JAY GOLDBERG: Bill C-22 cannot be saved and must be scrapped

Article content

As Parliament considers possible amendments to Bill C-22, the Carney government’s so-called Lawful Access Act, it’s time to speak the truth: this legislation cannot be saved in its current form and must be scrapped.

Article content

In recent weeks, encrypted messaging services, VPN providers, social media companies, and civil liberties groups have sounded the alarm on Bill C-22. Signal has said it will leave the Canadian marketplace altogether rather than adhere to Bill C-22 in its current form. Windscribe, a Toronto-based VPN provider, has said it will move its headquarters out of Canada should the bill pass as-is.

Article content

Recommended Videos

Article content

Meta and Apple, too, have raised significant concerns. And more than 25 leading civil society groups signed an open letter warning Bill C-22 would be “the most expansive invasion of Canadian privacy rights in modern history.”

Why is Bill C-22 so dangerous?

For one thing, it would force companies to retain Canadians’ metadata for up to one year, essentially taking a wrecking ball to private encrypted communication in Canada. As University of Ottawa Law Professor Michael Geist put it, “Retained at scale, that data amounts to a comprehensive surveillance map of virtually every Canadian, including where they go, when they go there, and who they communicate with.”

If that doesn’t scare you, it should.

Article content

Article content

And encrypted messaging platforms have made it crystal clear there is no way to give the government “lawful access” into their encrypted services without opening a backdoor that breaks encryption for everyone.

This makes perfectly logical sense. How would it be possible to open the door so law enforcement can access encrypted messages without also allowing for the possibility of letting bad actors in?

Messages are either encrypted or they aren’t. By opening a backdoor into encrypted messages, Bill C-22 would destroy encryption for everyone in Canada, which is why Signal, Meta, Apple, and others have expressed such significant concern. As Signal’s Vice President of Strategy and Global Affairs, Udbhav Tiwari, told the Globe and Mail, “End-to-end encryption is incompatible with exceptional access, no matter how creative the route taken to achieve it.” Apple issued a similar warning: “This legislation could allow the Canadian government to force companies to break encryption by inserting backdoors into their products – something Apple will never do.”

VPNs face a similar issue. VPNs exist to provide some relative privacy related to IP logs for their users, precisely what the government wants preserved for a period of one year under the present legislation.

Article content

Because the U.S. does not have a similar kind of obligation placed on encrypted messaging providers or VPNs, there can be little doubt that, should the bill pass as-is, Canadian companies, like Toronto-based Windscribe, will head south of the border. As Geist again puts it, “VPNs and other services will surely leave Canada rather than architect their systems to retain metadata on every single user for a year.”

The last thing Canada needs is even more of a tech sector exodus because of bad legislation.

Government in denial

The government has responded by saying that, somehow, all of these companies and industry experts are misreading the bill and blowing things out of proportion. Public Safety Minister Gary Anandasangaree’s office issued a statement saying the government “categorically rejects” any claims Bill C-22 introduces so-called back doors into products.

But that’s exactly what Bill C-22 in its current form would do. Both companies and industry experts have confirmed exactly that. Clearly, the government is in denial about what its own legislation actually does.

It’s time for the government to admit that Bill C-22, like Bill C-2 before it, is a flawed and dangerous piece of legislation. Anandasangaree and Prime Minister Mark Carney must scrap this bill entirely and go back to the drawing board to produce legislation that actually safeguards the privacy rights of Canadians, not create new backdoors and data mandates that will further erode our online freedoms.

Jay Goldberg is the North American Affairs Manager at the Consumer Choice Center

Article content