Apple Encryption Fight Puts Canada’s Bill C-22 Under Pressure Apple encryption is facing a new test in Canada as Bill C-22 raises concerns over surveillance powers, privacy, and secure user data.

Apple encryption is again at the center of a global fight over how far governments can go in demanding access to digital information. Apple and Google representatives testified before Canada’s Standing Committee on Public Safety and National Security, urging lawmakers to amend Bill C-22, a proposed lawful-access bill that critics warn could create secret powers to weaken encrypted devices and services.

The bill is being debated in Canada’s House of Commons and has been referred to the Standing Committee on Public Safety and National Security. The Canadian government says Bill C-22 would modernize legal tools so intelligence and law enforcement agencies can respond more quickly to security threats and crime. Public Safety Canada says the proposal is designed to keep Canadians safe while creating a modernized access framework for digital information.

Apple, Google, Meta, Signal, civil liberties groups, and privacy experts see a different risk. Their concern is that the bill could allow secret government orders requiring technology companies to build access capabilities into products or services, including encrypted systems. Reuters reported that Apple and Google asked lawmakers to add judicial oversight and explicit encryption protections, arguing that the current draft could lead to undisclosed orders to introduce backdoors into software or devices.

The disagreement is not only about Canada. It is part of a wider international debate that has already reached the United Kingdom, Australia, Sweden, the European Union, and the United States. Governments argue that encryption can make lawful investigations harder. Technology companies argue that a backdoor built for one government can become a vulnerability for everyone.

Apple’s position is clear: strong encryption cannot be weakened safely.

Apple Warns Against Secret Orders

Apple encryption concerns focus on secrecy, oversight, and technical risk. In testimony reported by Reuters, Apple and Google both pushed for stronger judicial oversight and explicit protections for encryption. Google Canada government affairs director Jeanette Patell said secret orders would be out of step with democratic countries and would limit companies’ ability to be transparent with users about how their data is protected.

Apple’s senior director for user privacy and child safety, Erik Neuenschwander, was asked whether Apple would leave Canada if required to build a backdoor into its devices. He declined to speculate and said Apple hoped the legislative process would produce positive amendments. That answer matters because Apple has already taken a hard line elsewhere. Reuters reported earlier this month that Apple warned Bill C-22 could force it to weaken device encryption, while Meta raised similar concerns about surveillance powers and encrypted services.

Apple’s recent UK experience gives the Canadian debate more weight. Reuters reported that Apple received a secret order in the UK to break encryption, prompting the company to withdraw encrypted cloud backup features from the country. That history explains why Apple is warning Canadian lawmakers before the bill becomes law.

For Apple, the problem is not only whether a law says the word “encryption.” The problem is whether the law gives authorities power to require technical changes that make encryption less secure in practice.

Bill C-22 Tests the Meaning of Lawful Access

Apple encryption concerns are tied to the phrase “lawful access.” Governments use that language to describe tools that let authorized agencies obtain information for investigations. The Canadian government says Bill C-22 would help CSIS investigate threats earlier and help law enforcement detect, deter, and respond to crime more effectively.

The difficulty is that encrypted systems are built so that no one except the intended user has the key. In end-to-end encryption, even the service provider cannot read the content. That is what protects private messages, backups, identity information, financial data, health information, business records, and sensitive communications from criminals, foreign actors, abusive insiders, and unauthorized access.

A government access mandate can sound narrow in law but broad in engineering. If a company has to redesign a product so someone else can access encrypted data, the system no longer has the same security model. That is why Apple and other companies use the word “backdoor.” They argue that a special access path cannot be guaranteed to stay special.

Supporters of lawful-access laws argue that police and intelligence agencies need tools to investigate serious threats in a digital world. Critics argue that weakening encryption creates systemic vulnerabilities that can harm the same people governments are trying to protect. Bill C-22 sits directly inside that unresolved conflict.

Judicial Oversight Is the Minimum Demand

Apple encryption policy is not only about saying no to every government request. Apple and Google’s testimony focused on amendments: judicial oversight, clearer limits, and explicit encryption protections. The companies are effectively asking Canada to ensure that any access demand is reviewed by a court and cannot secretly require companies to undermine the security of their products.

That is a narrower argument than refusing all cooperation with law enforcement. Apple regularly responds to lawful requests for information it can provide. The issue is data or device content Apple cannot access because encryption is designed to keep it unavailable to anyone without the key.

