Amid committee hearings on Canada’s Bill C-22, commonly called the lawful access bill, Apple warns the bill could undermine the privacy and safety features it builds into its products.
The lawful access bill seeks to update Canada’s legal frameworks around accessing digital information related to criminal investigations and national security, among other things. However, many of the bill’s components raised concerns among experts, particularly around the bill’s potential impact on privacy.
Apple focused on a few red flags related to Part 2 of the bill, the Supporting Authorized Access to Information Act (SAAIA), which in its current form could allow the federal government to secretly order companies to weaken encryption and create backdoors. The company stressed that creating a backdoor would weaken encryption for all users and potentially create new vulnerabilities for cyber criminals to take advantage of.
Apple shared the following statement about Bill C-22:
“Apple believes privacy is a fundamental human right. It’s one of our core values, which is why we design our products from the ground up to protect our users’ personal data and prioritize their privacy. At a time of rising and pervasive threats from malicious actors seeking access to user information, Bill C-22, as drafted, would undermine our ability to offer the powerful privacy and security features users expect from Apple. This legislation could allow the Canadian government to force companies to break encryption by inserting backdoors into their products – something Apple will never do. We will continue our longstanding cooperation with governments to help protect public safety while also advocating tirelessly against any measures that would put users’ personal data at risk.”
Moreover, if the bill becomes law in its current state, Apple indicated it might not be able to offer some of its products in Canada since it refuses to add backdoors. The company has a history of doing this, such as when it stopped offering its Advanced Data Protection feature in the U.K. after the government sought access to the encrypted data.
Apple also raised concerns over the secrecy aspect of the bill, noting that it would mean any challenge it made to the law would also be secret. That’s in contrast to the company’s previous public fights over privacy, such as when Apple challenged an FBI request to build new software that would allow the agency to unlock an iPhone recovered from a perpetrator in the December 2025 terrorist attack in San Bernardino, California.
The term ‘backdoor’ is commonly used to refer to the creation of a weakness in digital security features like encryption that allow people, such as law enforcement, to look at the encrypted information.
Take end-to-end encryption (E2EE), which is commonly used to protect data in messages such as those sent using Apple’s own iMessage. E2EE works by encrypting the content of messages so that only the sender and receiver — the two ‘ends’ of the conversation — can see the content. Others involved in the transmission of the message, such as telecom providers, internet service providers, and even Apple itself, cannot see the content.
The problem with creating a backdoor is that it creates a vulnerability. And while the intent of Bill C-22 might be to allow law enforcement to access information, there’s no way to guarantee those vulnerabilities won’t be exploited by malicious actors as well.
MobileSyrup may earn a commission from purchases made via our links, which helps fund the journalism we provide free on our website. These links do not influence our editorial content. Support us here.
