In a recent report by the Centre for International Governance Innovation (CIGI), Canada’s Bill C-26 has come under scrutiny for allegedly promoting security measures that lack transparency. The legislation, currently under Senate review after passing through Parliament in June, grants the Communications Security Establishment (CSE) expanded cybersecurity powers. Among these is the ability to issue “cyber security directions” to businesses tasked with protecting critical cyber systems while prohibiting these operators from disclosing the existence or content of such directions.
According to the CIGI report, the secrecy mandated by Bill C-26 could lead to the CSE covertly instructing telecommunications companies to implement backdoors into Canada’s mobile networks. This lack of transparency, they argue, undermines public and corporate trust in democratic institutions. The report is consistent with concerns raised by researchers at the University of Toronto’s Citizen Lab, who warn that the bill significantly enlarges the CSE’s surveillance capabilities.
Critics claim these provisions place substantial power in the hands of the government to unilaterally decide the terms of security for Canadians’ confidential communications. In contrast, proponents like the Liberal Minister of Public Safety, Marco Mendicino, argue that the legislation is vital for ensuring companies maintain robust cybersecurity protocols. Mendicino stated that the bill is necessary for mandating certain companies to establish comprehensive cybersecurity programs.
For a detailed overview, visit the original article on JURIST.