Big Tech is worried Canada is leaving a digital key under the mat for cybercriminals.
What happened: The Liberal government will make amendments to its controversial lawful access legislation, Bill C-22, after fierce opposition from big tech companies, civil liberties groups, and even Canada’s own privacy commissioner.
Catch-up: In its current form, Bill C-22 would require telecoms and internet service providers — including Google, Meta, and Apple — to change their systems to give law enforcement easier access to people’s digital information for criminal investigations.
Tech companies argue that opening up their systems in this way would compromise their encryption and invite more cyberattacks.
After getting a lot of constructive criticism this week, Public Safety Minister Gary Anandasangaree says changes will be made to the bill to better protect end-to-end encryption.
Why it matters: Law enforcement agencies say they simply can’t keep up with the new technologies that criminals are using, and that the lawful access changes will help them better detect and respond to public safety threats. On the other hand, if the bill is too broad, it could encroach on Canadians' privacy and open the door to more serious cyberattacks.
Zoom out: A major U.S. cyberattack in 2024 actually stemmed from similar lawful access changes. Salt Typhoon, a hacking group allegedly backed by Beijing, exploited a telecom system loophole that was created to comply with lawful access legislation. Hackers were reportedly able to intercept phone calls and texts between top government officials, including Donald Trump and JD Vance.—LA
