SoVote

May/8/24 8:19:33 p.m.
Watch

I am ready to rule on the question of privilege raised on April 29, 2024, by the member for Sherwood Park—Fort Saskatchewan concerning cyber-attacks targeting members of Parliament by a foreign state-backed group known as Advanced Persistent Threat 31. In his intervention, the member alleged that he, along with several other parliamentarians, were the targets of progressive cyber-attacks on their emails in 2021 by a group with ties to the Chinese government. He argued that members were targeted because of their association with the Inter-Parliamentary Alliance on China, or IPAC. He and other affected members of the House learned of the attacks through a recent news story. The member noted that, contrary to a ministerial directive issued last year, members were not notified of this by the government. He stated that this situation was akin to the prima facie question of privilege raised by the member for Wellington—Halton Hills, where a foreign state had also sought to interfere with the duties of a member. He also indicated that he could not assess the extent to which, as parliamentarians, they were impacted, through the disruption of communications or through the monitoring of their activities, but that their parliamentary work was under attack. The member for Sherwood Park—Fort Saskatchewan further intervened on the matter on May 1, 2024. He added that the cyber attack in question was aimed at his personal email account rather than his parliamentary account. He further posited, following media reports which stated that House of Commons IT thwarted the attack, that the House Administration is not a security agency and therefore not responsible for informing members of threats made against them. The parliamentary secretary to the government House leader mentioned that the Communications Security Establishment, or CSE, was advised by the FBI on June 29, 2022, of cyber threats targeting Canadian parliamentarians who are members of the IPAC. Citing the separation between the executive and legislative branches of government, he noted that the CSE believed it appropriate to share all relevant technical information with security officials of the House of Commons and Senate administrations for their action. This was done on June 30, 2022. The parliamentary secretary also pointed out that, given the evolution of security procedures and in consideration of the concerns of members, a ministerial directive was issued in May of 2023 requiring the Canadian Security Intelligence Service, or CSIS, to inform parliamentarians of threats to their security where possible. He concluded by stating that, had the threat occurred following the imposition of the ministerial directive, security agencies would have proactively informed the affected members of the situation. Finally, the member for Scarborough—Guildwood and the member for Humber River—Black Creek, also presumed targets of the attack, rose in support of the question of privilege from the member for Sherwood Park—Fort Saskatchewan and expressed their concerns on the matter. In raising his question of privilege, the member for Sherwood Park—Fort Saskatchewan brought forward two specific concerns. First is the attempt by the People's Republic of China to interfere in the work of parliamentarians, and second is the lack of notification provided to members of this attempt. The Chair will deal with these two issues separately, starting with the latter. In accordance with the processes in place at the time, the House administration was advised by relevant Canadian security agencies of the risk associated with potential attacks and appropriate measures were taken to ensure that they would not impact our systems, more specifically our parliamentary network. Members will appreciate that the processes and the protocols to manage the cybersecurity of the House, by its administration and by the government, have evolved considerably since then. The Chair has no reason to doubt the commitment of the government, through its ministerial directive of May 2023, that members will be advised of threats by CSIS as much as is reasonably possible to do so, bearing in mind various security considerations. It should be noted that the attempt in question and the sharing of the relevant technical information occurred well before the directive was in place, and that the matter was dealt with in accordance with the processes and protocols in effect at that time. It is important to reiterate that the House of Commons cybersecurity systems in place were successful in preventing a breach and negatively impacting the members' ability to conduct their day-to-day business with their parliamentary email accounts. However, the member noted in his submission that his personal email was the target of the attempted cyberattack, and the Chair appreciates the concerns of members with regard to being made aware about matters concerning their cybersecurity. In its 63rd report, presented to the House on April 10, 