What Bill C-22 Means for Your AI Data

Lowered legal thresholds, mandatory metadata retention, and remote device access provisions. As AI handles your most sensitive professional and personal data, on-premises inference is the architecture that keeps it beyond reach.

The Bill at a Glance

Bill C-22, the Lawful Access Act, 2026, was introduced on March 12, 2026 by Minister of Public Safety Gary Anandasangaree. It is a revised version of Bill C-2 from 2025, which never reached committee amid public opposition. The bill passed second reading on April 20 and is currently at the committee stage.

The legislation has three parts. Part 1 amends the Criminal Code and CSIS Act to lower the threshold for obtaining subscriber information from "reasonable grounds to believe" to "reasonable grounds to suspect" — a standard below what the Supreme Court established in R. v. Spencer (2014) and R. v. Bykovets. Part 2 enacts the Supporting Authorized Access to Information Act (SAAIA), requiring electronic service providers to build and maintain interception capabilities. Part 3 mandates a parliamentary review three years after royal assent.

1 Year
Mandatory metadata retention for all users of designated providers — not just suspects
$250K
Maximum administrative penalty for providers who refuse surveillance orders
3 Years
Maximum duration for gag orders preventing providers from disclosing surveillance requests

Key Provisions

Remote Device Access

During a May 7, 2026 Standing Committee meeting, Conservative MP Dane Lloyd asked national security law expert Leah West whether C-22 would enable orders requiring companies to "provide the capabilities to turn on a remote microphone." West confirmed this would qualify as an intercept capability under the bill. The legislation requires providers to give "all reasonable assistance" to investigators, including permitting "the assessment or testing of any device, equipment or other thing that may enable an authorized person to access information."

Interception Capability Mandates

The Minister of Public Safety can issue Ministerial Orders compelling service providers — including messaging apps, VPNs, and cloud platforms — to build interception capabilities into their systems. The bill states these orders cannot introduce a "systemic vulnerability," but the definitions of "systemic vulnerability" and "encryption" have been criticized as too vague. Security researchers, the EFF, and both Apple and Meta have argued that building surveillance capability into encrypted systems is fundamentally incompatible with encryption security.

Mass Metadata Retention

Core providers must retain location and transmission metadata for up to one year for all users. University of Ottawa professor Michael Geist described this as creating "a surveillance map of Canadians' movements and communications." The European Court of Justice has struck down similar metadata retention laws as violating fundamental privacy rights. The 2024 Salt Typhoon hack demonstrated that government-mandated interception infrastructure becomes an attack surface: Chinese state actors breached US telecoms through lawful-access systems built for the FBI.

Lowered Thresholds and Secrecy

Subscriber information production orders require only "reasonable grounds to suspect" — a lower standard than a warrant. Providers receiving Ministerial Orders are prohibited from disclosing their existence for up to three years. The bill also confirms that police do not need court orders to use voluntarily provided information or publicly available data, lowering barriers across the board.

Who Counts as an "Electronic Service Provider"

The bill is not limited to telecom companies. Privacy lawyer David Fraser testified that the definition of "electronic service provider" could include banks, hospitals, grocery stores, and hotels — any organization offering an "electronic service" to the public.

For AI specifically, every cloud AI provider qualifies. OpenAI, Anthropic, Google, and Microsoft all run electronic services. Every prompt sent to ChatGPT, every document uploaded to Claude, every codebase shared with Copilot creates data that falls under C-22's retention and access provisions. VPN services, which exist to protect data in transit, would be required to build interception capabilities — undermining their core function.

"The definitions of 'systemic vulnerabilities' and 'encryption' are not clear enough in C-22, leaving wiggle room for the government to demand that companies circumvent encryption." — Electronic Frontier Foundation, "Canada's Bill C-22 Is a Repackaged Version of Last Year's Surveillance Nightmare" (May 2026)

Why AI Changes the Stakes

Previous surveillance legislation was written for a world of phone records and email metadata. AI interactions are fundamentally different. People share more sensitive information with AI tools than with almost any other service — not because they're careless, but because that's what the tools are for.

Legal Professionals

Lawyers paste privileged client communications into AI tools for research, drafting, and analysis. A single prompt can contain solicitor-client privilege — work product that courts have protected for centuries. Under C-22, the AI provider holding that data could be compelled to retain it and, under a Ministerial Order, build access capabilities into the service. The privilege belongs to the client, but the data sits on the provider's infrastructure.

