Hansard
Consult the new user guides
For assistance, please contact us
Consult the new user guides
For assistance, please contact us
Add search criteria
Results: 1 - 100 of 46621
View Kevin Lamoureux Profile
Lib. (MB)
View Kevin Lamoureux Profile
2022-12-01 10:02 [p.10257]
Mr. Speaker, pursuant to Standing Order 36(8)(a), I have the honour to table, in both official languages, the government's response to eight petitions. These returns will be tabled in an electronic format.
View Ken Hardie Profile
Lib. (BC)
View Ken Hardie Profile
2022-12-01 10:03 [p.10257]
Mr. Speaker, I have the honour to present, in both official languages, the first report of the Special Committee on the Canada–People’s Republic of China Relationship in relation to the motion adopted on Tuesday, November 29, regarding Canada and the People’s Republic of China.
The motion is as follows:
That the committee express its support for the brave and courageous Chinese protesters who are fighting for their fundamental human rights and freedoms of association and expression, and call on Beijing to respect the right to peaceful assembly and avoid a repeat of the Tiananmen Square massacre of June 5, 1989
View Peter Fonseca Profile
Lib. (ON)
Mr. Speaker, I have the honour to present, in both official languages, the eighth report of the Standing Committee on Finance in relation to Bill C-32, an act to implement certain provisions of the fall economic statement tabled in Parliament on November 3, 2022 and certain provisions of the budget tabled in Parliament on April 7, 2022.
I would like to thank our finance committee clerks, Alexandre Roger and Carine Grand-Jean; our legislative clerks, Philippe Méla and Jean-François Pagé; our analysts, Joëlle Malo and Michaël Lambert-Racine; our committee assistant, Lynda Gaudreault; all committee staff, interpreters and services, and all members of the finance committee for their dedication and hard work.
View Charlie Angus Profile
NDP (ON)
View Charlie Angus Profile
2022-12-01 10:05 [p.10257]
moved for leave to introduce Bill C-309, An Act to amend the Bankruptcy and Insolvency Act and the Companies' Creditors Arrangement Act (public institutions).
He said: Mr. Speaker, I am certain anyone who read the Ontario auditor general's report on the financial disaster at Laurentian University understands the importance of protecting public institutions from ever being exploited through the bankruptcy protection act.
What happened at Laurentian was a debacle. We now know that this was not an accident. The administration and lawyers deliberately chose bankruptcy protection. In doing so, they trashed the careers of numerous academics, destroyed programs that took years to build up, and damaged the career trajectory of over 1,000 students. It will take years to restore the confidence there once was.
We need to ensure that the bankruptcy protection act is never used against institutions that receive public funding, whether it is hospitals, universities or health care centres. This cannot be a tactic used by right-wing governments at the provincial level to undermine public investment in key institutions, like what happened at Laurentian University.
View Tom Kmiec Profile
CPC (AB)
View Tom Kmiec Profile
2022-12-01 10:06 [p.10257]
Mr. Speaker, I have a petition to table on behalf of my constituents. They are asking for the Minister of Finance to suspend the federal excise tax and carbon tax for Canadians until the cost of living crisis has been resolved. They are reminding the government that we are currently at triple the Bank of Canada's targeted 2% inflation rate, and it is destroying their ability to purchase groceries and fuel and pay for home heating. They are asking for this tax to be axed.
View Rachel Blaney Profile
NDP (BC)
Mr. Speaker, I am here to present a petition on behalf of many constituents in my riding of North Island—Powell River who are very concerned about the foam from marine infrastructure and its increasing pollution of Canadian beaches.
Expanded polystyrene, commonly known as styrofoam, in the marine environment is very hazardous. They are concerned that it will cause significant harm to marine life, seafood resources and ecosystems. It is incredibly difficult to clean this debris from the shores. As members know, it breaks up into very small pieces, enters the system and is very hard to get out. The petitioners are calling for action to prohibit the use of expanded polystyrene in the marine environment.
View Gord Johns Profile
NDP (BC)
View Gord Johns Profile
2022-12-01 10:08 [p.10258]
Mr. Speaker, it is an honour to table this petition on behalf of constituents from my riding of Courtenay—Alberni. The petitioners are calling on the Government of Canada to enact just transition legislation that reduces emissions by at least 60% below 2005 levels by 2030, to make significant contributions to emissions reductions in countries in the global south, and to create new public economic institutions that expand public ownership of services and utilities across the economy to implement this transition; that create good, green jobs, driving inclusive workforce development led by and including affected workers in communities and ensuring decent low-carbon work for all workers; that protect and strengthen human rights and workers' rights; that respect indigenous rights, sovereignty and knowledge by including them in the creation and implemention of this legislation; and that pay for the transition by increasing taxes on the wealthiest corporations and financing through a public national bank.
View Bonita Zarrillo Profile
NDP (BC)
View Bonita Zarrillo Profile
2022-12-01 10:09 [p.10258]
Mr. Speaker, as we head into December 3, the International Day of Persons with Disabilities, I find myself again in the House advocating for the reduction of poverty among persons who live with disabilities.
Today I am tabling a petition on behalf of the constituents of Port Moody—Coquitlam, Anmore and Belcarra, to ask the government to finally lift people with disabilities out of poverty. Over a million people in Canada with disabilities live in poverty, and that needs to end. The petitioners are asking the government to end the current practice of legislated poverty of Canadians living with disabilities and establish a federal disability benefit that upholds human rights, the Convention on the Rights of Persons with Disabilities and sustainable development goal number one: no poverty under the Canada disability benefit act. I close by saying that this is possible immediately.
View Mike Morrice Profile
GP (ON)
View Mike Morrice Profile
2022-12-01 10:10 [p.10258]
Mr. Speaker, I am proud this morning to rise on behalf of over 2,000 petitioners who recognize that housing affordability and homelessness are twin national crises. They note that private corporations and real estate investment trusts are rapidly buying up affordable units across the country and raising rents, and that this financialization of the housing market is inflating real estate prices. They are calling on the Government of Canada to implement a suite of eight different measures that would address this root cause of the housing crisis that we are in, including creating regulations for real estate investment trusts, putting in place a national standard for rent control and providing funding for non-profit and co-op housing.
View Churence Rogers Profile
Lib. (NL)
Mr. Speaker, I want to present this petition on behalf of single seniors in Bonavista—Burin—Trinity and across the country. They are asking for an adjustment to Canada's tax laws that would allow them the same opportunities and advantages as senior couples. Many opportunities in the tax laws, such as splitting income, for example, give senior couples a major advantage over single seniors. The petitioners are asking for fairness in the tax system.
View Arnold Viersen Profile
CPC (AB)
View Arnold Viersen Profile
2022-12-01 10:12 [p.10258]
Mr. Speaker, the first petition I am presenting is from Canadians from across the country who are concerned about the Liberal Party of Canada's promise in their last election platform to revoke the charitable status of pro-life organizations, such as pregnancy care centres, which counsel women and save countless lives every year.
Revoking the charitable status of pro-life organizations is the first step to the politicization of charitable status in Canada. This would mean that churches, summer camps and other great organizations, like the Mustard Seed in Calgary, may have their charitable status put at risk. Therefore, the folks who have signed this petition are calling on the Government of Canada and this Parliament to protect the charitable status of pro-life organizations and to ensure that charitable status is not politicized.
View Arnold Viersen Profile
CPC (AB)
View Arnold Viersen Profile
2022-12-01 10:16 [p.10258]
Mr. Speaker, the next petition I have to present is from Canadians from across Canada. They are concerned about the fact that Canada is the only G6 nation that prohibits the use of a health and safety device.
Given the highly damaging noise levels that come from firearm use, these folks are calling on the Government of Canada to allow these sound moderators. These are universally recognized health and safety devices that are criminally prohibited in Canada. The petitioners would note that sound moderators reduce noise pollution near shooting ranges in rural and farming communities and in areas used for recreational activities. The use of sound moderators facilitate increased humane husbandry of game animals, livestock and pets that are hunting companions. The hearing damage that does happen from these firearms is significant for many and is a public health issue costing Canadian taxpayers millions of dollars annually.
The petitioners are calling on the Government of Canada to empower Canadians to be responsible for their own health and safety by removing the prohibition on sound moderators here in Canada, and allowing the legal acquisition and possession of sound moderators in Canada. They call on the provinces and territories to amend provincial and territorial prohibitions as well.
View Arnold Viersen Profile
CPC (AB)
View Arnold Viersen Profile
2022-12-01 10:16 [p.10259]
Mr. Speaker, the next petition I have to present comes from Canadians from across the country who are still concerned about the imposition of COVID-19 mandates.
They continue to talk about the restrictions that they have at the border. They are calling on the Government of Canada to work with the United States to increase cross-border travel. They are also calling on the Prime Minister to quit politicizing the use of vaccines and insulting Canadians who disagree with him. They are also calling on the government to protect the sacred duty of the Government of Canada to guard against discrimination and guarantee the freedoms of all Canadians.
Therefore, the folks who have signed this petition are calling on the Government of Canada to immediately end all vaccine mandates for truckers and travellers, and they call for a complete and total end, not just a suspension, of these mandates.
View Arnold Viersen Profile
CPC (AB)
View Arnold Viersen Profile
2022-12-01 10:16 [p.10259]
Mr. Speaker, the final petition I have to present today is from Canadians from across the country who are concerned about the recent announcements around changes to the chaplaincy service in the Canadian Armed Forces.
Folks note that there have been reports of slander even in the mainstream Canadian media against religious communities. The folks who have signed these petitions are calling on the Canadian Armed Forces to reject the recommendations in the final report of the Minister of National Defence's advisory panel, and they are calling on the Canadian government to affirm the rights of all Canadians, including Canadians in the armed forces, to chaplaincy and to freedom of religion.
View Garnett Genuis Profile
CPC (AB)
Mr. Speaker, it is a pleasure to rise today. I have a number of petitions to present to the House.
The first petition comes from Canadians living with disabilities who have a number of asks regarding policies within the ambit of the federal government and Parliament that relate to Canadians with disabilities.
The petitioners note that inflation has increased the cost of living and is having the greatest impact on Canadians with fixed incomes, including Canadians living with disabilities. They note disturbing reports of people accessing euthanasia in Canada due to a lack of access to care and support. They also note that Canada's leading disability advocacy organizations had warned that Bill C-7 would threaten the lives and security of Canadians living with disabilities and that a choice to access euthanasia can never be truly free if those who suffer do not have access to the support they require.
The petitioners urge the House of Commons to pass Bill C-22, ensuring that the new Canada disability benefit is accessible to all Canadians who live with disabilities and does not take away existing benefits. They also ask for us to repeal Bill C-7 so that Canadians who live with disabilities are not coerced into accepting euthanasia because they do not have access to adequate support.
View Garnett Genuis Profile
CPC (AB)
Mr. Speaker, the next petition is about Bill C-11, a bill currently before the Senate. The government has now admitted that it is seeking to give itself the power to regulate social media algorithms. The petitioners are opposed to that bill. They call on the Government of Canada to respect Canadians' fundamental right to freedom of expression and call on the government to prevent Internet censorship in Canada.
View Garnett Genuis Profile
CPC (AB)
Mr. Speaker, the next petition I am tabling deals with the case of the ongoing arbitrary detention in China of Huseyin Celil, a Canadian citizen of Uighur origin. Mr. Celil is a Canadian Uighur rights activist. He was originally detained in Uzbekistan for supporting the political and religious rights of Uighurs and was then illegally rendered to China. The Chinese government continues to deny his Canadian citizenship.
The petitioners note that they were pleased to see the release of the two Michaels, and they want to see the government as actively engaged on the case for Huseyin Celil as it was on those two previous cases.
The petitioners ask the Government of Canada to demand that the Chinese government recognize Mr. Celil's Canadian citizenship and provide him with consular and legal services in accordance with international law; to formally state that the release of Mr. Celil from Chinese detainment and his return to Canada is a priority of equal concern as the release of Michael Kovrig and Michael Spavor from unjust detention; to appoint a special envoy to work on securing Mr. Celil's release; and to seek the assistance of the Biden administration and other allies around the world in obtaining Mr. Celil's release, as done with the two Michaels.
View Garnett Genuis Profile
CPC (AB)
Mr. Speaker, the next petition deals with a proposal in the Liberals' 2021 election platform to politicize charitable status and make charitable status determinations not on the basis of the work that organizations do but on the basis of what their convictions happen to be with respect to the pro-life question. The proposal to exclude organizations with pro-life convictions from accessing charitable status could put at risk the charitable status of worthy organizations such as hospitals, houses of worship, schools, homeless shelters and other charitable organizations that happen not to agree with the Liberals on that particular issue.
The petitioners note that the imposition of a values test associated with charitable status, similar to the one imposed on the Canada summer jobs program, would effectively involve meting out charitable status on the basis of the political or private religious convictions of different organizations, which goes against the core principles of the Charter of Rights.
The petitioners therefore call on the House of Commons to protect and preserve the application of charitable status rules on a politically and ideologically neutral basis, without discrimination on the basis of those opinions and without the imposition of another values test. They also ask us to affirm the right of all Canadians to freedom of expression.
View Garnett Genuis Profile
CPC (AB)
Mr. Speaker, I would like to table a petition in support of Bill S-223, a bill that would make it a criminal offence for a person to go abroad and receive an organ taken without consent. This bill also has a provision whereby someone could be deemed inadmissible to Canada if they are involved in forced organ harvesting and trafficking.
This bill has been before Parliament in various forms for the last 15 years, and the petitioners call on the Parliament of Canada to move quickly on this proposed legislation to support it. They are hopeful that this Parliament will be the one that finally gets it passed into law.
View Anthony Rota Profile
Lib. (ON)
I am afraid the member only has 20 seconds left. That is not enough to go through another petition, so we will stop here. I am sure the hon. member will have his petition ready for tomorrow, or the next time we have petitions. We look forward to it.
The hon. parliamentary secretary to the government House leader.
View Kevin Lamoureux Profile
Lib. (MB)
View Kevin Lamoureux Profile
2022-12-01 10:21 [p.10260]
Mr. Speaker, I ask that all questions be allowed to stand.
View Anthony Rota Profile
Lib. (ON)
Is that agreed?
Some hon. members: Agreed.
View Anthony Rota Profile
Lib. (ON)
I am now ready to rule on the point of order raised on October 4, 2022, by the parliamentary secretary to the government House leader regarding Bill C-285, an act to amend the Canadian Human Rights Act, the Canada Labour Code and the Employment Insurance Act.
In my statement of September 26, 2022, concerning Private Members’ Business, I expressed concern about Bill C-285, which stands in the name of the member for Niagara West. At the time, I encouraged members who wished to present their views on the need for the bill to be accompanied by a royal recommendation to do so.
When he rose in the House, the parliamentary secretary to the government House leader explained that Bill C-285 would provide an exception for claimants to receive employment insurance benefits if they lose their job for the sole reason that they made certain decisions about their health. In his view, this amendment to the act would therefore authorize employment insurance benefits in a manner and for purposes not currently permitted by the act.
As noted in House of Commons Procedure and Practice, third edition, on page 838, “Without a royal recommendation, a bill that either increases the amount of an appropriation or extends its objects, purposes, conditions and qualifications is inadmissible on the grounds that it infringes on the Crown’s financial initiative.”
Clause 7 of the bill adds section 35.1 to the Employment Insurance Act. It creates an exemption to the grounds for disqualifying or disentitling a claimant from receiving employment insurance benefits that are listed in sections 30 to 33 of the act by providing that no claimant is disqualified or disentitled from receiving benefits if they lost their employment for the sole reason that they made certain decisions about their health.
