44th Parl. 1st Sess.
December 1, 2022 10:00AM
Madam Speaker, I cannot hold up my cellphone, but what is absolutely key to the whole conversation we are having is the fact that all of us in this place carry an incredibly powerful computing device that only a few years ago would have been something we would not have seen even in the most futuristic sci-fi novels and movies. The space in which we are discussing cybersecurity has evolved so rapidly.
Specifically to the question the member asked regarding privacy, it is a very important one. It is one that, as a member of the Standing Committee on Access to Information, Privacy and Ethics, we need to make sure the legislation we have in this country, including privacy legislation both on the application of government and the privacy of all Canadians in terms of corporations and that whole space, reflects the modern realities. In many cases, decades old legislation needs to be updated to reflect the realities of today.
161 words
All Topics
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, when we talk about the updated realities of today, persons with disabilities rely heavily on these technologies and this access. If I think about persons with disabilities who rely on technologies for everyday barrier reduction interactions in their lives, how can their rights to access be protected?
49 words
All Topics
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, the right to access is absolutely key. We have seen some incredible technological advancements that have helped those who face disabilities in a wide variety of things. Outside of the context of what Bill C-26 directly addresses in terms of cybersecurity, there is a particular connection, because if we do not have things like secure networks, if we do not ensure that our telecoms have consistent and stable networks that we can trust as a country, then access becomes a real issue. Malicious foreign-state actors could take advantage of that, which would disadvantage all Canadians, but specifically those who depend on technology to mitigate things like disabilities.
111 words
All Topics
- Hear!
- Rabble!
- add
- star_border
- share
- Dec/1/22 4:48:15 p.m.
- Watch
Order. It is my duty, pursuant to Standing Order 38, to inform the House that the questions to be raised tonight at the time of adjournment are as follows: the hon. member for Bow River, Taxation; the hon. member for South Okanagan—West Kootenay, Post-Secondary Education.
48 words
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, I will be sharing my time with the fantastic member for Lac-Saint-Louis.
It is with great pleasure that I rise to discuss Bill C-26, an act respecting cybersecurity. I will address elements in the legislation that deal with securing Canada's telecommunications system.
As Canadians rely more and more on digital communications, it is critical that our telecommunications system be secure. Let me assure this House and in listening to the debate today I think we all agree that the issue of cybersecurity is of utmost importance. The Government of Canada takes the security of this system seriously, which is why we conducted a review of 5G technology and the associated security and economic considerations.
It is clear that 5G technology holds lots of promise for Canadians for advanced telemedicine, connected and autonomous vehicles, smart cities, cleaner energy, precision agriculture, smart mining, and a lot more. Our security review also made clear that 5G technology will introduce new security concerns that malicious actors could exploit. Hostile actors have long sought and will continue to seek to exploit vulnerabilities in our telecommunications system.
CSIS, the Canadian Security and Intelligence Service, acknowledged this in its most recent publicly available annual report. The report states:
Canada remains a target for malicious cyber-enabled espionage, sabotage, foreign influence, and terrorism related activities, which pose significant threats to Canada's national security, its interests and its economic stability.
The report states that “[c]yber actors conduct malicious activities to advance their political, economic, military, security, and ideological interests. They seek to compromise government and private sector computer systems by manipulating their users or exploiting security vulnerabilities”.
The CSIS report also highlighted the increasing cyber-threat that ransomware poses. The Communications Security Establishment has similarly raised concerns about threats like ransomware in recent public threat assessments. We have seen how such attacks by criminal actors threaten to publish a victim's data or block access to it unless a ransom is paid. However, it is not just cybercriminals doing this. CSIS warned that state actors are increasingly using these tactics, often through proxies, to advance their objectives and evade attribution.
To be sure, Canadians, industry and government have, to this point, worked hard to defend our telecom system, but we must always be on the alert, always guarding against the next attacks. This has become more important as people now are often working remotely from home office environments.
5G technology is adding to these challenges. In 5G systems, sensitive functions will become increasingly decentralized in order to boost speeds when required.
Cell towers are a familiar sight in our communities and along our highways. The 5G networks will add many smaller access points to increase speeds. As well, the number of devices that the 5G network will connect will also grow exponentially.
Given the greater interconnectedness and interdependence of 5G networks, a breach in this environment could have a more significant impact on the safety of Canadians than with older technology. Bad actors could have more of an impact on our critical infrastructure than before.
