So V ote

Context: House Hansard - 299 - Apr/15/24

May/30/24 6:20:27 p.m.
Watch
Re: Bill C-70

Madam Speaker, I want to thank everybody who participated in this important debate because it actually achieved one of my aims, which I talked about in my initial speech when I introduced this bill, and that is education. I will get into the reasons why that is so important. I am not shocked by this, but after listening to members, there seems to still be a level of misunderstanding of what exactly this bill is. I am going to talk about what it is, what it is not, and why it is so important. I will read the crux of what this bill is into the record one more time because then it will be easy to break down. It is subclause 13.1(1) of this need to know legislation, which reads, “A member of the Senate or the House of Commons who applies for a secret security clearance from the Government of Canada is, for the purposes of the consideration of their application, deemed to need access to the information in respect of which the application is made.” That is the important clause. My point is that the only thing this bill would do would be to allow parliamentarians to apply for a secret security clearance. The government would not be able to deny, regardless of who is in government, a parliamentarian from applying. That is all that it would do. It would allow them to apply. I would dare say that every speaker who spoke to this during the debate on my PMB highlighted two key examples: the Winnipeg labs, most recently, and the Afghan detainee file. A colleague just spoke to what this bill does not do. This does not guarantee a parliamentarian will pass, should they apply. They still have to go through the same security vetting and clearance process that we have been doing for decades. I have had a secret level clearance for likely 25 to 30 years now. I have been at the top secret level for 15-plus years. The clearance does not guarantee one has a need to know or that one gets access to the information because that is how the system protects it. One still has to demonstrate that to the government. Why is this so important? We have heard a little bit about this. The world is more complicated. We have listed a couple of historical examples. The most important one, which has been highlighted numerous times, is foreign interference. When we look at foreign interference, there are lots of cases. I do applaud the government about Bill C-70. It is going to come and address some of that because it allows changes to the CSIS Act, which then allows CSIS to actually share information beyond just the federal government, not just to potential parliamentarians. Again, if they are not cleared, they still cannot get that information, but it will potentially allow CSIS to share information to other levels of government, to industry and stakeholders, but they have to have the clearance. We have heard testimony and speeches here, so we know that parliamentarians are being targeted. We have seen the original NSICOP annual report of 2019. What was one of the key takeaways? Parliamentarians need to be briefed on the threats that they face from foreign interference. We have seen Madam Hogue's public inquiry into foreign interference. Just recently we saw the NSIRA report that came out. We are only a few days away from seeing NSICOP's latest report. However, it is not just from those agencies. I would like to read again from the recommendations that came out of PROC, with unanimous consent, just a few weeks ago. Recommendation 3 reads: That the government work with recognized parties’ whips to facilitate security clearances, at Secret level or higher, of caucus members who are not Privy Councillors (particularly those who sit on committees with mandates concerning foreign affairs, national defence and national security), who shall be taken as satisfying requirements for a “need to know,” to ensure that they may be adequately briefed about important national security matters, including foreign intelligence threat activity directed toward Parliament, or their party or its caucus members. The point is that this has already unanimously passed at PROC to basically implement what my bill is trying to achieve. In conclusion, I have not heard a single criticism of the bill that is based on what the bill would do and what is contained within it. I know members from all parties who I have talked to are going to support this bill. I am hoping that, when it does come up for a vote, it will pass unanimously.

786 words

Context: House Hansard - 299 - Apr/15/24

Apr/15/24 11:22:36 a.m.
Watch

Mr. Speaker, my whole point is to increase the level of education and, I would argue, parliamentary oversight. I talked at length about accountability and transparency. Ultimately, all of us in this place were elected to represent Canadians. There is a huge demand, and I am sure the member has heard from some of his constituents, asking why they cannot know about certain things. In reality, there are legitimate reasons why we need to protect information. I am just saying that here is a way, through a proper process, that Parliament could actually get to know the information, hold the government to account and provide greater transparency as we continue to improve national security and intelligence in this country.

119 words

Context: House Hansard - 299 - Apr/15/24

Apr/15/24 11:21:08 a.m.
Watch

Mr. Speaker, I have looked at some of them, but not specifically on this process, because for a lot of them it is actually a lot simpler to get a security clearance or access to information. In general, the U.K. has a much broader system to allow it. I am not proposing we adopt a U.S. system of congressional or senatorial oversight; I am just suggesting the first step in a process that would just allow us to apply. As I have mentioned, my bill would not guarantee that a member or a senator would actually get the clearance, and it would not guarantee they would get access. All it is saying is that the government of the day, regardless of political party, would not be able to deny somebody's applying to get a security clearance.