The Chair is of the view that the bill imposes a new charge on the public treasury and infringes on the financial prerogative of the Crown. As a result, the Chair finds that the bill must be accompanied by a royal recommendation if it is to receive a final vote in the House at third reading.
For now, the next time the House takes up the bill, it will begin debate on the second reading motion, and this motion can be put to a vote at the conclusion of that debate.
I thank the members for their attention.
View Marco Mendicino Profile
Lib. (ON)
moved that Bill C-26, An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts, be read the second time and referred to a committee.
He said: Mr. Speaker, it is an honour to help kick off second reading debate of Bill C-26, an act respecting cybersecurity. I know this chamber has been anxiously awaiting the chance to advance discourse on this important legislation.
I will begin by saying that cybersecurity is national security. We need to make sure that our defences meet all of the challenges that are reflected today, and we need to make sure that both the public sector and the private sector are able to better protect themselves against malicious cyber-activity, including cyber-attacks. It is about defending Canada and the critical infrastructure we rely on, and we know that this will not be the last we hear of this issue.
What we decide now in the cybersecurity realm will help us form a launching pad for the way forward, because we know that our actions in the cybersphere are always a work in progress. We know that meeting the moment means that our actions must continually, effectively and safely provide a foundation for the way Canadians thrive in the 21st century.
Being online and connected is essential to all Canadians. Now, more than ever, Canadians rely on the Internet for their daily lives. It is about more than just conducting business and paying bills. It is also about staying in touch and connected with loved one from coast to coast to coast and indeed around the world. Our critical infrastructure is becoming increasingly interconnected, interdependent and integrated with cyber systems, particularly with the emergency of new technologies such as 5G, which will operate at significantly higher speeds and will provide greater versatility, capability and complexity than previous generations.
These technologies certainly create significant economic benefits and opportunities, but they also bring with them new security vulnerabilities that some may be tempted to prey on.
The COVID-19 pandemic showed how important it is for Canadians to have secure and reliable connectivity. The government is determined to boost security for Canada's cyberfuture.
We also know about the inherent threats to our safety and security. Cyber-threats remain a significant national and economic security issue that can threaten that safety. The Canadian centre for cybersecurity's “National Cyber Threat Assessment 2023-2024” found this:
State-sponsored and financially motivated cyber threat activity is increasingly likely to affect Canadians....
Cybercriminals exploit critical infrastructure because downtime can be harmful to their industrial processes and the customers they serve. State-sponsored actors target critical infrastructure to collect information through espionage, to pre-position in case of future hostilities, and as a form of power projection and intimidation.
These activities will not cease. Malicious actors could take advantage of increased connectivity to trigger malicious events that could also potentially have severe effects on our public safety and national security.
Large corporations and critical infrastructure providers are targeted by actors probing for vulnerabilities and opportunities for penetration, theft and ransomware attacks.
Like its allies, Canada has made efforts to address these vulnerabilities and to ensure the security of Canadians and Canadian businesses.
Canada has long recognized the importance of securing our cyber systems. In 2013, Canada established a collaborative risk mitigation framework, the Communications Security Establishment's security review program. This program has helped to mitigate risks stemming from designated equipment and services under consideration for use in Canadian 3G, 4G and LTE telecommunications networks.
Furthermore, consultations with Canadians in 2016 informed the 2018 national cybersecurity strategy. This strategy established a framework to guide the Government of Canada in helping to protect citizens and businesses from cyber-threats and to take advantage of the economic opportunities afforded by digital technology.
In 2019, the government paid $144.9 million to develop a framework for the protection of critical cyber systems.
In 2021, the government completed its interdepartmental review of 5G telecommunications security. The findings included a recommendation to work with the industry on moving forward with the current risk mitigation framework for the products and services intended for Canadian telecommunications networks.
All this work done over many years to address these known problems and to improve Canada's cybersecurity posture, including with 5G technology, brings us to the bill before us today.
The objectives of Bill C-26 are twofold. One, it proposes to amend the Telecommunications Act to add security, expressly as a policy objective. This would bring the telecommunications sector in line with other critical infrastructure sectors.
The changes to the legislation would authorize the Governor in Council and the Minister of Innovation, Science and Industry to establish and implement, after consulting with the stakeholders, the policy statement entitled “Securing Canada’s Telecommunications System”, which I announced on May19, 2022, together with my colleague, the Minister of Innovation, Science and Industry.
As we announced at the time, the intent is to prohibit the use of products and services by two high-risk suppliers and their affiliates. This would allow the government, when necessary, to prohibit Canadian telecommunications service providers from using products or services from high-risk suppliers, meaning these risks would not be passed on to users. It would allow the government to take security-related measures, much like other federal regulators do in their respective critical infrastructure sectors.
The second part of Bill C-26 introduces the new critical cyber systems protection act, or CCSPA. This new act would require designated operators in the federally regulated sectors of finance, telecommunications, energy and transportation to protect their critical cyber systems. To this end, designated operators would be obligated to establish a cybersecurity program, mitigate supply chain third party services or product risks, report cybersecurity incidents to the cyber centre and, finally, implement cybersecurity directions.
It would include the ability to take action on other vulnerabilities, such as human error or storms that can cause a risk of outages to these critical services. Once implemented, it would support organizations' abilities to prevent and recover from a wide range of malicious cyber-activities, including cyber-attacks, electronic espionage and ransomware.
The rollout of 5G technology in Canada is well under way. This technology will allow Canadians to move more data faster. It will bring benefits for Canadians and our economy, but with these benefits comes increased risk. Canada's updated framework, established in part 1, aligns with actions taken by our Five Eyes partners, particularly in the United Kingdom. I will add that I recently met with our counterparts in Washington, D.C., not too long ago.
It would allow Canada to take action against threats to the security of our telecommunications sector if necessary. Legislative measures would provide the government with a clear and explicit legal authority to prohibit Canadian telecommunications service providers from using products and services from high-risk suppliers, such as Huawei and ZTE, if required and after consultation.
Once these amendments receive royal assent, the government will be in a position to apply these new order-making powers to the Telecommunications Act.
The CCSPA established in part 2 is also consistent with critical infrastructure cybersecurity legislation established by our Five Eyes partners and would provide a consistent cross-sectoral approach to cybersecurity for Canadian critical infrastructure.
Designated operators would be required to protect their critical cyber systems through the establishment of a cybersecurity program and to mitigate any cybersecurity risks associated with supply chain or third party products and services.
Cyber-incidents involve a certain threshold that would be required to be reported, and legislation would give the government a new tool to compel action, if necessary, in response to cybersecurity threats or vulnerabilities. Both parts 1 and 2 of Bill C-26 are required to ensure the cybersecurity of Canada's federally regulated critical infrastructure and, in turn, protect Canadians and Canadian businesses.
Overall, Bill C-26 demonstrates the government's commitment to increasing the cybersecurity baseline across Canada and to help ensure the national security and public safety of all Canadians.
Cybersecurity is also essential in the context of our economic recovery after the COVID‑19 pandemic. In our increasingly connected world, we must implement the measures required to guarantee the security of our data and ensure that data is not exploited by actors, state-sponsored or not, who constantly seek to exploit our systems.
Recovery from cybersecurity incidents is both costly and time-consuming. Accordingly, when it comes to improving cybersecurity, the interests of government and private industry are aligned. Nevertheless, an administrative monetary penalty scheme and offence provisions would be established within both parts of the bill to promote compliance with orders and regulations, where necessary.
All of the actions I highlighted today form a key part of our ongoing commitment to invest in cybersecurity, including to protect Canadians from cybercrime and to help defend critical private sector systems. Like our allies, Canada has been working to address these vulnerabilities to keep Canadians and Canadian businesses safe. However, we have to be sure that we are ready for the threats that lie on the landscape.
For example, unlike laws governing other critical infrastructure sectors, the Telecommunications Act does not include any official legislative authority to advance the security of Canada's telecommunications system. Despite the existence of multiple programs and platforms enabling public and private collaboration in the telecommunications sector, participation is voluntary.
In addition, across Canada's highly interconnected and interdependent critical infrastructure sectors, there are varying levels of cybersecurity preparedness and no requirement to share information on cyber-incidents currently. Moreover, the government has no legal mechanism to compel action to protect these systems at this time. These are important gaps that the legislation introduced today seeks to address. That is why the government is establishing a strong and modern cybersecurity framework to keep pace with the evolving threats in our environment.
In short, the legislation would form the foundation for securing Canada's critical infrastructure against fast-evolving cyber-threats while spurring growth and innovation to support our economy. Cyber systems are understandably complex and increasingly interdependent with other critical infrastructure. This means the consequences of security breaches are far-reaching. It is also the reason that a consistent, cross-sectoral approach to cybersecurity is built into this legislation.
Bill C-21, which we have tabled and are now debating, would protect Canadians and the cyber systems they depend on well into the future. Significantly, this legislation can serve as a model for provinces, territories and municipalities to help secure critical infrastructure outside of federal jurisdiction. It is an essential addition to Canada's already robust arsenal, which is there to protect us and our economy against cyber-threats. It would allow us to continue taking even stronger action against threats to the security of our telecommunications sector and ensure Canada remains secure, competitive and connected.
I encourage all members to join me in supporting this landmark cybersecurity legislation, Bill C-26, today.
View Raquel Dancho Profile
CPC (MB)
View Raquel Dancho Profile
2022-12-01 10:39 [p.10263]
Mr. Speaker, I thank the Minister of Public Safety for his speech.
I have a question about the impact of this bill on Crown corporations that are considered to be critical infrastructure companies. What impact will this bill have on Crown corporations?
What are the impacts of this bill on provincial Crown corporations?
I am referring to Hydro-Québec and Manitoba Hydro, for example. What impact will this bill have on Crown corporations?
View Marco Mendicino Profile
Lib. (ON)
Mr. Speaker, I would like to thank my colleague for her very important question.
The goal of Bill C-21 is to build a bridge, a collaborative effort between the government, critical infrastructure sectors and the private sector. We developed an approach that includes excellent lines of communication in order to effectively identify the cyber-threats to critical infrastructure that might jeopardize national security and the economy.
In answer to my colleague’s question, we will work with all federal regulators to create a system to protect all critical infrastructure sectors against all cyber-threats.
View Simon-Pierre Savard-Tremblay Profile
BQ (QC)
Mr. Speaker, I think we are happy to see the government finally tackle the issue of cybersecurity. I am not necessarily saying that it is too little, too late, but I can say that we have waited a long time. We applaud the idea of forcing Internet providers to adopt better practices, and to that we say kudos. We all agree on that.
However, why does the federal government always have to react rather than be proactive?
We have been talking about 5G and Huawei for years. Hydro-Québec has been fending off daily computer attacks for years. We have known for years that China has been gaining power and interfering more and more. In short, we have known for years that Canada is extremely vulnerable in terms of cybersecurity.
How is it that, in this postnational system, everything always happens reactively, not proactively?
View Marco Mendicino Profile
Lib. (ON)
Mr. Speaker, with all due respect for my colleague, I would like to point out that the government is always vigilant when it comes to any type of threat, including cyber-threats.
For example, in 2018, we created the national cyber security strategy. That is what I was talking about in my speech. The pillars of this strategy, which is used to respond to all risks, include resilient security systems, an innovative cyber ecosystem and Canadian leadership here and around the world.
We have taken concrete action to protect against the risks posed by certain actors that are not aligned with Canadian interests. We are now prepared to take the next step by introducing this bill to better protect our critical infrastructure. This excellent and effective measure will be implemented in collaboration with all federal regulators and the private sector.
View Daniel Blaikie Profile
NDP (MB)
View Daniel Blaikie Profile
2022-12-01 10:43 [p.10263]
Mr. Speaker, folks would find that it is pretty easy to get agreement here on the idea that there is more to do in respect of cybersecurity. Where some of us may part ways is on the extent to which the government, while increasing its power to act, has not built into the bill corresponding checks and balances on its authority. Indeed, many of the orders it would give itself the power to issue under this act are secret orders. It has exempted itself from some of the normal reporting requirements.
I want to test the minister today on his openness to amending the bill at committee to ensure that there are appropriate checks and balances commensurate with the new and quite wide-ranging powers the government is proposing to grant itself in Bill C-26.
View Marco Mendicino Profile
Lib. (ON)
Mr. Speaker, I look forward to collaborating with the hon. member and other parliamentarians on the debate of this important bill, including at committee stage. Without question, whenever the government takes decisive action to meet the threats posed in the realm of cybersecurity, there does need to be corresponding transparency and an articulation of the reasons we are taking that action.
He is quite right to underline that there would be new authorities contained in this bill. However, those new authorities we would propose to create are in direct response to the gaps that currently exist, as I outlined in my speech. We need to do both in lockstep: address the gaps posed on the landscape of national security in the context of cybersecurity but also be transparent about that.
I point out that there are independent bodies, for example NSICOP and NSIRA, so that where the government is taking steps that implicate national security, there can be accountability. This is the way we can achieve both objectives. It would ensure the confidence of all Canadians that this is an appropriate measure to seize the opportunities there, as well as to manage the risks manifested in our landscape.
View Kevin Lamoureux Profile
Lib. (MB)
View Kevin Lamoureux Profile
2022-12-01 10:46 [p.10264]
Mr. Speaker, I wonder if the minister can provide additional comments on the importance of the Five Eyes nations, the countries we work closely with, and give a different perspective on what he believes and why he believes it is important that we walk in step with those Five Eyes nations.
View Marco Mendicino Profile
Lib. (ON)
Mr. Speaker, this question allows me to highlight how Canada is co-operating with like-minded democracies around the world, both in the context of the Five Eyes relationship as well as the G7. I had a chance to meet with both counterparts very recently, one in Washington, D.C., and then, about two weeks ago, in Germany. It is without doubt that all the democracies within these multilateral forums are thinking very hard about how to manage threats in cyber, including ransomware, including the spread of disinformation and including the efforts of hostile actors to engage in cyber-espionage and the like.
The way we are advancing that collaboration is through information and intelligence sharing as much as possible, so that we can push back against efforts to attack our economies and to attack Canadian interests, etc.
Even as we present Bill C-26 for debate, to take decisive action here at home domestically by addressing the current gaps within our cyber-realm, we are also collaborating very robustly with partners around the world who are like-minded in managing these threats.
View Alex Ruff Profile
CPC (ON)
View Alex Ruff Profile
2022-12-01 10:47 [p.10264]
Mr. Speaker, I just have a couple of quick points.
First, I would correct the minister. He referred to it as Bill C-21 a couple of times earlier in his speech. I think that maybe it is on his mind. He knows that there are great changes that need to be made or scrapped out of that bill.
As for the references he talked about in his speech, to Huawei and 5G, obviously the government finally decided to ban Huawei from our 5G network just in May.
Why did it take the government so long? It was tabled here. A motion was passed in the House a year and a half prior to its making that decision.
I am just interested to know why it took the government so long to make such a critical national security decision.
View Marco Mendicino Profile
Lib. (ON)
Mr. Speaker, I embrace the urgency of my hon. colleague's question. I also want to thank him for the legislative title correction. Obviously, I am managing a number of priorities, as he well knows.
There is no dispute that we need to advance this debate and to do so thoughtfully and deliberately and urgently. As he will know, we took very decisive action against the risks posed by Huawei and ZTE as they relate to 5G, 4G and 3G networks, and we are going to continue to be vigilant about them.
If he shares that sense of urgency in moving forward, he really ought to study the bill along with his colleagues in the Conservative Party and support it.
