Thank you for this opportunity to discuss our role and the strong relationship we have established with our customers, such as Statistics Canada.
As the chair mentioned, I am accompanied today by Raj Thuppal and Graham Barr.
I would just like to start with a few words about the mandate of Shared Services Canada.
We deliver the IT infrastructure backbone for the programs and services that Canadians get daily from the government. Whether at the border, or for their pensions or benefits, we meet a very broad spectrum of infrastructure requirements.
The department is mandated to provide a range of services essential to government operations. This includes the delivery of email, data centres, network and workplace technology devices, as well as cyber and IT security.
Protecting and securing the integrity of the government of Canada's systems, networks, and information from cyber-threats is a top priority for us. We carry out this work with lead security agencies such as the Communications Security Establishment. We also benefit from strategic partnerships such as the international Five Eyes security and intelligence network, which includes the U.S., the U.K., Australia, and New Zealand.
More than ever, cybersecurity requires a collaborative approach. We are therefore committed to working together to share solutions on how best to protect our information and citizens. I would add that, with the creation of Shared Services Canada, or SSC, the government is better positioned to take swift, preventative, and corrective actions.
A great example occurred recently when we successfully managed a vulnerability that affected computer servers worldwide, including those of government departments such as Statistics Canada.
The vulnerability was identified in March. It affected specific servers running on a software called Apache Struts 2. SSC worked collaboratively with Statistics Canada to identify and rectify the situation. Though some services were not available during certain periods, no data was lost or altered in any way. We were able to react quickly, in large part because the government's IT infrastructure is managed as an enterprise rather than in silos, which was the practice in the past. This approach gives us an overall view of government networks and the ability to respond quickly to common threats facing departments and agencies within our security perimeter.
As a service organization we understand that our customers, such as Statistics Canada, hold us accountable for the services we provide. This is why our number one duty is to understand and meet their business and security requirements.
We are proud of the work we have achieved over the past several months to respond to the expectations of all our customers, who acknowledge the benefits of the enterprise model.
I would emphasize that our IT infrastructure does not impact or compromise, in any way, the independence of Statistics Canada or any other partner organization.
With respect to Statistics Canada, we have a strong partnership and have achieved a great deal together. This includes, for example, the fact that Canadians were able to participate in record numbers in the 2016 census using Shared Services IT infrastructure.
The IT services provided by SSC for the census consisted of data-centre, network, security, and communications systems. I would add that there were no IT infrastructure issues for the duration of the census.
To reinforce our working relationship with the agency, the chief statistician and I have made a joint commitment to continue to modernize the information technology services the agency relies upon to deliver programs to Canadians. I meet with him on a regular basis to ensure that business requirements are well-identified, captured, and processed in a timely fashion.
These efforts are part of a strong governance structure between our two organizations. The chief statistician and I share a committee overseeing all of Statistics Canada's information technology projects.
In the coming months, SSC will continue to work closely with Statistics Canada to respond to the agency's immediate and longer-term requirements. Planning for the 2021 census has already begun.
In the short term, we will continue addressing the agency's expanding program requirements by augmenting computing and storage capacity, among other initiatives.
We have already significantly increased the available memory in the legacy data centre as well as its computing capacity. This is to meet the agency's growing business needs.
Medium- and longer-term needs are being addressed through a second phase that includes closing a legacy data centre and moving the workload to a state-of-the-art enterprise data centre.
To date, SSC has opened three modern, highly efficient enterprise data centres to eliminate duplication, increase security, and better manage costs. SSC is also committed to meeting the strict security requirements established by Statistics Canada. For example, employees working at the data centre serving Statistics Canada are secret cleared and take an oath to meet the requirements of the Statistics Act.
In addition, this data is stored using infrastructure that is dedicated to Statistics Canada, and the encrypted data for the census, which resides in the enterprise data centre, is controlled through the use of electronic keys. Currently, no Shared Services Canada employees have access to that data.
Shared Services Canada also works with lead security agencies such as the Communications Security Establishment and the RCMP to ensure the overall security posture of its data centres from both physical and IT security perspectives and to ensure that this meets or exceeds Government of Canada requirements. This collaboration is instrumental in providing secure services to Canadians.