2024, the Standing Committee on Procedure and House Affairs echoed the ministerial directive in recommending that CSIS directly inform members about specific foreign interference threats, including providing a briefing on the mitigation measures taken to ensure members' safety. It also recommended the Speaker oversee the creation of a protocol within the House administration establishing a threshold for informing the whips of the recognized parties of foreign interference threats. The report has yet to be concurred in. The Chair will now turn to the matter of the attempted interference by the PRC. As the member for Sherwood Park—Fort Saskatchewan noted in his submission, the matter bears similarities with the question of privilege raised by the member for Wellington—Halton Hills on May 2, 2023. That case involved various alleged acts of intimidation, linked to the PRC, towards the member and his family. Those acts came in retaliation for political positions taken by the member in the course of parliamentary proceedings. The matter was found to be prima facie. Indeed, as my predecessor stated in his ruling on May 8, 2023, at page 14105 of the Debates: The Chair agrees that the matter raised by the member, that is that a foreign entity tried to intervene in the conduct of our proceedings through a retaliatory scheme targeting him and his family, squarely touches upon the privileges and immunities that underpin our collective ability to carry out our parliamentary duties unimpeded. At the time, the matter was referred to the Standing Committee on Procedure and House Affairs. Had the question of privilege by the member of Sherwood Park—Fort Saskatchewan been raised while the study was under way, the Chair would have been inclined to suggest the committee consider it as part of that study. This is exactly what occurred when the former member for Durham raised a question of privilege alleging intimidation. At the time, my predecessor stated, on May 31, 2023, at page 15066 of the Debates: Given that the Standing Committee on Procedure and House Affairs has already been instructed to investigate the matter of foreign interference, the Chair believes that it is the appropriate forum for further discussion of this issue. In the case currently before us, it is clear to the Chair that an attempt to hack parliamentary emails of several members by a group with ties to the PRC occurred. This is of great concern to the Chair and, indeed, should be to all members. While the attempt was thwarted, it is understandable that a lingering effect on impacted members remains. Indeed, as my predecessor noted in his ruling on May 8, 2023, a threat, whether successful or not, may still be seen as interfering with a member in the discharge of their duties. As stated in House of Commons Procedure and Practice, third edition, at page 109, I quote: In order to find a prima facie breach of privilege, the Speaker must be satisfied that there is evidence to support the Member's claim that he or she has been impeded in the performance of his or her parliamentary functions and that the matter is directly related to a proceeding in Parliament....Speaker Jerome observed in a 1978 ruling that society demands much of Members but not all demands strictly impose a parliamentary duty. While every Member has duties as a representative of the electorate, a Member may claim the protection of privilege relating only to his or her parliamentary functions, though the line distinguishing these duties might blur. While the work of IPAC is not, strictly speaking, part of our parliamentary proceedings, it does seem clear to the Chair that the members were targeted due to their parliamentary work. Even if the attack was directed against the member for Sherwood Park—Fort Saskatchewan's personal email account, it seems that this was an attempt to interfere in his and in other members’ parliamentary duties and that such interference could have the effect of impeding members. As the procedural boundaries of parliamentary functions can evolve over time, the Chair, and all members, might appreciate guidance respecting these matters. While the Chair is bound to consider this question of privilege based on its own merits, it must also bear in mind broader considerations. Protecting the security of members, whether physical or cyber, is of course essential to the functioning of the House. Cybersecurity attacks to our systems have multiplied over the recent past and there are no indications they will stop or even diminish. Not every attempt to interfere with or hack into our systems will necessarily be the subject of a question of privilege, as this is unfortunately a recurring problem. However, there might be a benefit for the House to decide how to tackle this issue more generally in order to clear the air and establish a way forward. On this basis, the Chair finds there to be a prima facie question of privilege. Accordingly, I invite the member for Sherwood Park—Fort Saskatchewan to move his motion.