At the end of the day, this bill would address those gaps and potential vulnerabilities so that we can manage the risks and, at the same time, leverage the innovative opportunities that lie in wait when it comes to technology.
View Raquel Dancho Profile
CPC (MB)
View Raquel Dancho Profile
2022-12-01 10:49 [p.10264]
Mr. Speaker, it is an honour to speak today in the House about Bill C-26, an act respecting cyber security, amending the Telecommunications Act and making other consequential amendments.
This is a critical bill, and I am very happy to see the debate being undertaken today in the House. I do know that cybersecurity is important to the Minister of Public Safety, so I will give him credit for bringing this bill forward. It should be something that is important to all government ministers of every level of government. It is very important that we are having this debate today.
I was provided a briefing from cybersecurity experts from the minister's department just under a year ago. It was very informative about the risk Canada faces in terms of cybersecurity. Just to speak simply, I asked them what would be, in the worst case scenario, sort of a Pearl Harbor moment for Canada. They responded that it would be a cybersecurity attack on our electrical infrastructure or our pipeline infrastructure in the middle of winter. If there were a cyber-attack or a ransomware attack on the infrastructure that keeps Canadians warm in the middle of winter, that would be absolutely devastating, specifically in our coldest provinces, regions and territories in Canada.
Just to give Canadians an idea of the gravity of what we are talking about today and how important it is, not only that we bring forward cybersecurity legislation that builds capacity, but also that it be done right. There was a series of questions before my remarks that outlined a number of the issues in this bill.
I will just outline a number of recent cybersecurity attacks in Canada and also in the United States of late. We know that the Canada Revenue Agency was attacked in August 2020, impacting nearly 13,000 Canadians who were victims of that. There was also a hospital in Newfoundland, in October 2020, where the cybersecurity hackers stole personal information from health care employees and patients in all four health regions, as well as social insurance numbers belonging to over 2,500 patients. Very deeply personal and private data from these hospitals was stolen by cybersecurity hackers.
Global Affairs also most recently was attacked in January 2022, right around the time that Russia engaged in the illegal invasion of Ukraine. It was reported that it may have been Russian, or Russian state-sponsored, actors who were responsible for the cyber-attack on Global Affairs.
That was a very serious attack on another government department. The government is certainly not immune to these types of cybersecurity attacks.
Most famously, I would say, there was a ransomware attack on critical infrastructure in the United States back in May 2021. Pipeline infrastructure was attacked. President Biden issued a state of emergency. Seventeen states issued these states of emergency. It was very serious, and it just shows the capabilities of some of these cyber-threat actors, and the threat they pose to Canadians in their everyday lives and to Canada as a whole, as well as the threat to our allies.
This bill is coming forward in light of the government announcing most recently, in the past year, that it would ban Huawei from our 5G infrastructure. Conservatives and the House of Commons, in fact, have been calling on the government to do that for quite for some time. This legislation would help enable the practical implications of that ban. Again, it is certainly a very long time coming. Had this been done years ago, it would have saved our telecommunications and thereby the everyday users of our telecommunications companies, a lot of pain and a lot of money. I am concerned about the financial impact, although this is critical, that waiting so long to bring it forward would have on everyday Canadians and their cellphone bills, just as an example.
I am the vice-chair of the public safety and national security committee. I championed a study we are undertaking, which is in the process of being finalized right now, of Canada's security posture in relation to Russian aggression. A large part of that study was about cybersecurity. The experts we brought in repeatedly sounded the alarm that cybersecurity is of the utmost importance. It is something that the Government of Canada, the private sector, provincial governments and, frankly, municipal governments must take extremely seriously. It is rapidly evolving. I am going to give some quotes from a few of the experts to the lay the stage of what we are facing as Canadians.
Professor Robert Huebert of the University of Calgary said:
With regard to other cyber threats, we also know the Russians have shown an increasing capability of being able to interfere in various electronic systems and cyber systems of other states. We've seen this with their ability to influence the Ukrainian electrical system prior to the onset of the war in 2014.
This is the other war it engaged in over the last number of years. He also said that we are seeing this in other locations across the globe.
He went on to state:
Once again, it's hard to know exactly how well-defended [Canada has] become in being able to harden that part of cyberwarfare. There's no question, whatsoever, that the attention the Russians and the Chinese are giving this is increasing....
He compared that to the reports we are hearing from our American and British friends and allies who are saying the Chinese and Russians are extremely active on the issue of cybersecurity and involving state-sponsored actors launching attacks against countries like Canada and the United States.
We also had a woman named Jennifer Quaid, who is the executive director of the Canadian Cyber Threat Exchange, which is a private company that supports various companies to help boost their cybersecurity. She talked a lot about cybercriminals. This is an important piece. Even the minister talked about this as well.
First and foremost, she flagged that the Minister of National Defence of the current government said, “Cyber security is one of the most serious economic and national security challenges we face.” Therefore, it is quite a serious issue we are talking about today.
Ms. Quaid went on to say, “cyber-threats are becoming more sophisticated and are increasingly pervasive. Driven by the growth and global adoption of innovative technologies, cybercrime pays.”
She meant that cyber-threat actors can be grouped roughly into two categories, nation states conducting espionage and statecraft through the Internet, and criminals engaging in cybercrime for financial gain.
She went on to say, “It's this criminal element that has commercialized cybercrime”, meaning that cybercriminals and cybercrime have now become a thriving industry. She pointed out that the barriers to entry, the technical expertise needed to be a hacker, so to speak, is increasingly low. She said that several countries now are allowing cybercriminal groups to operate within their borders.
She also named something called a “hacktivist”, an activist hacker, of all things. We may have someone, in the name of social justice, hacking into a fossil fuel company, for example. Imagine if that happened in Canada in the middle of winter to our gas pipeline infrastructure. It would be devastating and deadly, so we have to keep an eye out for hacktivists, as she said.
She also pointed out that 25% of organizations in Canada have reported a cyber-breach. One in four. That is pretty significant. She said that the small and medium-sized enterprises that make up 98% of our economy are also being impacted. Almost 100% of our economy is being attacked in some form or another.
This is really important when we think of big banks and big, wealthy corporations that have pretty good cybersecurity infrastructure and have the money to do so. What feeds them is third party suppliers that may provide the various components or various mechanisms to undertake their important parts of the industry that company is engaged in. They are also at risk. Therefore, if a lower third-party provider of a major telecom is attacked, for example, that may seriously impact the ability of that telecom to deliver its services adequately to Canadians.
She mentioned that 44% of SMEs, small and medium-sized enterprises, do not have any defence. Almost half of our small and medium-sized enterprises, which dominate our economy, do not have any sort of defence and are not even thinking about cybersecurity. That is why today's discussion and this bill are important to be debated and have experts weigh in.
I will also quote Dr. Ken Barker, who is a professor at the Institute for Security, Privacy and Information Assurance at the University of Calgary. He talked a lot about the impact of cybersecurity on critical infrastructure. He mentioned that, in general, it is very vulnerable because it is built on legacy systems that, in essence, predate the Internet. As our legacy systems are getting online, this creates, as he explained, some gaps that hackers can take advantage of, which again puts our critical infrastructure at risk. That came up over and over at committee. He pointed out that our large private companies and our banks are investing a lot in cybersecurity, but again, as he and Ms. Quaid pointed out, it is their SMEs that are the most vulnerable.
I will conclude my quotations here with Caroline Xavier, who is the director of the Communications Security Establishment, which falls under the Department of National Defence. It is the part of government responsible for cybersecurity. Therefore, that she is the head of government cybersecurity is a simple way to look at it.
She said, “cybercrime is the most prevalent and most pervasive threat to Canadians and Canadian businesses. Cybercriminals trying to probe Canadian systems have been found in Russia, Iran and China, among others. [They] use various techniques such as ransomware”. They are specifically focusing on our critical infrastructure, and they certainly pose, as she said, “the greatest strategic threat to Canada.”
The bill before us would do a number of things. It is quite a large bill, so I will not go into every detail of what it would do, but in essence there are two parts. One would amend our existing Telecommunications Act. Of particular importance, it would give very broad and sweeping powers to the minister of industry to do a number of things. What has been criticized by a number of organizations is a specific part of the bill, which is in the summary, that says it would allow the minister and the Governor in Council to “direct telecommunications service providers to do anything, or refrain from doing anything”.
Those are very broad powers to be given to one minister, so that should immediately put up red flags for all of us. No one should have such vast sweeping powers over our telecoms. Again, I have built the case that we need better cybersecurity, but there is a big question mark here of whether we are giving too much power to one minister, one person, in all of Canada.
The bill also has a whole financial issue involved in it. To do anything, as it said, could have massive financial implications. Big companies such as Telus may be able to afford that, but our small telecoms may not be able to so much. It might bankrupt them. That is not great news, and there would be no financial component, in terms of compensation, for any of these losses, so there is a big question mark there as well.
Also, something of importance I find quite concerning is the way the bill is structured would result in a significant exchange of a lot of information from telecoms to the minister, which he could pass on to various ministers and government agencies. Is that very confidential information? It is certainly the cybersecurity plans. Does that include state secrets? Is it safe that we would be asking our telecoms this?
The second part of the bill involves all critical infrastructure companies in Canada, as was outlined by the minister, including provincial and Crown corporations, and the like, so the bill would really establish the process that all of these companies would have to provide their cybersecurity plans, and there would be a very strict reporting mechanism. We are talking about days, if not a few weeks, to get together these plans and provide them to the minister. There would be annual updates required. If a big company were to change a third-party provider, it would have to, in essence, immediately report that to the minister of industry.
There is a whole host of very cumbersome reporting mechanisms, and I do believe we need some of these, but a question remains, as I have outlined earlier, and the government is not immune to being hacked by cybercriminals. I just outlined three or four incidents when that happened. The bill would take all of our critical infrastructure, and all of companies' cyber-defence plans, along with countless other pieces of personal data of Canadians and others, and we would give that to the government. An argument could be made that this is needed, but where are the protections for that? Where is the defence of government to ensure that this would not end up in the wrong hands or that information is not hacked by cyber-actors?
That is a significant threat that needs to be addressed by the minister, and I was not assured from his remarks that this is something that is front and centre in his objective through the bill.
I would also say that there is a number of civil liberty organizations that have raised serious alarm as well. There was an open letter written to the minister from the Canadian Civil Liberties Association, the Canadian Constitution Foundation, the International Civil Liberties Monitoring Group, Leadnow, Ligue des droits et libertés, OpenMedia, and the Privacy and Access Council of Canada. All of the leaders of research and discussion of our civil liberties, all such major organizations in Canada, were quite alarmed by the bill in many ways and wrote an open letter to the minister that outlined a number of things.
In essence, they said the bill would grant the government sweeping new powers, not only over vast swathes of the Canadian economy, but also in intruding on the private lives of Canadians. To sum it up, and I think they said really quite well, “with great power must come great accountability.” There is great power in the bill, but the accountability side is lacking.
Before I go on to detail some of their concerns, I do want to outline what some other countries are doing. If we look at the U.S. and the EU, they have established similar bills in the past year or so. The EU actually has greater and more significant fines in many ways, and the U.S. provides more prescriptive and strict reporting mechanisms, such as, if a U.S. critical infrastructure company has a ransomware attack, the legislation outlines the company must report it to the government within 24 hours.
That actually might be something we may want to consider for the bill. If we are going to go there, we might as well have it in line with our American allies and make it tight. I do think that a reporting mechanism is one of the most important parts of this bill.
I want to go back to the civil liberties issue. With the government's track record on Internet regulation bills, such as Bill C-11 and others, a lot of people have their backs up about their personal freedoms online and their data, rightfully so. The civil liberties associations are raising some of the concerns that have not been assuaged thus far by the government or the Minister of Public Safety.
In the open letter, they mention that this, “Opens the door to new surveillance obligations”, which is quite concerning. In their view, and this has not been proven, “Bill C-26 empowers the government to secretly order telecom providers ‘to do anything or refrain from doing anything’”, as I mentioned. They believe that, if there was an abuse of this extreme power, it could be utilized by a government with ill intent, not to say that is the Liberal government's intent, but it could be utilized to survey Canadian citizens. It is quite concerning.
They go on in that realm to outline that the powers in this bill allow the administrative industry to terminate who telecoms work for, for example. They believe that could also be applied to individual citizens. They are looking at this and thinking, if a government wanted to punish a group of people, it could call up Telus, and this is very blunt and not overly academic in the way I am explaining it, to direct Telus it cannot do business with these people, cut off their access to the Internet and cut off their cell phones.
It is an extreme worst-case scenario, but it is worth flagging that there may be a bit of a backdoor in this bill that would allow that, should an evil government ever come along that is looking to abuse the civil liberties of Canadians. I would like to see that addressed and have safeguards put in place to prevent that type of abuse, should it ever happen in an extreme circumstance.
They also talk about how it “Undermines privacy” and that there are “No guardrails to constraint abuse”. Again, I think this is an area where opposition parties, in particular, and hopefully government members on the committee, can come together to ensure that there is an ombudsman put in place or an oversight body. We need something where the rights of companies, and more importantly of citizens, are protected from the abuses I have outlined, and there are many others.
There were also a lot of concerns from the Business Council of Canada. It wrote an open letter to the minister on behalf of large companies, and also small and medium-sized enterprises. In essence, what we are seeing is the red tape is extremely high, so we are worried that will impact our small and medium enterprises.
The business community, in general, has said that it seems that this bill, to sum it up bluntly, is all stick and no carrot. It is all hard-hitting. It is going to be super hard on us, and we better comply. I can hopefully go into more details about that in the question part of this debate, but there is no incentive structure built in.
There is no incentive to have companies share best practices with each other. I think the government should be a leader in encouraging the open sharing of best practices and experiences that protect the confidentiality of companies but allow them to share information, so other companies can be better equipped, and we can all work together as one big happy, cyber-secure family.
The Conservative Party of Canada is, first and foremost, concerned about national security and ensuring the federal government takes that leadership role in ensuring that Canada, as a whole, is secure against any possible threat, every eventuality, as the Minister of National Defence likes to say.
We are seeing serious gaps in our military. We can have stronger alliances in our Five Eyes intelligence sharing and other agreements. Certainly, that involves cybersecurity. Canada is vulnerable, like many countries in the world. In fact, most countries are dealing with these problems. The Conservative Party of Canada wants to see a more robust framework to incentivize and enforce reporting mechanisms to ensure our cybersecurity is protected, and to make sure there is not a ransomware attack on our pipelines in the middle of winter, which could kill thousands of Canadians from the cold, for example.
We will be looking to support this bill in going to committee, but I want to make it very clear that, if the issues in this bill, and I have outlined a few of them concerning privacy and impacts to business, are not addressed, the Conservative Party is ready to pull its support immediately and put up a very strong defence to stop this bill from going beyond committee. I want to make that very clear to the minister and the Liberal government.
We will get this to committee to hear from experts because we believe that is important, but it must be fixed. There are serious issues that need to be addressed and amendments that need to be made. I would ask Liberal members on the committee to get to work with us, so we can make this bill what it needs to be and make it better to ensure cybersecurity is protected in Canada today and for years to come.
View Kevin Lamoureux Profile
Lib. (MB)
View Kevin Lamoureux Profile
2022-12-01 11:09 [p.10268]
Mr. Speaker, I do not think there is anyone in society who does not recognize the potential harm of cybersecurity. The issue is how do we ensure we are well positioned to address vital threats to our critical infrastructure. The member opposite says her concern is that we are giving too much power to one individual.
