1Password's stance on Canada's Lawful Access Bill C-22?

I'm sorry if these touches in a topic that bends to the political, but this is something that I don't think we as keepers of people's most important and sensitive information should be just standing by and not getting into the discussion before it is too late. 

As a Canadian and a 1Password being a Canadian based "Electronic Service Provider", based on the law's very loose definition of what an ESP is, I have very grave concerns that just like Apple and Meta the data that is contained within 1Password could be subject to this "unlawful" bill. Even my own company as small as it may be is caught up in the legal definition of an ESP. 

• There is no scope at what an ESP is and what the government has defined and what their level of Systemic Vulnerability will be.
  • 1Password in its current wording is caught up in this definition 
  • The powers can be extended through regulations an minimal future debate
• No Guardrails
  • Secret ministerial orders requiring system modifications or re-engineering that could be demanded of 1Password with a gag order 
  • No mandatory oversight
  • Limited ability for 1Password to challenge orders or redefine vulnerabilities 
• Extensive Realtime access & retention 
  • 1Password would have to build the capability (at its expense) the ability to intercept, decrypt & hand over data
  • Access to metadata, geolocation, in realtime and stored for retroactive access for all users for up to one year (with talk from law enforcement of wanting this to be even longer in the future). 

Basically eroding privacy and security, and weakens encryption and creates a permanent surveillance state power and, because of the conflicting sections of the Bill, the "so called" protections can be overridden by a secret request, 1Password won't be allowed to ever tell us that it had to do any of this for the government, law enforcement, or the Canadian security (spy agencies). 

Now I hear that because of the growing pushback on this bill, that the debate on this bill is going to be now limited to 3 days and a goal of having this law by the end of the month. Has your legal team been studying this bill? What is the 1Password stance on this invasive bill that even Apple,  Meta and US Congress are voicing their concerns of this bill in its current form? If Both Apple and Meta, with huge legal and resources, are concerned that this could force them to weaken encryption, how is 1Password a Canadian company going to be able to ethically stand ground to weakened privacy, security and increased enduring real-time surveillance? 

I remain unconvinced that all the data and access that we all store within 1Password would not be a prime target for access requests. All we have is a verbal promise that the government would never make these kinds of requests. If not now, as Micheal Geist says, in the setting ready and waiting for a "Turnkey Totalitarianism"? 

I think this warrants a response and a position from 1Password before the company no longer has the legal right to do so, don't you? 

https://www.michaelgeist.ca/2026/05/wilful-blindness-how-the-lawful-access-charter-statement-skips-bill-c-22s-most-constitutionally-vulnerable-provisions/ 

https://openmedia.org/press/item/civil-society-to-parliament-kill-bill-c-22