1644 words

Context: House Hansard - 311 - May/8/24

The Assistant Deputy Speaker (Mrs. Alexandra Mendès)

May/8/24 9:08:09 p.m.
Watch

I will stop the hon. member right away because I actually have very good hearing. I do hear very well. I did hear the attacks coming from one side to the other. They should not be allowed on either side. I would ask both members to withdraw the statements made, the hon. member for Saskatoon—University and the hon. parliamentary secretary.

62 words

Context: House Hansard - 311 - May/8/24

Mr. Kevin Lamoureux

May/8/24 9:31:05 p.m.
Watch

Mr. Speaker, as you would be aware, the government has put in some new protocols and ministerial directives to ensure that members will find out when something of this nature occurs. I am going to refer all members to what you said, as the Speaker, in regard to the issue at hand: “In accordance with the processes in place at the time, the House administration was advised by relevant Canadian security agencies of the risk associated with potential attacks and appropriate measures were taken to ensure that they would not impact our system, more specifically our parliamentary network.” You went on to say, “It is important to reiterate that the House of Commons cybersecurity systems in place were successful in preventing a breach and negatively impacting the members’ ability to conduct their day-to-day business with their parliamentary email accounts.” I see that as a positive thing. We have to put it in the perspective of time, in 2022. The directives that we are talking about, where we made the changes, were after that. At the time, the process was in place and it was administered.

192 words

Context: House Hansard - 311 - May/8/24

Mr. Xavier Barsalou-Duval (Pierre-Boucher—Les Patriotes—Verchères, BQ)

May/8/24 10:01:23 p.m.
Watch

Mr. Speaker, we in the Bloc Québécois believe that any form of intimidation of elected officials, especially when it comes from outside the country, is absolutely unacceptable. We are concerned about practices like the ones we just learned about this evening from my Conservative colleague, and of course we denounce them. In such circumstances, we also believe that when elected officials are the target of these kinds of attacks by foreign entities, they should be informed. That goes without saying. We find it hard to understand why it was decided not to inform these elected officials. We see this as a basic step that should be taken automatically. That is why we believe that the Standing Committee on Procedure and House Affairs should look into this issue. That being said, I would like to respond to my NDP colleague's speech. I would like to point out that it has been over a year since we started talking about the issue of foreign interference in this Parliament with increasing frequency. We used to talk about it less. Every time we raised the issue, the Liberal government would tell us to move along, that there was nothing to see. That is pretty much what we were told every time. However, we always seemed to find something in the end. Does my colleague find that this type of situation inspires him to trust in a government that often tells us that there is nothing to see when there is indeed something to see? It is worrisome to me.

260 words

Context: House Hansard - 311 - May/8/24

Mrs. Stephanie Kusie (Calgary Midnapore, CPC)

