Messaging app Signal, along with Apple and Meta, are pushing back against Canada’s proposed Lawful Access Act (Bill C-22), with Signal threatening to withdraw entirely from the country rather than compromise its privacy guarantees. Introduced in March 2026 by Public Safety Minister Gary Anandasangaree, the bill would force telecoms, internet providers, and messaging platforms to build surveillance capabilities for police and the Canadian Security Intelligence Service (CSIS) and retain user metadata for up to a year.
Signal’s vice-president of strategy and global affairs, Udbhav Tiwari, declared that the company “would rather pull out of the country than be compelled to compromise on the privacy promises we have made to our users.” The platform stores almost no user data on its servers—only phone numbers, last login timestamps, and account creation dates—with messages and contacts remaining on users’ devices. Apple has likewise signaled it might remove privacy features from Canada if the bill passes unchanged, mirroring its withdrawal of Advanced Data Protection in the United Kingdom last year after similar government demands.
The legislation has drawn sharp criticism from US lawmakers. House Judiciary Committee Chair Jim Jordan and Foreign Affairs Committee Chair Brian Mast sent a letter to Anandasangaree warning that C-22 would “drastically expand Canada’s surveillance and data-access powers” and create “significant cross-border risks” to American citizens. The chairs argued that forcing US-based companies to weaken encryption for all users or exit the Canadian market would harm both national security and economic interests.
Critics highlight that surveillance backdoors are vulnerable to exploitation. The 2024 breach of major US telecoms by Chinese state hackers, which leveraged access points from the Communications Assistance for Law Enforcement Act (CALEA), is cited as a cautionary example. Meta’s Canadian public policy director, Rachel Curran, testified that the bill “could conscript private companies into service as an arm of the government’s surveillance apparatus” and compel them to “build or maintain capabilities that break, weaken, or circumvent encryption.” Despite the government’s claim that the bill is “encryption-neutral,” University of Toronto’s Citizen Lab senior researcher Kate Robertson noted officials were “reticent” when pressed to protect encryption.
Currently under review by a Commons committee, legal experts expect the metadata provisions to face challenges based on Supreme Court precedent that metadata linking online activity to identity is private information. The global surveillance push is also evident in Telegram founder Pavel Durov’s criticism of France and Russia over censorship, and in smartphone makers rejecting forced satellite tracking in India.