Does the Conservative Party have an alternative to ensure that particular issue is addressed in the form of an amendment? Does the member have any suggestions on that point?
View Raquel Dancho Profile
CPC (MB)
View Raquel Dancho Profile
2022-12-01 11:10 [p.10268]
Mr. Speaker, the member is also from Winnipeg, so he is a fellow Manitoban.
As I outlined it in my remarks, it is not just the Conservative Party. We were alerted to this by every major civil liberties organization in the country. They wrote quite an in-depth open letter with over two dozen different concerns that they had, give or take, so we are using the information we are getting from the organizations specifically tasked with protecting civil liberties and privacy and freedoms of Canadians. That is who alerted us to it.
We would like to bring them before committee to make their recommendations. They have made recommendations in open letters. Various organizations with technical expertise have also recommended various amendments to this bill. Again, I am not an expert in cybersecurity, but I do understand Canadians' need to protect their privacy. Therefore, at the committee stage, we will be bringing forward these experts to help us craft amendments. I mentioned in my remarks that perhaps there could be an ombudsman or a specific oversight committee that is built into this.
One last thing is that there is no annual reporting mechanism in this bill, where government would be responsible for tabling a report to Parliament that would outline and give Canadians an idea of what the government has been doing with this bill and what the threat assessment of Canada in the impacts of what the bill has done and what it has seen in the reporting mechanisms from companies. I would say it needs annual reports to Parliament, and we have to craft those amendments with expert witnesses' testimony at committee. I look forward to those discussions.
View Julie Vignola Profile
BQ (QC)
View Julie Vignola Profile
2022-12-01 11:11 [p.10268]
Mr. Speaker, I have so many questions.
We agree on the principle of the bill, but I do have to wonder about the precautionary principle. Since 2017, the Chinese government has required Chinese companies to hand over any information they collect to its intelligence service. Despite this, the federal government continues to award contracts to Chinese companies like Nuctech, for example.
That was a very important contract, I might add. Nuctech was being asked to install x-ray machines in embassies, precisely where our information must be protected. Information from the embassy could have easily been passed on.
My question for my colleague is this. We currently have an interesting bill before us, although it needs improvement. Should the precautionary principle not be applied more systematically, along with the recommendations made by the Standing Committee on Government Operations and Estimates in its June 2021 report?
View Raquel Dancho Profile
CPC (MB)
View Raquel Dancho Profile
2022-12-01 11:13 [p.10268]
Mr. Speaker, the member's question is quite a technical one. The member does mention China and what it has done. I am deeply concerned about Chinese state-sponsored actors who are conducting espionage and looking to steal data and very important national security information from various government departments and individual citizens. That is the reason that all of our Five Eyes allies, with Canada being last, banned Huawei from our 5G infrastructure, because of any possible back-door element.
Because, with all companies that are owned by China, there is, to put it bluntly, an ability for them to direct, for example, Huawei to take all their information. That is why Five Eyes allies, put quite simply, called on Huawei to be banned. They did that before us, and we took a very long time.
I will look more into the specifics. The member was not too familiar with what she talking about. Suffice it to say, the Conservative Party of Canada has been very clear: We need to be very clear-eyed on China, in particular when crafting this bill. It needs to be crafted in a way that offers the most defence for Canadian critical infrastructure against Chinese sponsors, state actors or others.
View Daniel Blaikie Profile
NDP (MB)
View Daniel Blaikie Profile
2022-12-01 11:14 [p.10268]
Mr. Speaker, there is a lot to think about in what the member for Kildonan—St. Paul had to say, and I agree with many things she said, including her concern about the oversharing of Canadians' personal information between government departments. I know that was a significant issue in the 41st Parliament with Bill C-51, when the government of the day introduced security legislation at that time.
I wonder if the Conservative Party today is in a mood to actually protect Canadians against the oversharing of information between government departments and if we might try to find an opportunity in the course of this bill's passage through the House to correct, as we go, some of the defects in that legislation from many years ago.
View Raquel Dancho Profile
CPC (MB)
View Raquel Dancho Profile
2022-12-01 11:15 [p.10269]
Mr. Speaker, I appreciate the question from my colleague, who is also from Winnipeg and a fellow Manitoban.
I take the member's point regarding former pieces of legislation that need work. The leader of the official opposition, the member for Carleton, has been very clear in his desire to protect data and the rights of Canadians, especially if we are looking at Bill C-11, which is the Liberal government's attempt to control and regulate the Internet, so to speak. He put forward the very first, very public and very well executed defence of Bill C-11, so I would say that the capability for data sharing between departments and between ministers, which is a large part of this bill, raises a lot of significant privacy concerns of the data of individual Canadians.
We have been very clear that our intentions with this bill and others are to protect those freedoms and that privacy of Canadians. Therefore, that will be the underlying theme of our approach, certainly to this bill during the committee process and in the days and weeks to come.
View Larry Maguire Profile
CPC (MB)
View Larry Maguire Profile
2022-12-01 11:16 [p.10269]
Mr. Speaker, I want to thank my colleague for Kildonan—St. Paul for taking part in the Manitoba debate that is going on here.
The member commented on SMEs, noting that half of them had no defence and were the most vulnerable. As with the bill I was able to get through last year on SMEs and small businesses, it is very important they have the abilities and rights to protect themselves on this as well. In response to the last question, the member also talked about transparency, which is so important.
Could the member expand on those two areas?
View Raquel Dancho Profile
CPC (MB)
View Raquel Dancho Profile
2022-12-01 11:17 [p.10269]
Mr. Speaker, I am enjoying this Manitoba debate. There are a couple of things I would say.
The government, in the last budget of 2021-22, announced about $700 million for cybersecurity. It seems that it is all going to the Communications Security Establishment, which, as I mentioned in my speech, is the government's sort of cybersecurity agency under the Minister of National Defence. It is great. We do need more resources at the government level for CSE. However, I asked the minister if any of that funding was being provided for our small and medium-sized enterprises so they could boost their cybersecurity. The minister never did get a response to my email.
Again, when we are looking at small companies, it is easy for Telus, big banks and others to afford some of these things. However, if we are looking at small telecom providers, like a small Internet provider in northern B.C., the cost to meet the red tape in the bill might put them out of business. Why not take a little of that funding the government has announced and provide it to our SMEs to help them get to the level we need them to be to protect our critical infrastructure? Perhaps we can get a bit creative and look at our tax system to see if there is some sort of capital expense tax write-off or something we can provide our SMEs to help them get there, because we really need to, as I made the case in my remarks, as I am sure others will as well.
I have not heard a response to that. The government is spending the money anyway. It is spending more money than any government in history. Why not provide a little of that to our SMEs to ensure that critical infrastructure is up to par?
View Alexis Brunelle-Duceppe Profile
BQ (QC)
View Alexis Brunelle-Duceppe Profile
2022-12-01 11:18 [p.10269]
Mr. Speaker, we are talking about cybersecurity. This means that there is a lot of foreign interference conducted through cyber-attacks.
Speaking of foreign interference, is my colleague not concerned that, in 2016, after giving a Chinese bank a business licence, the Prime Minister received $70,000 in donations to his riding of Papineau within 48 hours? Is that not interference? In 48 hours, he received donations from outside his riding, specifically from Toronto and British Columbia. Is that not evidence of foreign interference?
View Raquel Dancho Profile
CPC (MB)
View Raquel Dancho Profile
2022-12-01 11:19 [p.10269]
Mr. Speaker, I appreciate the investigative work done by the Bloc Québécois on this issue.
We are just learning about the details of this. I am very concerned about the allegations being made, as everyone should be if there is proven to be a connection and it is proven to be true. We are monitoring this quite closely.
I imagine the Parliamentary press gallery and other media sources across the country are digging into this very quickly and as closely, as they should. It is something we are closely monitoring as we learn the details of any possible payoff to the Prime Minister from the Chinese government or other actors from China.
View Kevin Lamoureux Profile
Lib. (MB)
View Kevin Lamoureux Profile
2022-12-01 11:20 [p.10269]
Mr. Speaker, an interesting debate is under way thus far on such an important issue with which we all have to come to grips. As changes in technology take place, we have to take that into consideration. I suspect that legislation dealing with privacy or cyber-attacks will be ongoing. Once the bill goes to committee, I am sure there will be a great deal of dialogue. I anticipate a great diversity of witnesses will come forward with ideas on the legislation.
I will pick up on the point I raised with the member opposite about the concern that the minister had too much power under this legislation. Often, when government brings forward legislation, opposition members bring forward concerns about how power is enhanced through the minister's office.
I have had the opportunity to briefly go through the legislation and I genuinely believe there is the right amount of balance. That is why I posed the question for the member. She suggested of reporting mechanisms, whether through an annual report or a report to a standing committee, and that has merit. I say that because I know there has been a great deal of effort in formulating this legislation. If there are ideas that would enhance or make the it that much stronger, we should be looking at that. I do believe the ministry is open to that.
When the member was quoting, I wondered where those quotes were from. She used those to amplify fears that one might be challenged to justify. For example, the member referred to an “evil government” based on quotes she had received. I am not saying it is her opinion, but she has raised it, saying this is a quote from some third-party organization and if we believe in that quote, it could lead to an evil government. We have witnessed that a great deal from the Conservative opposition on a variety of different issues, as if there is some sort of conspiracy. There is no conspiracy, contrary to what the member said, at least in one part of her speech. The government is not out to spy on Canadians.
The government takes the issue of the privacy of Canadians very seriously. We have brought forward legislation to that effect. This government has spent tens of millions of dollars on cyber threats. The government has had working groups and advisory groups dealing with cyber threats. We recognize the changes in technology and the impact they have had on society. I have said in the past that if we were to look at technological advancements, we would be challenged to find an area that has been as advanced as computer Internet technology. Just the other day, I was speaking to a private member's bill, saying that 10 or 20 years ago there were no such things as iPhones.
I note the member for Winnipeg South Centre is listening. He will recall that when we were first elected back in 1988, there was a big computer purchase of $5,000 made through Reg Alcock. We had a wonderful computer with a laser printer, which came with a keyboard and a mouse. At the time, when logging into the Internet with that wonderful and beautiful computer, the first thing we would hear was a dial tone. Then we would hear that stupid clicking sound, which meant we were actually connected to the Internet. We were all fairly impressed with that computer, and there were about 20 of us at the time.
We can compare that to where we are today. People can buy a laptop for $500 that has abilities and technological advancements more than tenfold of what we paid $5,000 for, with that long dial-up connection. In fact, people can purchase something brand new for $250 that is hooked into the Internet and running at a rapid speed. It is not even comparable to what it was.
There is so much advantage to technological change, but with that change comes risk, which is the essence of what we are debating through Bill C-26. Even though society has benefited immensely, we need to recognize there is a significant risk factor. That risk factor not only applies for the individual who might be surfing the net today, but it also applies to military operations taking place in Ukraine today.
Computers today are not optional. The Internet is not optional. They are essential services. That is why the Prime Minister, or one of the other ministers, just the other day made reference to the percentage of Canadians who were hooked up with high-speed connections and how we had literally invested billions to ensure that Canadians continued to get that access, with a special focus on rural Canada. We recognize that because it is no longer optional; it is an essential service.
The digital economy varies significantly. If we want to get a sense of this, we can turn to Hollywood and like-minded productions found on Netflix, CBC or the more traditional media outlets. We can look at some of the movies and TV shows out there. The other day I was watching an episode of a show called The Blacklist, which is all about cyber-attacks. I suspect a number of my colleagues might be familiar with that show.
One member talked about hydro. Manitoba, in fact all of Canada, should be concerned about our utilities. Through Hollywood productions, we are better able to envision the potential harm of cyber-attacks. A well focused cyber-attack can deny electricity to communities. It can shut down things that should never be shut down.
We talk about the sense of urgency. One would expect there will be mischievous lone individuals working in their basements, or wherever it might be in society, challenging systems. However, we also have state-sponsored cyber-attacks, and we should all be concerned about that.
In fact, that is why it was comforting when the minister made reference to the Five Eyes. I caught on right away that there are like-minded nations. Canada is not alone. There are like-minded nations that understand the importance of cyber-attacks and the potential damage that can be caused.
I will get back to the international side of things later, but when we think of what is at risk, think of digital data. Digital data comes in many different forms. One of the greatest collectors of data is Statistics Canada, an organization that invests a great deal in computers and technology to protect the data it collects from Canadians. Statistics Canada is actually respected around the world for its systems. It has absolutely critical data, and that data is provided to a wide spectrum of stakeholders, obviously including the national government.
Let us think of health organizations, the provinces and the collection of health records, or motor vehicle branches and passport offices. All of these government agencies have, at the very least, huge footprints in data collection.
Those are government agencies. We could also talk about our banking industries or financial industries. We can think of those industries and the information that is collected from a financial perspective when people put in an application for a loan. All of the information they have to provide to the lender, such as their history, is going into a data bank.
There is also the private sector. The other day we were talking about apps. One example is Tim Hortons. We were talking about it, as members might recall. The Tim Hortons app is fairly widely downloaded, and there is a lot of critical information within it. Canadians need to know, whether it is a government agency or private agency, that governments at all levels, in particular the national government, have their backs. That is the reason I started off by giving a very clear indication that even though Bill C-26 is before us today, we have been investing substantial financial resources through other types of legislation to provide assurances to Canadians so they know their information is in fact being protected.
There are actions on the Internet today related to our small businesses. The member opposite made reference to this and asked how the government is supporting small businesses. If a person has a small business today, chances are they are on the net. More and more consumers turn to the net for widgets and a multitude of different services.
As a result of that, there has been a great demand on small businesses. That is why we have a Minister of Small Business who looks at ways to not only provide tax relief but provide support. Sometimes it is done directly through financial measures and sometimes it is done indirectly by providing resources. However, let there be no doubt that there is support coming from the government. Whether it be a small, medium or large business, the government has a vested interest. We will do what we can. A good example of that is the individual who uses an ATM card when they make a small or large purchase at a small business.
The attacks we are talking about today can take many different forms. The digital economic side is definitely one of them, but there is also a social component to the Internet. When I think of the social component, I think about issues of privacy and of communications through, for example, social media. Again, Canadians have an expectation that the government is going to be there for them. Cyber-attacks take place in areas we all need to be concerned about. As I said, the more advanced we become, the more risk there is.
There are a lot of things that take place on the net that we need to be aware of and take action on. The exploitation of children is an example. That needs to be taken into consideration.
In the legislation, there is a very strong compliance component. As I raised, the minister would have the authority to make some things happen with our telecommunications companies and tell them to stop. I think that sort of action is necessary at times.
There is also a financial component so we can ensure a penalty is put in place as an incentive for people to abide by the legislation and the regulations, which are all there for one purpose and one purpose alone: to protect Canadians and institutions from risk. That is why we are investing in cybersecurity, ensuring respect for the privacy of Canadians and supporting responsible innovation.
We will continue to protect Canadians from cyber-threats in an increasingly digital world. This legislation is one aspect of what the government is doing to accomplish that. I believe that state-sponsored cyber-threats are one of the greatest concerns and one of the reasons we need to work with allied countries. I made reference to the Five Eyes. There are democratic, free, allied countries that recognize the potential harm of cyber-threats sponsored through governments. This legislation really sinks its teeth into that.
I hope that all members will get behind this legislation so we can ultimately see its passage to the committee stage. An official opposition member has indicated there is a great deal of interest in reviewing the legislation, the idea being to come up with ways to ultimately make the legislation better.
