Canada’s Bill C-22 and the security cost of collecting more data
Canada's Bill C-22 proposes a framework that would require electronic service providers to collect and retain more data. This bill raises concerns about privacy and security, as it could lead to increased surveillance capabilities. The implications of such legislation extend beyond Canada, affecting global privacy expectations for encrypted services.
- ▪Bill C-22 would require secure services to collect more data and retain metadata for up to one year.
- ▪The bill's broad definition of 'electronic service providers' includes many modern internet services.
- ▪Tailscale, a Canadian company, emphasizes the importance of privacy and does not log customer traffic or inspect communications.
Opening excerpt (first ~120 words) tap to expand
{"@context":"https://schema.org","@type":"BlogPosting","image":"https://cdn.sanity.io/images/w77i7m8x/production/74c1f603d3453a7e8e16036153a363928fcfefe5-4608x2372.png","url":"https://tailscale.com/blog/bill-c22-canada","headline":"Canada’s Bill C-22 and the security cost of collecting more data","datePublished":"2026-05-26T21:30:00.000Z","description":"Bill C-22 would push secure services to collect more data, retain more metadata, and build new access paths. That’s bad for privacy, and bad for security.","abstract":"Bill C-22 would push secure services to collect more data, retain more metadata, and build new access paths.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at Tailscale.
Discussion
0 commentsMore from Tailscale
