44th Parl. 1st Sess.
March 6, 2023 11:00AM
Madam Speaker, it is my pleasure to rise in the House today to share my thoughts and those of my constituents on Bill C-26. I am very pleased to have this opportunity.
Bill C-26 is a risky and tricky piece of legislation. On the one hand, we have serious and growing issues of cybersecurity, and on the other hand, we have the importance of personal privacy. We also have questions related to government accountability and oversight. I am sorry to say that the government has not done a stellar job on either one of those fronts to date. I am hopeful that members of this House can work together collaboratively to craft a piece of legislation around what has been proposed in Bill C-26 that balances both of those vital yet often competing priorities.
I grew up in the 1960s under the spectre of the Cold War. When I was a kid, the threat of foreign attack came from the air above us, from nuclear missiles from Russia or China. While our adversaries remain the same and current events have sadly brought the spectre of nuclear disaster to the forefront again, the method of attack to which we are most susceptible today is far more sophisticated and far more insidious.
Rather than bombs from the air above us, the weapons of our enemies are in the air all around us: Men and women are sitting at computers in dark rooms, in government agencies or at the local library sending out digital viruses. These cancers attack the Internet, telecommunication waves and the platforms we have become reliant on to what I would consider to be an unhealthy degree.
That is where I will pause for a moment, because I think the best thing we can do, the first step to securing our national security and the well-being of Canadians, is what nobody wants to do, which is to take a little step backwards to take a look at this. We need to divest ourselves of our all-consuming reliance on digital platforms, devices and infrastructure, and ensure that our most vital infrastructure always has a physical fail-safe to fall back on.
Let me give an example. Let us talk about digital currency for a second. Digital currency exists. Most Canadians have a credit card, a debit card and online banking. I do and I use them; it is convenient. However, that is not to say for a minute that I think progress demands that we do away with hard currency. It is exactly the opposite. Canadians have become more reliant on digital currency, forms of digital ID, smart phones, smart cars, smart homes, smart cities, smart bombs, smart banking and smart hospitals, and the really smart thing to do is ensure that we always maintain physical infrastructure and ensure we are in control and not crippled by the worst that could happen.
Nothing is impenetrable. No matter how good or amazing the technology that we create is, no device, no platform and no code has been created that cannot be hacked. Anything people make, people can break, and if they cannot, they will develop a machine that can break it.
I was reminded of a story last week of a military computer virus called Stuxnet. Stuxnet single-handedly destroyed one-fifth of Iran's nuclear centrifuges. Actually, that is not totally correct. The worm that Stuxnet was caused these sophisticated machines to self-destruct. It got into their systems, learned how they operated and then caused the powerful turbines to spin in reverse, shredding the machines. We have artificial intelligence so advanced that it can make decisions, and the people who created the technology do not even know how the decisions came about. It cannot even tell them. It is a little scary.
Digitized records are important. We have all come to rely on them, but I believe keeping a hard copy is also important. Ensuring that we maintain a hard physical currency is very important too, as is recognizing the value of currency produced by the Royal Canadian Mint. We need to ensure that our power grid still has a physical switch and that our hospitals and banking systems cannot be crippled by a bright kid with a laptop or a foreign actor with a more malicious intent.
The government has been very slow to address cyber-threats. Under its watch, the CRA was hacked. It said 5,000 accounts were affected, yet that number turned out to be 50,000. It did not address the issue. There were lots of excuses from the minister, but what really happened? One year later it happened again, and another 10,000 Canadians had their personal data accessed by hackers. Last year, the National Research Council was hacked.
I am sure that after this past week, the government is tired of talking about foreign interference in our elections, so I will not belabour that point, except to say that we did have foreign interference in our elections. The Prime Minister knew about it and he did nothing. Worse than that, he still refuses to tell Canadians the truth about what he knew and when he knew it. Like everything else, he refuses to take responsibility. I wonder sometimes just how much longer those on the government benches will allow him to do so. I would bet that right now the Reform Act is looking pretty attractive to them.
Last year, Rogers' network went down suddenly. Canadians could not access their banking. Businesses could not function. Emergency services were affected. Rogers and the government said it was a glitch, a hack. We will probably never know for sure, but the effect was the same: chaos. That is what our enemies want, and we do have enemies, both foreign and domestic, people who want to see anarchy and to cause chaos, fear and division. It sounds eerily familiar.