View Arnold Viersen Profile
CPC (AB)
View Arnold Viersen Profile
2022-12-01 11:40 [p.10271]
Mr. Speaker, I am frustrated with this bill given the fact that it does not lay out a lot of specifics. It states that there is a problem, and I think we all agree with that, but the government's solution to that problem is to hand the minister a lot of power so the minister can do amazing things. Is the member not concerned that the bill does not have the details we need to prevent some of the very things he was talking about?
I think about Ski-Doos and Bombardier, which is an iconic Canadian company. It has been the victim of one of these targeted cyber-attacks. I do not think there is anything in the bill that would have prevented that or held the people who perpetrated it to account.
View Kevin Lamoureux Profile
Lib. (MB)
View Kevin Lamoureux Profile
2022-12-01 11:41 [p.10271]
Mr. Speaker, I do not necessarily know the details of the case the member has referenced, but what I can say is that even the Conservative critic acknowledged that certain aspects of the legislation would ensure there are financial penalties and opportunities for the minister to virtually stop an action from taking place. Am I concerned that there is overreach? I do not personally believe there is, but I think there is some merit in having that discussion at the committee stage.
I posed a question to the member: If the concern is that there is too much power for the minister, what would the Conservatives do differently? I recognize the fact that in a cyber-attack, often it is necessary to take fairly strong action in an immediate fashion. I think all members recognize that fact. The issue is whether there is something the Conservatives would like to see to provide an additional sense of security.
View Simon-Pierre Savard-Tremblay Profile
BQ (QC)
Mr. Speaker, I thank our colleague for his speech, which was a real voyage of discovery. One moment we were in Hollywood, and the next we were at Tim Hortons.
I will do him one better. I will take us on a journey across the Pacific all the way from China to the riding of Papineau. I worry about interference, as does our colleague, I am sure, because he supports a cybersecurity bill to reduce digital vulnerability.
Is my colleague concerned about the fact that, within the same time period, the federal Liberal association for the Prime Minister's riding of Papineau received donations from China and a Chinese bank got permission to set up shop in Canada?
I have a second question. Does the member believe in chance and coincidence?
View Kevin Lamoureux Profile
Lib. (MB)
View Kevin Lamoureux Profile
2022-12-01 11:43 [p.10272]
Mr. Speaker, I think Bloc members are hanging around the Conservatives too much. It is usually the Conservatives who go under all the rocks and have conspiracy theories.
I, for one, see the legislation for what it is. It is an attempt by the government to ensure that we can effectively deal with the threat of cyber-activities, whether they are state-sponsored or from individuals. That is a very strong positive and is absolutely not unique, as other countries around the world are doing likewise in bringing forward legislation of this nature.
In terms of the member's conspiracy theory, I will leave that for another member on another day.
View Gord Johns Profile
NDP (BC)
View Gord Johns Profile
2022-12-01 11:44 [p.10272]
Mr. Speaker, I think we all agree that Canada is ill-prepared to deal with cybersecurity threats. I am comforted to hear that we are all on the same page. However, we are falling far behind other similar jurisdictions, such as France and the U.K. Their ability to intercept and respond to cybersecurity threats is much more enhanced to protect their countries.
Again, we are glad to see this moving forward, but I am a bit concerned about the government granting ministers so much broad power, especially the Minister of Public Safety and the Minister of Industry. I just want an assurance for Canadians that these powers would not be applied unjustly to them. Also, would the member and his party be willing to work with the NDP to bring forward amendments at committee to make sure there are protections for everyday Canadians?
View Kevin Lamoureux Profile
Lib. (MB)
View Kevin Lamoureux Profile
2022-12-01 11:45 [p.10272]
Mr. Speaker, I suspect there would be a great deal of will to continue working with the New Democrats in the House in a minority situation. The NDP has taken a very responsible approach to dealing with the government-sponsored legislation. Where there are changes that make sense, I suspect the ministry would be open to how we could address concerns.
Having said that, it does not mean we are looking for NDP amendments. As it has been pointed out, whether it is the official opposition or the Bloc, this is legislation that we brought in today at second reading. We hope it will pass at some point so it can go to committee stage, where I expect there will be a great deal of interest from coast to coast to coast on this legislation.
I look forward to the contributions of others and their ideas and thoughts going into it, like the member for Kildonan—St. Paul had regarding an annual report that comes from the minister and how that might be incorporated into the legislation. The sooner we can make the ministry aware of some of those ideas, the better it is.
Ultimately, it will go to committee, and there will be representatives from the minister's office there. It will be a wonderful opportunity to get the feedback we are all looking for. If there are chances to make it a healthier and stronger legislation, I am sure the government would act on that.
View Chris d'Entremont Profile
CPC (NS)
View Chris d'Entremont Profile
2022-12-01 11:47 [p.10272]
The hon. member for Saint‑Hyacinthe—Bagot on a point of order.
View Simon-Pierre Savard-Tremblay Profile
BQ (QC)
Mr. Speaker, that is twice now that my colleague has accused me of subscribing to conspiracy theories. With all due respect, I would ask that he withdraw his remarks.
View Chris d'Entremont Profile
CPC (NS)
View Chris d'Entremont Profile
2022-12-01 11:47 [p.10272]
I understand the member for Saint‑Hyacinthe—Bagot's request.
The hon. parliamentary secretary.
View Kevin Lamoureux Profile
Lib. (MB)
View Kevin Lamoureux Profile
2022-12-01 11:47 [p.10272]
Mr. Speaker, I will withdraw the comment.
View Élisabeth Brière Profile
Lib. (QC)
View Élisabeth Brière Profile
2022-12-01 11:48 [p.10272]
Mr. Speaker, 85% of Canada's critical infrastructure is owned by the private sector, provinces and non-governmental agencies.
Does my colleague think Bill C-26 will help standardize cybersecurity practices to better protect systems and services pertinent to Canada's cybersecurity?
View Kevin Lamoureux Profile
Lib. (MB)
View Kevin Lamoureux Profile
2022-12-01 11:48 [p.10272]
Mr. Speaker, as the member highlights, when we talk about infrastructure, the whole digital economy and what government does, it would be negligent not to recognize the significance of the private sector and how the private sector feeds into it. In fact, it is a major player of 80% plus. That is why, when we talk about the government's role, ensuring that the national infrastructure is safeguarded against cyber-threats is of the utmost importance. That is the essence of the legislation, along with ensuring that Canadians', business's and governments' interests are well served.
View Larry Maguire Profile
CPC (MB)
View Larry Maguire Profile
2022-12-01 11:49 [p.10272]
Mr. Speaker, in regard to my colleague from Kildonan—St. Paul's speech, she talked about how the government has brought this bill forward with a lot of sticks in it and no carrots. I am looking for incentives that would improve it.
Is the government open to amendments on this particular bill? If so, what would be its theme to bring forward some issues to improve the bill's transparency?
View Kevin Lamoureux Profile
Lib. (MB)
View Kevin Lamoureux Profile
2022-12-01 11:50 [p.10272]
Mr. Speaker, I have made reference to the idea, and I hope it will be discussed at committee stage in terms of a reporting mechanism. I get the sense, based on questions for both me and the minister, that there is some concern related to that. We will have to wait and see if that comes forward through committee.
At the end of the day, I think it would be nice to see the legislation pass at some point, where the committee is given the opportunity to provide its recommendations and thoughts on the legislation.
View Daniel Blaikie Profile
NDP (MB)
View Daniel Blaikie Profile
2022-12-01 11:51 [p.10273]
Mr. Speaker, before I begin my remarks, I request that you seek unanimous consent for me to split my time with the member for Windsor West.
View Chris d'Entremont Profile
CPC (NS)
View Chris d'Entremont Profile
2022-12-01 11:51 [p.10273]
Is there agreement for the member to split his time?
Some hon. members: Agreed.
The Deputy Speaker: The hon. member for Elmwood—Transcona.
View Daniel Blaikie Profile
NDP (MB)
View Daniel Blaikie Profile
2022-12-01 11:51 [p.10273]
Mr. Speaker, with thanks to the chamber, I am pleased to rise today to speak to Bill C-26.
Cybersecurity is a topic that is very much on the minds of many Canadians. It is something that many of us have had experience with in our personal lives, or we know somebody who has. Certainly, as MPs, we hear from folks who have fallen prey to various kinds of cyber-attacks online. We know it is a burgeoning criminal industry to take advantage of people online, grab their information and impersonate their identities. Canadians deserve to be protected from this kind of crime.
We also heard about the impact that cybersecurity attacks have had on our commercial industries. One of the examples that stands out in my mind of particular concern was the 2017 cyber-attack on Equifax, where the personal and financial information of thousands of Canadians was obtained illegally. It is an obvious concern for folks when they find out that a company they trusted with their personal information has been subject to this kind of attack.
We also know that our government has not been immune from these kinds of attacks. Hospitals and Global Affairs Canada have been the object of successful cyber-attacks. Earlier this fall, the House of Commons had a cyber-attack. MPs were warned about changing their email passwords for fear of information in their work accounts being exposed to outside eyes and ears that would find out what was going on in those accounts.
There is no question that it is a real issue. There is also no question, when we talk to experts on the file, that Canada is a laggard in respect to cybersecurity. There have been many debates in this place about the role of Huawei, for instance, in our 5G infrastructure. The government did finally take a decision on Huawei, I think the right decision, although late in the game with respect to our other Five Eyes allies. The idea with this legislation is that the government needs more legal authority in order to implement that decision. Of course, there are a number of ways it can do that.
The bill, as it stands, is not ready to go, but New Democrats are happy to send it to committee where we can hear from experts and try to improve it. When I say it is not ready to go, in my view, it is that for as long as it took for the government to reach a decision on Huawei, it clearly was not doing any work alongside its deliberations on Huawei to prepare for banning it. This legislation would largely give a broad, sweeping power to the Minister of Industry to decide later what exactly the government will have to do in order to ban Huawei and respond to other kinds of cyber-threats.
There is not a lot of detail in the legislation, and that is something we have seen from the government on other fronts. We have seen it on unrelated items, like the Canada disability benefit. It drafted a bill that had no content on the program. The attitude is “trust us and we will get it right later”. However, we also see a litany of problems with the way the government manages its business, whether we go all the way back to the SNC-Lavalin affair and the question of deferred prosecution agreements or other ethical issues that have come up in the context of this government.
I think Canadians are right to have a certain distrust of the government. The answer lies in mechanisms that impose accountability on the government, and those are very clearly absent from this legislation. In fact, not only are they absent from the legislation but the government also very explicitly exempts itself from some of the current types of accountability that do exist.
For instance, it exempts itself from the Statutory Instruments Act, which would make it possible for the parliamentary regulations committee to review orders that the minister may issue under the new authority granted to him in this act.
Therefore, not only would there be no new accountability measures commensurate with the new powers the government would be giving itself, but it would also be exempting itself from some of the accountability mechanisms already there. The government is also explicitly letting Canadians know its intention in the legislation to give itself the legal authority to keep those orders secret. Therefore, we have to contemplate the idea that there will be a whole branch of secret orders and laws that govern the telecommunications industry that Canadians will not know about, and the telecommunications companies may not have an adequate awareness of them.
Where I would like to go with this is to talk a bit more broadly about the Internet and about privacy rights on the Internet. When the new Canada-U.S.-Mexico trade agreement was signed, there was a number of provisions in that agreement that went too far in shoring up the rights of companies to keep their algorithms secret, for instance. There are other kinds of IP protections, or protections that are sold as IP but really mean that it is harder to get a transparent accounting of how companies operate on the Internet and of the artificial intelligence they use to navigate the Internet.
There is a way of dealing with the Internet that prioritizes secrecy for commercial purposes, but that same secrecy also breeds more opportunity for malignant actors on the web to go about their business and not have to worry they will have to expose what it is they are doing. Whereas, if we look to the European Union as another model, for privacy and conducting business on the Internet, there are a lot more robust protections there for the private information of consumers on the Internet, and there are a lot more reporting requirements for actors on the Internet.
The problem with the bill as it is written here is that it would be trying to fight secrecy with secrecy. When firefighters show up to a house that is on fire, they do not usually show up with a flamethrower. They show up with something else that can fight the fire instead of accelerating it.
I do not think Canadians, who are concerned about malignant actors on the Internet and the ways that they are able to exploit the dark corners of the Internet and the back doors of software, also think that the way to fight that is to let the government do it in secret without any reporting. Canadians are not thinking that, with less information available about actors within the digital space or government actions against cybersecurity threats, they are better off if they do not know what the actors on the Internet are doing, and they do not know what the government is doing about it.
The problem with the bill as written is that it would double down on the approach that we saw in CUSMA. It was about privacy for actors on the Internet and privacy for the government in how it deals with it. Instead, it could take a more open-source approach to say that the way forward on the Internet has to be that digital actors have to be upfront about the kind of business they are conducting on the Internet, the ways they do it and the algorithms they use. Governments, likewise, could then be pretty transparent about how they would deal with people who were non-compliant or who were breaking the rules.
New Democrats are concerned to see, along those broad lines, an approach to the Internet that says transparency and accountability, both for private actors and for public actors, is the way forward. Digital consumers deserve to have this information at their fingertips, so they understand what people are going to be doing with the information they enter on their computer, whether that is to purchase a book, get a loan or whatever kind of business they are doing on the Internet. They should have more rights to know how that information is handled, and the role of the government in keeping that information secure, rather than being told not to worry about it, because commercial interests have their best interest at heart, the government has their best interest at heart, and they do not need to know what is going on.
That is why the bill should go to committee, to be sure, because Canada does need its government to have the authority to implement the decision on Huawei and to do better in respect of cybersecurity. There is a lot of good work for committee members to do there, and a lot of amendments that ought to be made to the bill in order for it to pass in subsequent readings.
View Arnold Viersen Profile
CPC (AB)
View Arnold Viersen Profile
2022-12-01 12:01 [p.10274]
Mr. Speaker, I share a number of the hon. member's concerns, but I want to ask him about some of the major threats we have seen in cybersecurity. I am frustrated because the government has a lot of the tools already at its disposal to go after people who are threatening our cybersecurity. We have seen the shutdown of pipelines and major companies across this country. Rogers Communications was shut down.
Is the member not at all concerned about the lack of ability of law enforcement to chase down the bad actors that are pursuing some of this stuff?
View Daniel Blaikie Profile
NDP (MB)
View Daniel Blaikie Profile
2022-12-01 12:02 [p.10274]
Mr. Speaker, there are only so many things that can be fixed with legislation. Legislation is a necessary component of the solution, but it is not sufficient on its own. We see that in many areas. Despite the fact that we have made good laws in this place against certain kinds of crime, nevertheless, those kinds of crimes persist, so of course enforcement is an important part of that question and requires the attention of and resources from government. When those resources are not made available, it matters very little the kinds of laws we pass in this place, because the other necessary component is on the enforcement side.
I share the member's concern for proper enforcement of the laws we pass in this place.
View Xavier Barsalou-Duval Profile
BQ (QC)
Mr. Speaker, we are talking about Bill C‑26, which deals with national security, and discussions about national security inevitably include the issue of interference from elsewhere, from other countries. Security threats can be internal as well as external.
With respect to external threats, there is a lot of talk right now about the possibility that China interfered in our elections. Earlier, some of our colleagues mentioned that, a few years ago, the Prime Minister received nearly $70,000 in donations immediately after a bank that offers services specifically to Chinese Canadians set up shop in Canada. The donations, which were mostly from people with Chinese names, were made on the same day and within hours of the bank being authorized to open.
Does my colleague find that strange? Is he concerned that there might have been some kind of interference? It is hard to believe that this happened by accident and that it was all just a fluke.
