SoVote

Right Hon. Justin Trudeau (Prime Minister, Lib.)

May/1/24 3:20:12 p.m.
Watch

Mr. Speaker, we are very aware of the concerns of the various groups, the stakeholders in this network and the Canada Border Services Agency. We are working diligently to make sure the project succeeds and to implement better software. We know that digitization will help improve our international trade and border crossings in terms of security, efficiency and speed. We will continue to move forward, but we will do so carefully and mindful of the risks, while also recognizing the positive aspects of the new software.

86 words

Context: House Hansard - 306 - May/1/24

Mr. Garnett Genuis

May/1/24 3:50:48 p.m.
Watch

Mr. Speaker, on Monday I rose on a question of privilege related to foreign interference. I have come across some important additional information that I believe is critical to share with you and with the House as you undertake your considerations and prepare to make a ruling. Stories have appeared in multiple media outlets quoting a person in your office, Mathieu Gravel, director of outreach and media relations. The statement includes the following: The House of Commons' administration investigates all incidents brought to its attention by security partners. In this case, it determined that the risk-mitigation measures in place had successfully prevented any attack. There were no cybersecurity impacts to any members or their communications.... I do want to observe that it is highly unusual for a media spokesperson of the Speaker's office to speak to the media about a question of privilege, when a ruling has not been made. When no follow-up inquiries have been made with members affected, it feels a bit like a judge sending a statement to members of the media in the middle of deliberations. However, as you deliberate, I think it is important to take note of one additional piece of information. The cyber-attack against me from APT31 did not target my parliamentary email account. While in many cases parliamentary accounts were targeted, in my case the cyber-attack targeted my personal non-parliamentary account. I have no idea how APT31 came to access my personal non-parliamentary account, because it is not publicly available. I was attacked at my personal account because of my parliamentary activities in order to access information about and disrupt my parliamentary activities. Fundamentally, the government has a responsibility to inform members of threats to them by foreign powers. It has said it would share such information, and it has not. If it is true that House of Commons IT blocked the attack, it remains true that House of Commons IT is not a security agency and is not itself responsible for informing parliamentarians of threats against them. Rather, it is the responsibility of the government to inform parliamentarians of threats against them. Parliamentarians still need to know about targeted threats against them, even when those threats do not succeed. If someone tries to hurt me but their attempts are thwarted, I would still like to know I have been targeted in order to plan to protect myself going forward. Moreover, your office is not at all able to say that these attacks were thwarted, because they evidently targeted members on both parliamentary and non-parliamentary emails. We need to know so that we can take action to protect ourselves in all places and all situations. House of Commons IT, which is not an intelligence agency, clearly does not have eyes on cyber-attacks against us through personal accounts and does not have the same responsibilities as the Government of Canada. Parliamentarians were under attack. The government now admits that it knew. The government did not tell us, and the government cannot say if the attack was successful or not. Mr. Speaker, I am available to provide you with additional information as required so that your ruling, and any subsequent comments to the media, are informed by all of the relevant facts.

547 words

Context: House Hansard - 306 - May/1/24

Mr. Kevin Lamoureux (Parliamentary Secretary to the Leader of the Government in the House of Commons, Lib.)

May/1/24 6:24:45 p.m.
Watch

I submit that the facts of the situation clearly demonstrate that the government acted without delay to notify the House and Senate of suspicious spearphishing activity that targeted parliamentarians. I would also state that, since this incident occurred, the government has given clear direction to intelligence agencies that when there are threats of interference, influence or intimidation against any member of the House or the Senate, these agencies are to engage the affected member in an expeditious manner. I will now draw the attention of members of the House to the facts and chronology of events that occurred respecting the matter raised by my colleague across the way. In January 2021, the Canadian Centre for Cyber Security informed the House of Commons administration about suspicious spearphishing activity targeting individuals with parl.gc.ca and senate.gc.ca email accounts, beginning on January 22, 2021, and continuing into March 2021. A series of reports were shared with the House of Commons about the activity. Only technical details were available and shared at this time. On June 29, 2022, the FBI shared a report with the Communications Security Establishment, detailing cyber-threat activities targeting members of the Inter-Parliamentary Alliance on China, including parliamentarians. On June 30, 2022, the Communications Security Establishment shared all relevant technical information about the cyber-threat activity with security officials in both the House of Commons and the Senate, including the names of the impacted parliamentarians. As there is a separation between the executive and the legislative branches of government, the Communications Security Establishment determined that it was appropriate to defer to the House of Commons and the Senate, as owners and managers of their IT networks and parliamentary email addresses, to address the threats. At the time this took place, it was felt that this was the appropriate procedure to follow in order to respect the independence of the legislative branch from the executive branch. I cannot speak to what the House of Commons or Senate administration did with the information provided to them by the Communications Security Establishment, as this is for them to explain. I can only explain the actions of departments and agencies of the Government of Canada. I would therefore assert that there is no prima facie question of privilege in this instance, as the Communications Security Establishment properly shared the information that they were provided, including the names of the parliamentarians, with the House of Commons and Senate administrations. I would like to point out that, since that time, procedures have evolved, and MPs have made it clear that they would like to be notified directly when they are targeted. Therefore, in May 2023, the then minister of public safety issued a ministerial directive requiring that the Canadian Security Intelligence Service will, where possible, inform parliamentarians of threats to their security. As stated in my opening remarks, had this threat been raised today, I can assure members that the directive would have been followed and that security agencies would have proactively provided information on the threat to parliamentarians. With a view to protecting our democratic institutions and representatives, our government takes matters of foreign interference and foreign influence extremely seriously. I can assure the House that our government will continue to take serious steps to address threats against our beloved country and the institutions that serve and represent our citizens.

559 words