Bill C-8

An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts

Sponsor

Status

In committee (Senate), as of April 23, 2026

Subscribe to a feed (what's a feed?) of speeches and votes in the House related to Bill C-8.

Summary

This is from the published bill. The Library of Parliament has also written a full legislative summary of the bill.

Part 1 amends the Telecommunications Act to add the promotion of the security of the Canadian telecommunications system as an objective of the Canadian telecommunications policy and to authorize the Governor in Council and the Minister of Industry to direct telecommunications service providers to do anything, or refrain from doing anything, that is necessary to secure the Canadian telecommunications system. It also establishes an administrative monetary penalty scheme to promote compliance with orders and regulations made by the Governor in Council and the Minister of Industry to secure the Canadian telecommunications system as well as rules for judicial review of those orders and regulations.
Part 2 enacts the Critical Cyber Systems Protection Act to provide a framework for the protection of the critical cyber systems of services and systems that are vital to national security or public safety and that are delivered or operated as part of a work, undertaking or business that is within the legislative authority of Parliament. It also, among other things,
(a) authorizes the Governor in Council to designate any service or system as a vital service or vital system;
(b) authorizes the Governor in Council to establish classes of operators in respect of a vital service or vital system;
(c) requires designated operators to, among other things, establish and implement cyber security programs, mitigate supply-chain and third-party risks, report cyber security incidents and comply with cyber security directions;
(d) provides for the exchange of information between relevant parties and the disposal of personal information; and
(e) authorizes the enforcement of the obligations under the Act and imposes consequences for non-compliance.
This Part also makes consequential amendments to certain Acts.
Part 3 provides for a five-year review of the provisions enacted or amended by this Act.

Elsewhere

All sorts of information on this bill is available at LEGISinfo, an excellent resource from Parliament. You can also read the full text of the bill.

Bill numbers are reused for different bills each new session. Perhaps you were looking for one of these other C-8s:

C-8 (2021) Law Economic and Fiscal Update Implementation Act, 2021

C-8 (2020) Law An Act to amend the Citizenship Act (Truth and Reconciliation Commission of Canada's call to action number 94)

C-8 (2020) An Act to amend the Criminal Code (conversion therapy)

C-8 (2016) Law Appropriation Act No. 5, 2015-16

Debate Summary

This is a computer-generated summary of the speeches below. Usually it’s accurate, but every now and then it’ll contain inaccuracies or total fabrications.

Bill C-8 proposes a new framework to enhance cybersecurity for Canada’s critical infrastructure and telecommunications systems. The legislation aims to strengthen national security and mandate incident reporting, while sparking parliamentary debate regarding the balance between government authority, privacy protections, and appropriate judicial oversight.

Liberal

Protecting critical infrastructure: The Liberals support Bill C-8 to safeguard essential digital systems, including banking, energy, and telecommunications, from evolving national security threats and state-sponsored cyber-sabotage.
Ensuring swift response: The party rejects amendments requiring judicial authorization for technical directives, arguing that real-time cyber defenses cannot be delayed by legal processes that could take months to resolve.
Strengthening incident reporting: Liberals advocate for mandatory reporting of even minor cyber incidents and near misses, asserting that proactive monitoring is essential for early warning and collective protection against coordinated attacks.
Balancing security with privacy: The government introduces safeguards to prohibit decoding encrypted communications and protect solicitor-client privilege, ensuring the legislation focuses on infrastructure security without infringing on the privacy of Canadians.

Conservative

Cybersecurity as national security: Conservatives view cybersecurity as a fundamental national security issue. They emphasize the necessity of protecting Canada's critical telecommunications infrastructure against various hostile actors, criminal organizations, and the emerging challenges posed by artificial intelligence.
Correction of government overreach: The party highlights its role in fixing provisions that originally granted the government sweeping, unchecked powers. They specifically oppose regulations that would allow the minister to arbitrarily suspend internet services for individuals without sufficient safeguards.
Protecting rights and privacy: Through committee amendments, Conservatives forced changes to protect lawful expression and ensure privacy is a mandatory consideration. They also raised the threshold for government intervention to require a standard of serious, systematic threats.
Concerns over judicial oversight: The party criticizes the government for removing a Conservative amendment that required judicial authorization before exercising new powers. They argue this removal leaves the legislation vulnerable to abuse and lacks necessary accountability.

Bloc

Support for cybersecurity legislation: The Bloc supports Bill C-8, asserting that while previous versions were flawed, the current bill was significantly improved through collaborative committee work and Bloc-led amendments to better serve the interests of Quebec.
Protecting Quebec's jurisdiction: Members emphasized the importance of respecting Quebec’s jurisdictions, successfully securing amendments that protect entities like Hydro-Québec from arbitrary federal decision-making and ensuring proper consultation regarding electricity transmission systems.
Digital encryption and privacy: The party prioritized digital security by ensuring encryption remains protected and advocating for information-sharing criteria based on necessity, proportionality, and reasonableness to prevent government overreach or abuse of sensitive data.
Future accountability and reviews: The Bloc secured a mandatory five-year review to adapt the law to evolving technology, though they expressed ongoing concerns regarding whistle-blower protections and budget cuts to national security oversight bodies.

Green

Opposition despite improvements: The Green Party opposes the bill despite minor improvements, arguing it remains flawed, contains too many loopholes, and fails to adequately protect private information and encryption.
Excessive ministerial power: The legislation concentrates too much power in the hands of individual ministers. It lacks necessary warrants and judicial oversight for orders that could affect telecommunications access and Canadian privacy.
Restricted parliamentary rights: May criticizes procedural rules that limit the ability of members from unrecognized parties to introduce substantive amendments in the House, undermining their democratic rights and the legislative process.

Was this summary helpful and accurate?