Privacy Commissioner

Bill C-22 Creates New Surveillance Powers. The Privacy Commissioner Has No Role in Overseeing Any of Them.

The Office of the Privacy Commissioner of Canada is the federal body designed specifically to audit how privacy-affecting government and private-sector practices are conducted. Every recent lawful-access bill in Canada — Bill C-30 (Toews, 2012), Bill C-2 (Strong Borders Act, 2025) — included some statutory role for the OPC in the regime being created. Bill C-22 (Lawful Access Act, 2026) does not. The OPC has no audit role over the bill's one-year metadata-retention requirement, no review role over the Public Safety Minister's secret capability orders, and no complaint jurisdiction over the new regime. The bill instead points to the Intelligence Commissioner as the review body for ministerial orders — a different review body with a different scope. This article walks through what changed between the predecessors and the current bill, and what an OPC role could look like as an amendment.