Canada Needs Privacy Law Reforms Now!

Every day, our data is mined, monitored, and misused by corporations, political parties, and government agencies. Surveillance is creeping into our daily lives and workplaces, careless data breaches continue, foreign social media platforms fail to protect minors’ data,¹federal agencies mishandle sensitive information.² Big Tech ignores our “rights to be forgotten” and continues to profit from our personal data, and even use our data to train AI models.^3,4

Meanwhile, the government keeps pushing bills that weaken encryption—the foundation of privacy—and is even expanding unchecked access to personal information that can be exposed to foreign regimes.

Canadians are caught between increasingly intrusive technologies and weak protections. Our privacy has slipped out of our hands, while the privacy laws meant to protect us are decades old.^5,6 It’s time for a pro-privacy reset; and if enough of us speak up, we can make it happen. Send a message to your MP today and demand #Privacy4Canadians!

To: Your Member of Parliament

Please feel free to edit your letter below.

Dear {contact_data~firstName} {contact_data~lastName},

As a resident of your riding, I’m writing to express my deep concern about the state of Canadians’ privacy and urge your action to pass strong, modern federal privacy laws. Every day, surveillance creeps further into our lives—from Toronto FreshCo cashiers wearing bodycams, to employee monitoring in workplaces, massive password leaks, and data breaches affecting millions of users on platforms like recent ones at Gmail, Toys 'R' Us Canada, and TikTok. Federal agencies continue to mishandle sensitive refugee and asylum data, while Big Tech like Google disregards our “right to be forgotten” and even LinkedIn uses our data to train AI models.

Unfortunately our government’s recent efforts are making our privacy worse, not better. In recent months, it has introduced multiple bills that weaken encryption and expand unchecked access to personal information: Bill C-2 under the guise of “stronger borders,” Bill C-8 in the name of “cybersecurity,” Bill S-209 claiming to “protect children,” and Part 4 of Bill C-4, which undermines voter privacy. Canadians are caught between intrusive technology and weak protections, while Canada’s Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA) are decades old and increasingly out of date.

I urge you to take action and support:

1. Reintroduce a new-and-improved Consumer Privacy Protection Act (Part 1 of former Bill C-27) and rename it the Canadian Privacy Protection Act, putting privacy as a fundamental human right at its core;

2. Withdraw the deeply flawed Bill C-2 (Strong Borders Act), which would open the door to mass surveillance and unchecked cross-border data sharing;

3. Fix Bill C-8 to protect encryption, strengthen oversight, and ensure cybersecurity laws don’t come at the expense of our privacy;

4. Protect voter privacy once and for all by closing loopholes that let political parties collect and exploit personal data without following the same privacy laws as everyone else.

It’s time for serious reform. Please act now to protect #Privacy4Canadians!

Sincerely,
{user_data~First Name} {user_data~Last Name}

*You can resize the text box by dragging the corner toggle to view the full text.

A complete Canadian address is required to submit your message. Please enter a complete Canadian address to continue. We will notify your representative.

First Name

Last Name

Your Email

Street

City

Postal Code

Or...

Uncheck this box to unsubscribe from all updates.

Receive campaigns in English

This campaign is hosted by OpenMedia. We will protect your privacy, and keep you informed about this campaign and others. Find OpenMedia's privacy policy here.

What laws govern privacy in Canada?

There’s two sets of federal laws that govern privacy in Canada: the Privacy Act,⁷ which governs how government agencies can handle our sensitive data, and the Personal Information and Electronic Documents Act (PIPEDA),⁸ which governs how companies and individuals handle our sensitive data.

The Privacy Act was established in 1983 to define Canada’s laws around how our government and its agencies should govern and protect our privacy, and has never been substantially updated to reflect the digital era. PIPEDA, while newer, is still a law that dates back over two decades, and hasn’t been substantially updated since 2015.⁹

Why do we need privacy law reform now?

Canada’s privacy laws are decades old, written long before AI, smartphones, and the modern Internet. They fail to reflect the scale and complexity of today’s digital world, leaving Canadians exposed to surveillance,^10,11 data breaches,^12,13,14 data misuse, and inadequate protections. Current rules offer little accountability, transparency, or independent oversight over how government agencies and corporations collect, use, and share our personal information.

