CACN Committee Meeting

     Welcome to meeting number 40 of the House of Commons Special Committee on the Canada–People's Republic of China Relationship.

    Pursuant to the order of reference of May 16, 2022, the committee is meeting on its study of the Canada–People's Republic of China relationship.

    As indicated in the communiqué from the Speaker to all members on Monday, April 29, the following measures have been taken to prevent audio feedback incidents.

    All earpieces have been replaced with a model that greatly reduces the probability of audio feedback. The new earpieces are black in colour, whereas the former earpieces were grey. Please use only a black approved earpiece. By default, you will find all earpieces unplugged at the beginning of the meeting.

     When you're not using your earpiece, please place it face down on the middle of the sticker for this purpose on the table. Please consult the cards on the table for guidelines to prevent audio feedback incidents.

     The room layout has been adjusted to increase the distance between microphones and reduce the chance of feedback from ambient earpieces. These measures are in place so we can conduct our business without interruption and to protect the health and safety of all participants, particularly our interpreters. We appreciate your co-operation in that regard.

     Now, as we get into the meeting, I just wanted to make it official that we'll be here for one hour. We had scheduled committee business for the second hour, but with the large number of substitutes in this session, we've decided to hold committee business over to Monday, when there will be ample time to, first of all, provide drafting instructions on this study, as well as deal with where the committee wants to go next.

     Speaking of substitutes, we have MP Blaney for MP McPherson, MP Ellis for MP Kurek, and MP Tolmie for MP Chong—well, that would be for the second hour, which we're not going to have. Mr. Cooper is here for Ms. Lantsman, Mr. Longfield is here for MP Erskine-Smith, and Mr. Naqvi, of course, is here for Rob Oliphant.

    This meeting is taking place in a hybrid format, as is usual these days. Members are attending in person in the room and remotely using the Zoom application.

     I ask you to please wait until I recognize you by name before speaking. For those participating by video conference, click on the microphone icon to activate your mic, and please mute yourself when you're not speaking.

     Regarding interpretation for those on Zoom, you have the choice at the bottom of the screen of floor audio, English or French. For those in the room, you can use the earpiece and select the desired channel.

     I'll remind you that all comments should be addressed through the chair. For members in the room, if you wish to speak, please raise your hand. For members on Zoom, please use the “raise hand” function. The clerk and I will manage the speaking order as best we can.

    Per the motion adopted on March 26, 2024, we're hearing testimony in relation to the matters revealed in the Winnipeg lab documents.

    I would now like to welcome our witness for today's meeting, Mr. Richard Fadden.

    Mr. Fadden, you have up to five minutes to deliver some opening remarks.

     Thank you, Chair.

    In the hope that they might be useful to you, I'd like to offer a few contextual remarks about departmental security generally. I make these comments drawing both on my national security experience and on my experience in, I think, eight departments while I was still working.

    Outside of core national security departments and agencies, absent a crisis, departmental security is not a priority. It would not engage the attention of deputy heads and certainly not that of ministers.

    In these non-national security core departments, it's policy, operations or science that gets attention, not security or, for that matter, any other matter relating to corporate issues, like finance. As long as people are paid, they're happy. They're not going to spend a lot of time worrying about finance, procurement or things of that nature.

    Having worked in two science-based departments, I think this is especially true of science and scientists. They are not particularly interested in security. I'm not ascribing ill intent to either departmental security or scientists, but rather disinterest and insufficient training and resources, which can lead to security violations—some minor, some serious.

    At the same time, I think it's fair to say that most departmental security units are not equipped to deal with significant national security issues. If, for example, you're in a department like Canadian Heritage, you don't worry about national security, even if there is a threat there, because people move around. You are, to some degree, like a medium-sized city's general-purpose police officer. You don't have national security training, and I think that's increasingly a problem today.

    Additionally, I think the overall national security environment has an impact on how seriously departmental security can carry out its duties or is equipped or resourced to do so. In Canada, over the last few decades, I think it's fair to say that the national security environment has not been consistent, especially as it concerns China. If you're a departmental security officer wondering how seriously you should apply rules and whatnot, you find comfort in the fact, I think, that up and down the system, nobody is jumping up and down and telling you to do things very seriously.

    All of the above is not to suggest that I disagree with the final decisions taken at the Winnipeg lab concerning the two scientists. Rather, I wanted to try to paint a picture that I think still applies today in most departments. It's a significant cultural and resource issue, and I think it's indicative of a serious, systemic range of issues that I hope the committee might be able to deal with, not only with respect to labs, but also with respect to departments and agencies generally.

    Thank you, Chair.

    Thank you very much, Mr. Fadden.

    We'll now go to our rounds of questioning. We'll begin with Mr. Cooper for six minutes.

     Thank you very much, Mr. Chair.

     Thank you, Mr. Fadden, for appearing.

    One of the things that struck me about this national security breach, in terms of how it was handled, was the length of time it took between when red flags were first raised in August 2018 and the time these two scientists were led out of the lab on July 5, 2019. That's almost a year.

    During that time, these scientists had unfettered access to the lab, even after a fact-finding report was issued in March. Although it was incomplete, it validated that they were, among other things, transferring materials on an unauthorized basis from the lab to the PRC, and that there were multiple breaches of security and intellectual property policy.

    I'd be interested in your thoughts on the issue of the timeline and how PHAC responded.

     Thank you, Chair.

    My general-purpose reaction is that the time frame allowing them full access was too long. I don't necessarily think that when the red flags were first raised, they should have been handcuffed and walked out of the building, but there was a range of measures that departmental security and the deputy head could have taken to restrict their access and control where they were going and whatnot.

    It became increasingly clear—certainly based on the material I've read—as time went on that it was more and more serious. They also could have made the conditions to which they were subjected more serious as time went on.

