Protect Encryption in Canada

Our ability to use the Internet safely, securely and privately is under threat. Canada wants to create 'back doors' into encryption like some of our partner countries in the Five Eyes Alliance have already done. This weakens Internet safety for all of us.

If we don’t act, Canada could be next. We need a policy that explicitly protects our right to encryption. 

Send a message to Public Safety and Innovation, Science and Economic Development Canada

Enter your details to begin writing your letter

Minister of Public Safety
Bill
Blair
Government of Canada
Minister
Navdeep
Bains
Government of Canada
Minister
Navdeep
Bains
Government of Canada
Honourable
Bill
Blair
Government of Canada

This campaign is hosted by OpenMedia. We will protect your privacy, and keep you informed about this campaign and others. Find OpenMedia's privacy policy here.

What is encryption? Why is it important?

All of us, whether we realize it or not, use encryption every day on the Internet. We use it when we shop online, search the web, message friends or use online banking. 

Encryption is a method of making our digital communications safe and private. Encrypting communications means that only the sender and the receiver of a message or piece of information can read it – and not any third party. Encryption scrambles the content, whether it’s a message, photo or password, so that it’s not visible to anyone other than the intended recipients. 

For example, when you send a photo to a friend on WhatsApp, only you and your friend can see the photo – not anyone from the platform you send it on, or anyone who might want to spy on your messages. The same is true for any type of information: encryption stops people from spying on the things you search for online, and protects sensitive information like medical or banking data being sent online. 

Why breaking encryption is a bad idea

Our private data, like personal messages and photos, passwords, social media accounts as well as the financial transactions we make online are rich targets for hackers and criminals. Having this information compromised or stolen leaves us vulnerable to cyber crimes like identity theft, blackmail, and credit card fraud. 

Important infrastructure like our energy grids, hospitals and even national security and intelligence communities also depend on computer safety.

It’s impossible for technology companies to give governments backdoor access to encrypted communications without weakening the security of those communications for everyone who uses them. Loopholes in encryption that are designed for the government can become accessible to anyone who reverse-engineers them. Keys can be lost, copied or hacked, giving direct access to our most personal information. 

Weakening the protection that encryption provides also reduces trust in the Internet as a safe place to communicate, do business and shop, which has serious economic consequences. 

What’s happening with encryption in the other Five Eyes countries?

Australia has passed a highly controversial anti-encryption bill, which gives police greater powers to force companies and websites to insert backdoors to encrypted communications and implant malware.1

The United Kingdom’s intelligence agency GCHQ has proposed a plan to break into encrypted chats, which has been condemned by civil society organizations and tech companies like Apple and WhatsApp. The proposal, called “ghost protocol”, would require service providers to secretly insert government agents into private conversations.2

Senior officials in the U.S. have been meeting to discuss seeking legislation to prohibit companies like Apple, Google and Facebook from using encryption in their products that law enforcement can’t break.3

What’s Canada’s position on encryption? 

Historically, the government of Canada has publicly affirmed its support for people and businesses in Canada to have access to the safest and strongest forms of encryption. But that has changed.

As recently as 2017, Canada’s Public Safety Minister was briefed to speak at meetings of other Five Eyes ministers and confirm that “Canada has no intention of undermining the security of the internet by impeding the use of encryption”4

However, a more recent communique in 2019 contained a worrying statement that “tech companies should include mechanisms in the design of their encrypted products and services whereby governments, acting with appropriate legal authority, can obtain access to data in a readable and usable format.”

In statements to the media, the office of the Public Safety Minister continues to assert that the government of Canada is not seeking new legislation.5 However, the government has continued to attend meetings with private companies to discuss encryption alongside Five Eyes partners. 

In May 2020, it was revealed that the briefing documents prepared for Public Safety Minister Bill Blair confirmed that Canada’s position is in favour of “mitigating” the challenges of encryption, and that in order to do so, their assessment is that they need to engage key stakeholders and gain the support of prominent voices in industry and academia.6

Many privacy experts in Canada remain suspicious that our government is simply providing empty assurances on this topic, whilst secretly making plans to undermine encryption.7

Sources

[1] Australia's anti-encryption laws being used to bypass journalist protections, expert says: The Guardian
[2] Apple and WhatsApp condemn GCHQ plans to eavesdrop on encrypted chats: The Guardian
[3] Trump officials weigh encryption crackdown: Politico
[4] Canada’s New and Irresponsible Encryption Policy: CitizenLab
[5] The Liberal government’s vision for your privacy seems to be quite private, itself: The Globe and Mail
[6] ‘Public outreach’ needed for ‘progress’ on encryption backdoors: gov’t doc: The Wire Report
[7] Government’s encryption proposal will undermine public safety: The Star

Press: Matt Hatfield | Phone: +1 (888) 441-2640 ext. 1  | matt@openmedia.org