The security review we conducted found that in order for Canada to reap the benefits of 5G, the government needs to be properly equipped to promote the security of the telecommunications system. We need to be able to adapt to the changing technological and threat environment. For these reasons, we are proposing amendments to the Telecommunications Act. The amendments will ensure that the security of our telecommunications system remains an overriding objective.
This bill will expand the list of objectives set out in section 7 of the Telecommunications Act. It will add the words “to promote the security of the Canadian telecommunications system”.
It is important for those words to be in the act.
It means government will be able to exercise its powers under the legislation for the purposes of securing Canada's telecommunications system.
The amendments also include authorities to prohibit Canadian telecommunications service providers from using products and services from high-risk suppliers in 5G and 4G networks if deemed necessary and after consultation with telecommunications service providers and other stakeholders.
It would also give the government the authority to require telecommunications service providers to take any other actions to promote the security of the telecom networks upon which all critical infrastructure sectors depend.
We have listened to our security experts; we have listened to Canadians; we have listened to our allies and we are following the right path. We will ensure that our networks and our economy are kept secure. A safe and secure cyberspace is important for Canada's competitiveness, economic stability and long-term prosperity.
It is clear that the telecommunications infrastructure has become increasingly essential. It must be secure and it must be resilient. Telecommunications presents an economic opportunity, one that grows our economy and creates jobs. The amendments to the Telecommunications Act accompany the proposed critical cyber systems protection act. This bill will improve the ability of designated organizations to prepare, prevent, respond to and recover from all types of cyber-incidents, including ransomware. It will designate telecommunications as a vital service. Together, this legislative package will strengthen our ability to defend the telecommunications and other critical sectors, such as finance, energy and transportation, that Canadians rely on every single day.
The legislation before us today fits within the Government of Canada's telecommunications reliability agenda. Under this agenda we intend to promote robust networks and systems, strengthen accountability and coordinate planning and preparedness.
Canadians depend on telecommunications services in all aspects of their lives, and the security and reliability of our networks has never been more crucial. These services are fundamental to the safety, prosperity and well-being of Canadians.
We will work tirelessly to keep Canadians safe and able to communicate securely. This legislation is an important tool to enable us to do that. I look forward to working with members in this House to getting this right and making sure that our telecommunications system is as strong as it can be.
1010 words
All Topics
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, in earnest, the government has had significant failures when it comes to procurement. I would point to shipbuilding, where we are years behind. It has also had significant failures with respect to IT. I point to the Phoenix pay system.
Given these failures, what has the government learned, and how can the Canadian public believe the government will be able to deliver on this legislation?
67 words
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, I had the opportunity to sit on the defence committee during my first mandate, and I had the opportunity to work closely with the then minister of national defence on “Strong, Secure, Engaged”. We are going to be reviewing “Strong, Secure, Engaged” in terms of our defence spending, including what we are going to be doing on procurement.
A lot of things have changed in the last seven years in terms of defence, like what is happening across the way in terms of Ukraine and Russia, cyber and how significantly things have changed. We absolutely need to invest in cyber and make sure we get our defence procurement projects completed.
116 words
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, I thank my colleague for her speech.
There are people from the Fédération des communautés francophones et acadienne du Canada on the Hill today. They met with the Minister of Official Languages. The House is working on Bill C-13 because we know that the French language is declining in Quebec and Canada, so efforts to promote French must be made.
My colleague represents a riding in which 80% of the population speaks French as their mother tongue. She just delivered a speech that was about 80% in English. Does that not make her a bit uncomfortable? Does she not think that a clearer message could be sent here in the House?
Her government could also send a clearer message by giving speeches more openly in French.
135 words
All Topics
- Hear!
- Rabble!
- add
- star_border
- share
- Dec/1/22 4:59:49 p.m.
- Watch
The hon. member's question is a little off topic.
I will nevertheless give the hon. member for Longueuil—Charles-LeMoyne a chance to respond.
26 words
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, if the member wants to ask a question about the subject matter of the bill we are debating, I would be pleased to answer.
With respect to language, I speak both official languages and am very proud to do so.
42 words
All Topics
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, the question of Canada's ability to deal with our situation in an increasingly unstable world raises serious questions about priorities. For example, we are years behind on the frigates that are supposed to be brought forward by the navy. The cost overruns are staggering, yet we have just seen in Ukraine that the Russian flagship, Admiral Makarov, was taken out by drones.