    My bottom line is that their general, unfettered access until almost the very end was too long. At the bare minimum, if they were to remain on the job, they should have had their physical access restricted and, perhaps, their electronic access restricted. You don't have to cut somebody off entirely in order to limit the threat they pose.

     It has been my contention that upon the issuance of that fact-finding report, steps should have been taken immediately thereafter to at the very least restrict their access. It doesn't mean that they had to be walked out of the lab, but I have to say, when Dr. Gilmour was here and I asked him what new evidence or what new information PHAC had between the issuance of that report and July 5, 2019, he said there was nothing more. Very simply, then, would you agree that at that moment their access should have been restricted?

     Yes, sir, I think so.

     Another issue I find troubling is the fact that a number of scientists gained access to the lab from the PRC. There were two individuals who were associated with or employed with PRC institutions that CSIS determined to be working against the interests of Canada, as well as a PLA scientist whose mentor is Beijing's foremost expert in bioterrorism and biodefence. Could you comment on how it is possible that scientists with that type of connection to the Beijing regime would have the clearances or be granted access to what is supposed to be Canada's highest-security lab?

     I think they had a very, very loose access control policy, but it goes to some of the points that I tried to make in my opening remarks. It was not just the departmental security officer or the general manager. The entire system at that point, I think, was not regarding China as seriously as we do today, so I think there's a lot of blame to go around, not to put too fine a point on it, ranging from the departmental security officer to the manager of the lab to the ADM to the deputy head and probably CSIS and the central agencies. Broadly speaking, I think they should not have been allowed that kind of access. If they were to be allowed access, it should have been a controlled access. They should have been escorted, they should have been required to wear a badge, and they should not have been allowed access to the electronic communication system.

     Thank you. We have heard the minister and others saying that in 2018, 2019, it was a different time, and that is true to some extent, but it's not as though in 2018, 2019 or 2017 there weren't a lot of concerns that Canada had with the activities of the PRC. The PRC was a hostile regime at that time. Would you not agree? So I just have some difficulty accepting this notion that it was such a different time in 2017 or 2018.

    I understand where you are coming from, but I also think, next to the facts that you just expounded, there is this broad issue of culture, and I don't think the culture in this particular lab and in large parts of the public service had caught up with the change in facts as we understand China. I agree that there was no sea change. There was no button pushed that changed things, and I think if you're working in the bottoms of a department or of an agency, it takes a while to register these things.

    I'd be interested in knowing, for example, if the deputy head or her delegate had caused a note to be sent to the departmental security officer, simply saying, “I'm told by CSIS and everybody else that times have changed.” I'm not trying to excuse what happened, I'm just saying that there's a lot of blame to go around, and it's both public service and political blame.

     Thank you very much, Mr. Cooper. We'll now go to Mr. Naqvi for six minutes.

     Good afternoon, sir. Thank you very much for being here and taking the time on a Friday afternoon. I really appreciated your context-setting comments on the topic of culture within departments. You've been in the national security business for a very long time and have served both as adviser to the Prime Minister and as CSIS director. I wonder if you can expand on the comments you were making in terms of, in your tenures, what kinds of things CSIS or the Privy Council Office were doing to change that culture and make security concerns more front of mind for department heads and others.

     That's a good question, Chair. I think it was very uneven, to be honest. I want to be clear that I'm not directing this to a particular government. I'm talking about the entire time I worked. It was both a Conservative government and a Liberal government.

    After 9/11, for example, security across the system was ratcheted up in a major way, and it impacted everyone. However, since Canadians don't generally feel threatened, slowly but surely after that we reverted to the status quo ante.

    PCO, the Treasury Board and CSIS regularly sent out reminders to departmental security officers. I think there was the tradition of an annual meeting and conference. However, if there's not a sense, globally, within the public service that there's a significant issue, it's very hard to change, particularly in non-national security departments.

    I don't know what you and your colleagues have concluded about the status of the lab. I think some people would argue that it's a national security establishment and it should be treated as such, period. A whole bunch of other people would say it's a medical lab and everyone should get a grip: “Yes, we don't want to share with everybody in town, but it's not a national security establishment.” I think the way the international environment has shifted, it has become a national security environment.

    I used to head the Canadian Food Inspection Agency. We had a significant component of work at that place. That's quite a few years ago, but at the time, it was not regarded as a national security institution. For a variety of reasons, security was pretty heavy, but that was because of the risk involved in all the material it was producing.

    To go back to your question, it's been very uneven across the years as central agencies try to remind departments to abide by the rules, to enforce them and to push things along.

    It's very interesting, what you're saying. From other witnesses during these hearings, we've heard a similar sentiment that the nexus between science and security has been evolving. It's far more acute today than it was even perhaps in 2018-19, when this particular instance was taking place.

    You're nodding your head. Can you express in words that you agree with that sentiment?

    I agree.

    I'm a lawyer, so I always want to get it in Hansard.

    In light of that realization, do you feel that the steps that were taken at that time—I know you shared some caveats—were by and large appropriate, and do there need to be far better protocols in place today, given what we know up to now?

     I'll give you a two-part answer, if I may.

    I think a lot of the protocols today are not unreasonable, but having a protocol or a policy is only as good as its operationalization. It's only as good as its application.

    A lot of the rules that were in place at the lab—and I confess I haven't read them all—were not unreasonable. Access controls, how you ship things and not using your personal IT are all entirely reasonable, but it would seem they were not obeyed. I would start from the premise that you take the rules you have today and you take steps to ensure they're followed.

    Given what you've said and what Mr. Cooper has said about an evolution in the international environment, I think they should all be reviewed and probably tightened.