Without meaningful reform, Canadians’ privacy is immensely vulnerable to outdated loopholes, weak enforcement, and the expanding reach of technology that operates far beyond the framework of laws designed in the 20th century. It’s time to update our privacy framework for the realities of the 21st century and ensure that individuals (not corporations or political actors) are in control of their data.

Has the government done anything to strengthen these privacy laws?

Not really. The Privacy Act was established in the 1980s and has seen barely any updates since. Despite thousands of OpenMedia community members taking part in a 2021 survey on how to improve public sector privacy, the government has done nothing to update the Privacy Act.¹⁵

There was some hope for modernizing private-sector privacy protections under PIPEDA during the Trudeau era with the proposed Bill C-27.¹⁶ However, the bill contained significant omissions and weaknesses—and, most importantly, it never passed. As a result, the promised reforms to Canada’s privacy framework never became law.¹⁷

What else is the government doing to our privacy?

The government isn’t standing still; it’s actively pushing bills that put Canadians’ privacy at risk. These laws often claim to serve public interests like security, border control, or protecting children, but in reality, they give corporations and the government even greater access to our personal information while undermining fundamental privacy rights.

Bill C-2 claims to strengthen borders but expands cross-border surveillance and exposes Canadians’ data to foreign regimes.^18,19
Bill C-8 (like its close doppelganger, the former Bill C-26) frames itself as a cybersecurity measure, but it permits secret government orders to telecoms that can last indefinitely, and new powers to compel telecom providers, banks, and any other federally regulated organizations to weaken encryption or install surveillance capabilities.^20,21,22
Bill S-209 (like its predecessor Bill S-210) purports to protect children but could lead to over-collection of data and even censorship of lawful content.^23,24,25
Part 4 of Bill C-4 outright rejects the voter privacy Canadians have been demanding for years.²⁶

What can you do to protect privacy?

Canadians cannot wait while government and corporate surveillance powers continue to expand at the expense of our privacy. You can make a difference by speaking up to your MP and demanding that your privacy rights, not corporate or political convenience, come first.

We’ve won privacy battles before, and together, we can push for the serious, long-overdue privacy reforms Canadians deserve!

Take action now!

Sources

TikTok child data protection inadequate, Canadian privacy officials say – BBC
Federal agencies fumble privacy safeguards on asylum system revamp, risking refugee data – CBC
Google refusing to comply with privacy commissioner's 'right to be forgotten' decision – CBC
Update to our Terms and data use – LinkedIn
Canada’s Privacy Act – Government of Canada
Personal Information Protection and Electronic Documents Act – Government of Canada
See 5
See 6
Archived - The Digital Privacy Act and PIPEDA – Office of the Privacy Commissioner of Canada
Bodycams worn by Toronto FreshCo cashiers raise questions about safety and privacy – CBC
Howard Levitt: Employee surveillance is on the rise — and it's a legal powder keg – Financial Post
Proof-of-age ID leaked in Discord data breach – The Guardian
Urgent alert issued to anyone who uses Gmail after 183 million passwords leaked – The Independent
Toys 'R' Us Canada notifies customers of breach that may have compromised personal data – CBC
Survey Results: The Privacy Act in Canada - OpenMedia – OpenMedia
The Absolute Bare Minimum: Privacy and the New Bill C-27 – OpenMedia
Digital laws in limbo: What’s at stake after Parliament’s shake-up in 2025 – OpenMedia
Stop Carney’s Surveillance Plan: Stop Bill C-2! – OpenMedia
Bill C-2 FAQ: Explaining Canada’s Dangerous New Surveillance Law – OpenMedia
Fix Bill C-8: Stop the Fast-Track of a Flawed Cybersecurity Bill – OpenMedia
Civil liberties groups recommend fixes for controversial cybersecurity legislation ahead of detailed Commons scrutiny – OpenMedia
Public Safety & Industry Ministers to testify on controversial Cybersecurity Bill C-26: Civil Liberties groups & experts available for comment – OpenMedia
Senate Bill Would Grant Government Regulatory Power to Mandate Age Verification For Search, Social Media and AI Services Accompanied By Threat of Court Ordered Blocking of Lawful Content – Michael Geist
The Age Verification Debate 🔞 – Jen Z issues
See 17
OpenMedia Submission to the Finance Committee Calls for Stronger Voter Privacy Protections – OpenMedia

If you haven't taken action yet click here

Press: Matt Hatfield | Phone: +1 (888) 441-2640 ext. 0 | [email protected]