SoVote

Decentralized Democracy

Member of Parliament

Tracy Gray

  • Member of Parliament
  • Member of Parliament
  • Conservative
  • Kelowna—Lake Country
  • British Columbia
  • Voting Attendance: 68%
  • Expenses Last Quarter: $131,412.70

  • Government Page
Context: House Hansard - 172 - Mar/23/23
Mrs. Tracy Gray
  • Mar/23/23 5:29:51 p.m.
  • Watch
  • Re: Bill C-26 
Madam Speaker, that is one of the parts of the bill that philosophically sounds like a great thing that the bill could work on, but again, we do not have any details. It is a great objective, but we do not really have any strategies or any other information, so that is something that definitely could be asked at the committee as well.
63 words
  • Hear!
  • Rabble!
  • star_border
Context: House Hansard - 172 - Mar/23/23
Mrs. Tracy Gray
  • Mar/23/23 5:28:54 p.m.
  • Watch
  • Re: Bill C-26 
Madam Speaker, that is certainly something committee members could ask the expert witnesses when they are there at committee. Maybe they could delve into that more to see what those issues are and what the opportunities might potentially be for amendments. That is one of the things that could be looked at in the committee. Certainly the committee members there could ask those questions for the witnesses.
67 words
  • Hear!
  • Rabble!
  • star_border
Context: House Hansard - 172 - Mar/23/23
Mrs. Tracy Gray
  • Mar/23/23 5:27:30 p.m.
  • Watch
  • Re: Bill C-26 
Madam Speaker, I appreciate the great question from my colleague. That is a great recommendation, and I will just give a very specific example. One of the roles that I have had in my career was the privilege of being on the board of one of the largest credit unions in Canada for 10 years. We underwent extensive training and cybersecurity was one of the topics that we had to do. I was able to take some of that training and bring it into my small business that I had at the time. I remember thinking that I wished a lot of other small business owners could be going through the extensive training that I just went through. That is a great approach and something that we should definitely work on.
131 words
  • Hear!
  • Rabble!
  • star_border
Context: House Hansard - 172 - Mar/23/23
Mrs. Tracy Gray
  • Mar/23/23 5:25:51 p.m.
  • Watch
  • Re: Bill C-26 
Madam Speaker, I think a part of the piece of legislation is that we really do not have the details, and that is part of the concern, so I am hoping that, if it goes forward to committee, some of that could be worked out, because that is part of the concern right now. We have the topic and we know what the overarching desire is and what the fines may be, but we do not actually know what all of the regulations would be, and that does raise a lot of concerns, especially for small businesses that do not really know at this point what the bill would mean for them. Hopefully that will come out at committee and there will be more information added, potentially as amendments to the bill.
132 words
  • Hear!
  • Rabble!
  • star_border
Context: House Hansard - 172 - Mar/23/23
Mrs. Tracy Gray (Kelowna—Lake Country, CPC)
  • Mar/23/23 5:16:09 p.m.
  • Watch
  • Re: Bill C-26 
Madam Speaker, it is an honour to speak today in the House on Bill C-26, an act respecting cybersecurity, amending the Telecommunications Act and making consequential amendments to other acts. With every passing year, Canadians are increasingly moving their lives online. They communicate with loved ones through email, messaging, photo sharing, video calls and more. They can order their entire grocery orders, rent cars for the weekend and book appointments with a click in an app. As more and more Canadians choose to put more of their lives online, it falls to us, as members of Parliament, to ensure our cybersecurity laws are as protective of their personal and private information as possible. The next generation of Canadians are increasingly building their professional and personal lives online. At the same time, they face mounting threats from foreign actors, ranging from scammers to state actors. These actors have shown they would use any tactic, from identity theft to cyber-attacks, to exploit Canadians and attack our institutions. That is why the legislation we have before us today is essential, and why getting it right the first time is even more important. In particular, it must protect our online information while not crushing our small business start-ups under mountains of red tape. On this side of the House, my Conservative colleagues and I believe that, as currently constructed, Bill C-26 fails to account for the welfare of small business start-ups by adding more red tape and placing burdensome costs on our homegrown technology sector. As constructed, this bill would directly affect start-ups by adding further bureaucracy that would drive up their starting costs. It would overburden with regulation the small telecommunications providers, the companies that provide our families and businesses with access to a global market online. Wrapping them in red tape could risk our access to competing on the world stage. The Liberal government has already made it hard enough for start-ups, and the Liberal record on small business has been one committed to mazes of bureaucracy, punitive fines and penalties, and rising inflation. A Liberal economy of high tax and wasteful spending has already made it hard enough for start-ups. Through the overarching premise of this cybersecurity bill, we know that it is needed. We absolutely need to update our cybersecurity laws, while at the same time we cannot allow Bill C-26 to add unnecessary burdens to business, especially small businesses. I am particularly concerned about how this bill's regulations would also apply to businesses “irrespective of their cyber security maturity”, implying that providers who already have