    In particular, with the use of electronic communications today, you can transmit terabytes of information in an instant. You can transfer, I think, even physically out of the labs with a bit of effort, material that's produced there.

    I would start by enforcing what we have. Have a real look at it and take into account the environment that both of you have talked about.

    This will be my last question.

    You talked about the international environment giving you experience.

    Have you noticed similar concerns in our peer countries—perhaps the Five Eyes—around culture and this evolving nexus between science and security that we're discussing?

    Yes. The only one I know a bit about is the United States. They've always taken security more seriously than we do, and perhaps not without some reason.

    Yes, they've tightened up virtually anything relating to national security, including science.

    What about other countries, like the U.K., Germany and France?

    I don't know about them. The only other one I'd suggest is Australia. I think it has tightened up as well.

     Thank you.

     Thank you very much, Mr. Naqvi.

    We will now go to Mr. Bergeron for six minutes.

    Thank you, Mr. Chair.

    Mr. Fadden, thank you for being with us today. If I am not mistaken, this is now the second time you have appeared before the Special Committee on the Canada—People's Republic of China Relationship.

    I have noted two things in your testimony and your answers to date. First, you talked about culture change, which may not have taken place as quickly as might have been wished. Second is the timeline, the point when the threat became perceptible and when the security mechanisms should have been changed and a change made to the culture within the organization. On that point, there are several items on the timeline that are interesting.

     In an article published in Le Journal de Montréal in January, we learned that CSIS, the Canadian Security Intelligence Service, had published a report in 2010 explaining China's growing economic power, its growing confidence and its aggressive new agent recruitment policy, which suggest that it has the will and resources to enhance its intelligence activities more and more. So CSIS had been sounding the alarm since 2010.

    When the minister appeared before this committee, he told us that until 2018 it was thought to be important to collaborate in the realm of science, but that the world had changed considerably since then. Mr. Fadden, do you think that the world changed in 2018, or should that change have been perceived before 2018?

    Thank you for your question.

    I would say it happened before 2018. However, we have to admit that relations with China are complex. In 2010, the government was very reasonably trying to forge strategic, trade and financial links. Given that, it was a bit hard to say at the same time that there had to be a very concrete increase in the importance placed on security. I am simply saying that a balance needed to be found, but it happened before 2018.

    The fact that CSIS has been talking about the danger that China represents for two decades is interesting, but I am not sure that what CSIS was telling the government in general was being shared with the Winnipeg lab. One of the problems involved in security intelligence is that there is a tendency to classify intelligence in such a way that it becomes difficult and complex to share it. So I do not know the extent to which departments that do not have a national security-related mission had access to CSIS's intelligence, but I would say without reservation that the change happened before 2018.

    What you are saying is very interesting, because in answer to a question, you told us that the Winnipeg virology lab at that time was seen more as a health institution, but it now had to be seen as a national security facility. It always brings us back to the point when the change should have been made.

    I want to come back to the 2010 CSIS report saying that the People's Republic of China used agents from its intelligence services and also non-professionals, including people from the academic and business worlds.

    You have just told us something extremely interesting: the issue of CSIS intelligence sharing. We know that the Canadian Security Intelligence Service Act has to be amended, which we saw in the study on the People's Republic of China's interference activities. Is this something that you were already concerned about at the time you were the director of CSIS?

    Yes, absolutely. We were very limited. As I maintained at the time and I still maintain, it is possible to use a CSIS report, by removing the information that could compromise confidential sources, to give people a general impression of the concerns it may have.

    When I was at CSIS and elsewhere, I saw that it was difficult to discuss this kind of thing with academics and scientists. They want as many details as possible and they do not like being told how to do things by the government. So we have to find a way to make them understand before they start their job that they will be working in a sensitive position in terms of national security and they have to take it seriously.

    The fact that CSIS might have trouble passing this information on to the Winnipeg lab does not change the fact that the Department of Health and the Public Health Agency of Canada should have received those reports and that information and it was kind of their duty to translate that information into language that would enable the people at the Winnipeg lab to understand the importance of the situation, and this might have required that the security rules and the way they were enforced be changed.

    What you are saying is very interesting, Mr.—

     Mr. Bergeron, I'm sorry, sir. You are out of time, but you will have further opportunities.

    We will come back to it, Mr. Fadden.

     We'll now go to Ms. Blaney for six minutes.

     Thank you so much, Chair.

     I thank Mr. Fadden for being here.

     I was reflecting as you spoke that I guess part of your retirement plan is knowing that you'll be spending a great deal of time in committees with us. Thank you for your service, and thank you for your continued service in committees in the House of Commons.

    I found it interesting, in the short testimony that you gave today, when you talked about national security not being consistent—please correct me if I get anything wrong when you respond—and said that, obviously, in some of these circumstances, people are not as worried as they could or might be. The challenge, of course, is that there's no training or awareness. That really must decrease across the board. I think some of the examples you gave as you were answering another member's question were very telling, about people using personal information in a way that could be problematic.

     I'm just wondering, in terms of this, how often during your term CSIS reached out to departments and agencies to build resilience to these types of threats. Does the federal government have an established process, or is it ad hoc? You talked about it being inconsistent, so I would just like some more information on that.

     We could talk about this for several hours, because it's a complex question.

    I think, regarding information or intelligence that comes from CSIS that affects a particular department or package of departments, there would be outreach and something would be done about it. From your query, I think the more important question is about the more general information that reflects a change in the environment. CSIS has a distribution practice. There is a protocol for distributing to all departments and agencies its general-purpose material.