Let me be clear—Statistics Canada continues to have full control over its data, as it always has.
Let me close by emphasizing that maintaining the confidentiality and security requirements of our customers has always been, and will continue to be, of paramount importance to Shared Services Canada.
Thank you. My colleagues and I are pleased to answer your questions.
Thank you very much, Mr. Chair.
Welcome to our guests this morning.
I had the pleasure of being at the OECD's Blue Sky Forum on Science and Innovation Indicators. Of course, in that particular forum there was a lot of discussion not only on statistics and how business manages, but also on how governments manage, information. I think one of the critical things, when you see all of the data points that are important to business and to government, is just how significant this is.
Of course, one of the things they spoke about was security issues. You hear so many different stories about how many times the Government of Canada has been hacked, and, of course, that's the concern that people have. I mean, if we have one particular organization that says, “don't worry, we've got this aced”, but you keep hearing this from all of these other actors, how confident are you that because it is in-house and you have very limited access among different departments that the security is what it should be in order to maintain confidence for Canadians?
Thank you, Mr. Chair.
At Shared Services Canada we take a holistic approach to applying security practices to support our partners. The functions vary, and include prevention, prevention techniques, detection techniques, and then response and recovery.
We do put a lot of effort into ensuring that we do have preventative capabilities, from both technology and a combination of processes and governments, but there is a lot of emphasis on detection as well. When we do get breached, we detect it very rapidly and then can respond and recover very quickly, as evidenced by Ron's comments on the recent worldwide threat, to which we responded very effectively, prevented any data loss, and then came out very quickly to restore the services for our partners.
We work in very strong collaboration with our security partners, especially the Communications Security Establishment. There are capabilities they bring that support us in ensuring that we provide security capabilities for our customers.
I will just reiterate from the start that Statistics Canada is completely in control of its census and survey programs as well as its statistical methods. Our role at Shared Services Canada is to provide the IT platform to ensure the delivery of Statistics Canada's important programs, and to do that in a secure way.
We have 24 different services in our service catalogue at Shared Services Canada, and we have established service level expectations for each one of those services so that our customer departments know what level of service to expect from us. We've been working, as the president said, since about October with the chief statistician on a plan to reduce the risk in the IT infrastructure that is supporting Statistics Canada. It's a two-phase plan. The first phase was to address immediate areas of concern, and we're wrapping up that phase, and, as the chief statistician noted at this committee back a couple of weeks ago, he is satisfied that the level of risk has been substantially reduced.
The longer-term plan, as my colleagues alluded to, is to transfer Statistics Canada data holdings out of their old data centre and into the new one, but at every stage of this project, Statistics Canada retains ultimate control over the classification of its data and where that data is stored.
Thank you for the presentation. It was very informative.
About 20 years ago my business did business with the first commerce-enabled website in northern Ontario, and the data was housed in Winnipeg. I remember at that particular time, just 20 years ago, that it was a challenge getting people to make transactions on the Internet. We used the approach, “When you use your credit card on the Internet, it's much safer than going to a restaurant where you're giving your credit card to an individual, who gives it to someone else, who gives it to someone else. You've been exposed so many times.”
Fast-forward to today, and I'll use my father as an example. He makes all transactions on the Internet. People trust it. There are so many transactions going on, from his banking, to purchases, to planning his trips. The reason I say that is some of the models that have been put in place are quite amazing.
Instead of doing individualistic modelling, in which people are working in silos within governments, why is this better? The chief statistician mentioned in one of the presentations a model similar to what's happening now. Shared Services is responsible for cybersecurity, and in particular the prevention—because prevention is really important in this—of cyber-attacks. Could you comment on prevention and how you would deal with anything that slipped through the cracks?
I'm going to share a little of my time with Majid as well because I had some opportunity.
Picking up on cybersecurity in particular, we're delving into it, but it's a concern for many people in today's world. As I mentioned earlier, the transactions are happening at an enormous rate. The preventive stuff you have in place is really important. I worked with the Ministry of Training, Colleges and Universities for the province, so I know some of the checks their shared services go through.
