Last Update: 06/03/2026 at 4:25 AM EST
Canada Lawful Access And Metadata Retention
Coverage from Michael Geist, TechRadar, and others
Articles
14
Latest Article
06/01
Active Days
81
Executive Summary
Canada's Bill C-22 is driving debate over mandatory metadata retention, subscriber-data access, and possible encryption workarounds. The strongest signal is opposition from privacy advocates, VPN providers, and major tech firms warning about surveillance expansion, secrecy orders, and cross-border risk.
Key Points
- Bill C-22 would require electronic service providers to retain metadata for up to one year, including location-linked and device-related data.
- The proposal gives law enforcement and CSIS new access routes to retained data, alongside ministerial or secret-order powers that reduce transparency.
- A recurring concern is that lawful-access demands could undermine encryption or force providers to build access mechanisms that weaken security.
- VPN providers, messaging services, and major tech companies are publicly resisting the bill and warning that compliance could conflict with their operating models.
- Civil liberties and legal critics frame the bill as a shift from targeted access toward broader, more systematic data retention and surveillance infrastructure.
- Cross-border implications are a persistent theme, especially around foreign data access, U.S. scrutiny, and Canada's impact on international trust in digital services.
Featured Article
Gary Anandasangaree defended Canada's Bill C-22, which mandates one-year electronic service provider metadata retention for police and CSIS access.
Coverage Timeline: 81 Days
Hover over any logo to see coverage summary, click for full article.
Additional Articles
⭐⭐⭐⭐⭐⭐⭐⭐
Canadian government proposes metadata retention for core providers to store transmission data including location for up to one year in Canada.
Canada's government introduced Bill C-22, the Lawful Access Act, yesterday to limit warrantless subscriber data demands while expanding surveillance capabilities within Canadian networks.
⭐⭐⭐⭐⭐
Canada's Liberal government introduces Bill C-22 in 2026 to compel providers in Canada to retain metadata for one year for law enforcement access.
Canada proposes Bill C-22 to require year-long metadata retention and mandate lawful-access backdoors, with critics citing encryption weakening and increased breach risk.
⭐⭐⭐
ExpressVPN criticized Canada’s proposed Bill C-22 in 2026, warning encryption access and metadata retention requirements would weaken VPN no-logs privacy and security.
Justice Centre for Constitutional Freedoms told a House of Commons committee that Bill C-22 would expand police access to subscriber data and require one-year metadata retention while reducing judicial oversight.
Yanik Guillemette and leaders at Meta, Apple, and Shopify oppose Canada's Bill C-22 after warnings about encryption weakening and surveillance-driven requirements.
Windscribe warns Canada Bill C-22 lawful-access proposals may force user logging, driving possible relocation if parliamentary revisions fail.
Yanik Guillemette and major tech firms criticize Canada's proposed Bill C-22 in 2026, warning encryption compromise could deter AI and cloud investment.
Yanik Guillemette said Bill C-22 amendments, discussed after Standing Committee sessions, risk bulk metadata retention and end-to-end encryption weakening in Canada.
Canadian MPs are scheduled to vote on Bill C-22, expanding metadata retention and data handover for police and CSIS amid opposition from major tech firms and U.S. lawmakers.
Yanik Guillemette in Montreal criticized Bill C-22 amid signals of amendments from Public Safety Canada over encryption and mandatory one-year metadata retention.
⭐️⭐️
On March 19, 2026, Toronto officials unveiled Bill C-22 updates requiring judicial authorization for subscriber information access and potentially up to one-year metadata retention by telecom providers.