     I don't know if this is still true today, but, since we're talking about China, part of the challenge I found was if they had a package about Chinese interference and sent it to the non-national security departments. Probably the deputy would send it down to the departmental security officer and, depending upon that individual, it would be circulated more or less broadly. Again, I'm not trying to point fingers. That's not my objective, but if the environment is such that they don't really feel it's a threat, the DSO in Winnipeg who gets this information would sort of look at the environment generally, notice that nobody told him to do anything, and then say to himself or herself, “Should I distribute this to all the managers, all the executives or all the scientists? What do I do about it?” I think, in some of the period that we were talking about before, the conclusion would have been, “I ain't going to circulate it,” or, “I ain't going to circulate it as broadly,” if you'll forgive my English.

    There's no magic either here or among our allies, to be clear. It's a general issue. When you have an intelligence agency that is build on the presumption that they have sensitive information, there's no way you can just push a button and distribute it to everybody. You have to produce summaries. You have to talk to people.

    Most importantly, as I've argued, I think, before this committee and others, Canadians generally don't feel threatened. That's true of large chunks of the bureaucracy—not everybody, but large chunks of it. If they don't feel threatened, the impetus to take the kinds of reports you talked about and operationalize them is often not there. That's not true if there's a crisis and not true if there's an emergency, but it's true in the general peaceful period.

    As I mentioned earlier, post-9/11, let me tell you, information got circulated, but, you know, the Winnipeg lab, if you look at its history, didn't have that many major issues or crises, so there's an assumption, a human assumption, that we don't have to do maybe as much as DND does or the CSE does.

    I'm sorry; that's a long answer, but it is a complex issue.

     It is a complex issue. I think whenever you bring humanity into the mix, it always becomes a complex issue. I appreciate that. I appreciate your answer.

     You talked about building awareness across the board so that people have more awareness, sort of a context to make decisions from, or even just that thoughtfulness. I hear what you're saying, that if there's not that element of fear, people lose that as a natural component.

    I'm just wondering, from your perspective, whether federal departments and agencies are able to flag issues to CSIS in a timely manner. Are there barriers to that process? Is that component of awareness part of the process?

    With the work you've done, do you have any advice for us about how we can maintain that awareness without perpetuating fear that isn't helpful?

     I know, certainly when I was there, that any department or agency had a liaison officer with CSIS, and if they had any concerns they were encouraged to raise them. I think some did. Sometimes it was a real concern; sometimes it was not. Part of the issue I found—and I'm just giving you a personal example—was that a lot of the departments and agencies didn't like to bother CSIS, because they didn't think it was important enough, even though sometimes it was, so it's this general issue of awareness.

     I want to stress again that I'm not being partisan here. I'm not talking about Mr. Trudeau's government or Mr. Harper's government. I'm just talking about governments. Unless the Prime Minister and senior ministers signal clearly that country X or issue Y is a problem, which deputies can build on to send down into their departments, it's very hard to get medium-ranking and junior people to, all of a sudden, accept that they have an issue. I'm not saying this because I think people are stupid or ill-intentioned, but any very large organization takes a while to register these changes. As I was saying a moment ago in response to an earlier question, for a long time both Mr. Harper's government and Mr. Trudeau's government were trying to develop better relations with China, while at the same time CSIS was worried about what they were doing under the radar. I think both governments, Mr. Harper's and Mr. Trudeau's, have shifted their views over time, which I think is a very good thing and reflects polling in this country.

     However, if we're going to get everybody in government, or at least those who are in national security or national security-related departments, to take this more seriously, it requires a whole-of-government effort, not just involving.... I used to joke that, “I come to talk to you, Deputy Minister X. I'm not a security nut. I'm telling you that there's a problem here, and I'll tell you X, Y, Z.” If it's only the “security nuts” who are saying there's a problem, it's an issue. You need deputies, ministers and others to agree. I don't believe that this has to be done in such a way, because I think there's a real risk.... We have nothing against Chinese civilization or against China or the Chinese people, so there's a balancing act there to be found. I don't think it's easy, but I think the cultural change that we talked about a moment ago still needs to be pursued.

    Thank you, Mr. Fadden.

     We now go to Dr. Ellis for five minutes.

     Thank you very much, Chair.

    Thank you, Mr. Fadden, for being here. I apologize for not being there in person.

    I have a question continuing on that same vein. When Dr. Gilmour testified before the committee, he talked about co-operation with the G7+1, which, in his mind, was Mexico. Is that the type of co-operation that we need to look at going forward in a science-based environment, or is it more complex than that?

    There's nothing wrong with the G7, but I think that, if we're going to bring together preoccupations relating to the development of science and innovation on the one hand and security on the other, I would start with NATO, which is a pretty broadly defined group of people. We forget sometimes that NATO is not just a military alliance. There are all sorts of things that NATO does, including having expertise in science and technology. There's nothing wrong with the G7+1, but we also have an issue about how we protect our own credibility with respect to a lot of these issues. I would argue the better place to start would be NATO, which is most of Europe, along with associated members like Japan and Australia.

     Thank you very much for that, sir.

    We heard a lot of talk about the thousand talents program or talent programs in general from state actors. What we heard is that it appears to be acceptable to have scientists enrolled in those talent programs, as long as they divulge that information to their superiors and then, of course, have the go-ahead from their superior. My question is, does that seem appropriate to you? We're relying on those scientists to be honest and say, “Yes, I am part of a talent program.” In my mind, the nefarious actors would never divulge that information, so how do we square that circle, so to speak?