Healthcare Workers

Nurses, doctors, and researchers use AI for clinical decision support, patient record analysis, and medical literature review. A query about a patient's symptoms, medication interactions, or diagnostic considerations can reveal more about someone's health than their medical file. C-22's metadata retention requirements would create records of when and how healthcare professionals access AI tools — information that should never leave the clinical environment.

Small Business Owners

An entrepreneur asking an AI about tax obligations, business structure, or regulatory compliance is sharing their financial situation in detail. Under C-22's lowered threshold, "reasonable suspicion" is sufficient to obtain subscriber information from the AI provider. A legitimate tax question shouldn't create a record accessible to government agencies, but under this legislation, it does.

Personal and Sensitive Data

People confide in AI about relationships, career decisions, financial stress, and health concerns. The data is richer and more intimate than browsing history or call records — it's a record of what people are thinking about. C-22's provisions were not designed with this kind of data in mind, but they apply to it regardless.

The practical consequence: data that people share with AI in confidence — privileged, personal, or commercially sensitive — passes through cloud providers that C-22 classifies as electronic service providers. Those providers can be compelled to retain it, build access to it, and told not to disclose that they've done so.

The Opposition Is Broad — and Deeply Canadian

C-22 has drawn opposition from across the political spectrum, from Canadian tech leaders to civil liberties organizations to foreign governments. What's notable is how much of this opposition comes from Canadian companies that would rather relocate than comply:

Shopify: "A Death Blow to Canadian Tech Viability"

Shopify CEO Tobi Lütke called C-22 "a huge mistake" that "worries me a great deal," adding: "There is so much nonsense in there that it may well end up dealing a death blow to Canadian tech viability." This is Canada's most prominent tech CEO — the founder of a company that powers over 4% of global e-commerce — saying the legislation could make Canada unviable as a place to build technology businesses.

Windscribe: "We Will Not Be Based in Canada"

Toronto-based VPN provider Windscribe, which operates under Canadian jurisdiction, stated it would relocate its headquarters rather than compromise its no-logs policy. "If we can't uphold our privacy policy while based in Canada, we will not be based in Canada," the company wrote. CEO Yegor Sak referenced a 2025 Greek court case where authorities were unable to obtain user data from Windscribe precisely because none was stored — the very architecture C-22 would force them to abandon.

NordVPN, Signal, Apple, Meta

NordVPN warned it would "consider all viable options, including limiting or, if necessary, removing our presence from Canadian jurisdiction" rather than compromise its no-logs architecture. Signal stated it would withdraw from Canada entirely. Apple warned the bill could force companies to "break encryption by inserting backdoors — something Apple will never do." Meta testified that C-22 would "conscript private companies into service as an arm of the government's surveillance apparatus." When companies of this scale would rather exit a G7 market than comply, the legislation has a fundamental design problem.

Canadian Business and Civil Society

The Canadian Chamber of Commerce warned that "strong encryption and consumer privacy are fundamental for economic and national security," urging Parliament to give law enforcement "surgical, proportionate and technologically realistic" authorities rather than overbroad powers. The Canadian Civil Liberties Association, joined by 25+ organizations, called on MPs to scrap the bill's surveillance provisions. The Global Encryption Coalition published an open letter urging withdrawal, signed by the Internet Society, OpenMedia, the Tor Project, and the Center for Democracy and Technology. Law professors Robert Diab (Thompson Rivers University) and David Fraser (Dalhousie) both testified that the metadata retention provisions likely violate Section 8 of the Charter.

US Congressional Opposition

The US House Judiciary and Foreign Affairs Committees sent a joint letter to Minister Anandasangaree warning that C-22 "drastically expands Canada's surveillance and data-access powers in ways that create significant cross-border risks to the security and data privacy of Americans." US companies would face a choice between compromising security for all users or being excluded from the Canadian market — a trade barrier that the same US government is simultaneously pressuring Canada to remove.

The International Pattern

Canada is not alone in this direction. The UK demanded Apple create a backdoor into Advanced Data Protection; Apple responded by revoking the feature for all UK users. Australia's Assistance and Access Act has been in force since 2018 with expanding scope. The US CLOUD Act compels US-based companies to produce data regardless of jurisdiction. The pattern is consistent: governments are expanding access to digital services, and each new law builds on the last. This will not end with C-22.

Why This Legislation Will Keep Evolving

C-22 is the government's second attempt at this legislation. The first, Bill C-2, never made it to committee. C-22 reintroduces the same framework with modest modifications — Intelligence Commissioner approval for Ministerial Orders, explicit bans on retaining content and browsing history, and a mandatory parliamentary review. The core surveillance capabilities remain.

