44th Parl. 1st Sess.
March 28, 2023 10:00AM
Mr. Speaker, it is a privilege to rise in this House to speak to this piece of legislation. I would like to start today by saying a few words about how this bill is structured, and then I plan to use the majority of my remaining time to discuss the implications of this legislation regarding personal privacy rights.
When I look at this bill, my initial response is this: Should there really not be three separate pieces of legislation? One would deal with the consumer privacy protection act and issues related to modernizing PIPEDA, perhaps a second, separate piece would create the proposed personal information and data protection tribunal act, and a third, separate component, which should absolutely be its own legislation, would be for the section dealing with artificial intelligence.
AI may present similar, very legitimate concerns related to privacy, but the regulation of AI in any practical sense is almost impossible at this juncture because so many aspects of it are still very unknown. So much is still theoretical. So much of this new world into which we are venturing with AI has yet to be fully explored, fully realized or even fully defined. This makes regulation very difficult, but it is in this bill, so it forms part of this legislation.
We can see just how vague the language related to the AI framework really is. I understand why it is that way, and do not get me wrong; I think we need this type of legislation to regulate AI. However, in the same way, this is way too big a topic to delve into in a simple 10-minute speech. It is also too big a topic to drop into an existing piece of legislation, as the government has done here, basically wedging this section into what was known as Bill C-11 in the last Parliament.
I have deep concerns with AI. They are practical concerns, economic concerns and labour concerns related to the implementation of AI. I even have moral concerns. We have artificial intelligence so advanced that it can make decisions by itself. The people who have created that technology cannot explain how it came to those decisions and it cannot tell them. The capabilities of this technology alone seem almost limitless. It is actually a little scary.
Personally, I look at some of the work being done in AI and wonder if we should, as humanity, really be doing this. Just because we have the knowledge and capability to do something does not necessarily mean it is for the betterment of humanity. I wonder sometimes where this technology and these capabilities will take us. I fear that in hindsight, we will look back and see how our hubris led us to a technological and cultural reality we never wanted and from which we will never be able to return.
However, here we are, and we have this capability partially today. People are using it, and it requires some form of regulation. This bill attempts to start that important conversation. It is a good first step, and that is okay. I think this is one of those things where we need to start somewhere as we are not going to get it done all at once. However, again, given the enormity of the topic and the vast implications, it should be its own separate piece of legislation.
Those are my thoughts on the structure of the bill, and now I will shift gears to talk a bit about personal privacy.
Personal privacy is a fundamental right. Three decades ago, long before the advent of the Internet or smart phones, the Supreme Court of Canada ruled privacy is “the heart of liberty in a modern state”. It did not say that privacy was at the heart; it said privacy is the heart. Personal privacy is the fundamental right and freedom from which all other liberties flow, and with the advent of the Internet age, the age of the smart phone and the age of digitized everything, laws related to protecting the fundamental right to privacy must be updated. Canadians must have the right to access and control the collection, use, monitoring, retention and disclosure of their personal data. The question is, how do we realistically do that?
One of the reasons I am a Conservative is that I believe in individual rights and that rights and freedoms must be coupled with accompanying accountability and responsibility. This has to be a two-way street. Canadians need to be informed, and they need to be responsible and aware of what they are agreeing to, subscribing to and giving permission for. How often do we simply and blindly click “accept” without reading the terms and conditions for using a website, using an app or allowing others the use of our information?
I would be curious to know among my colleagues in the House, when was the last time they fully read the terms and conditions of a user agreement or a disclosure statement? Most of us just hit “accept”. We do not want to be bothered.
Recognizing this, can we really say the privacy of Canadians is being violated when many individuals live every moment of their lives posting in real time online for all the world to see, and access and just click “accept” without reading what they are agreeing to?
In this context, what is the role of government and what is the responsibility of the individual user? Government and businesses need to provide clear information, but people also need to be informed. They need to take responsibility.
I recall a while back when my office received an email on this subject of privacy. The individual was deeply concerned about web giants having access to his personal data. I had to laugh, because at the bottom of the email it said, “Sent from my Huawei phone”.