    My inclination is to say that the risks today are such that participation in such programs is not a good thing. I try, sometimes, to equate what security is trying to do with what doctors are trying to do. You have curative medicine and preventative medicine. Curative is when you have a really big problem and you have to go in with a big mallet, but a lot of things are preventative. I think the level of threat that we face today from China and a number of other countries is such that despite the cost to science—and there is a cost—scientists should not be allowed to participate in these talent programs, with or without the permission of their superiors. If relations between us and other countries or adversaries improve, then I think we should relook at the program, but we cannot on the one hand say that China, for example, is a strategic adversary, and on the other hand say to scientists, “Well, as long as you report to your boss that you're talking to them, you can share virtually anything.” The problem is that, in science, you can't partially share—I'm told it doesn't work. I'm not a scientist myself, to be clear.

     Thank you for that, sir.

    Mr. Fadden, we know that in this case, in spite of an investigation that, by March 31, 2019, had been going on about 10 months at the insistence, perhaps—that's a strong word—of Dr. Gilmour with CSIS, a shipment requested by one of these scientists with henipavirus and Ebola, as you well know, was still sent to the Wuhan Institute of Virology. In retrospect, of course, it's easier to make decisions, but was that an appropriate decision, and do you think that should have been stopped?

     I don't know about all the rules that applied, but to the extent that I've gone through a lot of the material that your committee looked at, I think there was a rule that prohibited that, and it should not have happened. I would argue it's not just a question of hindsight. If it was looked at at the time—where it was going, the way it was transmitted, the authority that was obtained to do that—I think they violated a rule, so no, I don't think it should have happened, if I understand the rule correctly.

     Thank you very much, sir.

    I don't want to turn this into a witch hunt, but we've heard from the Minister of Health that no one else should be held responsible. I'm not asking you to name names, but in my mind, there's more responsibility that should be taken here, and we should investigate that a little further. Does that ring true with you, sir?

     It does, and I also don't think it's important to name individuals at a particular point in time.

    I would argue, as I tried to say at the beginning, that it's the system writ large, from the very top to the very bottom, that wasn't taking these things as seriously as it should have. I think you can argue that individuals within that system might have been a bit more enthusiastic in enforcing the rules, but I think this is one of those cases in which a great deal of the responsibility can be shared. I know it drives many parliamentarians to distraction when it's impossible to identify an individual in the public service who did something wrong, but in this case I really do think it's the DSO on up. Everybody was operating in an environment in which, had they thought differently, the outcome would have been different.

    Also, there were a lot of protections written into our system, the labour relations system, the charter and whatnot, and all of these things slowed down the process that your colleague Mr. Cooper referred to. I'm not saying it's a good thing, but they're there, and to the extent that we want to put them into place all the time, they do have an impact.

     Thank you very much, Dr. Ellis.

     We'll now go to Mr. Fragiskatos for five minutes.

    Thank you, Chair, and thank you, Mr. Fadden, for being here.

     In your opening remarks, in the question that you just answered and, in fact, throughout your testimony, to be honest, I've been thinking about the famous quote from noted management consultant Peter Drucker, who said that “culture eats strategy for breakfast” every day, every single time.

    After this committee is done its study, there will be a report. We will put together recommendations based on witness testimony. First of all, do you have one or two key recommendations relating to the specific issue of the Winnipeg lab? To that point, do you have advice on how the recommendations the committee puts forward and that will be looked at by the bureaucracy in particular can be put in place in a way that incents, pushes and leads to culture change that's so obviously necessary?

    I'm probably not going to endear myself to some of my former colleagues, but, in any event, if you have something like this, which is a government-wide issue where responsibility for implementing is distributed across the government, the only way you're going to get change, in my opinion and my experience, is by accepting that it's going to take a while and having the system—the Clerk and the Prime Minister—say “these two deputy ministers are responsible for ensuring that all of this is going to happen across the system”. You sort of create a very high-level tiger team that is responsible, and it will appear in their annual evaluation, if you want.

    If you don't do something like that, which empowers and insists on somebody who's very senior to keep pushing on this over time, it's very difficult to effect change. It's also very difficult because we may have another major crisis of some sort in six months or so, and this will get pushed off to the side.

    Therefore, my advice is to very clearly articulate a statement on the part of the government at the highest levels, and then have the government say to the Clerk and to the Treasury Board Secretariat, “We want this implemented, we want a report every six months or every year, and I want to know the names of two deputy ministers or agency heads who are personally responsible, through a committee or whatnot, to ensure this happens.”

    Even with all of this, as your question implies, culture change is very hard to do. I think probably there were two or three or four departments not in the core national security area that require special attention. I think it would be helpful if your committee could identify which ones these are and have, again, special laser-like attempts to tighten things.

     Mr. Chair, I ask the question because we haven't seen it only in Canada. It's an issue throughout democracies. Recommendations are put forward. There's a commitment that they will be implemented and that there will be follow-through. However, culture seems to stand in the way, so often, of lasting change coming to the fore.

     I'm going to stick to the issue of culture in the minute and a half I have left.

     You said that culture has to catch up with the facts with respect to how the Canada-China relationship has evolved, to the nature of the Chinese regime under its current leadership and to what that means for our national security.

    How can culture catch up with the facts at places like the Winnipeg lab, which you said some might view as a medical facility more than anything else? I think you offered a compelling view, as have others at this committee, that it should be seen as a site of national security, first and foremost.

     I think identifying it clearly.... Somebody passing a regulation saying it's a national security establishment would be a good starting point.

    I think the issue is that we're going to have to accept that, in order for this to happen, it's going to make a lot of people unhappy. Scientists in particular really don't like dealing with these kinds of issues. It means that not just senior public servants in this case but also ministers will have to accept that they're going to be criticized for giving less priority to science, technology and whatnot.

     The other issue I would stress—and I understand the Minister of Public Safety is looking at this—is that we have to find a way of broadening access to classified information. I mean, you can take some things on faith. I think we all do. However, if you're making a case that the Chinese are very interested in scientific establishments, there are ways of articulating and setting forth these examples—not just in Canada but also in the U.K., Germany, Australia and the United States—to show clearly that it's not just people being worried about it in the abstract. We have to find a way of, if not declassifying, lowering the classification of a lot of these intelligence reports as part of the effort to change the culture.

