I want to highlight and frame something said by Christopher Parsons in a recent interview on CDNTech network . When asked about encryption (time 6:12), he clarified that surveillance will most often involve going around encryption, such as by installing malware on the computer of the person being surveilled. The alternative would be to intercept the communication on the network or as stored in the cloud, and try to decrypt.
This should point to an often forgotten truth: that the question of who controls your computer is just as, if not more, important than how Internet Access Providers (IAP's) or services (Facebook, Google, etc) are regulated when it comes to protecting your rights and interests.
This is why bills like C-11 concern me. My concern wasn't primarily about copyright, or the common misunderstanding that technological protection measures (TPMs) give copyright holders too much control. In fact, there is no such thing as "copy control", only computer control. Bill C-11 will potentially protect an infringement of property rights as control over computers is transferred from their owners to third parties such as device manufacturers. Centralizing control in the hands of manufacturers also makes them an easier target for additional unauthorized third parties who will abuse the back-doors created by the manufacturers to access private data and remotely control these devices.
We need to be looking at this question of who controls our devices much more seriously than we have. We should include in our concern over lawful access the remote-control over our communications devices that have already been granted under Bill C-11.