View Daniel Blaikie Profile
NDP (MB)
View Daniel Blaikie Profile
2022-12-01 12:04 [p.10274]
Mr. Speaker, I thank my colleague for his question.
I think that type of coincidence is always a concern. We have mechanisms in place to launch investigations when warranted. I would encourage my colleague to submit his evidence to the authorities who could look into this, because that is the most appropriate way to ensure that the wrongdoing that the member mentioned in his comments has not taken place.
View Leah Gazan Profile
NDP (MB)
View Leah Gazan Profile
2022-12-01 12:05 [p.10274]
Mr. Speaker, my hon. colleague spoke during his intervention about the need for greater government accountability in the bill, and I am wondering if he could provide the House with an example.
View Daniel Blaikie Profile
NDP (MB)
View Daniel Blaikie Profile
2022-12-01 12:05 [p.10274]
Mr. Speaker, at the very least there has to be some kind of accounting for and public disclosure of the number of orders the government is making under these new powers. That is just one example, a very minimum reporting threshold.
The idea that any number of these orders could be made and Canadians would not even know they have been made or how many have been made is not acceptable. There has to be some reporting of the extent to which these powers are used, or there will be no factual basis upon which to evaluate whether the powers have been appropriate or adequate, or whether they need to change in the future.
View Brian Masse Profile
NDP (ON)
View Brian Masse Profile
2022-12-01 12:06 [p.10275]
Mr. Speaker, I am please to speak today to Bill C-26, an act respecting cybersecurity, amending the Telecommunications Act and making consequential amendments to other acts.
It is really important to acknowledge that we are severely behind with regard to our protections in this matter. I am going to quote from myself, from when I once engaged the government and asked them this. “I am very concerned that we are not doing enough in Canada to protect the digital privacy of Canadians and am calling on the government to develop stronger frameworks and guidelines to improve cyber security in Canada. These are critical issues that must be addressed”. They must be addressed for the benefit of Canada, as our economy and commerce are currently under threat, as is our personal privacy.
When did I do that? That was in 2016. From 2016 to today, with the digital changes we have had, is a lifetime of change.
I got a response from the government at that time, basically saying it would refer matters and let them play themselves out in court.
One of the most famous cases that came forward at the time involved the University of Calgary, which had reportedly paid $20,000 in compensation to a group of organizations we do not know to protect the breach they had.
What has taken place over several different cases and also in our current laws has shown that it is okay to pay out crime and it is okay to pay out these types of requests for extortion and not even refer that matter back to the people whose privacy has been breached. We do not even have to report it as a crime to law enforcement agencies. It is very disturbing, to say the least. Getting this legislation is something, but it is still a long way off.
As New Democrats, we recognize very much that there needs to be balance in this. This is why I also wrote at that time to the then privacy commissioner of Canada, Jennifer Stoddart, about the cyber-attacks and data breaches.
There is concern about the amount of data and one's rights and one's protections and the knowledge one should have as an individual in a democracy. I do not think it is a conspiracy theory to have those kinds of concerns.
I would point to a simple famous case. As New Democrats are well aware, and I think other Canadians are as well, our number one Canadian champion of health care, Tommy Douglas, was spied upon by his own RCMP at that same time. That was in relation to bringing in Medicare. This is very well documented. We still do not have all the records. We still do not have all the information, and it is a very famous case.
Bringing in our number one treasured jewel, health care, led to a case where our own system was spying on an elected representative who was actually declared Canada's greatest Canadian by the public. We do not want to forget about those things because, when we are introducing laws like this, there is a real concern about one's ability to protect oneself and one's privacy, as well as the expansive conditions that are going to change, often with regard to personal privacy.
What also took place after that was that I was very pleased, in 2020, to put a motion forward at the House of Commons industry committee, where we studied, for the first time in Canadian history, fraud calls in Canada.
There are a lot of cyber-attacks through this type of operating system, and we need to remind ourselves that using this type of system, being our Internet service providers and the telecoms sector, is something that is done by giving up the public infrastructure and a regulated system of industry.
We have built a beast, in many ways, that has a low degree of accountability, and we are finally getting some of that restored. There are also some new programs coming in, like STIR/SHAKEN and other types of reporting that is required.
I want to point out that since we have done that, we have another report that will be tabled, or at least a letter. We have not decided yet, and there is still work going on, but we have had a couple more meetings in the industry committee about it and we have really heard lots of testimony that showed that there is more work that can and should be done.
A good example from the previous report that we did was recommendation number five, which went through sharing information between the RCMP and the CRTC. We have not seen the government act on it.
It is important to note that with this bill there has been a lot of talk about the types of things we can do internationally, as well. One of the things I would point out that I have been very vocal on, because I have had Ukrainian interns in my office for a number of years, is that we could use a lot of our leverage in terms of cybersecurity and training to help them to deal with the Russian hacking and other nefarious international players. That would not only help Ukraine right now in the war with Russia. It would also help with the other activity that comes out of this subsequently, which would help the world economies by having trained, solid professionals who are able to use their expertise and battle this with regard to the current state of affairs and also the future. This would be helpful, not only for the Ukrainian population but also for the European Union, Canada, North America and others, who will continue to battle more complex artificial intelligence and other cyber-attacks that take place.
One of the things I want to note is that in the bill, a proposed new section 15.2 of the act would give the Minister of Industry and the Minister of Public Safety the authority to make several types of orders. It relates to guiding TSPs to stop providing services if necessary. This is a strong power that we are pleased to see in this type of legislation.
What we are really concerned about, as the member for Elmwood—Transcona noted, is that there is no general oversight of the type that we would normally see on other types of legislation. Scrutiny of regulations was the one referred to. For those who are not familiar with the back halls and dark corners of Parliament, there is a committee that I was one of the vice-chairs of at one point in time. The scrutiny of regulations committee oversees all legislation passed in the House of Commons and ensures that the bureaucratic and governmental arms, including that of ministers, whatever political colour they will be of at that time, follow through with the laws of the legislation that is passed. Making this bill not have to go through that type of a process is wrong. I would actually say it is reckless, because the committee has to do a lot of work just to get regulatory things followed on a regular basis. It can be quite a long period, but there is that check and balance that takes place, and it is a joint Senate and House of Commons committee. It is unfortunate that the legislation tries to leave that out.
The legislation also does not have the requirement to gazette information in terms of making it public for the different types of institutions. That is an issue, and it also has a lot of holes when it comes to information that can be withheld and shared.
Why is that important with regard to confidence in the bill? It all comes down to the fact that many of the institutions at risk of being targeted involve not only the private sector, where we have seen not only abuse of customers themselves, or businesses with lax policies that do not protect privacy very well, but also others that have used abusive techniques and processes. Even right now, it is amazing when we think about the information in the process that is going on in the United States. The U.S. Senate is going to oversee the issue with regard to Taylor Swift tickets and Ticketmaster again. That is another one that has had a nefarious past with regard to privacy, information and how it runs its business. People can go back to look at that one, with Live Nation and so forth. At any rate, the U.S. is also involved in this.
I raised those things because it also comes from the soft things like that, which are very serious with respect to credit cards and to people's personal information that is shared. However, across the world and in Canada we also have municipal infrastructure and government institutions that are constantly under attack. That is very important, because it is not just the external elements with regard to consumer protection and business losses, which are quite significant and into the billions of dollars. It is also everything from water treatment facilities to health care facilities in terms of hospitals and utilities for power and hydro. All those elements can be used as targets to undermine a civilian population as well, and one of the things we would like to see is more accountability when it comes to those elements. There is definitely more to do.
One of the things I do not quite understand, and which I am pleased to see the government at least bring to committee, is what we could do to educate the population.
Our first intervention on this bill as New Democrats was several years ago, and it is sad that it is just coming to fruition now.
View Marilyn Gladu Profile
CPC (ON)
View Marilyn Gladu Profile
2022-12-01 12:16 [p.10276]
Madam Speaker, I am a little concerned with some of the elements in Bill C-26 that seem overly broad. They give the government powers to secretly order providers to do things or refrain from doing things, without any transparency. Does the member share my concern?
View Brian Masse Profile
NDP (ON)
View Brian Masse Profile
2022-12-01 12:16 [p.10276]
Madam Speaker, I do. For us to get fully engaged in this, we want full accountability, clarity and a playbook so everybody understands the rules. We want to deal with some of the stuff and provide some leverage for law enforcement and investigations to take place, but there has to be a set of rules and that needs to be backstopped by parliamentary oversight. Where it stands right now, it is not backstopped by parliamentary oversight.
View Kevin Lamoureux Profile
Lib. (MB)
View Kevin Lamoureux Profile
2022-12-01 12:17 [p.10276]
Madam Speaker, I would like to follow up on that question. When the minister is called upon to instruct a provider to take a specific action, that would often be required because something has happened in the environment. If the minister does not have that authority, then the opposition might be somewhat critical of the minister not taking action.
I wonder if the member feels that it is necessary in the legislation, or does he believe we should have it, but we need to amend it in some fashion to ensure it is not abused. Is that what I am hearing from the member?
View Brian Masse Profile
NDP (ON)
View Brian Masse Profile
2022-12-01 12:18 [p.10276]
Madam Speaker, absolutely, but if we are going to give some flexibility in power for the minister to act, it has to be responsibly met with oversight, and that has to be heavy oversight. That will provide the confidence.
That is why I wrote to the Privacy Commissioner right after I challenged the government back in 2016 to act on this. We have seen how long it has taken for it to act on this now, so we need to have that confidence. It is a two-way street. If we have the confidence of privacy and protection for people, with oversight, then I think people will be more willing to accept that there could be some changes with respect to how investigations take place.
View Mike Morrice Profile
GP (ON)
View Mike Morrice Profile
2022-12-01 12:19 [p.10276]
Madam Speaker, a group of organizations, including the Canadian Civil Liberties Association, OpenMedia and Leadnow, have written an open letter calling for improvements to Bill C-26. One of the items they call out is that secrecy undermines accountability and due process.
The member for Windsor West spoke a bit about this in his speech. Could he share more about the suggested improvements that would ensure better public reporting as part of Bill C-26?
View Brian Masse Profile
NDP (ON)
View Brian Masse Profile
2022-12-01 12:19 [p.10277]
Madam Speaker, I have a book that we use for privacy protection and it is available to everybody. It was written by Kevin Cosgrove. It is a playbook for people on how to protect themselves and their families from a whole bunch of different issues, whether it be WiFi, online banking, shopping, social media, a whole series of things. The reason I use that as a specific example is that a ton of education has to be done. That has to be done for this bill as well. There needs to be a defined playbook of accountability, like going to the Standing Joint Committee for the Scrutiny of Regulations and ensuring there is oversight for the minister. All those things have to be really enhanced to build the confidence so we all buy into this.
View Bonita Zarrillo Profile
NDP (BC)
View Bonita Zarrillo Profile
2022-12-01 12:20 [p.10277]
Madam Speaker, I want to thank the member for Windsor West for all his hard work on this. Definitely, when it comes to protecting Canadians, he is the right person to do it.
I wonder if he would expand on clause 15.2 with respect to no general oversight and what the risk is to Canadians if that is not in place.
View Brian Masse Profile
NDP (ON)
View Brian Masse Profile
2022-12-01 12:20 [p.10277]
Madam Speaker, It has been fun to work with my colleague on some of these issues. We need a lot of public education related to this going forward.
That section again is just too weak. It provides too many holes. There should be a way to get back to a process of ensuring the minister is held to account. That is one of the things where we are looking to expand powers, but, again, we really need a lot more public education with respect to cybersecurity.
I know it is one of those issues that when we hear it, our eyes fog up, or they roll back in our heads and we think it is just too complicated for us, that there is always something happening, but we really need to engage Canadians on this. That includes engaging the government to ensure it understands that it has to teach residents about the bill and its repercussions as it goes forward.
View Julie Dzerowicz Profile
Lib. (ON)
View Julie Dzerowicz Profile
2022-12-01 12:21 [p.10277]
Madam Speaker, I will be sharing my time with the hon. member for Vaughan—Woodbridge.
It is a true privilege for me to add my voice to the debate on Bill C-26, an act respecting cybersecurity, on behalf of the residents of my riding of Davenport, many of whom have written to me through the years about their concern around cybersecurity and the need for additional protections at all levels of government.
This bill represents the latest step in the government's constant work to ensure our systems, rules and regulations are strong and as up-to-date as possible. That is especially important when dealing with a topic as fluid and rapidly evolving as cyber-technology. We have known for quite some time we would need to be constantly vigilant on this issue.
In 2013, the government established the security review program operated by the Communications Security Establishment. In 2016, we conducted public consultations on cybersecurity. In 2018, we released the national cybersecurity strategy. In 2019, we allocated $144.9 million through budget 2019 to develop a critical cyber systems framework. In 2021, we completed an interdepartmental 5G security examination, which recommended an updated security framework to safeguard Canada's telecommunications system.
A cornerstone of the updated framework is an evolution of the security review program. It would allow for continued engagement with Canadian telecommunications service providers and equipment suppliers to ensure the security of Canadian telecommunications networks, including 5G. As a result of this multi-year work, to address these identified concerns and improve Canada's cybersecurity posture, including in 5G technology, we introduced Bill C-26.
The bill is intended to promote cybersecurity across four federally regulated critical infrastructure sectors: finance, telecommunications, energy and transportation.
Bill C-26 consists of two very distinct parts. Part 1 introduces amendments to the Telecommunications Act that would add security as a policy objective and create a framework that would allow the federal government to take measures to secure the telecommunications system. Part 2 introduces the critical cyber systems protection act, which would create a regulatory regime requiring designated operators in the finance, telecommunications, energy and transportation sectors to protect their critical cyber systems.
As I mentioned, 5G has the potential to be a transformative technology for Canadians. It promises to bring lightning-fast Internet speeds that are unlike anything we have experienced so far. The benefits of instant and real-time connectivity will be immediate and far-reaching for Canadians and Canadian businesses.
The COVID-19 global pandemic has underlined the importance of this connectivity, whether it is for virtual classrooms, work from home or keeping in touch with loved ones, but we need to be absolutely sure this technology is safe and secure as the technology is rolled out in Canada.
Canada already has a system in place to mitigate cybersecurity risks in our existing 3G and 4G LTE wireless telecommunications network. Since 2013, the Communications Security Establishment's security review program has helped mitigate risks stemming from designated equipment and services under consideration for use in Canadian 3G, 4G LTE telecommunications networks from cyber-threats.
Like previous generations, 5G technology will have new risks and vulnerabilities that will need to be addressed so Canadians can realize its full potential. 5G is considered more sensitive than 4G because it will be deeply integrated into Canada's critical infrastructure and economy, and will connect many more devices through a complex architecture. The deep integration, greater interconnection and complexity increase both the likelihood and potential impact of threats. That is why an examination of emerging 5G technology and the associated security and economic considerations continues to be very important.
The technical agencies of the Government of Canada, within the Department of Innovation, Science and Economic Development, and the safety and security agencies that fall within the Public Safety portfolio, Global Affairs Canada, National Defence and others, are all involved in the federal government's efforts to develop a made-in-Canada approach to ensuring the secure rollout of 5G wireless technology. Moving this bill forward will further that vital work.
In the meantime, our world-class national security and intelligence agencies continue to protect our country from a wide range of threats. As we know, those threats include a growing number of targeted attacks from state and non-state actors, including cybercriminals.
Canada's two main national security organizations, CSIS and CSE, which is short for Communications Security Establishment, are working tirelessly to mitigate these threats.
