Apple and Meta warn Canadian bill could weaken encryption protections

Apple and Meta are publicly opposing a proposed Canadian law that the companies warn could force technology firms to weaken encryption protections on their devices and messaging platforms.

The legislation, known as Bill C-22, was introduced by Canada’s ruling Liberal Party following its parliamentary majority victory last month and is currently under debate in the House of Commons.

Canadian law enforcement officials argue the bill would give authorities faster access to digital evidence and help investigators respond more quickly to security threats.

However, major technology companies and privacy advocates say the proposal risks undermining user privacy and cybersecurity by potentially requiring firms to create “backdoors” into encrypted systems.

In a statement, Apple warned the bill could damage the security features customers rely on. “At a time of rising and pervasive threats from malicious actors seeking access to user information, Bill C-22, as drafted, would undermine our ability to offer the powerful privacy and security features users expect from Apple,” the company said.

Apple added that the legislation could allow the Canadian government to compel companies to weaken encryption protections by inserting access points into their products — something the company said it “will never do.”

Meta, the parent company of WhatsApp, Facebook and Instagram, raised similar concerns in prepared testimony submitted by its Canadian public policy executives Rachel Curran and Robyn Greene.

The company argued that the bill’s broad powers and limited oversight could force firms to “break, weaken, or circumvent encryption” and potentially install government surveillance tools directly into their systems.

End-to-end encryption ensures that only users — and not even the platform providers themselves — can access private messages or stored data without a unique key.

The technology is widely used in services such as WhatsApp and Apple’s iMessage and is considered a critical safeguard against cybercrime, hacking and unauthorised surveillance.

The debate in Canada mirrors similar battles in other countries over whether governments should gain lawful access to encrypted communications.

Last year, the United Kingdom reportedly issued an order seeking expanded data access from Apple, prompting the company to remove a cloud encryption feature from the British market.

Canadian officials insist Bill C-22 would not require companies to create “systemic vulnerabilities” in their security systems.

Public Safety Canada spokesperson Tim Warmington said technology firms would remain responsible for maintaining secure platforms while complying with the law.