May/8/24 10:08:27 p.m.
Watch

Mr. Speaker, before I begin my remarks, I would like to state that I will be splitting my time with the hon. member for Selkirk—Interlake—Eastman. I certainly look forward to his remarks as well. Two weeks ago, I was sitting in my constituency office when I got a message from my colleague from Sherwood Park—Fort Saskatchewan. He informed me that there was going to be a special meeting of a small group of us, where he would inform us of a very grave and serious situation. I do not know if one has ever received news where one was told they are the target of a cyber-attack, but I will say that it is terrifying. It is a moment in someone's life when the blood drains from one's face. When someone is told the date of those attacks, January 2021, one wonders what they were doing that month. What was going on in their life that month? How serious is this attack? It is something I do not want anyone to ever experience again, in this chamber or anywhere else in the world, but unfortunately, it happened. One starts to wonder if this happened to me, and this also happened to other colleagues in the House of Commons, then clearly, this is also happening within our nation. Who is attempting to obtain what information? How successful are they? How many attacks like this are going on at this time? Worse than that, the Liberal government knew about this attack, yet it did not inform me, and it did not inform my colleagues. It is reprehensible. It is absolutely horrible. I would like to thank again the Inter-Parliamentary Alliance on China for informing myself and my colleagues that we were the targets of such an attack. I would also like to thank the Federal Bureau of Investigation of the United States of America for once again doing the heavy lifting that the Liberal government should be doing. It is shameful that we were informed, through foreign governments, that we were under attack. Unfortunately, it is not a surprise to me. It is not a surprise at all because we found out, just this past week, in the foreign interference report that the former member for Steveston—Richmond East was not successful in his election campaign as a result of foreign interference. Last year, we saw the effects of a foreign government, the same PRC government, on the member for Wellington—Halton Hills, who sits in this very aisle. He was also the victim of the interference of a foreign government in an attempt to try to gain information on his family to try to intimidate him. Unfortunately, I had the honour of being the shadow minister for democratic institutions back in 2018-19. At that time, I begged the member for Burlington to do something about it at that time, and it fell upon deaf ears. We set up things like the Leaders' Debates Commission, which housed a member of the WE Charity scandal. The commission was overseen by the former special rapporteur, who clearly failed in his mission to try to keep this chamber and to keep Canadians safe. We saw the implementation of the toothless digital charter, which achieved nothing to protect Canadians and to protect members of the House. We spent hours going over Bill C-76, where we talked about things like vouching. We talked about things like returning officers. We talked about things like the closing of polls across our nation, yet this did very little to solve the problem that is in front of us now, which is foreign interference. Once again, it is the absence of responsibility of the Liberal government not only to do something about foreign interference, but also to even have the courtesy, the decency and the moral placement to let members of the House know that they were under attack and under threat. We did not get that courtesy, and it is an absolute shame. Once again, we have seen that the government has done too little, too late. We see this time and time again. We saw this in 2019, when I would try and raise questions with the member for Burlington, with the Prime Minister of Canada, and the only response I would receive was that the Prime Minister had an indication that there had been some interference by Russia in the 2015 election, which is very cold comfort at this time, given what we know now. The 2018-19 election was, my goodness, five years ago now. The Liberals have had five years to do something. Clearly, they have not spent their time doing anything. They are, once again, doing what they do best and that is creating the illusion of doing something when, in fact, they are happy to do nothing because, as we saw with the member for Wellington—Halton Hills, as we saw with the member for Steveston—Richmond East, it benefits them to do nothing, so they have done nothing, and they will keep doing nothing. Even if I blame the member for Burlington, I know that this direction was from the top. There is no doubt in my mind that this direction was from the top, and the same thing here. I am sure that the Liberals wanted to ignore the cyber-attack and that they wanted to ignore the potential harm it could have caused me, my family and 17 other members of the House. They wanted to turn a blind eye to that because that is what they do. They do not want to take responsibility for the types of atrocities that take place against myself, against other members of the House and against the Canadian people. The good news about this is that this will not deter myself, and this will not deter the leader of the official opposition from continuing to stand up for democracy, human rights and the rule of law, not only in this nation, but also across the world as well. Members will continue to see us standing side by side with our allies in Taiwan, in Israel and in Ukraine. Once again, this is something that we do not see the Liberal government doing. We see the government picking and choosing winners and losers, speaking out of both sides of its mouth, again, not only to the harm of people in the House, not only to the harm of Canadians, but also to the harm of people across the world. As I said, that is because this government will always turn a blind eye. Do members know what happens when we turn a blind eye? Evil prevails. Evil prevails in the House when the current government turns a blind eye. Evil prevails across this country when the government is not willing to take responsibility, as I begged the member for Burlington to do all those years ago; and evil prevails across the globe. It is not a surprise that I was informed, after the fact, that this government had neglected its responsibility to keep our citizens safe and to keep members of this chamber safe, who were informed by a foreign entity, by someone else doing the work that the Liberals should be doing. Shame on them for trying to hide it from us and for keeping it from us. Once again, they would know, Canadians would know, that they had shirked their responsibility and that they had not done what they were supposed to do in overseeing the safety of the House and the safety of the members of the House. As I said, I have, unfortunately, seen this time and time again, so it is not a surprise to me at all that we were left in this position and that we were left as targets of this foreign government and other foreign governments that are looking into us. I am not naive. I was in the Canadian foreign service, now elected to the House, and I understand that, I am sure, I will always be a target for those foreign governments. However, this government was informed by another government and was informed by another organization that is attempting to do the work that the Liberals should be doing, which is keeping Canadians safe and keeping members of the House safe. We can refer this matter to PROC. I certainly hope that we do, but I hope it is with greater results than the previous times, when we saw Bill C-76 come out of PROC with no shield for the members of the House and no shield for Canadians. I hope, this time, that the Liberal government takes foreign interference seriously, does not pretend and actually does something about it.

1473 words

Context: House Hansard - 311 - May/8/24

Mr. Gabriel Ste-Marie (Joliette, BQ)

May/8/24 10:35:39 p.m.
Watch

Mr. Speaker, I thank the member for his speech. I am truly sorry to learn that he, along with 17 other colleagues, was the target of attacks carried out by foreign powers. To me, that is unacceptable. As for the democratic system, we must fight to preserve it. Obviously we are in favour of the motion, and things need to change. My question for my colleague is the following. The parliamentary secretary just downplayed the situation, saying that this is happening in other countries. However, the intelligence services tell us all the time that Canada has the worst record on this. This has nothing to do with other countries. What do we need to do to change this?