Judicial oversight matters because secret executive orders can leave companies unable to tell users, challenge requirements publicly, or disclose how product security has changed. If a company is forced to alter a product under secrecy, users may continue believing the system has protections that no longer fully exist.

That is why transparency is part of the security debate. A user cannot make an informed decision about a device or service if the company is barred from saying whether the protection has been weakened.

The Apple User Impact Is Direct

Apple encryption is not an abstract policy question for iPhone, iPad, Mac, and iCloud users. Encryption protects messages, passwords, photos, backups, health data, payment information, notes, device locks, and account recovery systems. If governments gain the power to force technical changes to encrypted products, the effect can reach ordinary users who never become part of an investigation.

That is Apple’s strongest argument. Security systems are shared by everyone. A weakened protection does not apply only to criminals. It applies to families, students, journalists, businesses, public officials, activists, doctors, lawyers, and ordinary users storing personal data on their devices.

Apple has also been expanding encryption in recent years through features such as Advanced Data Protection for iCloud, which gives users stronger end-to-end encryption for more iCloud data categories. A law that pressures companies to preserve access paths can collide with that direction. If a company cannot access the data, it cannot hand it over. If it is required to hand it over, the product may need to be redesigned.

That is the central tension behind the Canadian hearing. Apple wants to keep security architecture intact. The government wants investigative access. Bill C-22 is forcing lawmakers to decide how clearly the law should protect encryption from being quietly weakened.

Canada Risks a Services Conflict

Apple encryption warnings also raise a practical risk for Canada: some services may change, be limited, or leave if the law becomes incompatible with their security model. Signal has warned in other lawful-access debates that it would rather exit markets than undermine encryption. Apple has already limited encrypted cloud backup features in the UK after a secret order.

That does not mean Apple will leave Canada. Neuenschwander avoided that speculation. But the UK example shows that companies may respond to legal demands by withdrawing features rather than redesigning them with backdoors. The result could be that Canadian users receive weaker or fewer privacy features than users elsewhere.

That would be a serious outcome for a country trying to modernize digital law enforcement. A lawful-access law that causes secure services to reduce availability can leave ordinary users worse protected while bad actors move to other tools, foreign services, custom systems, or illegal channels.

This is why critics argue that backdoor-style laws can create a security loss without a guaranteed law-enforcement gain.

Apple’s Broader Platform Case Gets Stronger

Apple encryption has become one of the pillars of Apple’s platform identity. The company defends its tight control over devices, software, app distribution, iCloud security, and privacy features partly by arguing that users benefit from a safer ecosystem. Bill C-22 gives Apple another moment to make that case.

The company’s position is consistent with its wider messaging: privacy and security should be built into products, not negotiated after the fact. Apple’s opposition to encryption backdoors is also one of the few areas where its interests often align with civil liberties groups, security researchers, privacy advocates, and rival messaging platforms.

Google’s presence in the same hearing matters too. Apple and Google compete fiercely across mobile operating systems, browsers, AI, app stores, search, and cloud services. When both companies warn that a surveillance bill needs stronger protections, lawmakers may find it harder to dismiss the concern as one company defending its business model.

The debate will now depend on whether Canada’s Parliament accepts amendments. The bill is still under committee study, according to Parliament’s legislative tracker, with report stage and third reading not yet reached.

A Surveillance Debate With Global Consequences

Apple encryption debates rarely stay inside one country. If Canada passes a law that creates broad secret access powers, other governments may point to it as precedent. If Canada amends the bill to protect encryption and require stronger judicial oversight, that can also become a model.

That is why Apple, Google, Meta, Signal, and privacy groups are fighting the wording now. The precedent matters as much as the immediate law. Encryption policy tends to travel. The UK, Australia, Canada, the EU, and the U.S. all watch one another.

For Apple users, the stakes are straightforward. Strong encryption protects personal data because it prevents unauthorized access, including by the company itself in some cases. A law that pressures companies to create access paths changes that relationship.

Canada’s government says Bill C-22 is about lawful access and public safety. Apple and Google are saying that public safety also depends on strong encryption, transparent legal process, and security systems that cannot be secretly weakened. The final version of the bill will show whether lawmakers believe those goals can coexist without forcing the technology to break.