Virtual private network service NordVPN warned on Friday it could pull out of Canada over the federal government’s proposed lawful access bill.
NordVPN said in a social media post it is reviewing the bill and would consider leaving Canada if the bill requires it to compromise its privacy protections.
The company said if Bill C-22 passes “and if we are subjected to mandatory obligations, there isn’t a scenario in which we would compromise our no-logs architecture or encryption protections.”
…
Disgusting Bill. I’m curious who’s behind it because no Canadian wants this.
The RCMP?
CSIS, CSEC, NSA, the other eyes around the world.
Canada post and other mail providers will now be opening all envelopes and packages sent. All contents will be scanned or photographed and held on file for 2 years time, and released to relevant authorities upon request of investigation. To make things easier please do not seal packages or envelopes for easier and more convenient access.
All photos and scanned documents will be held in a highly secured database with easy backdoors access!
Pretty much the equivalent in terms of what Canada wants to implement with access to VPN logs and asking ISPs to keep logs for 1-2 years minimum.
Yes, and we must note that bad actors are already waiting for this.
As the alert reads,
… we have identified that [China-]affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders. We expect our understanding of these compromises to grow as the investigation continues …
It’s unclear whether or not the surveillance is still ongoing.
And this is just one among many threats. I don’t understand why a government exposes its citizens to such a risk.
[Edit to insert link.]
Encrypt your data better find ways to use DNS-over-HTTPS as much as possible, use HTTPS every where. Better yet use something to block trackers, and please for the love of all things do not use 8.8.8.8, 8.8.4.4 as DNS servers. I would even say stay away from 1.1.1.1 and 9.9.9.9. Your ISP’s DNS servers are not good either.
What’s wrong with quad9?
Quad9 is fine. Don’t let that user scare you. Here’s a quote from Quad9’s own privacy policy section regarding data sales:
2.3 Sharing of data
Quad9 does not share, sell, or rent any information that could identify an individual.
We do not share this information because we do not have this information. We do not have this information because we do not need this information. Because we do not need this information, we have built no mechanism to collect, retain, analyze, or distribute it.
I believe they do some monitoring/selling data. Plus they fall under the US’s Cloud Act, use CIRA instead for “protected” use 149.112.121.20 and 149.112.122.20, for “private” use 149.112.121.10 and 149.112.122.10, or if you want “family” use 149.112.121.30 and 149.112.122.30.
Sure CIRA is a Government of Canada agency and this will fall into the same issue being discussed here, but you are not at the whims of the US. I personally run unbound with pihole to encrypt my data and I am venturing further into the encryption so that I can be put on more lists but hey it is great to be noticed for my achievements.
From Quad9’s privacy policy:
2.3 Sharing of data
Quad9 does not share, sell, or rent any information that could identify an individual.
We do not share this information because we do not have this information. We do not have this information because we do not need this information. Because we do not need this information, we have built no mechanism to collect, retain, analyze, or distribute it.
Whoa! A company with integrity of greed? That’s a nice change!
