Analysis of Canadian Surveillance Law Expansion Under Bill C-22 – CitizenLab
10 hours ago
- #cybersecurity
- #surveillance law
- #privacy rights
- Bill C-22, the Lawful Access Act, proposes sweeping new surveillance powers and obligations for Canadian law enforcement and electronic service providers, raising serious constitutional and human rights concerns.
- The Supporting Authorized Access to Information Act (SAAIA) under Part 2 creates a surveillance capability regime allowing the government to impose open-ended obligations on service providers, potentially undermining privacy and cybersecurity, including mandatory metadata retention deemed likely unconstitutional.
- Provisions regarding 'publicly available information' and 'voluntary disclosure' contradict Charter jurisprudence by suggesting no privacy protections exist for public data and allowing third-party consent to waive user privacy rights.
- The bill's fast-tracked legislative process lacks adequate scrutiny, with only three weeks for committee study, compared to more time given to less complex bills and extensive amendments for similar laws abroad.
- Bill C-22 is linked to international data-sharing agreements like the Second Additional Protocol to the Budapest Convention and a potential Canada-US CLOUD Act deal, but the government has failed to disclose details, risking dilution of Canadian constitutional standards and human rights protections.
- Recommendations include withdrawing problematic parts of the bill, especially SAAIA, and suspending study until the government complies with transparency policies regarding treaty implementation, with amendments suggested only as last-resort harm reduction measures.