CSIS provides analysis to assist the federal government in understanding cyber-threats and the intentions and capabilities of cyber actors operating in Canada and abroad who pose a threat to our security. This intelligence helps the government to improve its overall situational awareness, better identify cyber vulnerabilities, prevent cyber espionage or other cyber-threat activity and take action to secure critical infrastructure.
For its part, the CSE is always monitoring for threats that may be directed against Canada and Canadians. The CSE is home to the Canadian centre for cybersecurity, which was established as a flagship initiative of the 2018 national cybersecurity strategy. With the cyber centre, Canadians have a clear and trusted place to turn to for cybersecurity issues. It is Canada's authority on technical and operational cybersecurity issues, a single, unified source of expert advice, guidance, services and support for the federal government, critical infrastructure for owners and operations, the private sector and the Canadian public. It helps to protect and defend Canada's valuable cyber assets and works side by side with the private and public sectors to solve Canada's most complex cyber issues.
For example, the cyber centre has partnered with the Canadian Internet Registration Authority on the CIRA Canadian Shield. The shield is a free protected DNS service that prevents users from connecting to malicious websites that might infect their devices or steal personal information. With the passage of the National Security Act in 2019, Canada's national security and intelligence laws have been modernized and enhanced.
As a result, CSIS and the Communications Security Establishment now have authorities they need to address emerging national security threats, while ensuring that the charter rights of Canadians are protected.
These updates are in line with CSIS's mandate of collecting and analyzing threat-related information concerning the security of Canada in areas including terrorism, espionage, weapons of mass destruction, cybersecurity and critical infrastructure protection.
The passage of the National Security Act also established stand-alone legislation for the CSE for the first time ever. With the Communications Security Establishment Act, the CSE retained its previous authorities and received permission to perform additional activities.
For example, the CSE is now permitted to use more advanced methods and techniques to gather intelligence from foreign targets. Under the CSE Act, CSE is mandated to degrade, disrupt, influence, respond to and interfere with the capabilities of those who aspire to exploit our systems and to take action online to defend Canadian networks and proactively stop cyber-threats before they reach our systems. It is also permitted to assist DND and the Canadian Armed Forces with cyber operations.
As Canada's national police force, the RCMP also plays a very important cybersecurity role. It leads the investigative response to suspected criminal cyber incidents, including those related to national security.
Cybercrime investigations are complex and technical in nature. They require specialized investigative skills and a coordinated effort. That is why, as part of Canada's 2018 national cybersecurity strategy and as a second flagship initiative, the RCMP has established the national cybercrime coordination centre, or NC3.
The NC3 has been up and running for over a year now. It serves all Canadian law enforcement agencies, and its staff includes RCMP officers and civilians from many backgrounds. Working with law enforcement agencies, government and private sector partners, the NC3 performs a number of roles, including coordinating cybercrime investigations in Canada.
All of this is backed up by significant new investments in the two most recent budgets. In budget 2019, we provided $144.9 million to support the protection of critical cyber systems and we later invested almost $400 million in creating the Canadian centre for cybersecurity, the national cybercrime coordination unit and increased RCMP enforcement capacity.
Whether it is nationally or internationally, I have full confidence in the abilities of all those in our national security and intelligence agencies who are working hard day and night to safeguard our cybersecurity and protect us from harm online. I am confident that Bill C-26 will go a long way to continue doing that.
View Eric Melillo Profile
CPC (ON)
View Eric Melillo Profile
2022-12-01 12:31 [p.10279]
Madam Speaker, I appreciate the comments from the government member across the way.
In the debate today, a number of concerns have been brought forward around some of the ministerial powers included in Bill C-26, as well as the lack of accountability mechanisms. I think we have heard from all parties about the desire to bring forward amendments and improvements at the committee stage.
Does the member opposite have a willingness to work with members of the House to ensure that we improve this bill and make sure it achieves the results it intends to?
View Julie Dzerowicz Profile
Lib. (ON)
View Julie Dzerowicz Profile
2022-12-01 12:32 [p.10279]
Madam Speaker, I think our Minister of Public Safety was very clear this morning. Without question, every time the government takes additional, decisive action and puts additional measures in place, there has to be corresponding transparency and accountability. We absolutely need to make sure there is enough of that in Bill C-26 so we have the confidence not only of the House but of Canadians with regard to having the proper accountability and transparency in place.
View Louise Chabot Profile
BQ (QC)
View Louise Chabot Profile
2022-12-01 12:33 [p.10279]
Madam Speaker, I thank my colleague for her speech.
This bill still raises some serious concerns. The Bloc Québécois is prepared to support it so that we can examine and improve it in committee.
In 2021, in Canada alone, one in four businesses reported being the victim of a cyber-attack. We are the G7 country that has done the least in this regard. We spent $80 million over four years for research and development, which is not much. Canada is lagging behind in that department. Cyber-attacks on businesses can be sudden and unexpected, and not every business has the money to invest in cybersecurity or protection mechanisms.
What will this bill actually do to help with and improve cybersecurity?
View Julie Dzerowicz Profile
Lib. (ON)
View Julie Dzerowicz Profile
2022-12-01 12:34 [p.10279]
Madam Speaker, I want to point out that we have been providing significant investment in critical cyber systems and cybersecurity. We did this in budget 2019 by providing $144.9 million for the protection of our critical cyber systems in the areas of finance, telecommunications, energy and transport. We also invested almost $400 million in the Canadian centre for cybersecurity, in the creation of the national cybercrime coordination unit and to increase our RCMP enforcement capacity.
The hon. member did a wonderful job in asking how we are going to make sure we work with the public and private sectors. The Minister of Public Safety was very clear this morning: This legislation is about filling in the gaps and providing a bridge for all of the different actors, both in the private sector and in the public sector, so we can work together to create more resiliency against any cyber-attacks in the future.
View Gord Johns Profile
NDP (BC)
View Gord Johns Profile
2022-12-01 12:35 [p.10279]
Madam Speaker, I think we all agree that the protection of Canada's cybersecurity needs to be improved. However, as we are hearing from the opposition, there are concerns around the broad powers the minister would have through this bill and concerns about everyday Canadians possibly being surveilled by their own government.
We have not heard assurances from the government as to how it will address that to ensure Canadians do not feel they will be victims of government overreach through powers given to the minister.
View Julie Dzerowicz Profile
Lib. (ON)
View Julie Dzerowicz Profile
2022-12-01 12:35 [p.10279]
Madam Speaker, this question has come up all morning. I think it is a very big concern, not only for the opposition but for this side of the House.
We want to make sure we get this right. We must ensure that we have very strong protections against cyber-attacks and have cyber-attack resiliency in this country. We also have to be very transparent about the additional powers and how they will be used.
View Francesco Sorbara Profile
Lib. (ON)
View Francesco Sorbara Profile
2022-12-01 12:36 [p.10279]
Madam Speaker, I say good morning to all of my hon. colleagues, and I thank the hon. member for Davenport for her insightful discussion of this bill.
I am thankful for the opportunity to weigh in on Bill C-26, an act respecting cybersecurity, as we continue debate at second reading. Bill C-26 will take great strides to enhance the safety of our cyber systems and will make changes to allow for measures to be taken within our telecommunications system.
There are two parts to this act. Part 1 amends the Telecommunications Act to “promote the security of the Canadian telecommunications system” as a policy objective. An order-making power tied to that objective would be created for the Governor In Council, or GIC, and the Minister of Industry. That power could be used to compel action by Canadian telecommunications service providers if deemed necessary. With these authorities, the government would have the ability to take security-related measures, much like other federal regulators can do in their respective critical infrastructure sectors.
The bill would enable action against a range of vulnerabilities to these critical systems, including natural disasters and human error. The Department of Innovation, Science and Economic Development would exercise regulatory responsibilities, and an administrative monetary penalty scheme would be established to promote compliance with orders and regulations made by the GIC or Minister of Industry. Once amendments to the Telecommunications Act receive royal assent, GIC or ministerial orders could be issued to service providers.
Part 2 of the act would create the critical cyber systems protection act, or the CCSPA. The CCSPA would be implemented collaboratively by six departments and agencies: the departments of Public Safety; Innovation, Science and Economic Development; Transport; Natural Resources; and Finance, as well as the Communications Security Establishment. They will all play a key role. Indeed, across the Government of Canada, there is a recognition that cybersecurity is a horizontal issue, and it should be addressed through a streamlined government response across sectors, all rowing in the same direction.
Schedule 1 of the act would designate services and systems that are vital to the national security or public safety of Canadians. Currently, schedule 1 includes telecommunications service and transportation systems. It also includes, in the finance sector, banking systems and clearing and settlement systems, and, in the energy sector, interprovincial or international pipeline and power line systems and nuclear energy systems.
Schedule 2 of the act would define classes of operators of the vital services and systems identified in schedule 1, as well as the regulator responsible for those classes. Operators captured in a class are designated operators subject to the act.
In line with the responsibility to exercise leadership in matters related to national security and public safety, the Minister of Public Safety would have overall responsibility for the legislation and would lead a number of CCSPA-related processes.
Decision-making by GIC under the CCSPA would ensure that a broad range of relevant factors, including national security, economic priorities, trade, competitiveness and international agreements and commitments, are considered when making decisions that have an impact across sectors. The CCSPA would also leverage regulators' expertise and relationships with entities they already regulate under existing legislation.
The Canadian centre for cybersecurity, or the cyber centre, is responsible for technical cybersecurity advice and guidance within Canada, and that would be no different under the CCSPA. It would receive resources to provide advice, guidance and services to designated operators in order to help them protect their critical cyber systems; regulators in support of their duties and functions to monitor and assess compliance; and public safety and lead departments and their ministers, as required, to support them in exercising their powers and duties under the act.
The CCSPA would require designated operators to establish a cybersecurity program that documents how the protection and resilience of their critical cyber systems will be ensured. CSPs must be established by designated operators within 90 days of them becoming subject to the act, that is, when they fall into a class of designated operators published in schedule 2 of the act.
Once established, the CSP must be implemented and maintained by the designated operator in order to keep it up to date and responsive to changing threats and evolving technology. CSPs must include reasonable steps to identify and manage organizational cybersecurity risks, including risks associated with an operator's supply chain, and the use of third party products and services. They must also protect their critical cyber systems from compromise, detect cybersecurity incidents that affect or have the potential to affect CCS and minimize the impact of cybersecurity incidents affecting critical cyber systems.
This legislation would also help confront supply chain issues. With the increasing complexity of supply chains and increased reliance on the use of third party products and services, such as cloud-based data storage and infrastructure as a service, designated operators can be exposed to significant cybersecurity risks from those sources.
When a designated operator, through its CSP, identifies a cybersecurity risk to its CCS in relation to its supply chain or its use of third party services or products, the CCSPA would require the designated operator to take reasonable steps to mitigate those risks. Taking reasonable steps to mitigate risk is understood to mean reducing the likelihood of the risk materializing by, for example, securing a supply chain by carefully crafting contractual agreements to gain more visibility into equipment manufacturing, or by choosing another equipment supplier. It can also mean reducing the impact of a risk that materializes.
Under the CCSPA, there would also be a new obligation to report cybersecurity incidents affecting or having the potential to affect critical cyber systems to the Communications Security Establishment, for use by the cyber centre. A threshold defining this reporting obligation would be set in regulations. This would provide the government with a reliable source of information about cybersecurity threats to critical cyber systems. The availability of incident reports would enhance visibility into the overall threat for the cyber centre. Findings from the analyses of incident reports would make it possible for the centre to warn other designated operators and any operator of a cyber system of potential threats or vulnerabilities, and it would help to inform Canadians of cybersecurity risks and trends, allowing one organization's detection to become another's prevention.
The CCSPA would also create a new authority for the government. Under the act, the Governor in Council would be allowed to issue cybersecurity directions when it decides that specific measures should be taken to protect a critical cyber system from a threat or known vulnerability. Directions would apply to specific designated operators or to certain classes of designated operators. They would require those designated operators to take the measures identified and to do so within a specific time frame. Failure to comply with directions could be subject to an administrative monetary penalty or an offence that can lead to fines or imprisonment. The CCSPA would also includes safeguards to ensure that sensitive information, such as information that was obtained in confidence from Canada's international allies, is protected from disclosure.
All of this provides an overview of strong new legislation, which I hope I have adequately described in two distinct parts. I look forward to our continued debate of this landmark bill, and I encourage all colleagues to join me in supporting Bill C-26 today.
View Marilyn Gladu Profile
CPC (ON)
View Marilyn Gladu Profile
2022-12-01 12:45 [p.10281]
Madam Speaker, I certainly agree that something needs to be done about cybersecurity in this country, but I am increasingly alarmed when I see that the bills continually coming from the Liberal government say ministers would have all powers to do whatever they want. There is no transparency because there is no public record. Then they say not to worry about what the government is really going to do because the Governor in Council, which is really cabinet, will decide afterward with no parliamentary oversight what will be done.
Does the member agree that the government needs to have parliamentary oversight and at least have this subject to the scrutiny of committees?
View Francesco Sorbara Profile
Lib. (ON)
View Francesco Sorbara Profile
2022-12-01 12:45 [p.10281]
Madam Speaker, of course, fundamentally I believe in the oversight of government and ensuring that there are checks and balances.
When bills proceed to committee, obviously members within the pertinent committee should bring forth ideas to strengthen them, and that includes Bill C-26. Our main priority as MPs is to bring forth good legislation, to improve it and to protect the security of Canadians, whether it is their cybersecurity or health and safety. Bill C-26 would take us down that path.
View Julie Vignola Profile
BQ (QC)
View Julie Vignola Profile
2022-12-01 12:46 [p.10281]
Madam Speaker, clause 2 of the bill would enable the government to issue orders to force users of telecommunications services to use products or services that do not come from certain providers, including Huawei.
Does that mean that a person who has already bought a Huawei cellphone, because that is a product, will not be able to use it anymore and will have to buy a new phone much sooner than they expected?
What is more, since decisions will be made by order, does that mean that, under this bill, the government will be using orders to govern in this area instead of going through parliamentarians?
View Francesco Sorbara Profile
Lib. (ON)
View Francesco Sorbara Profile
2022-12-01 12:47 [p.10281]
Madam Speaker, I thank my colleague from Quebec for her question.
In the preliminary version of the Library of Parliament's assessment of the bill, there is a reference that the bill specifies that no one would be entitled to any compensation from the federal government for any financial losses resulting from these orders. I am not certain if these orders pertain to exactly what the member was speaking to, but I do believe so. I would have to get back to the member on that specific question, because it is a pertinent question.
View Gord Johns Profile
NDP (BC)
View Gord Johns Profile
2022-12-01 12:48 [p.10281]
Madam Speaker, we are all in agreement here. We know that Canada needs to strengthen protections when it comes to cybersecurity to protect Canadians and Canadian businesses.
One thing we are all unified on over on this side in the opposition parties is that we need to have some assurances for everyday Canadians that these sweeping powers, broad powers that are going to be given to the minister, are not going to be applied to everyday Canadians in terms of surveillance.
I know we keep hearing from Liberal colleagues that they will get it to committee and will answer these questions. However, does my colleague not agree that the minister failed in bringing forward this legislation without addressing some of these concerns at all? This is fairly substantial legislation, and the Liberals have not been able to address any of the concerns we brought forward today around these very real concerns.
View Francesco Sorbara Profile
Lib. (ON)
View Francesco Sorbara Profile
2022-12-01 12:49 [p.10281]
Madam Speaker, we must always protect the civil liberties and rights of Canadians. Any legislation brought to the House needs to pass that means test, if I can call it that.