    This is not Ceausescu's Romania. We have to convince people. We're not going to convince them without at least broadening some of the facts to which they have access.

    Thank you.

    Thank you very much, Mr. Fragiskatos.

    Now we'll go to Mr. Bergeron for two and a half minutes.

    Thank you, Mr. Chair.

    Mr. Fadden, thank you again for your testimony.

    You raised something interesting a little earlier. As a member of the National Security and Intelligence Committee of Parliamentarians, I am well aware that it is possible to reword classified intelligence in order for it to be accessible to the public. We do that regularly in our reports, with the assistance of the intelligence community.

    However, it also calls for a culture change. We saw this in the government's reaction when it closed up like an oyster when the time came to share the documents concerning the National Microbiology Lab in Winnipeg. So this culture of transparency, which allows for alerting the public without necessarily sharing the details of the intelligence, still needs to be adopted, I am afraid.

    In 2021, when you appeared before this committee, you put China's threat level at about 8 out of 10. At the time when you were the director of CSIS, where did you put the threat represented by China at?

    I probably put it as something like 5 or 6, maybe 6 out of 10.

    At the time, we were still trying to find a way of dialoguing with China. I think the big change that has happened in China over the last two or three years has been Mr. Xi's rise to power. As president, he really has taken a very proactive and negative stance toward the west, and that is when I think the situation really changed.

    Do you think this change had started before, or is it really the rise of Xi Jinping to head of the Chinese Communist Party that triggered it?

    The change had started before, but I think it is Mr. Xi who crystallized it.

    He is the one who really, concretely, assembled all the elements and made a national policy out of them. But it certainly existed before he came to power.

    In 2021, you also drew our attention to the need to be concerned about the positions the people hold. You told us that someone who handles consular affairs in an embassy is not a problem, but when that person handles all sorts of other things it can become a problem. Would you therefore be in favour of creating a foreign agent registry, as Australia has done?

    Absolutely. However, there are things that need to be looked into a bit. It is certainly not a miracle solution, but it is another tool that the Canadian Security Intelligence Service, among others, could use to try to control foreign interference by China and other countries.

    There are already ways to deal with diplomats and people in the consular services, but there is no way to identify people acting as agents of China and other countries. To go beyond your question, I think we should even consider making foreign interference a crime. One of the problems the RCMP has right now is that for it to be able to act, it has to find another crime that is connected with the interference.

     Thank you very much, Mr. Bergeron.

    We'll now go to Ms. Blaney for two and a half minutes.

     Thank you again, Chair.

    My next question is this. Just in general, across the federal government—another question alluded to this—are there other key institutions that are at risk of interference from China that we should be alerted to?

     I think it's fair to say that China's approach to acquiring information and interfering covers the waterfront. They are interested in governmental and strategic areas, critical infrastructure, technology and information. It really covers virtually anything, except my poor example of Heritage Canada, where I don't think there's a great deal of interest. It's anything that is slightly technological and any research and development that involves people who might either have or acquire influence with ministers and Parliament.

    I don't really have a list in my mind, but a lot of them are agencies. I think ISED, for example—I always forget what the full name is—is probably underestimated as a source of interest to the Chinese, because of all the influence it has in issuing grants and contributions and in promoting particular parts of our economy. It's anything that has to do with science, technology and development and people who might eventually have influence.

    It's a very large chunk, I would argue. The intensity may vary, but I think there's interest.

     Thank you for that. I think it goes back to that whole part about building awareness and finding ways to connect the dots so that you can identify those issues and keep those communications open.

    Outside of the federal government.... This is a perfect example. Do you feel there is enough work being done in the federal government to build resilience in the key academic institutions? As we see research growing across our country in many institutions, how are we preparing for that to maintain some security?

     The short answer is no, I don't think we're doing enough. I would expand my answer to include not just universities, but provinces as well. I don't see how we can have an effective national security environment in this country if we ignore the provinces, the private sector and civil society, because our adversaries are interested in all of them.

    The current government, I think, is considering broadening the capacity of the public service to share information with universities, provinces and whatnot. You cannot expect these institutions to collaborate and understand the problem if we're not prepared to share some information with them.

     I'm not suggesting that every manager in the Government of Manitoba should be given top secret clearance, but if we're not prepared to share a bit more than we are now.... I sit on a couple of boards. One of the complaints they have about the federal government relates to cyber. They say the government goes and talks to them about cyber-threats, but it's at a level of generality that is not helpful.

     We have to find a way—and I say “we” as a country—to share more information that's concrete and real if the universities, civil society and the economy are going to play a part in promoting our national security.

     Thank you, Ms. Blaney.

    Mr. Fadden, do you have a hard stop, or can we impose upon you until maybe five or 10 after the hour?

    I can do that, Chair.

    Excellent.

    That gives us one more complete round. We'll do five minutes, five minutes, two and a half minutes and two and a half minutes. Is that good?

    Some hon. members: Agreed.

    The Chair: Excellent.

    Mr. Kmiec, five minutes are yours.

     Thank you, Mr. Chair.

    One of the great advantages, I guess, of going last is that I get to listen to everybody else's questions. Now, having heard all the testimony so far, I regret not having been here in person to ask you these questions and then follow up with you off camera.

    There was a mention in your opening statement about the culture at PHAC. It was raised repeatedly by other members that there's kind of a complacent culture in some of the non-security agencies regarding foreign interference and foreign campaigns by other governments to obtain data and information.

