Canada's Bill C-22 is being presented as a modernisation of law enforcement tools. But beneath the legislative language lies an infrastructure architecture with implications that extend far beyond Canada's borders. 

In this episode, Darnley breaks down what the bill actually does, what it enables beyond its stated scope, how it connects to the broader Five Eyes intelligence agenda, and what ordinary Canadians, and citizens of all allied nations, can do to protect their privacy.

Topics Covered

• Bill C-22 — The three pillars: metadata retention, warrantless confirmation demands, and compelled surveillance capabilities.
• Beyond the bill — How surveillance infrastructure expands beyond its stated purpose.
• The backdoor risk — Why compelled capabilities create vulnerabilities for everyone, including criminals and foreign states.
• The data broker loophole — How governments buy your data without warrants.
• Five Eyes — The multilateral coordination behind C-22 and similar legislation globally.
• Apple vs. Google — The architectural and corporate divide in resisting government access.
• The privacy defence stack — VPNs, E2E encryption, offshore hosting, encrypted DNS, and hardened devices.

Key Legislation & Events Referenced

• Canada Bill C-22 (Lawful Access, 2026)
• UK Government secret order to Apple for encryption backdoor (2025)
• India government tracking app mandate (2025)
• France 'ghost user' proposal (struck from final legislation)
• Snowden revelations on Five Eyes supra-national surveillance
• 2010 Chinese hack of Google/Microsoft government warrant compliance systems

Click here to send future episode recommendation

Support the show

Subscribe now to Darnley's Cyber Cafe and stay informed on the latest developments in the ever-evolving digital landscape.