As a government creating legislation, where should those legal lines between consent and informed consent be drawn? As Canadians, we are a bit too quick to consent.
However, we have also seen far too many examples of Canadians’ private and mobility data being used without their consent. We heard about the Tim Hortons app that was tracking the movement of Canadians; how the RCMP was using Clearview AI’s illegally created facial recognition database; the public doxing of all those who donated to the freedom convoy; Telus giving location data to the Public Health Agency of Canada without a judicial warrant; and, in my view, the most egregious violation of privacy in generations, the requirement by the government and others for Canadians to provide their personal health data and information in order to work and/or travel.
If I am honest, it is this violation of privacy rights that makes me truly hesitant to support any effort by the government to strengthen privacy rights: first, because it has so flagrantly violated them, but also because I and a growing number of Canadians just do not trust the government. We do not trust it to keep its word. We do not trust it to create legislation that does not have loopholes and back doors that will give it the capability to violate individual personal freedoms.
Why? Because we have seen it from the Liberals. They want to control everything. There has never been a government that has had such an utter disregard for Canadians.
I have noted before that it was the Prime Minister's father who famously said that the government had no place in the bedrooms of Canadians. However, the current government not only wants to be in our bedrooms, but in every room, on every device, in every conversation and in every thought. It wants to control what Canadians think, what they see and what they post, and, by extension I can safely say, how their private data is curated and used.
One thing that is vital if we are to trust the government with our private data and with protecting privacy, there must be clear boundaries. This leads to one of the larger issues with this legislation, an issue we are faced with every time the government brings legislation forward. It fails to provide clear definitions.
There is a section of the bill that deals with the sensitive information of minors. The fact that there is no section for the protection of sensitive information of adults is a sign.
What does it mean by “sensitive”? It is never defined. What does it mean by “scrutiny” for data brokers? It is this habitual lack of specificity that characterizes so much of the government's legislation.
It is like a band that is way more interested in the concept of the album and how it looks on the cover than the actual quality of its music. If it cared about the quality of the music, it would have brought forward a bill that looks more like the European Union's 2016 GDPR, which is widely regarded as the gold standard for digital protection. By that standard, PIPEDA fails the test, but so might Bill C-27 if we do not bring it closer in line with what other nations have done. This lagging behind does not just affect personal privacy, but the ability of Canada and data-driven Canadian businesses to work with our EU friends.
This whole new regime outlined in the bill has huge implications for businesses, something I am sure my colleagues will be addressing. There is so much that can and should be said about this legislation, but it comes down to this: Canadians must have the right to access and control the collection, use, monitoring, retention and disclosure of their personal data.
1635 words
All Topics
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, I should have pointed out at the beginning of my speech that I would be sticking around to answer any questions and address any comments. I appreciate the member for Winnipeg North, who I hear an awful lot, so I am getting used to him.
I do appreciate the member's question about whether or not Conservatives support this legislation because, in principle, we support the concept that there needs to be regulation in protecting, acquiring, monitoring and distributing individuals' personal data. He pointed out that the Liberal government was the one that brought in the Charter of Rights and Freedoms.
I have a question for the member, and I know he cannot answer it, but why did the government not respect the charter?
126 words
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, I find it interesting that the member inquired with ChatGPT to determine whether or not Canadians should have confidence in the Liberal government on Bill C-27.
I would be much more curious had the member asked whether Canadians should have confidence in the Liberal government, period. I believe its AI ChatGPT would have been crystal clear in saying that no, we do not have confidence in the Liberal government.
Having said that, we do think this legislation is important. I think we are going to listen to debate to make a decision whether or not to send it to committee for further study.
106 words
- Hear!
- Rabble!
- add
- star_border
- share
Madam Speaker, if we read the bill, especially in section 18, where the government has carved out a little space for business, it would appear as though business interests trump those of the private individual. I believe that mistake has been made too often, where we have given personal data to businesses too flippantly. Personal private data, first and foremost, belongs to, and should be protected by, the individual.
69 words
- Hear!
- Rabble!
- add
- star_border
- share
- menumenu
- notificationsnotifications
- home
- mailmail
- searchsearch