What legislative response have we seen from the government to date? I am seriously asking, because when I think back over the past seven years that the Liberals have been in power, I am not aware of any substantive action, either proactive or reactive, that they have taken to address our cybersecurity and the glaring vulnerabilities that exist with respect to it. To that end, I am glad that we are now finally having this important discussion. We need to beef up our security systems, beef up our cybersecurity system and keep Canadians safe.
As the government always says, Canadians have a right to be safe and to feel safe. The obvious irony is that it only says it when it is clear that Canadians are neither safe nor feeling safe. Canadians should be able to feel safe, should be safe and should have confidence in the cybersecurity system they rely on.
My time is almost gone, and that is a shame because there are so many things we need to talk about with respect to this bill, although I am confident that my colleagues will be able to further articulate some of the concerns. However, I do want to say one word about privacy.
Many Canadians are concerned about the ever-increasing size, scope and reach of government in this country. The Prime Minister has increased the size of government by some 30%, and this bill gives such sweeping powers to the government that it has prompted numerous civil liberties groups, including the Canadian Civil Liberties Association, the International Civil Liberties Monitoring Group and the Privacy and Access Council of Canada, in addition to several other groups and academics, to express their very serious concerns about this legislation. They call it “deeply problematic” because it “risks undermining [the] privacy rights [of Canadians], and the principles of accountable governance and judicial due process”. That is a lot to unpack in just one sentence.
Had this legislation come forward three years ago, I would have probably said that it was a no-brainer and that we should get it done as national security trumps personal privacy. However, after the violations of civil liberties, even basic liberties, that we have witnessed over the past three years from the government, I would not be so eager to say that we should just get it done. There is also the government overreach, the control and the abject absence of even a semblance of accountability.
As vital as our national security is, the government, the ministers and the Prime Minister simply cannot be trusted with more power, and that is what this bill does. It gives the government of the day more power through the Governor in Council and through its agencies to establish regulations and to further limit and restrict the freedoms and privacy of individual Canadians.
It is my hope that as members in this House, we can strike the right balance after hearing from all sides and craft a piece of legislation that accomplishes everything we want and need in it. However, as it stands, Bill C-26 gives way too much power to a government that has proven time and time again that it is unable and unworthy to wield it.
1532 words
All Topics
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, this is an important question. Some time ago, I did a term on the National Security and Intelligence Committee of Parliamentarians, and what I learned there was that we have phenomenal security agencies in this country. One of those is the CSE, the Communications Security Establishment, which monitors cybersecurity. It does phenomenal work.
I was coming back from a meeting one day, driving down the highway. It happened to be a Friday, and I noticed vehicles pulling campers and boats, with roof racks and bicycles attached to their bumpers. I thought, is it not wonderful that we live in a country where we have absolutely no idea about the existential cyber-threats that are out there? Why is that? It is because our security agencies are doing a phenomenal job at keeping us safe and providing this kind of environment.
The obligation of the government, when it gets advice from our security agencies, is to act on it.
160 words
All Topics
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, this is a very relevant question. Is it the right time for a bill like this? I would like to give a very brief answer: Yes, it is absolutely the right time for this. Is it the right bill yet? No, it is a good starting point. That is how we can look at this bill. I am happy to vote in favour of this bill, to get it to committee. I am hopeful, from the comments I have heard from members of the Bloc and the NDP, that they are eager to give this bill a robust study and make the necessary amendments that will address the cybersecurity requirements in our country to keep critical infrastructure and our citizens safe, but also to respect the privacy of Canadians. Those are equally important elements. I am looking forward to the study on this bill.
146 words
All Topics
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, I am just going to read an excerpt from the bill, because it really encapsulates the answer to the member's question. It states the bill would authorize the Governor in Council, which is cabinet, “to designate any service or system as a vital service or vital system”. It would also authorize the Governor in Council “to establish classes of operators in respect of a vital service or vital system”. It also “provides for the exchange of information between relevant parties”.
We cannot currently do that. Our security and law enforcement agencies cannot transfer information without a judicial warrant. Why would we allow the government and cabinet to do that?
118 words
- Hear!
- Rabble!
- add
- star_border
- share
- menumenu
- notificationsnotifications
- home
- mailmail
- searchsearch