Very quickly, is employees' access to things like Facebook, social media, outside websites, including Hotmail, or whatever, still a potential risk, because sometimes that's where a lot of the cyber stuff comes through? They go to their Hotmail and are targeted by some sort of phishing scheme and they hit the button and their screen goes blue. What steps and policies are in place to prevent that kind of stuff?
Thank you very much, Mr. Chair.
I would like to thank you for this opportunity to address the committee as it studies Bill , a bill that seeks to establish the professional independence of Statistics Canada in law. Ivan Fellegi and I have played a significant role internationally in the articulation of the need for professional independence of national statistical offices. I think Dr. Fellegi is going to speak to this a bit. He participated in the writing of the United Nations Fundamental Principles of Official Statistics and their adoption by the United Nations Economic Commission for Europe, while I, as chair of the Conference of European Statisticians, helped to obtain their approval at the UN General Assembly. As a member and vice-chair of the executive of the Committee on Statistics and Statistical Policy of the OECD, I proposed and helped develop the OECD's recommendations on good statistical practice, which were ultimately adopted by the OECD council of ministers.
A key notion behind both of these documents is that the professional independence of national statistical offices should be protected in national statistical legislation. It has always been somewhat ironic that while Canada played such an important role in developing this notion, Canadian legislation has been among the worst in the developed world in terms of affording protection to Statistics Canada's independence. In Canada, professional independence, until recently—until now if this bill is adopted—has been a matter of convention rather than law, and has relied on the good graces of successive governments, and the determination of successive chief statisticians to protect that independence. While independence has been generally maintained, preserving it is not a game for weak-willed chief statisticians.
This requirement for professional independence is rooted in the need to protect the credibility of national statistics that, in the democratic process, provide a report card to the nation on the performance of successive governments and a reliable information base for public policy debate. If the national statistical system is subject to political or other external interference, credibility is eroded, and debate becomes about the statistics themselves, rather than the substantive issues of public policy. If the system of national statistics is credible, then one can truly say that a person is entitled to their own opinions, but not to their own facts.
So it's gratifying to see Bill brought before Parliament. I had the opportunity to contribute to the building of the legislation prior to my resignation.
I'd like to say at the outset that while I consider the legislation to have three major flaws, even if it's passed in its current state, the legislation would materially improve the independence of Statistics Canada and should be welcomed. But there are flaws.
The first flaw is that the legislation does not include provisions for a merit-based, transparent selection process for the chief statistician, one that would engage a selection committee of stakeholders in the statistical system in that process.
The government has argued that it now has a general merit-based selection system for Governor in Council appointments, but this system is not transparent and not binding on the current government, let alone future governments. This point was demonstrated when my successor was selected through a completely opaque process and was appointed to a lower level deputy minister position without adequate public explanation. The chief statistician of the moment is very beholden to the government and on a very short leash. This demonstrates how independence can be undermined by the selection process.
The second flaw is that Bill will in no way alter the provisions of the Statistics Act with respect to the census of population. This means that there will be no guarantee that every five years a comprehensive census will be conducted that is mandatory in all respects. The decision of the previous government to make the long form of the census of population voluntary was the principle reason for wanting to reinforce the professional independence of Statistics Canada, so it is surprising that the bill does not address the issue.
Even if Bill is passed, the cabinet is still required and authorized to approve the questions for each census, and can decide to reduce the content to any number of questions it desires. Under existing case law, the interpretation of the Statistics Act is that the long form is not part of the census proper, and therefore can be conducted on a voluntary basis, and this problem has not been addressed.
Through deft manipulation of the provisions of the amended act, any future government will still be able, once again, to make the long-form census voluntary without going before Parliament.
The third flaw is the one that led to my resignation in September 2016. Bill does not address the serious intrusion on Statistics Canada's independence arising from its new forced dependence on Shared Services Canada for informatic hardware infrastructure. This dependence, created under the previous government, gives an outside organization the ability to interfere with or even prevent, through malice, incompetence or disinterest, the delivery of Statistics Canada's programs.