139 words

Context: House Hansard - 280 - Feb/12/24

Apr/15/24 11:19:07 a.m.
Watch

Mr. Speaker, I highlighted just how many people have security clearance in the country already. Over the last eight years, it is almost a quarter of a million people. The government ministers themselves, and likely some of the parliamentary secretaries, have the privilege of access to a lot of classified, sensitive information. NSICOP gets access to things, although it is prevented from accessing ongoing current investigations. Again, ultimately, just because someone has it, and this gets to my point, it does not meant he government has to give it. When a committee, such as foreign affairs or public safety, makes the case for why it needs access, and it secures it, that is the will of Parliament. I have given a couple of examples, of the Afghan detainee files and the Winnipeg lab files, that show that it does not mean that the access is going to get there, but part of the reason, in both of those cases, that the government came up with an ad hoc process was that it said members of those committees did not have appropriate classification. The bill before us would help address that, but ultimately it is on the individuals to protect the information if it could compromise security for individuals in this country.

211 words

Context: House Hansard - 172 - Mar/23/23

Feb/12/24 3:54:50 p.m.
Watch
Re: Bill C-377

moved for leave to introduce Bill C-377, An Act to amend the Parliament of Canada Act (need to know). He said: Madam Speaker, my bill would basically introduce and formalize a process to enable parliamentarians to request a secret security clearance from the Government of Canada by deeming that they need access to the information for the purposes of processing that request. Currently, individual parliamentarians have limited probability of obtaining a security clearance unless they possess one from a previous career or have the privilege of sitting on one of the special committees. Ultimately, this bill would increase Parliament's ability to take national security and intelligence issues seriously while facilitating Parliament's ability not only to hold the government to account, but also to increase Canadians' trust in our federal democratic processes and institutions.

136 words

Mar/23/23 4:10:36 p.m.
Watch
Re: Bill C-26

Madam Speaker, I am looking for the member's commentary on something I will read to him. It reads: There are several legislative changes that could be implemented to enhance cybersecurity in Canada. Some of these changes include: 1. Strengthening Privacy Laws... 2. Mandatory Reporting of Cybersecurity Incidents... 3. Improving Cybersecurity Standards... 4. Increasing Cybersecurity Funding... 6. Strengthening Cybercrime Laws... Overall, these legislative changes could help strengthen cybersecurity in Canada and better protect individuals and organizations from cyber threats. I am reading this and I could have read more, but this was all generated by ChatGPT. I could have also given some negatives around certain legislation. My point is that I think this emphasizes the importance of the bill and getting it right because we have artificial intelligence getting to the point where it can literally write speeches for us for the House if we want it to. I would like the member's comments on that.

157 words

Mar/6/23 5:24:43 p.m.
Watch
Re: Bill C-26

Madam Speaker, I referenced a couple important books and a couple references by some of our esteemed national security experts across this country. If people read through that and read some books that are out there, they would see this is a threat that has been building for the better part of a decade or more. The government has known about this since the day it formed government, yet we have seen no action. As mentioned by the CSIS director from 2018, here we are almost five years later, and we are just now seeing this important legislation being delivered.