    The feeling I get having heard all of the testimony so far, especially from officials and the health minister when he came before committee, is twofold. It's the Leslie Nielsen defence: The house is on fire, but there's nothing to see here, everything is good—that meme that exists online. The second one, when I was listening to some of the officials, the DSOs and above, as you've pointed out, was basically the Sir Humphrey Appleby defence: Many lessons were learned, and we won't do as badly next time.

    How can a culture change if nobody's held accountable? I don't mean necessarily people being fired, but that there be demotions and fingers pointed very openly at individuals who should be held accountable for rules that weren't followed, or for complacency in the workplace. How can the culture change if nobody is held accountable? That's my question for you, sir.

     That's a very good question, I think, Chair. I think changing the culture will involve far more than that, but I take your point.

    One of the difficulties we have in this country in terms of holding anybody accountable is that you can't talk about it publicly. The Privacy Act is very, very strict, and there are good reasons for that. If you're able to identify, in a particular time frame, people in positions who had responsibilities that could have been discharged better, that's one way of doing it. However, accusing somebody of doing something wrong in the lab without the possibility of a real investigation, of appeals and whatnot, is very, very difficult.

    I really do believe that in this case, there are so many people who played a role on this file and did not do what they might have done that it's going to be hard to say, “It's this person, this person and that person.”

    Nonetheless, I think it's something that the public service, eventually with ministers, should look at to determine whether or not it should be possible publicly to make the point without destroying a person's reputation. You know, for as long as I've been a public servant, this has been an issue. Many politicians have suggested to me that it's driven them to distraction that there's never been a public servant held accountable. I was talking to people in the private sector. You know what they do when somebody really does something wrong? They give them a very large cheque and they go away. Nobody ever talks about it. I'm exaggerating, but there's some truth in that.

    We can't do that in the public service, so what we do is that we shuffle people, or they're reproved or, if they're an executive, their executive compensation is reduced and whatnot. If we're not prepared to talk about it, though, at least to some degree—and I would limit the degree publicly—it's not going to work, because it's an example that we have to get out. If people don't know that something negative can happen, you're right that it's going to be very hard to change the culture. However, I would prefer to use the carrot in changing the culture, to the extent possible, because, as I said, we're dealing with very smart, highly educated people, and if we don't bring them along it's going to be an uphill battle.

    When there was discussion about what types of recommendations we could put together, there was mention of a committee being formed of public servants across government, with potentially two deputy ministers selected to be responsible at the end of the day for overseeing it.

    My follow-up question, then, is this: How would you see that working? What would be the accountability mechanisms to make sure that if this happens again—and this is government after all, so I expect there'll be future parliamentarians having the same maddening discussion around this table at some future point—we can hold public servants accountable? Or, if we discover that this has happened elsewhere in government, what would these deputy ministers be doing? How would this committee be functioning? What would be the accountability mechanism?

     Thank you, Chair.

    In the first instance, I would say my idea of having a couple of deputy ministers would be to ensure the operationalization of those recommendations of this committee that the government has accepted. In other words, my understanding is that you will make a report to Parliament, and the government will then have to decide whether or not and which components to accept.

    I would then say, whatever the government decides on, they would clearly tell the public service, the Clerk and the Treasury Board that we want these things done within the following time frame.

    My experience suggests to me that if you just tell all deputy ministers to do this, it doesn't always work evenly, so you appoint an implementation champion. Maybe it's a deputy secretary in PCO—I don't know who it is—and you simply say to them very clearly that they have to establish a time frame for implementing all of these various recommendations. You have to report back to a committee of cabinet and perhaps a committee of Parliament. In doing that, it becomes easier to find out what's going on.

     You can insist that the Treasury Board mandate audits. You don't have to have a problem before you mandate an audit. One of your colleagues asked a question about which departments and agencies we should worry about from a security perspective. Why doesn't the Treasury Board do three audits a year just looking at what the DSOs are doing on these departments? That's not punitive. It's preventative.

    If they find problems, it's possible to then require the deputy head to do something about it. I wouldn't be surprised if the Auditor General did something like this at some point, as well.

     Thank you very much.

    We'll now go to Mrs. Lalonde for five minutes.

    Thank you very much, Mr. Fadden. Thank you for your attendance and your service to Canada.

    You spoke particularly about culture, evolution and also economic access over the years by government in terms of moving forward with the relationship with China and the possibilities. I would like to hear you tell us a bit, based on your former role, about the role that CSIS plays in protecting Canada's research and the intelligence component.

     CSIS fundamentally is an information-gathering institution. It's something that we tend to forget. We sometimes think there's a James Bond element whereby people swoop in and fix things. Fundamentally, it's an information-gathering institution.

    It takes that information, it analyzes it and it distributes it. I would argue that—and I would say the same thing about when I was there—I don't think we did a good enough job to vulgariser, to make the information more generally available in language that people understand.

    The main role that CSIS plays is informing government about issues that arise. They have no executive power. They have no powers of compulsion. All they can do is, if necessary, pound a bit on the table and ask that people take their views seriously.

    If you're going to focus on CSIS and their role in protecting, it's important to understand that their role is to inform, and sometimes to prod, but they don't have much more of a role than that. It really then becomes the job of departments and agencies to find those parts of the intelligence that they feel need to be acted upon.

    Thank you very much.

    We didn't touch too much on it, so I would like to hear a little about how the government can protect Canada's research institutions from threats, through AI and cyber-attacks, by foreign hostile actors. I would like to hear more about even a recommendation that could contain some of your thoughts on that.

    I'll go back a bit to what I said earlier. If you're going to deal with private sector research and development areas, passing legislation or regulations is not going to make a huge difference. You have to convince these people there's a real risk.

    The only way we're going to do that is if we share information with them and we bring them, to some degree, within the tent.

