U.S. Congress warns Ottawa on C‑22

Canada’s lawful-access fight just spilled across the border. Two powerful Republican committee chairs in the U.S. House — Jim Jordan at Judiciary and Brian Mast at Foreign Affairs — sent Ottawa a warning on May 8 saying Bill C‑22 could hurt Americans, not just Canadians. That changes the story. It is no longer only a domestic privacy fight about what police and intelligence agencies can demand from tech companies. It is now also a Canada-U.S. trust problem built around encryption, hacking risk, and whether one country can pressure firms to weaken systems used by everyone. ### What is Bill C‑22, exactly? Bill C‑22 is Canada’s new lawful-access bill. Ottawa introduced it on March 12, 2026 as a replacement for an earlier effort, Bill C‑2, that drew heavy backlash. The government says the point is to modernize investigations — basically, to help police and CSIS confirm whether a suspect uses a service, get subscriber information with court authorization, and make it easier to seek data from foreign-based platforms. Ottawa’s pitch is that the law updates old rules for a digital world without opening the door to mass surveillance. (justthenews.com) ### So why are critics so alarmed? The fight is not only about subscriber information. The hotter issue sits in the bill’s second half, where providers could face obligations to build, test, maintain, and support technical capabilities for authorized access. Critics say that language is broad enough to push companies toward built-in interception features or other design changes that make systems easier to penetrate. And once you create a special access path for “good guys,” turns out you have also created something hackers, hostile states, and insiders will try to exploit. (cbc.ca) ### What did the U.S. lawmakers actually say? Jordan and Mast framed the issue in blunt cross-border terms. Their letter says the bill could “drastically expand” Canada’s surveillance powers and threaten the security, privacy, and constitutional rights of Americans whose data passes through services touched by Canadian law. They also argued that forcing companies to weaken protections would undercut trust in U.S. technology and harm American national-security and economic interests. That is a much bigger claim than “we dislike this bill.” It treats C‑22 as an allied-security problem. (michaelgeist.ca) ### Why does encryption keep coming up? Because encryption is the whole hinge of the argument. The Canadian government says the bill is “encryption neutral.” But Apple, Meta, civil-liberties groups, and security researchers have all warned that access mandates can still pressure companies to redesign products in ways that weaken real-world protection, even if the law never uses the word “backdoor.” Think of a bank vault with a secret side entrance. You can call it a lawful entrance if you want — but the security problem is that the entrance exists at all. (justthenews.com) ### Why does Washington care about Canadians’ law? Because digital infrastructure is shared. U.S. companies run services used by Canadians. Canadian orders can hit firms holding Americans’ data. Security changes made for one jurisdiction can ripple across global products. If a major ally starts requiring capabilities that make systems more vulnerable, U.S. lawmakers see that as a precedent that could spread — and as a direct risk to American users, businesses, and government data that sit on the same platforms. (msn.com) ### Is this only a partisan shot from Republicans? It is partisan in form — the letter came from Republican chairs — but the substance lines up with a broader coalition. Meta has publicly opposed the bill. Apple has warned it could weaken encryption. Canadian digital-rights groups and academics have raised similar concerns for weeks. So the U.S. intervention is not creating the argument from scratch. It is amplifying it, and giving it diplomatic weight at a moment when Parliament is still studying the bill. (justthenews.com) ### What happens next? The immediate battlefield is committee review in Ottawa. That is where amendments, carve-outs, and clarifications could land — especially around whether the bill explicitly bars systemic vulnerabilities and protects strong encryption. The catch is that once allies, multinationals, and security experts all start saying the same thing, the political cost of brushing it off rises fast. Ottawa can still argue the bill is narrow. But now it has to prove that narrowness in text, not just in talking points. (about.fb.com) ### Bottom line? This stopped being a niche Canadian surveillance bill the moment Washington called it a risk to Americans. The real question now is simple — can Ottawa write a lawful-access law that helps investigators without creating the kind of weakness everyone else will spend years trying to close? (theglobeandmail.com 1) (theglobeandmail.com 2)