We are living a case in point at this very moment. Statistics Canada has been working for some time now to modernize its data dissemination systems, which rely on now obsolete software. Statistics Canada has done its part. It has developed modern programs to replace these systems, but requires new hardware infrastructure to introduce them. Shared Services Canada has repeatedly failed to deliver the required, operationally-ready infrastructure to allow Statistics Canada to implement the new systems. The first date that was missed was in May 2015, and the structure still isn't there. The 2016 census of population program, which intended to make use of the new software platform, was forced to retreat and incur some non-negligible costs to patch up the old programs. Commitments made to the previous government to improve the usability of online census data could therefore not be honoured. More significantly, over two weeks ago—actually at the time of the release of the last labour force survey dated early in March—significant portions of Statistics Canada website were taken offline due to security vulnerabilities in the old software, which is still in use, contrary to Statistics Canada's desires, intentions, and plans. Major components of the website are still not available today. To my knowledge, this is the worst outage of online data access in Statistics Canada's history and a serious loss of access to data for Canadians. It shows why Statistics Canada must have full management control over its informatics operations.
It is my sincere hope that this committee will bring forward amendments to address these flaws in Bill when it is returned to the House.
With that, I will end my comments. Thank you.
It is a double personal pleasure to appear before your committee to discuss proposed changes to the Statistics Act. After a period of formal association with Statistics Canada extending fully over 60 years, 23 as chief statistician of Canada and another nine as chief statistician of Canada emeritus, I am very happy to welcome this major step forward.
Second, as Mr. Smith mentioned, I was one of the authors of the United Nations Fundamental Principles of Official Statistics. It is very gratifying to see several of its principles incorporated into the new Statistics Act.
You will notice, incidentally, that my comments overlap Mr. Smith's, but we haven't collaborated, let alone colluded.
Voices: Oh, oh!
Dr. Ivan Fellegi: It's just a similar analysis that we have carried out.
While I celebrate the improvements, I think it would be a great loss if a once-in-a-generation opportunity like the present one were not exploited to bring in a truly model Statistics Act. I would like to recommend for your consideration six possible improvements. I'm less modest than Mr. Smith. He only had three.
First, I would suggest that you give careful consideration to the United Nations Fundamental Principles of Official Statistics. It has a very important preamble that sets out the reasons why trust in official statistics is crucial for the sound functioning of democratic processes and why the professional independence of the national statistical office is a critical element of this trust. It would set a context for the act and could play a major role in guiding its interpretation by the courts and by others.
Second, I think the proposed method of appointment of the chief statistician leaves a lot to be desired. Here I'm fully echoing what Mr. Smith said. This is a position requiring a deep knowledge of the quality issues of official statistics and what makes them trustworthy, an understanding of the multiplicity of information needs of governments and society, and a demonstrated ability to manage a complex, multidisciplinary organization.
I strongly urge you, in case of a vacancy, to consider requiring the establishment of a search committee of eminent and knowledgeable people for the purpose of searching for and putting forward to the Prime Minister a short list of qualified persons. Such a search committee could be composed of retired governors of the Bank of Canada, retired clerks of the Privy Council, retired chief statisticians, the president of the Statistical Society of Canada, and so on. The search committee should be required to not only review applications for the position but to also conduct an active search. This is a highly specialized position, and I am asserting, based on my long experience, that an essentially passive application process without an active search component will often not work well, and has not worked well in the past.
Still on the appointment process, I welcome the establishment of term appointments to be served during good behaviour and the fact that the term is renewable, but suggest that you consider more than just renewal. Perhaps after one renewal...subject to a review by a search committee. If you have an outstanding person in the job, why should you preclude at least the possibility of reappointment?
Four, as I mentioned before, giving the chief statistician control over the statistical methods to be used and over the timing and methods of dissemination is at the heart of the proposed changes. It is, however, a major flaw, in my view, that Bill leaves open the possibility of the chief statistician being overruled, on a methodological issue, by the responsible minister. I would underline “on a methodological issue”. The proposed safeguard of transparency would not have worked in the case of the 2011 census.
