a leak of state secrets. Both flow through the same compromised channel.

If you organize, protest, or dissent

Activist coordination, advocacy work, and political organizing all rely on private communication. Surveillance burdens historically fall hardest on already-policed communities. This bill continues that pattern.

If you run a small business

"Electronic service provider" is defined broadly — your SaaS, your booking system, even a small clinic's patient portal can fall in scope. Some orders come with gag clauses. None come with funding.

If you cross borders

Once Canada builds this framework, foreign governments can request data through mutual legal assistance treaties. Your data — including data created entirely within Canada — becomes reachable by states whose privacy norms differ from yours.

If you're escaping harm

Survivors of intimate-partner violence and stalking often rely on encrypted messaging to coordinate with shelters, lawyers, and family without being tracked. A mandated way around encryption doesn't ask who's looking — it opens the door for whoever finds it.

We already know how this ends

In 1994, the United States passed a law just like this. Phone companies were required to build a second key into their networks.

For thirty years, it sat there. Working as intended.

Then, in 2024 —

stolen.

A hacking group linked to the Chinese state walked through the lawful-access infrastructure of every major U.S. phone carrier.

They listened to calls. They read texts. They watched the data of presidential campaigns.

They were inside for months before anyone noticed.

The copy was the door.

The attack is called Salt Typhoon. Afterwards, Canada's own Centre for Cyber Security joined twelve other governments' cybersecurity agencies in formally recommending more encryption, not less.

What this bill does, by threat vector

What this bill actually compromises.

Bill C-22 isn't a single law doing a single thing — it crosses multiple distinct categories of digital surveillance. Tap any vector to see the plain-language explanation and the specific bill section where it lives.

01

Encryption mandates<br>The state forces providers to build a way around end-to-end encryption.

Plain<br>The Minister of Public Safety can order any designated "core provider" to build the operational and technical capability to give state actors access to user information — even when that information is end-to-end encrypted. There's a "systemic vulnerability" safeguard, but Meta, Apple, Signal, and NSIRA all say it's inadequate because the Governor in Council retains unilateral authority to define what counts as a "systemic...

bill canada build through encryption lock

Related Articles

Elevated error rates on requests to multiple models

recroad9 ptsclaude incident islands rates elevated error

Donald Trump and sons to be 'forever' exempt from tax audits

doener9 ptsdigital access newsletters premium financial times

PopuLoRA: Co-Evolving LLM Populations for Reasoning Self- Play

AMavorParker8 ptstasks model training self populora play

Old Reddit Is Down

Crunsher7 ptsdata autoplay videoplayerelement comments function false

The ultimate female fantasy – A feminist critique of Beauty and the Beast

muge6 ptsbeast story paglia beauty older butler
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.