May 13, 2026 Apple and Meta have publicly opposed Canada’s proposed Bill C-22, warning it could require companies to weaken or bypass encryption in their products and services. The bill is currently being debated in the House of Commons and is intended to expand law enforcement’s ability to access data more quickly during investigations.
The legislation, introduced by Canada’s Liberal government, is part of a broader effort by governments globally to increase lawful access to encrypted communications. Canadian law enforcement officials argue the bill would help them identify and respond to security threats earlier, particularly in cases involving serious crime or national security.
Technology companies and privacy advocates, however, say such measures risk undermining core security protections built into modern digital systems. End-to-end encryption, used in services like WhatsApp and iMessage, ensures that only the sender and recipient can read messages, with no access even for the service provider.
In a statement, Apple said the bill could directly conflict with those protections.
“At a time of rising and pervasive threats from malicious actors seeking access to user information, Bill C-22, as drafted, would undermine our ability to offer the powerful privacy and security features users expect from Apple,” the company said. “This legislation could allow the Canadian government to force companies to break encryption by inserting backdoors into their products – something Apple will never do.”
Meta raised similar concerns in prepared testimony to lawmakers. The company’s Canadian public policy lead Rachel Curran and privacy director Robyn Greene said the bill’s scope and lack of safeguards could have unintended consequences.
“As drafted, the bill could require companies like Meta to build or maintain capabilities that break, weaken, or circumvent encryption or other zero-knowledge security architectures,” they wrote, adding that it could “force providers to install government spyware directly on their systems.”
Government officials have pushed back on those interpretations. Public Safety Canada spokesperson Tim Warmington said the bill would not require companies to introduce “systemic vulnerabilities” into their systems.
“They know their systems and have a vested interest in keeping them secure,” Warmington said in a statement.
The debate echoes similar tensions seen in other jurisdictions. Provisions in Bill C-22 have been compared to a data access order issued in the United Kingdom, which prompted Apple to withdraw a feature that allowed users to store cloud data with full end-to-end encryption. That request was later dropped after concerns raised by U.S. officials, including Director of National Intelligence Tulsi Gabbard, who warned it could conflict with international data agreements.
At the core of the dispute is a long-standing technical and policy challenge: whether it is possible to give law enforcement access to encrypted data without weakening the underlying security for all users. Security experts have generally maintained that introducing “backdoors” creates risks that can be exploited by malicious actors, while governments argue that encrypted platforms can also shield criminal activity from investigation.
