Bill C-2 and Supporting Authorized Access to Information Act
Tucked away in Bill C-2 <https://www.parl.ca/legisinfo/en/bill/45-1/c-2>
is Part 15, which enacts the "Supporting Authorized Access to
Information Act". I uploaded the text here for easy reading.
http://www.fastquake.com/files/supporting-authorized-access-to-information-act.pdf
This act allows the Minister of Public Safety to secretly(!) order any
electronic service provider (extremely broadly defined — any service
that involves computers or digital data in any way) to implement, among
other things:
the development, implementation, assessment, testing and maintenance
of operational and technical capabilities, including capabilities
related to extracting and organizing information that is authorized to
be accessed and to providing access to such information to authorized
persons
the installation, use, operation, management, assessment, testing and
maintenance of any device, equipment or other thing that may enable an
authorized person to access information
Or for the Governor in Council to create regulations to publicly require
a class of such services to do the same.
This is a pretty concerning expansion of government surveillance power.
I am not at all confident that existing restraints (some of which are
weakened by other parts of Bill C-2) are enough to prevent this from
being misused. And implementing any kind of soft backdoor increases the
attack surface — increasing the number of ways that private data is
stored and processed internally — adding yet another way for your data
to be compromised.
If you are concerned about this, I encourage you to tell your Member of
Parliament.
- John