With reference to Bill C-26, it is definitely required that we update our cybersecurity laws to reflect the ongoing changes in technology that have happened over the last number of years and the increasing use of cybersecurity, cyber-threats, increasing digitization that has been going on in the world, and the fact that Canadians are increasingly interconnected in this world.
We need to maintain checks and balances within the system and ensure that individual rights of Canadians are protected.
View Arnold Viersen Profile
CPC (AB)
View Arnold Viersen Profile
2022-12-01 12:50 [p.10282]
Madam Speaker, I will be splitting my time with the member for Sherwood Park—Fort Saskatchewan, a good friend of mine.
Today I get to address Bill C-26, and right off the top I will say that I think this is dumb legislation. Why do I say that? I say that because I do not think that it has attempted to do what it has stated it would do. Generally I find that this is another piece of legislation, probably the third or fourth that I have spoken on in this session of Parliament, where I am frustrated with the government in that it does not seem to do the hard work of governing.
Governing is a matter of balancing the interests and coming up with a statement or something that is clear. On the rule of law, we would anticipate the public and anticipate what the rules ought to be and then look at the law, read the law somewhere and say, “Oh, that is what we are supposed to be doing.”
Again, here we have a piece of legislation where there is a clear, identifiable problem. Canadians have seen a number of issues around the country and around the world where cybersecurity is under threat. Canadians are asking the government to govern, to set some parameters and guidelines as to what the expectations are around who gets to participate in cyberspace and how we ought to operate in cyberspace.
We see in this piece of legislation the classic attitude of “We're the government. We're here to help. Trust us. We got this.” We do not trust the government. Particularly, the Conservatives do not trust the government to do the things it needs to do. We have seen it try to hand out billions of dollars to its friends. I mentioned the WE scandal. We have seen it hand out money to its friends over at Baylis Medical. We have ample evidence of why we should not trust the government.
When it comes to cybersecurity, it is also an area where I do not trust the government. The government has been in power for seven years, and we have watched it drag its feet with an inability to come to a decision, for a whole host of reasons, around the Huawei situation. Was a particular company allowed to participate in the building of the infrastructure of our Internet architecture?
This is a major issue. We told the government that we don't think this Chinese Communist Party government-controlled company should be able to participate in the Canadian Internet infrastructure. We called on the government to ban the use of Huawei technology in our Internet infrastructure, yet it could not do it. It took the government years of dragging its feet, wringing its hands and doing a whole host of things. When the Liberals come forward with a bill like Bill C-26 and say to trust the minister and that they will get this right, I am sorry, but we do not trust the minister to get this right.
We have seen a number of security threats challenging our basic infrastructure. One we should really take note of, which was fairly recent, is the shutdown of a particular pipeline. We saw a dramatic spike in fuel prices across North America because the cybersecurity of a particular piece of pipeline infrastructure was not to the state that it should have been. This, again, comes to the fact around trusting the government to do its job, particularly this government.
One of the key roles of government in Canada and anywhere is the maintaining of peace and security, and we have a military, a police force and a judicial system for that. A growing area where we need to be concerned about peace and security is in cyberspace.
We should be able to feel that our property should not go missing. We should be able to own property, and it should be able to be maintained by us, all of these kinds of things. We expect the government to put forward registries so we can register our property, so that, if it goes missing, the government has a registry of it and we can use that to get our property back. It cannot just be expropriated from us, all of these kinds of things.
In the same way, that is increasingly a part of cybersecurity. The ownership of things in cyberspace, the ownership of websites and the ownership of even our own Twitter handles, for example, are increasingly things that are deemed to be cybersecurity.
The government seems to be lacking in the ability to protect Canadians' cybersecurity.
There is an iconic Canadian company, Ski-Doo. I do not know if people are snowmobilers, but I do enjoy snowmobiling, and Ski-Doo is an iconic Canadian company.
I do not know if people know this but, recently, Ski-Doo has been the victim of a cyber-attack and has lost control of its entire dealership network. Its own computer system has gone down. It has not been able to get it back. Somebody else has control of it now and it has not been able to get it back.
These are the types of things that I think are crucial. When one is going to bring in a bill that talks about cybersecurity, these are the kinds of things the government should be trying to keep secure. This is Canadian property. These are Canadian identities. These are Canadian brands. These are the things we need to ensure we can prosecute, that we can track these people down who are doing this kind of thing and that we can ensure cybersecurity.
I guess that is where I get a little frustrated with a bill like this. It says a lot of nice things at the top of it. The government comes here with a blanket statement around how it is going to defend cybersecurity, how cybersecurity is important and how we should all vote in favour of this particular bill. I imagine that we will.
However, the bill does not necessarily tell us what we are going to do. The banning of Huawei is not necessarily laid out in this. There are no criteria as to what the expectations are for companies to operate in this space, in terms of what they can be tied to and what they should not be tied to. It is just, “Trust us. We are the government and we are here to help.”
In addition, we have seen over the last number of years the opportunities for the government to put resources into law enforcement's ability to track some of this down. We can see changes to the Criminal Code, to ensure that some of these malware attacks or ransomware attacks could be tracked down and prosecuted here in Canada. This is a major concern for companies looking at investing in the world. They look at a country's ability to protect them from a cyber-attack but then also to prosecute those cyber-attacks.
I have a friend who works for the Calgary city police. He works in cybercrimes. He often works with police forces from around the world to track down folks who are using ransomware on Canadian companies.
He tells me they rarely, if ever, prosecute in Canada because our laws are so non-distinct around this that it is impossible to prosecute. Because these are multi-jurisdictional crimes, they will often take the prosecution of this to a jurisdiction that has better laws. He says he will work with 23 law enforcement organizations and they will bring a case in Europe, in eastern Europe or in Israel, because those places have much better laws to protect cybersecurity.
View Kevin Lamoureux Profile
Lib. (MB)
View Kevin Lamoureux Profile
2022-12-01 13:00 [p.10283]
Madam Speaker, I am glad the member will be voting in favour of the legislation going to committee. Hopefully many of the concerns he raises on the issues surrounding the worthiness of the legislation, will be addressed at that stage.
The legislation would empower the minister to be able to take actions. It would allow for financial penalties. It would allow for us to deal with cyber-attacks from a legislative perspective. That does not necessarily mean that this is the only thing we have done over the last number of years. There has been a great number of financial resources, individuals, committees and so forth ensuring our industries are protected.
This is yet another step forward in dealing with cyber-attacks, keeping us consistent with other allied countries. I am wondering if the member would acknowledge the importance of moving forward with allied countries in dealing with things, such as cyber-attacks?
View Arnold Viersen Profile
CPC (AB)
View Arnold Viersen Profile
2022-12-01 13:01 [p.10283]
Madam Speaker, I am hopeful that this bill would get us in line with other countries from around the world because, increasingly, Canada is left out of the discussions around cybersecurity.
We are no longer invited to some of the many important forums that do take place in battling this. If that is what this bill is attempting to do, to bring us in line with some of these other countries, I hope that is the case. However, I would note, I was talking to my friend with the Calgary Police Service who said that Canada is increasingly not the jurisdiction where they pursue these prosecutions because we are so lacking in good legislation to protect our cybersecurity.
View Alexis Brunelle-Duceppe Profile
BQ (QC)
View Alexis Brunelle-Duceppe Profile
2022-12-01 13:02 [p.10283]
Madam Speaker, I thank my colleague for his speech.
He talked about trust in the government or perhaps a lack of trust. In the current global context, there is interference by countries like China. We know that the RCMP has launched investigations into 11 electoral candidates. In fact, we also know that on July 7, 2016, the Prime Minister authorized a Chinese bank to do business on Canadian soil. At the same time, on July 6 and 7, 2016, the Papineau Federal Liberal Association received more than $70,000 in donations in 48 hours.
Is that not a reason to lose trust in the Prime Minister and the government?
View Arnold Viersen Profile
CPC (AB)
View Arnold Viersen Profile
2022-12-01 13:03 [p.10283]
Madam Speaker, that is another prime example among many of why Canadians do not trust the Liberal government, whether it this particular case of accepting interesting money for an approval; the Huawei decision that needed to be made; the WE Charity scandal, where the Prime Minister was trying to give an organization $1 billion, an organization that had funded nearly half a million dollars to his personal family; or the sweetheart deal with Baylis Medical.
Over and over again, we see that the government is not trustworthy. When it comes forward with bills that do not have a lot of details and that just give blanket permission to cabinet ministers, I am sorry, but we do not trust it.
View Bonita Zarrillo Profile
NDP (BC)
View Bonita Zarrillo Profile
2022-12-01 13:04 [p.10283]
Madam Speaker, today in the House we have heard the NDP speak about its concerns, also about its concerns with oversight.
Are Conservatives also in support of those changes around oversight?
View Arnold Viersen Profile
CPC (AB)
View Arnold Viersen Profile
2022-12-01 13:04 [p.10283]
Madam Speaker, yes, that is for sure the case. We are in support of more oversight. We would like to see a detailed bill, not a bill that just says that it would give the minister broad powers to do all the things.
That is not governing. That is not providing legislation. That is basically saying, “We love puppies. You should support us because we love puppies.”
View Garnett Genuis Profile
CPC (AB)
Madam Speaker, I appreciate the opportunity to speak in the House today to a very serious subject, cybersecurity and the security of our country in general.
I will say, on a lighter note, that my friend from Peace River—Westlock spoke about snowmobiling companies and cyber-attacks. I have some personal experience with snowmobiling at his house, and I would say that the government's approach to security is the equivalent of driving a snowmobile over a four-foot retaining wall, which may or may not have happened the last time I tried to drive one of those machines.
The situation of security in this country is very much worth the House taking note of. For much of the time that I have been engaging with and following politics, the primary area of security we would talk about would be concerns about our readiness for and our response to the threat of terrorism. However, it is important to take stock of how things have changed and the fact that, while there are still concerns about terrorism and how we respond to potential acts of terrorism, the primary security threat we face as a country, and indeed that the western world faces, is the threat of foreign state-backed and directed interference in our national affairs. Our abiding concern should be the reality that various foreign states are trying to shape and interfere with our democratic life to try to bend not only our government institutions, but also our civil society institutions, toward their desired objective.
Members of the government have said that the purpose of this interference is to cause total chaos and confusion. We should acknowledge that there are some cases of foreign interference that are aimed at causing chaos, but very often it is about simply trying to subvert and control the direction of institutions toward the will and the interests of that particular foreign power. We have discussed how the Chinese Communist Party is the biggest player when it comes to foreign state-backed interference, but it is far from the only player.
We have seen reports about Chinese government interference in our elections. There have also been recent reports about death threats from the Iranian regime targeting individuals in Canada. There are various other countries that CSIS and other organizations have identified as being involved in this activity of trying to interfere with, subvert and direct Canadian institutions, government really at all levels, as well as civil society organizations, universities and the like, toward their objective.
This kind of invisible, or sometimes a little more visible but often hard to detect, interference in the direction of our national life toward objectives that are not consistent with the objectives Canadians have established is a great threat to our security and our sovereignty. It is something that we should all be seized with and working to respond to.
Part of the context as well is that we are in what some analysts have described as a second cold war. Of course, there are many features of the current conflict between democratic and authoritarian values that are different from the last Cold War, but we have this reality of intensifying global competition between two different value systems that are represented by different countries at different times, and we have countries that are in the middle that are being pulled in different directions.
I tend to think that kind of cold war frame is a reasonably useful way of understanding the current tensions we face in the world. In the context of those tensions, we see how powers with political values that are fundamentally different from ours, where governments are trying to protect their own position, are trying to project their influence around the world. Again, this requires vigilance. It requires a strong response from Canada.
I have been struck by some of the recent comments from the Prime Minister on these matters. I think he has been showing a real lack of transparency around acknowledging what he knew when, and refusing to answer direct questions from the opposition about foreign interference, but he has also stated quite openly the reality that we have a serious problem with foreign interference. This is a reality that opposition members, in particular in the Conservative Party, have been raising for years. We have been asking the government to do more. We have been calling for strong legislative frameworks to respond to the problem of foreign state-backed interference.
We have also sought to elevate the voices of victims of foreign interference, people who have faced threats and intimidation from foreign state actors to try to silence their advocacy, which those foreign state actors see as contrary to their interests. It has been widely reported some of these victims really struggle to actually get proper support. They often get the runaround.
They go to their local police force, which does not necessarily have the capacity to handle a foreign state-backed organized campaign of threats and intimidation. Do they go to Global Affairs? Do they go to CSIS? Do they go to the RCMP? There can be a bit of confusion and passing of the buck concerning support for these victims of foreign state-backed interference.
We have a lot of work to do in legislation and policy, and our preparedness in general and our understanding of these issues. It is critical that we step up to strengthen our understanding of and response to the threats facing our country.
One thing we need to see more from the Prime Minister and the government is transparency because being transparent about this reality can help to counter the impact of that foreign interference. If we know it is happening, if we know what it is directed toward, then we can respond more effectively.
This is not only a responsibility of the federal government to respond to. Provincial and municipal governments need to be aware of the issues of foreign interference. Our universities need to step up as well. Private companies need to be aware of the risks around interference, theft of technology and the ways in which certain things may have a dual military use. There needs to be a broader awareness of this threat to the national interest, a threat to our values across all sectors of society, and a broader response to it.
The government has an important role to play in leading the response and making changes at the national level. We have been far behind, as far the national government goes, in responding to these threats. The Conservative opposition has been calling for a response to foreign interference for years. Now we are seeing the government start to talk about it a bit more.
I noted in some of the language in the Indo-Pacific strategy, for example, the government is starting, or trying, to sound a bit more like Conservatives in the way it talks about some of the challenges confronting us and the steps we need to take in the Indo-Pacific region. While the government is adopting some of that language, it is failing to substantively adjust its approach.
We have a bill in front of us today that deals with one avenue where we need to be engaged with and responding to the problem of foreign state-backed interference, and that is the issue of cybersecurity. I will be supporting this legislation at this stage to see it go to committee, mainly because we clearly need a new cybersecurity bill. We clearly need a new framework. The committee study will identify some of the significant gaps we see in the legislation right now, the ways the legislation needs to be improved and possibly the many additional steps required. I will just note that it is far past due that we have some kind of proposal for a framework on cybersecurity that, in a way, gives the committee the opportunity to add to and build on what the government has initially put forward.
This is really the first time we see any kind of legislation proposed by the government that substantively touches on this emergent problem of foreign state-backed interference. We need a much broader range of responses from the government. We need so much more to be done to counter this major security threat.
This is about preserving our country. It is about preserving the integrity of our institutions. It is about defending the principle that the direction of our democracy and the direction of our society should be shaped through the open deliberation of Canadians, not by foreign powers who have particular interests that may be contrary to our interests who are trying to push and pull that discussion in their preferred direction.
Having this framework that opens the door for the committee to discuss further, fill in some of the gaps and try to push the government to have greater specificity in the framework around what they are going to do provides us with the opportunity to do that. This is late, lacking in detail and really a small piece of the much broader picture that is required.
The government has been so delayed. I mentioned the decision around Huawei. We were way behind all of our allies in making the decision. It is important now, finally, at this late stage where the government is starting to mention the problem, that we actually see concrete action. Conservatives will be pushing the government to act in line with some of the words it has been saying.
Results: 1 - 100 of 46621 | Page: 1 of 467

1
2
3
4
5
6
7
8
9
10
>
>|
Export As: XML CSV RSS

For more data options, please see Open Data