Do we need to completely reassess our thinking? This is the 21st century. We are investing, often, in 20th-century solutions in a world of warfare, cyberterrorism and cyber-power that is completely transforming the nature of warfare and democracy's ability to defend itself.
Does my colleague think we need to do a larger rethink across the board in terms of our strategies and our ability to defend ourselves?
135 words
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, I want to thank the member for that question, because that is one area of our domain awareness that we have not focused on a lot. When we think about the air force, army or navy, we usually talk about those three domains, but we do not talk a lot about cyber. We know that is the fourth domain that we need to focus on.
In terms of our NORAD modernization, I know cyber is top of mind in working with our Five Eyes partners and other partners. We need that modernization to take place so we can make sure this fourth element of our national defence is also included.
112 words
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, I know the member for Longueuil—Charles-LeMoyne has heard some of the debate today, not just from other MPs but from civil society organizations that have raised concerns with respect to secrecy as it relates to addressing cybersecurity.
I am curious to hear her reflections on potential improvements she thinks could be made to the bill in order to better balance the need to improve cybersecurity while holding on to accountability and transparency.
77 words
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, unfortunately I do not sit on the public safety committee, so I will not be the person debating it when it eventually gets to committee, but obviously there are opportunities for improvement in any piece of legislation. I look forward to seeing the recommendations that might come from our colleagues in the House when it gets to committee.
60 words
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, it is an honour for me to rise at second reading stage of Bill C-26, an act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts.
When we consider the opportunities and challenges before us in this area, we see that the theme of collaboration underpins all that we do. Take, for example, the prevalence of cybercrime in an increasingly online world, improving cyber-defence posture in an unstable global environment, deep thinking about what the future holds in a world where innovation and change are exponential, a critical look at whether our policies and laws are up to the task, and the protection of content and intellectual property as data becomes one of the world's most precious resources.
In Canada, being online and connected is essential. Now more than ever, Canadians rely on the Internet for their daily lives. It is about more than just conducting business and paying bills. It is also about staying connected with loved ones across the country and around the world. We should be able to do all these activities safely and securely.
I would like to offer a few words about what we are doing here in Canada to get that balance right. I would like to reinforce the importance of our commitment to protecting the cyber systems that underpin our critical infrastructure.
The emergence of new technologies such as 5G is one clear reason we need to redouble our efforts. Think about our increased reliance on technology in light of the COVID-19 pandemic. Think about international tensions amidst Russia's unprovoked and unjustified invasion of Ukraine, with threats ranging from supply chain disruptions to state and non-state malicious cyber-activity.
Through all of these remarkable events, the government has been working tirelessly to keep Canadians safe. We recognize that, now more than ever before, secure and reliable connectivity is a necessity for our daily lives and our collective safety and security. It underpins the delivery of critical services, such as energy production, financial transactions, safe transportation and emergency communications.
As part of his mandate, bestowed by the Prime Minister, the Minister of Public Safety is seized with the opportunity and the challenge of developing a renewed national cybersecurity strategy. We need to make sure we articulate Canada's long-term plan to protect our national security and economy, deter cyber-threat actors, and promote norms-based international behaviour in cyberspace.
The Government of Canada is working to enhance the cybersecurity of the country's critical infrastructure. The work to identify cyber-threats and vulnerabilities, and to respond to cyber-incidents, is ongoing. Unfortunately, we have seen that malicious actors continue to attempt to take advantage of the current environment to exploit certain sectors.
However, we are not starting from scratch in our fight against this threat. Since 2018, the Government of Canada has invested a total of approximately $2.6 billion in cybersecurity. Through the national cyber security strategy, the Government of Canada is taking decisive action to strengthen Canada's defence, preparedness and enforcement against cyber-threats.
The strategy was paired with the largest investment in cybersecurity ever made by the Government of Canada, totalling nearly $800 million in the 2018 and 2019 federal budgets. In the 2021 budget, the government allocated an additional $791 million to improve and defend cyber-networks, enhance data collection and protect taxpayer information.
In the 2022 budget, another $852.9 million was committed to enhance the Communications Security Establishment, or CSE, and its ability to conduct cyber-operations, make critical government systems more resilient, and prevent and respond to cyber-incidents on critical infrastructure.
Under the strategy, two flagship organizations were established. One is the Canadian Centre for Cyber Security, under CSE, and the other is the National Cybercrime Coordination Centre, or NC3, under the RCMP.