100 words

Mar/6/23 5:10:37 p.m.
Watch
Re: Bill C-26

Madam Speaker, I will take maybe a different tack today to contribute to this debate on cybersecurity. I am going to tell a story about Tom and how he has been impacted by technological changes over the last couple of decades. Before I tell Tom's story, I have to share Emily's story with technology and why this legislation and changes to cybersecurity in Canada are so important and so needed. Before I get into that, I think it is important to first lay out in simple terms what this bill is about from my current understanding. There are really two parts to the bill. The first part is about amending the Telecommunications Act to address and fix the security needed for our Canadian telecommunications system. The bill would do this by addressing it through two means. First, it would “direct telecommunications service providers to do anything, or refrain from doing anything, that is necessary to secure the Canadian telecommunications system.” As well, it would establish some monetary penalties tied to those changes. The second part of the bill is all tied to the critical cyber systems protection act. It would provide the framework for the protection of our critical cyber systems, which are vital to national security and public safety. It would do that through five different aspects. First, it would authorize the government to designate those services that are vital to Canadians, those critical sorts of services, what they are and what systems are tied to them. Second, it would authorize the government to establish who is responsible for maintaining those systems. Third, it has how these cybersecurity incidents would be reported and how Canadians and institutions comply with those changes. Fourth, it lays out how information would be shared and, arguably, needs to be protected. Finally, it gives the “so what” of the enforcement and the consequences for non-compliance with the legislation. In reality, this bill is quite lengthy and very technical, so I am going to focus most of my speech around two important aspects of the bill. The first aspect is the threats to cybersecurity. The second is information sharing and the need to protect Canadians' privacy rights while highlighting the important need for transparency. How would the government ensure the accountability of any institution affected by this bill, particularly the government itself, with the additional powers this legislation would grant it? Let us get back to Emily. She is a senior citizen and a retired teacher. She uses a mix of online banking and billing, although she still prefers to handle the majority of her financial transactions right at the bank. She has a fledging social media presence mainly to stay in contact with her grandchildren and friends. She even has a TikTok account at her grandchildren's urging. We will see if she is going to change her mind and delete that sooner than later. Being online and connected is essential to all Canadians now, more than ever, as a lot of Canadians rely on the Internet for their daily lives. It is about more than just conducting business and paying bills. As I have mentioned, we have seen an increased dependency on the Internet, especially for government services. In the last few years, under the Liberal government, it continues to shift more and more government services online, while unfortunately decreasing service delivery for those without access to the Internet at the same time. I will not go into detail on all the shortfalls I see with the current approach, considering that a large portion of rural Canada still do not have access to high-speed or dependable Internet. What threats does Emily face? She complains about getting emails and phone calls from people alleging to be affiliated with her bank or service providers. She wonders about the advertising that shows up on her social media feeds that align with something she only mentioned in an email to a friend. How is all of this happening? To quote the director of CSIS from December 4, 2018, over four years ago, during a speech that he gave to Bay Street, which I have extracted from Stephanie Carvin's Stand on Guard, Mr. Vigneault stated that the greatest threat to our prosperity and national interest is “foreign influence and espionage.” While terrorism remains the number one threat to public safety, “other national security threats—such as foreign interference, cyber threats, and espionage—pose greater strategic challenges”. In her book, Professor Carvin clearly lays out the risks associated with cyber-attacks, whether malware, ransomware, a targeting of critical infrastructure, denials of services or others. She talks about cyberterrorism, cyber-espionage and cybercrime, so how do we deal with this? We deal with this not only through this legislation, but also, mainly for some of the challenges we have, as my colleague from Selkirk—Interlake—Eastman talked about in much greater detail earlier today in his speech, our Canadian Armed Forces, the Communications Security Establishment and even our federal police services, which have ways to deal with this. My colleague hinted that sometimes the best defence is a good offence. Offensive cyber-operations are really not the bailiwick of this legislation, although I would offer that there is some overlap, as we look at a lot of these threats Canadians and Canadian institutions are facing are financed through cyber-attacks and more here at home. We need to tackle this and get the balance right. The bottom line is Emily and Canadians like her being affected by all of these cyber risks. Professor Carvin pointed out that at least 10 million Canadians had their data compromised in 2017 alone. Unfortunately, this number is likely under-reported, and neither the government nor the private sector fully understand the scale of the problem. To sum up, the threats are huge. Bill C-26 must balance privacy rights while ensuring national security. Increased use of encrypted apps, data being stored in the cloud on servers outside of Canada, IP protection and more factor into the challenges of getting this legislation right. In order to deal with these threats, the legislation would need to enable our security establishments with robust, flexible powers. However, these robust powers must come with clear guidance on how far and when to inform the public. This is essential in rebuilding our trust in our democratic institutions. The Business Council of Canada has already publicly expressed concerns over the current draft of this legislation. It rightly identified that large companies, and also small- and medium-sized enterprises, are concerned that the sheer amount of red tape tied to this bill is extremely high. We need to get the balance right. It is vital, and it is going to require significant expert testimony at committee. Although I would argue the legislation is desperately needed, and I would argue even late in coming, it needs to be done right and cannot be rushed through debate or review at the committee stage. I have some final comments. This legislation is needed to protect Canadians. However, this legislation needs to be reviewed regularly and needs to include safeguards. I know if he gets the chance, the member for Winnipeg North might ask about what amendment we are recommending. There is no annual reporting mechanism in this bill, so the government should have to table an annual report to Parliament outlining the progress on this legislation, and include an updated cyber threat assessment to Canadians and what it has been hearing back from the companies impacted by this legislation. Sean McFate, in this book The New Rules of War: Victory in the Age of Durable Disorder, wrote, “ Secrets and democracy are not compatible.... Democracy thrives in the light of information and transparency.” Finally, I will conclude with Tom's story and how he has been impacted by technology. The bottom line is that he has not been. He does not have a cell phone. He does not use the Internet. He only pays in cash and does not have a credit card. The only way he is currently being impacted is when he shows up to try to get some federal services from the government. He cannot do it because he does not have any of that, and he cannot get anybody to show up in an office to work.

1404 words

Mar/6/23 5:09:14 p.m.
Watch
Re: Bill C-26

Madam Speaker, I will ask a question I asked earlier of another member. In this member's opinion, what does she view as the greatest threat to Canada's cybersecurity? Is it state actors? Is it cybercrime and cyber-technology? Specifically, what does the member think is the greatest threat that we face as a nation around cybersecurity?

58 words