This pattern is not unique to Canada. The UK's Investigatory Powers Act expanded repeatedly after initial passage. Australia's Assistance and Access Act has seen scope creep since 2018. US surveillance authorities under Section 702 have been renewed and broadened multiple times. The direction is consistent: once these powers are established, they tend to expand rather than contract.

For organizations relying on cloud AI, this creates a structural vulnerability that cannot be fixed by policy alone. The data flows through a third-party provider, and legislation will continue to find new ways to reach that provider. The only reliable response is architectural: remove the third party from the equation.

On-Premises AI: Data Without a Provider to Compel

Cloud AI services are electronic service providers under C-22. They can receive Ministerial Orders. They can be compelled to build interception capabilities. They can be gagged from notifying users. The legislation is designed to work because there is a provider between you and your data.

On-premises AI eliminates that provider. When inference runs on hardware you own, in your office, behind your firewall:

No Provider to Compel

Faraday Machines clusters run in your office. There is no cloud provider to serve with a Ministerial Order, no third party that can be required to build an interception capability. C-22's surveillance framework depends on the existence of an electronic service provider in the chain. Remove the provider, remove the mechanism.

No Metadata to Retain

C-22 mandates metadata retention for electronic service providers. On-premises AI generates no cloud metadata. Prompts don't traverse a third-party network. Model interactions don't pass through a provider's logging infrastructure. There is nothing to retain because there is no provider in the loop.

Frontier Models, Sovereign Compute

Kimi K2.6 beats GPT-5.4 on SWE-bench Pro. GLM-5.1 ships under MIT license. Qwen 3.6 offers 1M-token context. These are not compromises — they are frontier models running on hardware you own, without sending a single prompt to a cloud provider.

Structural Compliance

PIPEDA, Quebec's Law 25, Alberta's sovereign procurement rules, OSFI guidelines — all satisfied when data never leaves your premises. No cross-border transfer assessments. No risk of retroactive non-compliance as regulations tighten. And no current or future surveillance legislation can reach data that doesn't flow through an electronic service provider.

References

[1] Electronic Frontier Foundation. (2026). "Canada's Bill C-22 Is a Repackaged Version of Last Year's Surveillance Nightmare." May 2026. Available at: eff.org

[2] Government of Canada. (2026). "Backgrounder — Supporting Authorized Access to Information Act (Bill C-22 — Part 2)." March 2026. Available at: canada.ca

[3] Tobi Lütke, via X (2026). "C-22 is looking like a huge mistake… it may well end up dealing a death blow to Canadian tech viability." Reported by TradersUnion, Benzinga, and others. Available at: tradersunion.com

[4] Windscribe. (2026). "If we can't uphold our privacy policy while based in Canada, we will not be based in Canada." Reddit AMA and X statements. Reported by Tom's Guide, Ground News, and others. Available at: tomsguide.com

[5] BNN Bloomberg. (2026). "NordVPN says it could leave Canada over lawful access bill." May 2026. Available at: bnnbloomberg.ca

[6] Canadian Chamber of Commerce. (2026). "Our Response to the Introduction of Bill C-22, An Act Respecting Lawful Access." March 2026. Available at: chamber.ca

[7] Canadian Civil Liberties Association. (2026). "CCLA and Coalition to MPs: Scrap Unprecedented Surveillance Measures in Bill C-22." May 2026. Available at: ccla.org

[8] CBC News. (2026). "Why the U.S. is noticing this Canadian security bill." May 2026. Available at: cbc.ca

[9] Michael Geist. (2026). "The Global Battle for Data Control." April 2026. Available at: michaelgeist.ca

[10] Parliament of Canada. (2026). LEGISinfo for Bill C-22 (45-1). Available at: parl.ca

Related Resources

🍁
Why Canadian Businesses Can't Depend on US Cloud AI

CLOUD Act exposure, Quebec's Law 25, and the on-premises sovereignty solution.

 🔒
Your Company's AI Data Is Training Your Competitors' Models

Why architecture matters more than policy for protecting proprietary data.

 🧠
DeepSeek V4: The Most Versatile Model You Can Run

Cheaper than GPT-5.5, versatile across tasks, and fully sovereign.

Keep Your AI Data Beyond Legislative Reach

C-22 is the second attempt. There will be a third. On-premises AI runs frontier models on hardware you own, with no provider to compel and no metadata to retain — structurally immune to current and future surveillance legislation.

Schedule a Privacy Assessment
Free C-22 compliance review and deployment guidance