Loading...
Canada deserves to know.
Loading...
Tag
10 articles
Bill C-22's defenders argue that the bill's safeguards and stated use cases will prevent the new surveillance powers from being misused. The argument is not new. Canadians have heard versions of it before every previous expansion of federal surveillance authority, from the 1939 establishment of the RCMP Security Service through the 2015 Anti-Terrorism Act. The declassified historical record — through Access to Information releases, court orders obtained by the BC Civil Liberties Association, CBC News investigations, and the formal findings of the Missing and Murdered Indigenous Women and Girls inquiry — shows what was actually done with those powers, after the safeguards were in place. The RCMP surveilled Tommy Douglas (the founder of Medicare) for over 30 years. CSIS told police that Indigenous land defenders at Ipperwash were armed in 1995, a claim that turned out to be false, three days before an OPP officer shot Dudley George. CSIS surveilled peaceful Northern Gateway pipeline opponents and shared intelligence back to Enbridge — the company being protested. This article walks the documented record. It does not claim Bill C-22 will be used in any of these ways; it shows what HAS happened when similar latitude was granted.
On April 8, 2014, the Court of Justice of the European Union (CJEU) handed down its decision in Digital Rights Ireland (joined cases C-293/12 and C-594/12), striking down the EU's Data Retention Directive as invalid. The Directive had required telecoms in member states to retain user metadata — phone numbers, IP addresses, location data, device identifiers — for six months to two years, on every customer, with police access on a production-order standard. The CJEU found this regime to be a "particularly serious" interference with the fundamental rights to private life and personal data protection under Articles 7 and 8 of the EU Charter, and that the interference failed proportionality because (1) the retention applied to all persons without distinction, (2) there was no relationship between the retained data and the threat the regime was meant to address, and (3) safeguards on access were insufficient. The ruling does not bind Canadian courts. The reasoning is highly persuasive and will be central to any future Canadian Charter challenge to Bill C-22.
Bill C-22 contains a provision that civil-liberties advocates from Meta, Apple, the Electronic Frontier Foundation, and academic privacy law have uniformly flagged as the bill's most aggressive feature: the Public Safety Minister's power to issue "capability orders" to electronic service providers. Under Part 2 of the bill (the Supporting Authorized Access to Information Act, SAAIA), the Minister can require a provider to build a specific surveillance capability into their service, maintain it, and not disclose its existence. The provider must comply. The provider is legally prohibited from disclosing that the order exists. The Intelligence Commissioner reviews the Minister's reasonableness on a case-by-case basis. There is no statutory requirement of public reporting — even aggregate. This article walks through how the order is issued, what the provider is and is not allowed to say, how the Intelligence Commissioner's review works in practice, and what amendments could restore public accountability.
The Office of the Privacy Commissioner of Canada is the federal body designed specifically to audit how privacy-affecting government and private-sector practices are conducted. Every recent lawful-access bill in Canada — Bill C-30 (Toews, 2012), Bill C-2 (Strong Borders Act, 2025) — included some statutory role for the OPC in the regime being created. Bill C-22 (Lawful Access Act, 2026) does not. The OPC has no audit role over the bill's one-year metadata-retention requirement, no review role over the Public Safety Minister's secret capability orders, and no complaint jurisdiction over the new regime. The bill instead points to the Intelligence Commissioner as the review body for ministerial orders — a different review body with a different scope. This article walks through what changed between the predecessors and the current bill, and what an OPC role could look like as an amendment.
Bill C-22 (Lawful Access Act, 2026) does not require police to read the content of your communications. It requires "core providers" to retain metadata — who you contacted, when, where, on which device — for one year, on every Canadian. Two former directors of the U.S. National Security Agency have been on record since 2014 that metadata is operationally equivalent-to or more useful than content for surveillance. A Stanford study found that five days of phone metadata is sufficient to identify medical conditions, religious affiliation, and sexual relationships. This article walks through what one year of that data reveals about an ordinary person — not as accusation, but as illustration of what becomes knowable about every Canadian under the bill as drafted.
On April 20, 2026, the House of Commons passed Bill C-22 (Lawful Access Act, 2026) at second reading. The bill is now at the Standing Committee on Public Safety and National Security (SECU), which is the last realistic stage for substantive amendments. This article catalogues the load-bearing Liberal MPs in C-22's path to passage — the bill's sponsor (Public Safety Minister Gary Anandasangaree), three Cabinet members who spoke for the bill at second reading (Justice Minister Sean Fraser, Secretary of State for Combatting Crime Ruby Sahota, Parliamentary Secretary Patricia Lattanzio), the Government House Leader who scheduled the debate (Steven MacKinnon), and the seven Liberal members on SECU led by Chair Jean-Yves Duclos. Each MP's public role on C-22 is described and public-record contact information is included so constituents can reach their representatives. Parliament Audit takes no position on whether the bill should pass; we publish the record and the contact channel.
On April 20, 2026, the House of Commons passed Bill C-22 — the Lawful Access Act, 2026 — at second reading. The bill is now at the Standing Committee on Public Safety and National Security, the last stage where substantial amendments are realistic before the Liberal majority votes it through. The bill mandates one year of metadata retention by "core providers," authorizes the Public Safety Minister to issue secret capability orders to electronic service providers, and lowers the police access threshold for subscriber information from "reasonable grounds to believe" to "reasonable grounds to suspect." Opposition is from a wide coalition: academic privacy law, civil-society groups, the U.S. House Judiciary Committee, technology firms including Meta and Apple, and the Department of Justice's own Charter statement, which is silent on the metadata-retention question. The Privacy Commissioner of Canada has no statutory oversight role under the bill as drafted.
Bill C-12, the Strengthening Canada’s Immigration System and Borders Act, became law on March 26, 2026. The legislation introduces a one-year filing deadline for asylum claims, grants the government power to cancel immigration documents in the "public interest," and restricts claims from people who crossed the border irregularly. Approximately 30,000 refugee claimants have already received notices that their cases may be affected.
On March 25, 2026, the House of Commons passed Bill C-9, the Combatting Hate Act, by a vote of 186–137. The bill creates new Criminal Code offences related to hate symbols and hate speech, and removes a longstanding defence for statements made in good faith based on religious texts. The Liberal-Bloc coalition overcame opposition from the Conservatives, NDP, and Green Party.
Bill C-22, the Lawful Access Act 2026, is currently at second reading in the House of Commons. It would grant law enforcement expanded powers to access subscriber information, require telecom and internet providers to retain metadata on all users for up to one year, and authorize secret government orders compelling providers to build surveillance capabilities into their networks.