advanced electronic protection measures would still have to comply with the new regulations of the bill. This means that businesses could not continue using their current, possibly more robust, cybersecurity systems. Instead, they would have to disregard their current cybersecurity measures and replace them with the newly proposed government model. Even Canadian businesses that have already worked hard to protect their customer security at accepted global standards would still incur more cost despite their robust electronic security measures. They would need to invest in government-regulated security measures, incurring costs such as inspection, extra time, installation and further training. They may have to completely overturn their superior standards for the government's preference. The thing is, we do not know what the regulations would be or how they would affect businesses, because the actual regulations have not been developed. That is how the government does a lot of its bills. There are great titles, with few details. We are expected to just trust the Liberals to figure it all out later, behind closed doors, with no opportunity to study them at committee with expert witnesses. Imagine if this regulatory framework were applied to any other business. Suppose we were regulating changes in the banking security industry. We would require that every Canadian bank and credit union tear its building down to the ground, brick by brick, and then rebuild itself from scratch. That really does not make sense. Now is the time when we should be encouraging competition and bringing in more telecommunications companies. We know Canada has some of the highest telecommunications costs in the world. As more and more Canadians move their lives online, whether for banking, social media or work, adding more tape in this bill, as mentioned, would make this transition far more difficult. Costs never remain in the businesses' ledgers forever; they are inevitably always passed on to the consumer. As a government, we should encourage the next generation of Canadian entrepreneurs who are innovating. I will mention, as a sidebar, that I was formerly on the industry committee and we did a quantum computing study, which was, frankly, terrifying. It was about how Canada could be exposed to bad actors, which could affect every part of our online lives. As these technological advances develop, we have to be aware of risks and be able to stay ahead of technology. These enterprises, businesses and telecommunications providers do not need more red tape; they need a stable market without uncompetitive government interference. We know very well how easy it can be for the government to build regulations that only the largest providers of an industry can shoulder. Without attention to scale, a single fault of noncompliance could instantly wipe out a smaller company. The legislation would allow ministers and bureaucrats to levy fines as high as $15 million without special consideration, such as the size of a company's user base. Nonspecific details like that are music to the ears of our largest telecommunications providers. Monopolization of our telecommunications sector is something Canadians are already concerned about. We must always proceed cautiously, so as not to turn away innovation and new businesses entering the market, which creates healthy competition. For example, these fines could also be enacted under the vague term of “protecting a critical cyber system”. This vague terminology can leave a lot of leeway for government ministers to injure Canadian businesses with rampant fines. There is already a shortage of online and electronic security professionals in Canada. According to the Business Council of Canada, an estimated 25,000 personnel are needed in the cybersecurity industry. Instead of dissuading these crucial professionals from joining this industry and helping keep Canada safe from domestic and foreign cyber-threats, let us provide a better framework and encourage them to build new businesses in this essential industry. Let us not scare them off with red tape and penalties. As members can see, the legislation proposed for Bill C-26 has some significant concerns that require amendments at committee. Regulations being made with a lack of transparency behind closed doors, after the bill passes, is a concern. Conservatives will be looking to make amendments to the bill at committee as we hear from experts. As I mentioned earlier, my Conservative colleagues and I encourage and support new, updated and secure cybersecurity measures being put in place, especially as more and more Canadians move their lives online. However, by placing more and more red tape on small and start-up businesses and providers that have already been in the industry for years, the bill would effectively dissuade businesses from entering this market and providing more services for Canadians. Large and mature businesses can handle the related costs of Bill C-26, but the associated expenses could crush small businesses. I have worked, for much of my career, around various regulated industries and have seen, all too often, red tape and regulations making it too hard for small businesses to even start or to stay afloat without being acquired by larger firms, as small companies just cannot keep up with the regulatory compliance. Cybersecurity threats affect all our communities. In January, an international ransomware group claimed responsibility for an Okanagan College cyber-attack in my region. Let us keep Canada safe by building clear online security measures that would encourage start-up professionals and businesses to help build up our cybersecurity infrastructure to a world-class standard. We will not accomplish this goal if we continue to add burdensome fines, penalties and red tape.
1363 words
  • Hear!
  • Rabble!
  • star_border