Tech titans Apple and Alphabet’s Google have formally pushed Canadian lawmakers to amend Bill C-22 (the Lawful Access Act, 2026). The firms argue that the online safety legislation—currently being debated in the House of Commons—grants the government overbroad authority to issue secret ministerial directives that could compel tech companies to bypass or fundamentally break encryption on their devices and applications.
Understanding Bill C-22 (The Lawful Access Act)
Introduced by Canada’s ruling Liberal Party in March 2026, Bill C-22 is a repackaged version of surveillance provisions previously stripped out of a broader border security bill. While Part 1 focuses on modernizing how police request basic subscriber verification, Part 2—the Supporting Authorized Access to Information Act—is fueling intense global pushback.
| Aspect of the Bill | Proposed Mandate | Tech & Civil Liberties Concerns |
| Technical Capabilities | “Electronic Service Providers” must design and install equipment enabling law enforcement/CSIS to access data swiftly. | Forces tech firms to build structural “backdoors,” expanding the attack surface for state-sponsored hackers. |
| Bulk Metadata Retention | Mandates core telecommunications and digital providers to store user metadata for up to one full year. | Degrades consumer privacy by transforming personal devices into retroactive government tracking units. |
| Lack of Oversight | The Minister of Public Safety can issue system configuration commands in complete secrecy. | Completely bypasses prior court authorization, blocking companies from being transparent with users. |
Tech Giants Demand a “Judicial Floor”
Appearing before a parliamentary committee, tech executives emphasized that they are not looking to kill Bill C-22 entirely, but rather trying to install critical legal guardrails.
-
Google’s Warning on Creeping Surveillance: Jeanette Patell, Google Canada’s director of government affairs, testified that the boundless nature of the proposed ministerial powers could secretly force product redesigns. She warned that “secret orders are out of step with other democratic countries” and threaten the fundamental principles of end-to-end encryption.
-
Apple’s Stand on Systemic Vulnerability: Erik Neuenschwander, Apple’s senior director for user privacy, countered government claims that these access pipelines can be created without weakening security. Apple argued that a backdoor built for law enforcement is, by definition, an exploitation vector waiting to be found by bad actors.
-
The Judicial Amendment: Both Apple and Google are demanding that any order forcing a company to modify its system capabilities must require explicit prior judicial approval, and that the scope and duration of any accompanying secrecy gag-orders be strictly limited.
The Global Precedent: Tech Firms Aren’t Bluffing
The standoff in Ottawa mirrors an escalating international battle over digital privacy, encryption stacks, and state surveillance.
A History of Pushback: The tech industry’s threats to withdraw services over encryption mandates are real. In early 2025, the UK government issued a secret directive attempting to force Apple to compromise its iCloud Advanced Data Protection encryption. Apple refused and disabled the cloud feature for all UK users rather than implement a workaround.
Similarly, the encrypted messaging app Signal has already warned Canadian lawmakers that it will entirely pull out of the Canadian market if Bill C-22 passes in its current form. Adding pressure from across the border, the chairs of the US House Judiciary and Foreign Affairs Committees have written to Canada’s Public Safety Minister, warning that the bill threatens cross-border data treaties and US national security.