This aspect of the proposed Statistics Act also explicitly violates the United Nations Fundamental Principles of Official Statistics, of which the Government of Canada is a foremost signatory. As I mentioned, it leaves the door wide open for the repeat of the 2011 voluntary long-form census by calling the long form a “survey”, and overruling the chief statistician on its mandatory character.
I left five copies of those fundamental principles with your clerk.
Fifth, the problem is exacerbated by the fact that the scope of the census is not specified, and this leaves the door even more widely open for a future government to opt for a short-form census, with perhaps a voluntary long form that would be called a survey.
Sixth and finally, and perhaps less importantly, I suggest that you specify some skill requirements for the members of the proposed Canadian statistics advisory committee. I also suggest that you increase its size. It needs to represent a variety of disciplines, skill sets, client groups, and geographical locations.
I thank you for your attention, and I'll be very happy to answer your questions.
Mr. Chair, there were three essential reasons I tendered my resignation.
The first reason was that I felt that the fact that Shared Services Canada was handling confidential respondent information under the terms and conditions that existed was in fact a violation of the Statistics Act, and that's still my view.
The Statistics Act requires that confidential information be held by employees of Statistics Canada or people that the chief statistician voluntarily and not as a matter of obligation deems to be employees of Statistics Canada. That's not the case today. I've actually filed a complaint with the Privacy Commissioner to see how he views that matter.
The second issue was that, in principle, when Statistics Canada needs hardware infrastructure to carry out its programs, which it doesn't have today, it has to request that from Shared Services Canada.
Shared Services Canada is not obliged to provide it, which means that they have meaningful control over Statistics Canada's ability to operate. That is inconsistent with independence in principle, regardless of whether a specific case has occurred.
The third issue was that the reality of those two factors together meant that Shared Services Canada was making decisions and failing to make decisions in a way that was hobbling Statistics Canada's ability to operate. My resignation was meant to draw attention to that issue, and I understand that at least it had the effect of getting a lot of attention from Shared Services Canada for a short space in time.
Thanks a lot, and thank you, gentlemen, for appearing here today.
I must say, I pretty well agree with everything you had to say, and that spans both a Liberal government and a Conservative government, so I appreciate what you say. Sometimes hindsight is a valuable tool to look at.
The third component that you mentioned, Mr. Smith, has to do with performance around Shared Services Canada. At a time when software companies—I won't say every—in North America are transitioning from their own internally managed data centres to cloud computing, it only seems logical to me that this be an option for us. We heard from Mr. Parker from Shared Services Canada that some government departments and agencies are in fact transitioning to that, so they are better able to respond to peak demands on bandwidth. I asked Mr. Parker if he could name me a couple of departments that have huge bandwidth spikes, and he either wouldn't or he couldn't name them.
Both of you gentlemen have been at Stats Canada and know there are huge spikes, and you know that Shared Services Canada has absolutely no ability to handle those huge spikes. That's my opinion, and I'm not an expert, but based on what I saw a couple of weeks ago and when the census was launched, I believe that is the case. I wonder if you could comment on your experiences with them in just being able to react to something basic that a data centre should be able to provide to its customer.
Well, the census isn't a good example, because it was a huge spike, absolutely, probably one of the biggest spikes the government has ever seen in terms of demand for informatics, but we knew exactly when it was going to happen and were able to build the capacity to face it.
The problem that happened at the very beginning of the 2016 census, which we recovered from very quickly, was actually caused by a bug in the commercial software. It wasn't Shared Services Canada and it wasn't Statistics Canada that caused us the problem; it was actually the third leg of the stool.
One of the problems that Shared Services Canada is facing is that they're trying to build new infrastructure at the same time they're operating the legacy system. They had no funding to allow them to do these two things simultaneously.
Their strategy has been to run down the legacy data centres. They've cancelled service contracts. They're not replacing the obsolete servers. They're hoping that these servers will stay on their feet until such time as they get their new systems up and running, but they have no reason to believe that. There is no evidence that this will be the case.
