#billc22

Udbhav Tiwari, vicepresidente de estrategia y asuntos globales de Signal, advirtió que la empresa podría retirarse de Canadá si se le exige cumplir con el proyecto de ley C-22, conocido como la ley de “acceso legal”. Afirmó que Signal “preferiría salir del país” antes que comprometer las promesas de privacidad que ha hecho a sus usuarios (The Globe and Mail). Tiwari también advirtió que los…

We’ve only got a few months to stop Bill C-22. Here’s all that’s at stake:

The Systemic Threat of Bill C-22 Bill C-22 introduces mandatory surveillance capabilities that function as systemic backdoors. It grants the Minister of Public Safety sweeping authority to issue orders forcing virtually any electronic service provider to build interception capabilities into their systems. Furthermore, the bill mandates that these providers retain your metadata—a detailed map of your life, including places you’ve been, who you’ve communicated with, and when you did either—for up to one year.2,3,4

Proponents of Bill C-22 will point to modest improvements made in other parts of the bill since Bill C-2, and argue they’ve ‘fixed’ it. From their perspective, these new capabilities are strictly regulated "front doors.", for warranted access by law enforcement only. However, civil liberties experts and technical experts are making the case that while the government made minor improvements to warrantless access, the dangerous backdoor surveillance risks remain entirely intact. Ultimately, this reboot fails to fix the structural vulnerabilities the legislation introduces.5,6,7

From a systems engineering and cybersecurity perspective, this is a fatal flaw. A structural vulnerability designed for law enforcement is, mechanically, a vulnerability available to anyone who discovers it. We only need to look to the United States, where the FBI recently confirmed that a highly sophisticated state-sponsored hacking group dubbed "Salt Typhoon" successfully breached U.S. telecom networks using this exact type of legally-mandated "lawful intercept" backdoors required by American legislation.8

The AI Risk Multiplier And we’re forcing hundreds of cybersecurity vulnerabilities across our digital lives, at the same time as AI is making finding and abusing these vulnerabilities an order of magnitude faster and easier. Just this month, Anthropic warned in its latest system card that its newest frontier AI models are demonstrating advanced, autonomous capabilities to discover and exploit vulnerabilities with minimal human input. For now, they’re refusing to release these capabilities to the general public; but AI competition is tight, and publicly available models will catch up fast.9,10,11

What is Canada doing here? We are forcing our digital providers to build structural weaknesses into our critical infrastructure, and filling those systems with a year's worth of highly lucrative metadata on every Canadian—right at the exact moment AI systems are radically lowering the barrier to finding and exploiting those exact types of vulnerabilities. And crucially, we’re not just targeting telecom companies like the U.S. did - we’re scoping in all kinds of other digital services.

Our Financial Reality OpenMedia is the leading voice organizing national opposition to Bill C-22. We are hard at work every day coordinating experts, mobilizing public pressure, and breaking down the complex realities of this bill so Canadians understand what’s at stake and can fight back.12,13,14

But we are facing a very difficult month. Our fundraising is falling short at the worst possible time, and we are operating well into the red at the worst possible time. We rely entirely on people-powered advocacy to maintain our independence and our focus on you and your needs. No money from Big Telecom, from Big Tech, or from the government.

Meanwhile, we are watching a slow-moving, titanic catastrophe unfold in Bill C-22; a mistake so large, it could compromise Canadian privacy for the rest of our lives. We need to halt Bill C-22 this summer before these systemic vulnerabilities become law. If you are able to support this critical work, please give now.

Yes - I'll defend Canadian privacy!

Thank you for your continued commitment to our digital rights.

Matt Hatfield Executive Director, OpenMedia

P.S. I bring opportunities to defend our privacy every month; but I rarely say a given bill will directly break your privacy. Let me say it now: Bill C-22, if passed, will compromise the privacy of ALL of your metadata. First to our government, and soon to AI hackers everywhere. If that matters to you, please give generously to this fight!

Sources

C-22 An Act respecting lawful access – LEGISinfo

Ottawa Repackages Its Surveillance Backdoor in Bill C-22 – OpenMedia

The Lawful Access Privacy Risks: Unpacking Bill C-22’s Expansive Metadata Retention Requirements – Michael Geist

A Tale of Two Bills: Lawful Access Returns With Changes to Warrantless Access But Dangerous Backdoor Surveillance Risks Remain – Michael Geist

Ottawa Reboots Its Lawful Access Bill: What C-22 Fixes and What It Doesn’t – Robert Diab

Could Bill C-22 Make Canadians Less Safe? The Systemic Vulnerability Gap in Canada’s New Surveillance Law - Michael Geist

More Surveillance Demands to Come?: Government Admits Bill C-22’s Lawful Access Provisions Could Be Expanded – Michael Geist

Salt Typhoon Hack Shows There's No Security Backdoor That's Only For The "Good Guys" – Electronic Frontier Foundation

Claude Mythos Preview System Card – Anthropic

Anthropic’s Restraint is a Terrifying Warning Sign – The New York Times

ECB warn bankers about new Anthropic model risks, source says – Reuters

Stop Bill C-22 – OpenMedia

See 3

In the rapidly evolving landscape of Canadian law, there is a significant point of confusion regarding “Bill C-22.” Historically, Bill C-22 (2022) was a law centered on the Canada Disability Benefit. However, as of March 2026, a new Bill C-22, titled the Lawful Access Act, 2026, has been introduced.

This new bill is the successor to the long-debated Digital Charter Implementation Act (previously…