118 words

Context: House Hansard - 311 - May/8/24

Mr. Tom Kmiec (Calgary Shepard, CPC)

May/8/24 10:39:20 p.m.
Watch

Mr. Speaker, I wish I were pleased to join the debate, but I am not. I am one of those 18 parliamentarians who had their email targeted by APT31. To be perfectly honest, I did not know what APT31 was. I think many of my colleagues know that I spend a lot of time in diaspora communities, so I do know quite a bit about random, obscure groups that many of us do not pay attention to, but this is a new one even to me. I had to have staff actually look up what exactly this particular group was involved in. The attack was back in January 2021. By “attack”, I do not mean a physical attack. This was a digital hacking attempt, pixel reconnaissance. Again, that is another term I did not know, so I had to look it up. It was, I think, a sophisticated attempt. I would not have thought about it. My colleagues and members of other political parties know that I am quite paranoid. I think a little bit of paranoia is healthy in this line of work. I used to work for the department of defence as an exempt staffer for the Minister of National Defence during the Afghan war. I worked at the Alberta finance department as a policy adviser, where the security of budget documents was important, so just as a regular practice, I would do things like stopping my emails from automatically opening images. Little did I know that, in this situation, that would have helped me out, because those images are the ones that contain one pixel that would upload code onto whatever device would open it. In the case of my email account, I did ask my staff on their computers to verify whether those emails were opened and were still there in my email account, and they were. This is one of the problems I have with what the government's position has been, along with the Communications Security Establishment and the House of Commons cybersecurity. As soon as I found out about this, just a few weeks ago, I contacted them immediately to find out whether they knew or whether there was something that I should do. At first, I got kind of mixed messages from them, saying they kind of knew about the investigation but they did not know. It was not really clear. There were two different emails saying almost identical things, using synonyms to avoid actually committing to anything, which I guess is typical. I do not fault them for it. However, when it came to the fact that my email had been targeted, I would like to have been told of that fact back in January 2021. I would like to have known, because I could have deleted those emails. I may have gone back to those emails several times and opened them all over again. I will even read the headlines for colleagues, because I have them. The first one was on January 28, 2021, and it reads, “More than 50 passengers killed”. It looks like a random story about a traffic accident in western Cameroon. We get lots of different emails. There is not necessarily a reason for us to open those. It is signed by a David Aaro, and “nropnews” is a domain name. The next email is from Brooke Singman, on China's GDP. I might have opened that email out of sheer curiosity about what an analyst might be saying. The third email has the headline of “Canada parliament labels US far-right Proud Boys group 'a terrorist entity'”, by David Aaro again. These emails were over several days. They were not all on the same day. They are just three emails that I still have in my email inbox that I could have reopened for whatever reason while searching for another email, because nobody told me anything. Nobody did. I think it is both immoral and unethical, what happened through the House of Commons, CSE, and especially the Liberal government. For all the talk of wanting to protect Canadians, doing right by them and ensuring there is no foreign interference, it is only when the government is called out that it starts pretending it is going to do something. I deal with political prisoners. I deal with people who have fled their country of origin, who were political activists. They were in jail. They were on death row, some of them. They were democracy activists. They were journalists, perhaps, in their country. I have one working for me who was a journalist in a country that has an authoritarian regime that shut down her newspaper. I have met journalists who used to work in Turkey who are on the Turkish “grey list”, which is their terrorist list. This particular individual has not done any crime of terrorism. I call her the Robert Fife of Turkey. She reported on the fact that the Turkish government, during the Syrian civil war, had given weapons and arms and other means to ISIS and ISIS-affiliated jihadi groups. These are the people I meet with. They all saw the news that I had been targeted. They all worry. It directly affects the type of work that I can do, the type of work I am interested in doing, the type of work I have been asked to do by the leader of my political party as the shadow minister for immigration, refugees and citizenship. Refugees are quite core to that. Many of these people have applied for and obtained protected person status in Canada. I read your ruling, Mr. Speaker, and this is, like you said, material to the type of work that I do. When the government claims it is doing enough, no, it is not doing enough. The fact is that nobody on the Liberal benches in the front cabinet, especially those responsible for administrating CSIS and CSE, thought they should warn the 18 parliamentarians, including me, my colleague from Selkirk—Interlake—Eastman, the member for Sherwood Park—Fort Saskatchewan and the member for Calgary Midnapore. There are several of us, and there are members of the Liberal Party. The member for Scarborough—Guildwood is one of the co-chairs of the IPAC group that was specifically targeted for that work. It is immoral. It is unethical. When I then turn around to the diaspora groups, the chatter I am hearing is, “If the government will not protect you, if it will not protect a member of Parliament or a senator, what chance do we have?” No wonder they are self-censoring and so scared to speak out about things that are going on in their country of origin, but also about foreign agents in Canada who are interfering with their rights to free speech as free Canadian citizens in our own country. Now they are afraid, because they look at us. Many of us are human rights