Compliance
Canium is built for organizations that operate under Canadian regulatory obligations. The architecture positions the organization — not Canium — as the party responsible for communications compliance.
Canadian Sovereignty — What It Actually Means
All communications infrastructure — messaging, encryption keys, and channel content — is physically located in Ontario, Canada. No message content or key material transits US networks.
This matters for:
- Federal and provincial procurement — CCCS guidance and Government of Canada cloud frameworks require Canadian data residency for Protected B and above.
- PIPEDA compliance — all communications data (messages, encryption keys, and channel content) remains in Canadian infrastructure at all times. Billing and account administration use a third-party payment processor subject to its own jurisdictional terms; this is disclosed separately in our privacy policy.
- Lawful access — Canium is designed to position the organization (not Canium) as the electronic service provider responsible to law enforcement. The DRA architecture described below gives compliance officers the tools to respond to lawful access requests without Canium's involvement.
Lawful Access — Compliance Without Backdoors
Canium provides a Designated Recovery Agent (DRA) architecture for organizations that require lawful access capability — legal firms, government agencies, regulated enterprises with compliance obligations.
How it works
- The organization (not Canium) designates a compliance officer as the DRA.
- A DRA key envelope is created using hybrid key encapsulation (X25519 + ML-KEM-768) at the time a channel is created. This envelope is stored server-side as ciphertext — Canium cannot open it.
- Only the DRA, using their designated key, can open the envelope and recover the channel key.
- All DRA operations are audited. Access is gated behind a consent and disclosure workflow.
- DRA authority is org-scoped. Canium has no DRA capability and no access to org key material.
Important: Retroactive DRA coverage is cryptographically impossible. DRA coverage applies only to channels created after DRA enrollment. This is a standard property of forward-secure encryption and must be disclosed to clients.
What Canium Is Not
- Not a backdoor product. Canium has no ability to decrypt communications. The DRA gives the organization a recovery path — not Canium and not law enforcement by default.
- Not US jurisdiction for communications. No message content or key material leaves Canada. (Billing data is processed by a US-based third-party payment processor — see our privacy policy.)
- Not a policy promise. The privacy guarantee is cryptographic and architectural. It does not depend on Canium's policies, personnel, or good intentions.