RSS

Bill C-22 Is a Mess of the Government's Own Making

ethanplant1 pts0 comments

Bill C-22 Is a Mess of the Government’s Own Making · Ethan Plant

"A mess of the government's own making."

Those were the words used by Canadian digital policy expert Michael Geist following Tuesday's committee meeting regarding Bill C-22. And it's honestly the most generous way to describe what's happening.

The government introduced a sweeping lawful access bill. Experts warned that it was overly broad, vague, and technically risky. Major technology companies warned it could undermine encryption and secure systems. Civil liberties groups warned about surveillance powers. Privacy lawyers warned about the rule of law. A House of Commons petition calling for the bill's withdrawal surged into thousands of signatures almost immediately. Committee hearings became chaotic. Opposition MPs argued they didn't have enough information. The Privacy Commissioner's recommendations were apparently not distributed in advance. The government then accused critics of spreading misinformation, while simultaneously making misleading comments that needed to be walked back within hours.

This is not how a serious government should be handling a serious bill.

The government's basic defence has been that people are misunderstanding Bill C-22. We are told it doesn't require backdoors. We're told it does not create new lawful access authorities. We're told it's about modernization, public safety, and ensuring police and intelligence agencies can obtain information under existing legal authorities.

That might be more convincing if the people objecting were confused.

But they are not.

The coalition objecting to this bill includes privacy experts, civil liberties groups, digital rights organizations, major technology companies, VPN providers, legal scholars, software developers, and ordinary Canadians who have taken the time to read what the bill actually says.

At some point, the problem is not that everyone is misunderstanding the bill.

The problem is the bill.

The government keeps answering the wrong question

The government's major defence is that Bill C-22 doesn't require backdoors.

Bill C-22 would not create "backdoors" and weakening of cybersecurity

The Canadian Centre for Cyber Security defines a "back door" as a hidden mechanism that bypasses security controls. Bill C-22 does not require ESPs to create "backdoors" to their systems or the weaken electronic protections, including encryption.

Bill C-22 does not alter the existing responsibility of ESPs to protect their networks from hacking or other unauthorized access. The Government of Canada will be required, by law, to consult impacted ESPs, both in the making of regulations and the issuance of Ministerial Orders, and take into account the potential impact on cost, cybersecurity and privacy protections.

But that doesn't answer the concern.

The concern is not only whether the bill uses the term "backdoor" or explicitly orders a company to bypass encryption. The concern raised by tech providers is whether the bill creates legal pressure for companies to retain data, preserve access capability, avoid deploying stronger encryption, build technical interfaces, comply with ministerial orders, or redesign systems so future access remains possible. That is the heart of this debate.

Modern secure systems are increasingly designed such that even the provider cannot access user content, encryption keys, logs, or other sensitive data. End-to-end encryption, zero-knowledge storage, and no-logs services are not loopholes designed to protect criminals. They're the basic foundation modern secure systems are built on. If a provider does not have access to data, it cannot leak it, misuse it, hand it over by mistake, expose it to insiders, or lose it in a breach.

A government can say they're not asking for a backdoor. But, if the practical effect of the law is to make providers preserve access capability that would not otherwise exist, the architecture still resembles a backdoor.

Apple's stark warning

In front of the Standing Committee on Public Safety and National Security, Apple gave the government a warning it should not be able to ignore.

"As you know, this may be one of the last times we're permitted to discuss the consequences of this legislation publicly."

That line should hang over this entire debate.

Apple continued,

"That's because of the bill's secrecy provisions which forbid companies like Apple from even discussing the orders we receive with our users or the public."

That is an extraordinary, and unsettling thing for a company to have to say to Parliament.

The government wants Canadians to trust that Bill C-22 will not be used to undermine encryption or secure systems. But, if companies can receive technical access orders and then be forbidden from telling users or the public about those orders, the government's reassurance becomes impossible to verify. It is one thing for the government to say, today, in public, that it does not intend to require backdoors...

bill government access encryption systems orders

Related Articles

Amazon, Facebook, FBI have access to a private intelligence-sharing network

root-parent18 ptsseattle prism shield network private intelligence

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini

Agent Memory: An Anatomy

brgsk17 ptsmemory library user agent semantic libraries

SpaceX not the behemoth everyone thought

kaycebasques13 pts_blockquote instagram data vars text media

Naphtha Shortages Having a Growing Impact in Japan

takakaze13 ptsnaphtha packaging products shortages calbee from
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.