advocates. We do pro-democracy work. We help groups organize and we give them ideas on how to lobby and advocate for things on important issues that they care about. However, they then ask, “Well, if I send you the email, is it actually protected? Will you protect my identity?” I have had meetings where members of the public have asked me to turn off my phones and put them away. I mean shut them down and put them away. I know why they are doing this; it is because they are concerned that people can easily tap into these devices, which are generally unsecured, and then they can turn on the microphones on devices. There is a reason why, in our caucus rooms, we do not bring our devices into the room. They are left in little metal cabinets, and we roll them in and roll them out all the time. I remember, as caucus chair, trying to convince my colleagues to leave their devices behind, which is very difficult. I see some members nodding and admitting how difficult it is for them to be kept away from the devices. Especially in the case of APT31, I started to look, and the member for Selkirk—Interlake—Eastman before me kind of started to go into who this group was, because I was interested in this. There is a $10-million reward for seven of them on the U.S. Department of State's Bureau of Diplomatic Security's rewards for justice program. It has seven persons listed. It says that the hackers have helped China's Ministry of State Security conduct malicious cyber operations against U.S. critical infrastructure through their front company, Wuhan Xiaoruizhi Science & Technology Company. It is part of a group of China state-sponsored intelligence officers and contract hackers known in the cybersecurity community as APT31. Again, this was news to me. I would like to have known about APT31. However, they are not just contract hackers; they are China state-sponsored intelligence officers. The rewards for justice website says that if anyone has information on these China hackers, Wuhan APT31, also known as Zirconium, Violet, Typhoon, Judgement Panda and Altaire, or associated individuals or entities, they should contact the rewards for justice program via the Tor-based tip line, and they may be eligible for a reward or relocation. Again, this organization is not just a random group of hackers in mom's basement. Therefore CSE, House of Commons security, the cybersecurity people, CSIS, the government, the public safety minister, the Prime Minister and everybody else seems to claim, “Well, we told somebody; that should be good enough”, but they have a moral and ethical responsibility to inform parliamentarians directly, beyond what the law says, both for our personal protection and for the protection of people that we deal with. What they are essentially saying is that we are on our own but that if someone finds out later, they will tell us. Then they will say, “Oh yeah, whoopsie doodle. True, there was an attempted hack.” It is not enough to say that the hack was not successful. We are being targeted; that is the problem. I am sure that our digital infrastructure, the cybersecurity infrastructure for the House of Commons, is strong and that it is good enough. I remember trying to get Zoom right after the pandemic shutdowns had begun, and our caucus was the first one to go on Zoom. I remember the cybersecurity people telling us, “No, you must send your signals through a House of Commons server based in Canada.” We waited patiently for the three days that they asked us to so we could actually host a meeting of the Conservative caucus right when the shutdowns began across the country. Therefore I trust them in that security infrastructure, but what I have a problem with is the fact that we were targeted and not told, in 2021. I had to be told by a foreign government, the Americans. Oftentimes, because they are our cousins, they are almost part of the North American security infrastructure. I studied in America. I know that few of my colleagues look up my bio because, why would one do that? I have a concentration in counterterrorism and the Department of Homeland Security. It is just a personal interest area, but it is not focused on digital cybersecurity, to be honest. This is why I did not know. These particular individuals, again, are not just a random group of hackers doing it for fun or doing it for money. These are intelligence officers. That is what the U.S. Department of State says. I had to find out from a foreign government, the FBI telling a parliamentary group that I belong to. I had to sign off on letters, listen to what the analysts had to say, get information from them and share information with them. I had to find out from a foreign government that I was being targeted, openly targeted. I have been criticized by foreign governments before. Famously, about two years ago, I was criticized in Pakistan's national assembly for raising very simple questions in the House here about a $50,000 taxpayer-paid trip by a certain chief of defence staff in the Pakistani military. I was highly unpopular. I was very popular in my riding, though, because I have a lot of constituents who are Mohajirs and Sindhis, who are highly persecuted. I did it on their behalf and they deserve to know. However, they are going to come to me and ask me if what they tell me is protected. Am I protected? Can I guarantee to them that what they pass on to me, my email, digital files and the personal security in my offices, is protected? I worry because I worry for them. There is a great Yiddish proverb. I never miss an opportunity to share them. I know members wait for them. If we take the Prime Minister's words and the public safety minister's words and CSE's and CSIS's words, and if their words were a stick, I could not even lean on it. It is a great Yiddish proverb. It is so true in this situation. The claim has been in the newspapers that, because it was not successful, we did not need to know. I have it in the complete reverse. Because we were targeted, we did not just deserve to know; they were morally obliged to tell us and ethically obliged to tell us. Whoever found out should have told us because, for three years, we could have adjusted our behaviour. We could have changed the way we did things. We could have turned around and told the diaspora community leaders, the groups we were working with on petitions, on letters and on starting campaigns to rescue political prisoners in other countries, that maybe we