The Canadian government’s latest legislative move has sparked significant concern among privacy advocates and industry insiders, as it quietly embeds controversial lawful access provisions within a bill ostensibly focused on border security.

Introduced on June 3, 2025, as the Strong Border Act, or Bill C-2, the legislation was initially promoted as a response to U.S. concerns over border measures. However, buried deep within its text are clauses that have little to do with border issues and everything to do with expanding law enforcement’s access to personal data.

According to a detailed analysis by legal scholar Michael Geist on his blog, these provisions represent a renewed push by Canadian law enforcement for lawful access powers that have long been contentious. Geist highlights that the bill includes measures allowing for warrantless access to Internet subscriber information, the creation of global production orders for such data, and broader access to information held by electronic service providers, as reported by Michael Geist’s blog.

A History of Privacy Battles

This is not the first time such provisions have surfaced. For years, Canadian law enforcement has sought expanded powers to access digital data, often clashing with privacy rights enshrined by judicial rulings. The Supreme Court of Canada has previously ruled that subscriber data carries a reasonable expectation of privacy, a stance that has repeatedly stymied efforts to introduce warrantless access.

Geist notes that past attempts to pass similar lawful access legislation have failed due to a lack of compelling evidence justifying the erosion of privacy protections. Yet, the government’s decision to tuck these measures into a border security bill suggests a strategic attempt to bypass public scrutiny and debate, a move that has raised alarms among civil liberties groups, again per Michael Geist’s blog.

Implications for Industry and Individuals

The implications of Bill C-2’s hidden provisions are far-reaching, particularly for technology companies and Internet service providers. If enacted, these rules could compel providers to hand over user data without the safeguard of judicial oversight, potentially undermining trust in digital services. For an industry already grappling with complex compliance requirements under existing privacy laws, this adds another layer of uncertainty.

Moreover, individual Canadians could find their personal information exposed to law enforcement with minimal accountability. The notion of global production orders, as described by Geist, means that data could be requested across jurisdictions, raising questions about sovereignty and the protection of citizens’ rights in an increasingly borderless digital world, as detailed by Michael Geist’s blog.

A Call for Transparency and Debate

The stealthy inclusion of these provisions in a bill unrelated to digital privacy signals a troubling lack of transparency. Critics argue that such significant changes to data access laws deserve standalone legislation and robust public consultation, not a backdoor approach through border policy. The tech industry, in particular, is likely to push back, given the potential impact on user trust and operational frameworks.

As this debate unfolds, the balance between national security and personal privacy hangs in the balance. With the Strong Border Act now under scrutiny, stakeholders across the spectrum—from policymakers to tech executives—must demand clarity and accountability. The coming weeks will likely see intensified calls for the government to separate these lawful access provisions from border concerns, ensuring a proper examination of their far-reaching consequences, as underscored by insights from Michael Geist’s blog.