The Bill may be in real trouble when even Google, the company that built its empire on knowing everything about you, believes that the government’s surveillance plan may be going too far.
Google has told Canadian lawmakers that Bill C-22 may build a ‘surveillance infrastructure’ that weakens citizens’ cybersecurity.
Google’s submission to the House of Commons public safety committee landed alongside a blunt refusal from Swiss-based Proton VPN. This submission is, besides a trade warning from the Information Technology Industry Council. It’s a U.S. lobby group representing Amazon, Google & Nvidia.
Bill C-22 may compel telecoms, messaging apps, & possibly any Canadian digital service to rebuild their systems for police and CSIS surveillance. This requirement is in addition to storing user metadata for up to a year.
The metadata includes information about who contacted whom, when the contact occurred, and from where, affecting millions of people who may not be suspected of any wrongdoing.
Google, which has faced surveillance accusations in the past, cautioned that this bill could grant the public safety minister broad authority to issue secret orders for data interception. Furthermore, its definition of ‘electronic service provider’ may catch nearly any enterprise operating in Canada.
Google termed the bill’s safeguard against systemic vulnerabilities as dangerously narrow. The law may reduce overall user security without a stronger definition of ‘systemic vulnerability’. This is by creating backdoors that may break end-to-end encryption. Furthermore, create significant cybersecurity risks. Such actions may facilitate foreign interference besides weakening global user privacy, added Google.
Google added that “they do not build backdoors or mechanisms to circumvent end-to-end encryption in their products,” adding that “if they say a product is end-to-end encrypted, it would be end-to-end encrypted.”
Google joins Apple, Meta, & Signal, the last of which has retaliated with threats to leave Canada altogether rather than comply.
Proton VPN’s general manager, David Peterson, was less diplomatic. ‘Complying with foreign surveillance orders without a Swiss legal process may be a criminal offence. Not happening’, he posted on X.