The Canadian Centre for Cyber Security is a single, unified team of government cybersecurity technical experts. The centre is the definitive source of technical advice, guidance, services, messaging and support on cybersecurity operational matters for government, critical infrastructure owners and operators, the private sector and the Canadian public.
The NC3 coordinates Canadian police operations against cybercriminals and established a national mechanism for Canadians and businesses to report cybercrime to police.
Public Safety Canada's Canadian cybersecurity tool also helps owners and operators of Canada's critical infrastructure to evaluate their cyber-maturity against established benchmarks and by peer comparison. It offers concrete guidance on how they can become more cyber-resilient.
Public Safety Canada also coordinates and delivers cybersecurity exercises for the critical infrastructure community to test and develop capabilities to respond to and recover from malicious cyber-activities. More broadly, the department, as the federal lead on cybersecurity policy, promotes communication and collaboration to raise awareness of cyber-threats and risks, including with our international partners.
Public Safety Canada works closely with CSE's Canadian Centre for Cyber Security to enhance the resilience of critical infrastructure in Canada. The Canadian Centre for Cyber Security shares valuable cyber-threat information with Canadian critical infrastructure owners and operators, in addition to providing public advisories.
Today, I am very proud to say that we can start debating a new bill to further strengthen what we have built. Today we are starting the debate on Bill C‑26, an act respecting cyber security. The objective of this bill is twofold.
First, it would amend the Telecommunications Act to add security as a policy objective, bringing the telecommunications sector in line with other critical infrastructure sectors. This would allow the government, if necessary, to mandate any action necessary to secure Canada's telecommunications system, including its 5G networks. This includes authority to prohibit Canadian telecommunications service providers from using products and services from high-risk suppliers.
Second, it introduces the new critical cyber systems protection act. This new act will require designated operators in the federally regulated sectors of finance, telecommunications, energy and transportation to take specific actions to protect their critical cyber systems, and it will also support organizations' ability to prevent and recover from a wide range of malicious cyber-activities, including electronic espionage and ransomware. Cyber-incidents involving a certain threshold will be required to be reported.
The bill will also give the government a new tool allowing it to take action in response to threats and vulnerabilities with respect to—
1068 words
All Topics
- Hear!
- Rabble!
- add
- star_border
- share
- Dec/1/22 5:13:19 p.m.
- Watch
Order. The hon. member's time has expired.
The hon. member for Drummond.
13 words
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, I want to congratulate my colleague from Lac-Saint-Louis on his speech. He obviously has an excellent grasp of the file.
I put this question to another colleague earlier, after a speech, and it is something that really concerns me. I am asking it again because I do not know if the member was here earlier.
We cannot begin to imagine how organized hackers are. They have such a big head start that it will be hard to catch up to them, even if we invest all the energy and knowledge we can in our systems to protect ourselves against cyber-attacks. We have seen companies like Desjardins and Bombardier fall victim to these hackers, who demand endless ransoms. How many other companies have fallen victim to these attacks without us even hearing about it?
My question is this. Has Canada been too slow to act? It took Canada a long time to decide Huawei's fate, for example. Does the fact that the government seems to have dragged its feet before finally tabling a cybersecurity plan that appears to have some teeth not mean that we will always be one step behind those countries and organizations that are attacking the computer systems of businesses and governments around the world?
213 words
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, I know that the Huawei case has been studied extensively with the involvement of our security agencies. I would like to think that the government and security agencies have learned a great deal. They have learned lessons that they can apply in the future to better protect Canadian businesses and critical infrastructure.
In terms of catching up, yes, technology moves so fast that often governments and society have to react, but it is better to react than to do nothing.
82 words
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, I thank my colleague for his speech.
I have a question about publicly owned corporations like Hydro-Québec. How will the bill provide a framework for this, while still allowing companies like Hydro-Québec to be proactive about cybersecurity? How will the bill ensure there is no interference? Will there be support? I would like to hear my colleague's point of view on this issue.
72 words
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, I dare to believe and hope that a publicly owned corporation as big as Hydro-Québec has the resources to protect itself properly. Obviously, it provides a critical service. I think I said that in my speech. We hope that this bill will also serve as a model for other levels of government.
I think that, just like protecting the environment, cybersecurity is a team effort. We have to work with partners in other governments to come up with a solution that is watertight, well aligned and effective.
92 words
- Hear!
- Rabble!
- add
- star_border
- share
- menumenu
- notificationsnotifications
- home
- mailmail
- searchsearch
