Liberals Call Privacy Critics ‘Tinfoil Hat’ After Rushing Surveillance Bill Through Commons

35,000+ smart investors are already getting financial news, market signals, and macro shifts in the economy that could impact their money next with our FREE weekly newsletter. Get ahead of what the crowd finds out too late. Click Here to Subscribe for FREE.

A battle over digital policing turned personal as Parliament prepared for its summer break. After the Liberal government accelerated Bill C-22, the Lawful Access Act, through its final Commons stages, Government House Leader Steven MacKinnon dismissed Conservative objections as conspiracy-driven “paranoia” and said he hoped the “tinfoil hats” would fade. The remark came after privacy regulators, civil-liberties researchers and major technology companies had also raised concerns about the bill’s reach. Bill C-22 is intended to help police and intelligence agencies obtain digital evidence more quickly, but it also creates a framework for secret technical-capability orders and metadata-retention requirements. The Commons passed it on June 18, 2026, after a late-night committee process left dozens of proposed amendments undebated. The dispute now moves to the Senate, where the central question remains: how much surveillance infrastructure should Canada build in the name of lawful access?

A Late-Night Finish That Fuelled the Backlash

The controversy was intensified by the way Bill C-22 cleared the Commons. On June 17, MPs approved a government motion by 166 votes to 150 that imposed a deadline on the public safety committee’s work. By that point, the committee had spent roughly 25 hours examining the bill clause by clause and had adopted about a dozen amendments, but many more remained on the table. The imposed timetable required the committee to finish that night, resulting in the remaining clauses and amendments being disposed of shortly before midnight without full debate.

The next day, the House agreed to deem the amended bill concurred in at report stage, read a third time and passed on division. There was no separate recorded third-reading vote on Bill C-22 itself. That sequence gave critics an unusually vivid example of what “rushing” legislation looks like: a complex digital-surveillance framework moving from unfinished committee scrutiny to passage just before the Commons rose for the summer. Liberals countered that opposition tactics had made ordinary progress impossible and warned that processing the remaining amendments at the existing pace could have delayed completion for years.

What Bill C-22 Would Actually Change

Bill C-22 contains three broad parts. The first rewrites sections of the Criminal Code and related laws governing how police, public officers and CSIS identify service providers, seek subscriber information, examine computer data and request certain records held abroad. One new tool is a confirmation-of-service demand. It allows an officer, based on reasonable suspicion, to require a telecom provider to confirm whether it serves a specified account, identifier or subscriber. A separate production order would let a judge require a service provider to disclose defined subscriber information.

The second part creates the Supporting Authorized Access to Information Act. This is the most disputed portion because it establishes a system under which electronic service providers can be required to maintain technical capabilities that facilitate lawful access. It also permits metadata-retention obligations and imposes confidentiality rules around government orders. The third part requires a parliamentary review after the legislation has operated for three years. In practical terms, the bill is not one single “wiretap power.” It is a package combining new investigative procedures, provider obligations, secrecy provisions, oversight mechanisms and future regulations that will determine how the framework works in practice.

The Government’s Case: Crime Has Moved Faster Than the Law

The Liberal government argues that Canada’s investigative rules were built for an era before smartphones, cloud storage and encrypted global platforms. Police may possess an IP address, telephone number or online identifier connected to an extortion attempt, child-exploitation investigation or national-security threat, yet still lose valuable time determining which company holds the relevant account. Government MPs have described Canada as the only G7 or Five Eyes country without a modern lawful-access regime and say the gap leaves investigators dependent on voluntary cooperation, foreign partners or legal workarounds.

Supporters also stress that obtaining communications content would still generally require judicial authorization. The government says Bill C-22 does not authorize mass surveillance, direct government access to company systems or unrestricted browsing through emails and social-media activity. Its stated purpose is to ensure providers can respond when a lawful order already exists and to create faster routes for obtaining basic identifying information. That distinction matters. A detective trying to identify the account behind a threatening message is not automatically seeking the message history itself. The government’s position is that modern investigations can stall before officers even reach the stage of applying for a conventional search warrant.

The Privacy Commissioner Saw Improvements — and Serious Gaps

Privacy Commissioner Philippe Dufresne did not treat Bill C-22 as identical to its heavily criticized predecessor, Bill C-2. He welcomed several changes, including a narrower confirmation-of-service power, explicit consideration of privacy and cybersecurity when orders are made, and a role for the Intelligence Commissioner in reviewing ministerial orders. That qualified support is important because it shows the debate is not simply divided between people who support policing and people who oppose it. Canada’s privacy watchdog recognized legitimate operational goals while still asking Parliament to tighten the language.

Dufresne recommended turning “subscriber information” into a closed list of specific identifiers, such as a name, address, telephone number and IP address. He also urged Parliament to limit who could be compelled to produce that information and to define “publicly available information” so it excludes material in which a person still has a reasonable expectation of privacy. Those concerns are concrete rather than theoretical. A public-facing profile, leaked database and casually shared location record may all be technically accessible, yet they do not carry the same privacy implications. The Commissioner’s intervention undercut the suggestion that every objection came from partisan obstruction or online conspiracy culture.