should do it a different way. Some of us travel to regions of the world that are dangerous, like Ukraine. Some of us travelled to Iraq just a few years ago, which is not exactly the safest region to travel to generally. I found, on the ground, that it was very safe. I would have liked to know if I was targeted by, say, an Iranian-based hacker group that works for the Islamic regime, if I had been in the region. I now have to work under the assumption that, even if I were targeted, if the target was not successful in hacking into my emails or hacking into my personal digital files or any of my social media accounts, because it was not successful, I could be the target of one of these espionage or hacker attempts. There are many of us who work with these types of individuals. Because we know that it was APT31, thanks to the FBI, thanks to IPAC, thanks to the U.S. Department of State, not thanks to our government, we have to now wonder if we are individually, because of the work that we do, targeted by another foreign regime. The member for Selkirk—Interlake—Eastman talked about the work he does on behalf of the Canadian Ukrainian community. He has spoken out repeatedly against the Kremlin. If there was a Russian hacker group, of which they have many, and they are renowned in the Kremlin for both operating state-sponsored groups and also paying contract hackers, and if he were to be targeted, nobody would tell him unless it was successful. If it was successful, then he would likely know about it. One can see where this is going now. This does not make any sense. The government's position makes no sense. In the Speaker's ruling, he said that this matter was in fact a prima facie violation of our privilege. I knew that from the moment it happened that this would be the case. I am very glad that he ruled that way. I am glad that the member for Sherwood Park—Fort Saskatchewan brought it to the Speaker's attention and made a very cogent case on why we should be protected. I want to bring up another fact, which is that this actually happened in Belgium as well. This is not APT31's first attempt. APT31 is renowned. APT40 is another group that has also done it repeatedly against others. It is not just IPAC members. I am going to draw one's attention to one particular group that was targeted in Belgium. It was a series of politicians, including the former prime minister of that country, who were targeted. One foreign affairs minister and several parliamentarians were also targeted by APT31, around the same timeline that we were. In that particular country, those targeted were also not told. In Belgium, they all had to go public and shame their government in that situation. As far as I know, in this particular attack, I think only Finland and one other, I believe, Baltic state informed their legislators that they were victims of such an attack. Then again, they are also much more used to it. They are right next door to the Kremlin and the Russian Federation, which makes it their business to be in all of our business. They want to know what emails we are exchanging. They want to know the people we are meeting with. They want to know what devices we are using as well. This is the problem I have with how this has been handled by the government, with its claim that it is doing enough and that it has introduced this new process. Those five members, like I said, were a former prime minister, the chair of the foreign affairs committee, the vice-chair of the foreign affairs committee, the Belgium-Taiwan Friendship Group and a member of the EU foreign affairs committee. I have the declaration in French and am going to read it into the record. Statement of Belgian elected officials targeted by APT31 It has now been confirmed that all five of us were the target of a Chinese state-sponsored cyber-attack in early 2021. This was not an attack on any single political party or any particular country. It was an attack on any elected official who dares to challenge Beijing. We stand united in condemning these actions, which strike at the heart of the democratic values that unite us and that transcend party lines. Over the past decade, China has shown a growing desire to interfere in the political systems of other countries, including our own. All too often, its malicious actions have gone unanswered. We cannot allow this campaign of cyber-attacks against elected representatives of the Belgian people to remain without a robust and proportionate response. We are calling on the government to do the following: Then they list five items. The statements ends with these two sentences: Chinese intelligence services tried to intimidate us, but they will never silence us. We will continue to actively defend democratic values and human rights in Belgium and around the world. This goes on. There was a case in New Zealand where APT40 as well hacked into legislators' and Parliament's devices. There was a cybersecurity attack committed in Australia, again by another state-sponsored affiliated group also out of Beijing. It is not like this is unique. This is another problem with the line the government has taken, which is to behave as if this is brand new and as if this has never happened before. That is the claim. That is the top-line talking point being printed out of the Prime Minister's Office and sent to all of us. That is simply not true. Since 2012, since Xi Jinping took over the Communist Party in Beijing, there has been a steady increase of attacks, both in rhetoric and in actual actions, by various hacking groups and by various military organizations. Like I said, intelligence officers of Beijing are now targeting 18 Canadian parliamentarians. For three years, we were told absolutely nothing. I only found out a few weeks ago. The moment I found out, on a Tuesday, I immediately began contacting the House of Commons' cybersecurity. I want to get to the bottom of this. Every single member who was targeted should have a chance to speak in the House and to explain exactly how this impacts their work, so it can become a permanent, official part of Hansard, and the next time this happens, the Liberals cannot claim that they did not see anything, that they did not hear anything or cannot say that it did not work, so we should not be bothered by it. We were targeted by a foreign government because of our parliamentary work. That should be enough. It was immoral not to tell us. It was unethical not to tell us.

