Signal, DuckDuckGo, and NordVPN threaten to exit Canada if metadata surveillance law passes

[Daniel Sims]

The takeaway: Another day, another government attempt to force tech companies to build backdoors. This time, Canada is proposing legislation that would require companies to retain certain metadata and provide law enforcement with access to it. Predictably, many tech players have sharply criticized the proposal, with some saying they would rather leave the Canadian market than comply.

The latest version of Canada's Bill C-22 would require digital services such as internet service providers, messaging platforms, email providers, and potentially hardware companies to retain up to one year of user metadata. In addition, tech companies would have to implement mechanisms that allow authorities to obtain "lawful access" to that information for criminal investigations. Critics argue the proposal amounts to another government-mandated backdoor.

During his testimony before the House of Commons Standing Committee on Public Safety and National Security, Signal executive Udbhav Tiwari said Bill C-22 would turn everyday digital tools into a surveillance network. He argued that requiring companies to retain metadata about users' communications runs counter to Signal's privacy practices.

A spokesperson for DuckDuckGo also confirmed that the company would remove its VPN service from Canada if Bill C-22 passes. NordVPN and other VPN providers have made similar statements.

Apple and Google have also joined industry warnings that the legislation could force them to weaken encryption. Last year, Apple successfully opposed a similar proposal in the United Kingdom that would have required it to build a backdoor into iCloud. The incident was the latest in a series of conflicts between the Cupertino-based company and government regulators over security and user privacy.

The primary concern is that malicious actors would inevitably discover and exploit any digital backdoor, regardless of whether it was designed exclusively for law enforcement or domestic government agencies. OpenMedia, which has described C-22 as an attempt to create a surveillance state, pointed to a late-2024 incident in which Chinese state-backed hackers compromised government-mandated police wiretap systems to steal sensitive data from AT&T, Verizon, Lumen Technologies, and other telecom providers.

Public Safety Minister Gary Anandasangaree said last week that C-22 will be amended so that digital service providers will not be required to break encryption. However, the requirement to retain metadata would remain unchanged.

A security researcher recently accused Microsoft of intentionally introducing a backdoor into its BitLocker encryption system and then attempting to silence them after they raised concerns. After the researcher publicized the exploit, Microsoft released an out-of-band mitigation but stopped short of confirming whether the flaw was intentional.

Permalink to story:

Signal, DuckDuckGo, and NordVPN threaten to exit Canada if metadata surveillance law passes

 

[Theinsanegamer]

Canada speed running the great dystopia. Given their attempts to make it legal for their kangaroo court.....I mean, "human tribunals" to arrest and charge you with crimes and fine you for saying mean things on the internet, this should chill anyone in Canada who hasn't yet left that cold wasteland.

 

[yRaz]

What the hell is going on in the world. What is the end game here? I'm not big on conspiracy theories, but it seems like lots of places are trying to make them true if you look at the actual crime rates, I doesn't make sense violate the rights of hundreds of millions of people for their own protection.

 

[Theinsanegamer]

What the hell is going on in the world. What is the end game here? I'm not big on conspiracy theories, but it seems like lots of places are trying to make them true if you look at the actual crime rates, I doesn't make sense violate the rights of hundreds of millions of people for their own protection.

If you consider humans as chattle to run the tax making machine and not people, it makes a lot more sense.

The internet has shattered the false narratives different groups the world over use to maintain power, and they are trying to find ways to suppress opposition and cement their power without going full Soviet over it. So they pass these laws allowing them to track everything to monitor for wrong think and gradually increase the scope.

Look no further than London. They passed anti speech laws under the guise of fighting "hate", now thousands have been arrested for "offensive" words, they're challenging CHINA for number of arrests. CHINA!

This is the future of the sudo democracies of the west. Also notice how many of the countries doing this are former UK colonies?

 

[NumberNine]

Step One: Collect everything.
Step Two: Mine the data.
Step Three: Use the data.

USA implemented wholesale collection and skimming of all internet traffic via internet service providers long, long ago. They don't just retain the metadata. They retain whatever they want. They hold encrypted data in limbo until the ciphers are broken. Governments the world over compete to do the worst before someone else does it to them. That being reality, I struggle to find sympathy here. Executives, politicians, and shareholders working together to take more than they need or deserve. Nothing new.

 

[Haaky]

GoodBye, and good ridinouse
Don't let the door hit you in the butt on the way out

 

[LordVile95]

The concern here doesn’t really make sense. The data is already collected and most of these companies retain it and more indefinitely, it just enshrines that they have to give it over to law enforcement. There’s no new vulnerability created.

 

[jonny888]

The concern here doesn’t really make sense. The data is already collected and most of these companies retain it and more indefinitely, it just enshrines that they have to give it over to law enforcement. There’s no new vulnerability created.

Nothing you've said here is true.

 

[Anton Longshot]

What the hell is going on in the world. What is the end game here? I'm not big on conspiracy theories, but it seems like lots of places are trying to make them true if you look at the actual crime rates, I doesn't make sense violate the rights of hundreds of millions of people for their own protection.

It doesn't make sense to sane people. But there have always been people in the governments who believe turning the world into a surveillance nightmare is the right price to pay in exchange for a little PERCEIVED security.
Of course none of these *****s think THEY would come under 24/7 surveillance too should they succeed. They're the ones in power so they're exempt.
They're basically morons who don't belong in the positions they're in.

Need I explain I really dislike people like these? I wish we had a better option than 'democracy' because more often than not the system's abused by bad people. The core of the problem is that 'normal' people don't like power so they don't become politicians. Perhaps one day AI will replace them - I find it hard to imagine AI will perform worse.

 

[Axeia]

This is the future of the sudo democracies of the west. Also notice how many of the countries doing this are former UK colonies?

Plenty of stupid to go around in the UK itself still.
You can get arrested there for posting something 'mean' online or just critiquing someone in a group chat. Literally multiple police offers showing up on the doorstep to take you in.
Combine with something like Canada wanting to spy on your VPN traffic and I'm sure that'll end well.

 

[pnntmp]

If Canada's fall continues at current speed, it will become similar to authoritarian dictatorships like China/Russia/etc. pretty soon.
I have no idea what the hell is going on there, but looks like the leftists managed to destroy the country almost completely during the Covid hysteria.

 

[gamerk2]

What the hell is going on in the world. What is the end game here? I'm not big on conspiracy theories, but it seems like lots of places are trying to make them true if you look at the actual crime rates, I doesn't make sense violate the rights of hundreds of millions of people for their own protection.

Yes it does, because ITS WHAT THE PUBLIC WANTS.

This goes all the way back to the Patriot Act, which proved people are more then willing to give up their rights in order to "feel" safe.