Encryption Became the Bill’s Most International Flashpoint

Apple, Google and Meta were among the companies warning that Bill C-22’s technical-capability regime could be used to force changes that weaken encrypted products. Their concern centred on secret ministerial orders and broad future regulations. End-to-end encryption is designed so that only the communicating users possess the keys needed to read content. A platform cannot simply produce readable messages it was never technically capable of decrypting. Building a special route around that design can create a vulnerability that criminals, hostile states or hackers may also try to exploit.

The government amended the bill to state that it must not be interpreted as compelling a provider to decrypt encrypted information. That was a meaningful clarification, but critics argue it may not resolve every scenario in which a provider could be ordered to redesign a service or add a new access capability before encryption is applied. The international stakes are not abstract. Apple previously withdrew an advanced encrypted cloud-backup feature from the United Kingdom after receiving a secret access order there. In Canada, several privacy-focused services warned that incompatible obligations could force them to restrict products or reconsider operating in the country.

Metadata Can Reveal More Than Its Name Suggests

The word “metadata” can sound like harmless technical housekeeping, but it can describe the patterns surrounding communications: when a device connected, which service was used, how accounts interacted or where a signal originated. A single record may reveal little. Thousands of records collected over months can map routines, relationships and movement with striking precision. That is why mandatory retention became one of Bill C-22’s most contentious features, even though the government says access to retained information would still require lawful authority.

The original bill allowed retention requirements lasting up to one year. A government amendment reduced the maximum to six months. Another amendment added review by the National Security and Intelligence Review Agency within 30 days of an order. Those changes narrowed the framework, but they did not settle the deeper objection: the data of large numbers of people who are not suspected of crimes could still be stored so that records exist if investigators later seek them. For a small provider built around collecting minimal information, a retention order could also mean creating a database it deliberately never maintained, increasing both compliance costs and the damage possible from a breach.

Experts Objected to Powers Designed and Used in Secret

A joint analysis by the University of Toronto’s Citizen Lab and the Canadian Civil Liberties Association argued that Bill C-22’s scope, secrecy and technical obligations create constitutional and cybersecurity risks. The researchers were especially concerned that broad orders could require providers to alter their systems without meaningful public or technical scrutiny. They also questioned provisions dealing with voluntarily disclosed and publicly available information, arguing that private companies should not be able to waive customers’ constitutional privacy interests simply by handing information to police.

The analysis also criticized the compressed timetable. Citizen Lab noted that an Australian law involving a comparable technical-access regime underwent 173 amendments, while the Commons committee studying Bill C-22 was initially given only a few weeks. That comparison does not prove Canada must copy Australia, but it illustrates the amount of legislative detail such systems can require. Technology rules often produce consequences through definitions, exceptions and regulations rather than headline powers. A phrase that seems narrow in a political speech can apply to hundreds of services once written into law. That is why critics viewed the unfinished amendment debate as part of the substance of the privacy problem, not merely a procedural complaint.

The ‘Tinfoil Hat’ Remark Changed the Political Story

MacKinnon defended the fast-track decision by accusing Conservatives of obstruction and portraying their arguments as a wall of conspiracy theory and paranoia. He said he hoped the “conspiracies and the tinfoil hats” would disappear and claimed the Liberals had become the party most clearly identified with law and order. The comment gave the government a forceful closing message, but it also bundled very different critics together: opposition politicians, the federal Privacy Commissioner, university researchers, civil-liberties lawyers and global technology firms.

That rhetorical choice may prove more durable than the final Commons debate. Governments often face pressure to frame security legislation as a binary choice between action and weakness. Yet lawful access has repeatedly crossed party lines in Canada. In 2012, a Conservative public safety minister was criticized for suggesting opponents of an earlier bill stood with child abusers; Liberals were then among those objecting. The roles have now partly reversed. For Canadians trying to judge the current proposal, the most useful test is not which party sounds tougher. It is whether each power is necessary, proportionate, reviewable and written narrowly enough to prevent expansion beyond its stated purpose.

The Senate Now Inherits the Unfinished Questions

Bill C-22 received first reading in the Senate on June 18 but had not reached second reading as of June 19. Senators can study the legislation, hear witnesses and propose amendments before deciding whether to pass it. That stage may become especially significant because the Commons committee ended with unresolved proposals still before it. The Senate cannot erase the earlier process, but it can examine whether the new six-month retention limit, encryption language and review requirements are strong enough.

Even if the bill becomes law, the argument will not necessarily end. The legislation requires a parliamentary review after three years, and courts could eventually be asked to assess particular provisions under the Charter’s protection against unreasonable search and seizure. Much will also depend on regulations and on the content of ministerial orders that may not be visible to the public. For an ordinary Canadian, the immediate effect may be invisible: no new icon on a phone and no obvious change to daily browsing. The long-term effect will be structural, shaping what information services must preserve, what capabilities they must build and how quietly government agencies can require those changes.

This Options Discord Chat is The Real Deal

While the internet is scoured with trading chat rooms, many of which even charge upwards of thousands of dollars to join, this smaller options trading discord chatroom is the real deal and actually providing valuable trade setups, education, and community without the noise and spam of the larger more expensive rooms. With a incredibly low-cost monthly fee, Options Trading Club (click here to see their reviews) requires an application to join ensuring that every member is dedicated and serious about taking their trading to the next level. If you are looking for a change in your trading strategies, then click here to apply for a membership.