Bill C-22 lawful access warning: Signal and VPN rivals threaten Canada exit over encryption
Signal has warned it may leave Canada if the proposed “Bill C-22” (Lawful Access Act, 2026) forces the company to weaken its end-to-end encryption. The warning came from Udbhav Tiwari, Signal’s vice president of strategy and global affairs, who said Signal would “rather pull out of the country” than break encryption promises.
Tiwari also warned that Bill C-22 could “potentially allow hackers” to target system weaknesses. The bill remains in committee review after a second reading in the House of Commons on April 20.
Canada’s government says the measure would help law enforcement and CSIS respond to crime and national security threats, and Public Safety Canada argues Part 2 would not create new powers to intercept communications. However, it also aims to require electronic service providers to comply with existing legal orders.
Meta and Apple have also opposed parts of Bill C-22, warning it could require encryption weakening or enable surveillance tools. Windscribe, a Canada-based VPN provider, said it may follow Signal if Bill C-22 passes as written, citing potential requirements to log identifying user data.
Privacy groups have joined the backlash, with the Electronic Frontier Foundation warning that metadata retention (including for one year) can expose communication patterns and locations.
While Bill C-22 is not yet law (it still needs further parliamentary steps and royal assent), the dispute places encryption and metadata rules at the centre of Canada’s digital policy debate—an issue traders may treat as a regulatory-risk signal for privacy-oriented services.
Neutral
This is a regulation-and-privacy signal rather than a direct crypto policy change. Bill C-22 has prompted major encryption and privacy players (Signal, Meta, Apple, Windscribe) to warn they could face forced changes that weaken encryption or increase metadata handling. That can raise broader tech-sector compliance risk, and traders sometimes react by de-risking companies or ecosystems tied to privacy tooling.
However, the news is not yet law. Bill C-22 is still in committee and must pass further parliamentary steps, which makes the immediate probability of implementation uncertain. Historically, when governments debate surveillance or lawful-access frameworks (similar to prior encryption/metadata controversies in different jurisdictions), the market impact is often short-term sentiment-driven while details are unclear, then fades or sharpens depending on amendments and final wording.
Short term: neutral-to-slightly negative sentiment may appear around privacy-adjacent services and any tokens tied to that narrative (though this article does not name specific privacy coins).
Long term: if Bill C-22 were to pass in a form that mandates meaningful metadata retention or encryption weakening, it could increase compliance costs and drive demand for privacy-preserving infrastructure—potentially shifting sentiment later. For now, since Bill C-22 remains under review, the most likely outcome is continued uncertainty rather than a clear bullish or bearish market catalyst for crypto broadly.