Just before I left Statistics Canada, there was a major outage caused by the fact that one of these old pieces of equipment failed. At the very moment we needed it to disseminate a major release, it brought down the entire data centre. It didn't just bring down the web server. It brought down our entire data centre. That was a consequence of the strategy of running obsolete equipment into the ground: causing an unnecessary lapse in the service for Canadians.
I knew someone had five minutes. Thank you very much, I appreciate that.
Certainly, from listening to what has taken place here, I'm going to go over the transcript of the testimony quite carefully and I would hope that everyone can do that, because I think it's really critical.
Mr. Smith, you had gone through three basic themes, and then you said you had three amendments. I'm not sure whether we could tighten that up a bit, and maybe I could get some commentary from you as to what you think might be amendments, the succinct points that you could make that would tie in, that would help us again on the testimony side.
I do want to ask this one question because I've asked it of others as well. The discussion is that after 92 years, whether a person has said they wanted it or had that option of opting out of it or not, this information should therefore be public. Really, most people look at the census and say, okay, it says in here it's not going to be shared with anybody and so we can be comfortable with what we put down.
I'd like to have your comment on that. There are a couple of questions that are asked, on religion and so on, that I'm thinking of. I'll mention the story of the number of people who have chosen the Jedi religion. Those kinds of things, after 92 years, might seem insignificant, but where do you pick the number when we don't know what life expectancy is? We don't understand the scenarios in there.
Is it something that needs to be in that legislation, or can it simply be left out? That's my first question on that part, and then maybe you could flesh out what you think the amendments would be.
The issue of the 92 years is not really a statistical issue. This is an issue for genealogists and historians. The tradition has been in Canada that after 92 years, generally speaking, public records become accessible, and that used to apply to the census.
A long time ago, the 1918 Statistics Act applied to the censuses conducted prior to it. Then the Statistics Act came along and said that all data was confidential and gave the impression that it would be in perpetuity.
The issue was raised about whether the data from Statistics Canada should be made public. There was strong lobbying by genealogists and historians that this data were important, and in making data public after the normal life expectancy shouldn't be that controversial. Proposals were adopted in the Statistics Act that asked for consent. They've been ineffective in getting people to respond to them, let alone whether they.... Some people won't respond for their children, because they want to wait until they're adults. Other people won't respond for their spouse. Other people never get to that question and stop before they get there.
Even the noes aren't necessarily noes and the result is that genealogists have lost a significant level of access. It's no longer a 100% record. They would like to see it restored.
We thought there might be an impact on Statistics Canada's operations if, in fact, we did not ask for consent. It was seen that that's not the case, so we, Statistics Canada, during my appointment when I was there, were of the view that we saw no harm in accommodating the genealogists and the historians in making the data available without bothering to ask for consent after 92 years, or any other period that Parliament might want to adopt: 108, 114, the maximum life expectancy of a Canadian.
In terms of the ability of Statistics Canada to carry out its mandate, this is not critical to Statistics Canada's operations, so it really is a decision for Parliament to decide whether they would like to continue with consent, whether they'd like to go back to the case where Statistics Canada information is no longer available ever, or whether Parliament wants to adopt the 92-year rule and automatically make the data available to the public archives after a fixed period of whatever length.
Thank you. We're going to have to end it right there.
Before everybody leaves, just hang on.
Thank you, gentlemen, for sharing your time with us today. You leave us with a lot of questions that we need to answer.
Gentlemen, before we go, I have a couple of things to deal with, just quick housekeeping. On Thursday for those who are interested in staying, we have Clare Adamson coming from Scotland. She will likely sit in toward the end, and then we'll do an informal session from 10:45 to 11:15. Some people have expressed interest in staying. We'll send her bio to your email addresses.
I'm going to pass around another thing. For our trip to Washington, I want to make sure that we are going with a specific goal in mind, so we worked with the clerk. This is just an example. It has already been passed around. Take a look at it. Be prepared to have a chat if there is more in there that you want, but we want to be able to come back with very specific—rather than just going willy-nilly and doing whatever.