3517 words

Context: House Hansard - 311 - May/8/24

Mr. Tom Kmiec (Calgary Shepard, CPC)

May/8/24 11:34:52 p.m.
Watch

Mr. Speaker, the member for Winnipeg North talked about your ruling, so I did want to read a bit from it. I did quickly read it over one more time, and you actually did not praise anything the Liberal government has done over the past nine years to try to offset the amount of foreign interference in our country or said that the government has succeeded in somehow protecting parliamentarians, because it has not. In your ruling, Mr. Speaker, you said: Protecting the security of members, whether physical or cyber, is of course essential to the functioning of the House. Cybersecurity attacks to our systems have multiplied over the recent past and there are no indications they will stop or even diminish. In the comments made by the member for Winnipeg North, he implied that other foreign governments do this all the time, that it is like a common occurrence that could be happening. The implication is that there are other parliamentarians who could have been attacked by different foreign governments, but those attacks were unsuccessful so they were not told before the new regulations came into force in 2023. Can the member comment on that?

196 words

Context: House Hansard - 311 - May/8/24

Mr. Michael Cooper

May/8/24 11:35:56 p.m.
Watch

Mr. Speaker, it is a good question, and it really does raise questions as to whether other members have been targeted. Have other members been targeted in other cyber-attacks by the Beijing-based Communist regime or by other hostile foreign states, of which this government is aware and has not informed members? If that is the case, then it is incumbent on this government to do what it has failed to do up until now, and that is to follow the directive, which seems to be a hollow directive, a meaningless directive, a directive that is not acted upon, and inform all members affected.

105 words