Canada’s Bill C-2 Opens the Floodgates to U.S. Surveillance

EFF update
1 day 13 hours ago

The Canadian government is preparing to give away Canadians’ digital lives—to U.S. police, to the Donald Trump administration, and possibly to foreign spy agencies.

Bill C-2, the so-called Strong Borders Act, is a sprawling surveillance bill with multiple privacy-invasive provisions. But the thrust is clear: it’s a roadmap to aligning Canadian surveillance with U.S. demands. 

It’s also a giveaway of Canadian constitutional rights in the name of “border security.” If passed, it will shatter privacy protections that Canadians have spent decades building. This will affect anyone using Canadian internet services, including email, cloud storage, VPNs, and messaging apps. 

A joint letter, signed by dozens of Canadian civil liberties groups and more than a hundred Canadian legal experts and academics, puts it clearly: Bill C-2 is “a multi-pronged assault on the basic human rights and freedoms Canada holds dear,” and “an enormous and unjustified expansion of power for police and CSIS to access the data, mail, and communication patterns of people across Canada.”

Setting The Stage For Cross-Border Surveillance 

Bill C-2 isn’t just a domestic surveillance bill. It’s a Trojan horse for U.S. law enforcement—quietly building the pipes to ship Canadians’ private data straight to Washington.

If Bill C-2 passes, Canadian police and spy agencies will be able to demand information about peoples’ online activities based on the low threshold of “reasonable suspicion.” Companies holding such information would have only five days to challenge an order, and blanket immunity from lawsuits if they hand over data. 

Police and CSIS, the Canadian intelligence service, will be able to find out whether you have an online account with any organization or service in Canada. They can demand to know how long you’ve had it, where you’ve logged in from, and which other services you’ve interacted with, with no warrant required.

The bill will also allow for the introduction of encryption backdoors. Forcing companies to surveil their customers is allowed under the law (see part 15), as long as these mandates don’t introduce a “systemic vulnerability”—a term the bill doesn’t even bother to define. 

The information gathered under these new powers is likely to be shared with the United States. Canada and the U.S. are currently negotiating a misguided agreement to share law enforcement information under the US CLOUD Act. 

The U.S. and U.K. put a CLOUD Act deal in place in 2020, and it hasn’t been good for users. Earlier this year, the U.K. home office ordered Apple to let it spy on users’ encrypted accounts. That security risk caused Apple to stop offering U.K. users certain advanced encryption features, , and lawmakers and officials in the United States have raised concerns that the UK’s demands might have been designed to leverage its expanded CLOUD Act powers.

If Canada moves forward with Bill C-2 and a CLOUD Act deal, American law enforcement could demand data from Canadian tech companies in secrecy—no notice to users would be required. Companies could also expect gag orders preventing them from even mentioning they have been forced to share information with US agencies.

This isn’t speculation. Earlier this month, a Canadian government official told Politico that this surveillance regime would give Canadian police “the same kind of toolkit” that their U.S. counterparts have under the PATRIOT Act and FISA. The bill allows for “technical capability orders.” Those orders mean the government can force Canadian tech companies, VPNs, cloud providers, and app developers—regardless of where in the world they are based—to build surveillance tools into their products.

Under U.S. law, non-U.S. persons have little protection from foreign surveillance. If U.S. cops want information on abortion access, gender-affirming care, or political protests happening in Canada—they’re going to get it. The data-sharing won’t necessarily be limited to the U.S., either. There’s nothing to stop authoritarian states from demanding this new trove of Canadians’ private data that will be secretly doled out by its law enforcement agencies. 

EFF joins the Canadian Civil Liberties Association, OpenMedia, researchers at Citizen Lab, and dozens of other Canadian organizations and experts in asking the Canadian federal government to withdraw Bill C-2. 

Further reading:

  • Joint letter opposing Bill C-2, signed by the Canadian Civil Liberties Association, OpenMedia, Citizen Lab, and dozens of other Canadian groups 
  • CCLA blog calling for withdrawal of Bill C-2
  • CitizenLab (University of Toronto) blog post on Canadian CLOUD Act deal
  • CitizenLab blog post on Bill C-2
  • EFF one-pager and blog on problems with the CLOUD Act, published before the bill was made law in 2018
Joe Mullin

[B] [パレスチナと西サハラの不幸は国連の責任」【西サハラ最新情報】  平田伊都子

日刊ベリタ
1 day 14 hours ago
「私は、2週間お休みしま〜す」と、ステファン・ドウジャリク国連事務総長報道官は、7月23日の国連定例記者会見室をニコニコしてバイバイしました。 イスラエル軍に包囲されたパレスチナのガザでは、この瞬間もガザ市民が砲弾と飢餓でなぎ倒されています、、国際社会の支援団体が、脅迫されたり拷問されたりしています、、 ニューヨーク国連の一部が、アメリカの拠出金未払いとアメリカの援助金大幅削減による資金不足で、ケニヤに引っ越しを迫られています、、
日刊ベリタ

【JCJ8月集会】戦後80年~私たちは今どこにいるのか 8月9日(土)13時30分から16時30分 エデュカス東京

日本ジャーナリストクラブ(JCJ)
1 day 16 hours ago
■開催趣旨と呼びかけ 戦後80年の今年は、JCJ(日本ジャーナリスト会議)がスタートしてから70年にあたります。戦時中ジャーナリズムが政府や軍部に抗うことなく戦争へ加担した反省からJCJは「再び戦争のためにペンを、カメラを、マイクをとらない」を誓い、活動を続けてきました。戦後80年をジャーナリズムの立場から検証していく、今回の集会では戦後の日本社会の転換点を見つめ、これからの私たちの歩む道を考えます。■報告とシンポジウム 片 山  夏 子 さん(かたやま なつこ 東京新聞福島..
JCJ