    I know CSE makes a significant effort to try to explain to corporations and whatnot the dangers of cyber, but when we compare what we do to the United States, the United Kingdom and Australia, we're still very reticent about what we share with the private sector.

    Sure, change the rules if you have to—require reporting on cyber-attacks; require basic measures to be taken—but no large corporation is going to significantly shift its investment pattern, for example, if it's not convinced itself that there's a real risk that its R and D or its IP will be stolen.

    We have to find a way of bringing them along more than we have now.

    I'm repeating myself, and I apologize, but we as a country simply don't share enough information with the private sector.

    One of my political masters once told me, when we were talking about sharing information, that national security is to be dealt with, not talked about.

    An hon. member: I'm just in my room. We just have about—

    Mr. Richard Fadden: That view still permeates chunks of the community.

    I'm not sure what that was. Was that a cyber-attack?

    Some hon. members: Oh, oh!

     I think it's an unmuted member of Parliament. That happens sometimes, and I apologize for that.

    I'm the parliamentary secretary for National Defence. As you know, everything is classified and needs a high level of security, particularly when you talk about industry. One person was just reflecting on the fact that, here in Canada, in a lot of our industry, maybe on the defence side but also more broadly, from what I understand from you, they don't have that clearance. We have restricted ourselves from talking to these individuals to find a solution.

    Would you recommend that possibly some of the industries should elevate their status to enhanced security clearance, or is it the opposite? Should we change a bit of our system to accommodate that sharing of information?

    In the final analysis, Mr. Chair, the government would have to change its rules in order to permit members of the private sector to be security cleared and then impose some conditions on those who receive specialized clearances.

    I want to stress, from my perspective at any rate, that this doesn't mean that every manager in every defence industry gets a security clearance. It means that even key personnel who are involved in immediate issues with the defence department would probably not have top secret clearance. You do a heck of a lot with a secret clearance. We would have to change our rules to make it possible for them to receive the clearance and then impose conditions on how they deal with that information once they've been security cleared.

    Thank you, Ms. Lalonde.

    Thank you.

    Mr. Bergeron, you now have two and a half minutes.

    Mr. Fadden, you also told us this in 2021:

     Then you added:

    Do you get the feeling, three years later, that we have understood that countries like China present a risk? If so, do you think we have started to adopt the tools that will enable us to protect ourselves against this risk?

    I think progress has been made and that is in part because of the problems Canada had with China over the detention of Michael Kovrig and Michael Spavor. Surveys covering the period following the two Michaels period indicate that Canadians' attitude toward China is much more negative than it was. We started no longer seeing it as a country that was not in any way an adversary, and that is progress. However, have we reached the point when a majority of Canadians accept the fact that China really is an adversary?

    China is not an enemy, but the United States, the United Kingdom and France, who are our close allies, consider it to be a strategic adversary, on the same basis as Russia. There has been some improvement, but the fact remains that we are probably the only western country that does not have a foreign policy framework. That kind of framework would allow us to say clearly that the Government of Canada regards China as a risk.

    Canada's Indo-Pacific strategy does include a few paragraphs that indicate a change of attitude toward China on our government's part, but Canada has not clearly stated that it considered China to be a serious adversary, as its close allies have done. At the risk of repeating myself, I will say that we have made some progress, but it is not enough.

    Thank you, Mr. Bergeron.

    It really is unfortunate that time is up.

    Thank you very much, Mr. Fadden.

    Unfortunately, your time has expired.

    Ms. Blaney, you have two and a half minutes.

    Thank you, Mr. Chair.

    Again, Mr. Fadden, this was a very helpful session, and I appreciate your time.

    One thing that concerns me is that Canadians are starting to question a lot of our processes. We know that when mistrust grows, it can be very detrimental to our communities and to our nation. We know that in this context, it took years to resolve the issue. In my opinion, that's not the best time frame.

    You spoke earlier about working with provinces, territories, and academic and private institutions in terms of giving more information.

    What mechanisms do we need, and how can we take those mechanisms, do the work, but also have a way of sharing it with Canadians to build that sense of faith and trust?

     Going back to my point that doing this doesn't mean giving everybody in the country security clearance, I would go about it using a sectoral approach. For example, the banking industry and the financial industry have associations. You develop a memorandum of understanding with them that certain of their members are given security clearances, and they find a way of distributing this information in a non-classified way with their membership.

    I'll use another medical analogy: Fighting against cancer is not helpful; you have to fight the specific kind of cancer. Therefore, just saying that we're going to clear all Canadians is not helpful. We have to find a way of narrowing the number of people and the number of institutions that we're talking about. I may be wrong, but I think the Government of Canada has 13 critical infrastructure industries. Pick three or four of those, like nuclear, financial, oil and gas—I have forgotten what they are—and develop an understanding with them that we're going to be a bit more open than we are now. Then see where we can go from there. Then, start spreading that out beyond the private sector with maybe the Canadian association of universities.

    However, I'm not sure that going to a particular university and to a particular collection of professors and giving them security clearances alone would work in the short term. What I'm trying to say is that I don't think there's a silver bullet.

     Thank you.

    Thank you. That brings us to the end of our time.

    We appreciate the extra time you spent with us, Mr. Fadden. I think that there's at least one other committee, maybe more, that owes us lunch for the work that you have done here, because you've really covered some very good ground.

    I want to remind our substitutes that we will be looking at drafting instructions for this study on Monday. You may wish to switch out, at least for that portion of the meeting, so that you can provide your input to the analysts.

    With that, I want to thank everybody for their time today. There were excellent questions, and there was excellent testimony.

    Thank you to the staff, the clerks, our analysts and everybody.

    The meeting is adjourned.