Bill C-299 (Historical)

Mr. Speaker, I know they like to come and talk but not bother to vote. At least they could let other people talk sometimes. I will make the best effort to continue, notwithstanding the interruptions.

In terms of the question, the Minister of Finance has been clear that that intention reflected in the ways and means motion will also be carried forward in the budget implementation bill. The ways and means motion corresponds exactly to what will be in the budget implementation bill. It is not a question of dealing with the statutory measure through the ways and means motion. It is a question of dealing with it through the budget implementation bill and creating, through the ways and means motion, the authority to do that and proceed with that.

On the other questions that were raised yesterday, Mr. Speaker, you heard submissions from the member for Pickering—Scarborough East in which he argued that the government's ways and means motion tabled yesterday was out of order based on the rule of anticipation. He argued that the previous consideration of Bill C-253 made it impossible to now consider the ways and means motion.

Marleau and Montpetit observes at page 476:

The moving of a motion was formerly subject to the ancient “rule of anticipation” which is no longer strictly observed.

In fact, if we read on, they go on to observe that it is even stronger than that. The rule of anticipation is not just “no longer strictly observed” in the Canadian Parliament, it never really was. Also at page 476, they write:

While the rule of anticipation is part of the Standing Orders in the British House of Commons, it has never been so in the Canadian House of Commons.

I would repeat and underline, “it has never been so in the Canadian House of Commons”.

They go on to conclude:

Furthermore, references to attempts made to apply this British rule to Canadian practice are not very conclusive.

Simply put, the argument posed by the member for Pickering—Scarborough East might succeed were he in the British House of Commons but it cannot succeed under Canadian parliamentary practice. There is no barrier to considering a different item touching the same subject matter, and most certainly the budget bill and this Bill C-253 cannot be considered to be two bills similar in substance.

Beauchesne's Parliamentary Rules and Forms of the House of Commons of Canada clearly sorts out the Canadian rule at paragraph 655, found on page 198. It states as follows:

A bill is in order when substantially different from another bill on the same matter previously disposed of during the session.

That rule applies clearly to the situation at hand. The budget implementation bill is substantially different from another bill previously disposed of during the session, that being Bill C-253. In fact, the difference is so great that the government opposed Bill C-253. It is introducing and obviously supports the budget implementation bill.

Clearly, it is substantially different, not just in its breadth of subject matter but also in the substance of its effect.

The ways and means motion and budget bill are significantly broader than Bill C-253, applying to a wide range of taxation and fiscal measures. They are also substantially different in the impact they will have on the finances of the public treasury and the effect they will have on the narrow question of how RESPs operate.

In addition, and putting it another way, the ways and means motion in part is reversing a decision the House made with respect to Bill C-253. The precedence for proceeding this way is as follows. At page 496 of Marleau and Montpetit, it states:

The House may reopen discussion on an earlier decision...only if the intention is to revoke it;

Standing Order 18 basically says the same thing.

Beauchesne's Citation 592(1) states:

A resolution may be rescinded and an order of the House discharged, notwithstanding the rule that a question, being once made and carried in the affirmative or negative, cannot be questioned again....

Technically indeed, the rescinding of a vote is the matter of a new question; the form being to read the resolution of the House and to move that it be rescinded; and thus the same question which had been resolved in the affirmative is not again offered, although its effect is annulled.

There have been examples of orders being rescinded, revoked and discharged that could be found in Journals of May 7, 1898, page 269; August 1, 1942, page 708; November 22, 1944, page 923; November 24, 1944, page 927; and December 23, 1988, the House adopted an order revoking an order with respect to the sittings of the House which can be found at page 80 of the Journals of that day.

Therefore, repealing, rescinding and revoking a previous decision of the House is considered a different question.

Rule 655 of Beauchesne's can be seen to be definitive in determining that a ways and means motion and a budget bill based upon it are properly in order before the House. The roots of the rule in Beauchesne's, let us call it the Canadian rule, go back to just after Confederation.

A ruling of the Speaker on June 4, 1872, is exactly on point. The question the House was considering was an effort to legislate that one could not sit both in the House of Commons and in a provincial legislature at the same time, but two different efforts to do the same thing in a slightly different way were allowed to be considered in the same Parliament. This was found acceptable by the Speaker, who overruled an objection raised by the MP for Bothwell, who had argued, “that the principle involved in the bill is precisely the same one as the one voted on before”. More particular, he argued, “it proposes to deal with the same subject, and disqualify as candidates for election to the House of Commons the same class of persons”.

The Speaker found that was a “technical argument and that substantially the questions were different”.

As an aside, it is fascinating to read those Journals to see Sir John A. Macdonald's name listed among those voting in the majority at that time on that question in favour of the measure opposed by the Liberals of the day. It is also fascinating to see on the same day the vote on amendments from the Liberals seeking to ban any shareholder in the Canadian Pacific Railway from standing for Parliament, a discriminatory and unfair measure that the House wisely rejected that day.

However, returning to the main point, that ruling in 1872 is the anchor for the Canadian rule, different from the British, that a substantially different bill can deal with the same subject matter previously disposed of during the same session, which is exactly the case here.

The Canadian rule has been reaffirmed in many Speakers' rulings in the years that have followed. On February 24, 1971, Speaker Lamoureux restated the rule quite conclusively. He stated:

There is, therefore, in my view nothing procedurally wrong in having before the House at the same time concurrent or related bills which might be in contradiction with one another either because of the terms of the proposed legislation itself or in relation to the proposed amendments.

Related bills yet in contradiction with one another and, thus, substantially different, therefore, are entirely in order, just as is the case here.

In another decision on June 8, 1988, the Speaker reviewed all the relevant precedents and concluded as follows:

...I must declare that the practice of one bill amending another bill still before the House or not yet given Royal Assent is an acceptable one.

Again, this applies exactly here. Bill C-253 has not yet been given royal assent and the ways and means motion on budget bills seeking to affect it are acceptable under this rule.

The essence of the Canadian rule on those matters can be summarized by saying that the Speaker is never empowered to block such bills through a rule of anticipation. It is a question for the House of Commons to decide.

As Speaker Fraser ruled in 1992:

The Speaker of the Canadian House of Commons has not been given any specific authority over the form or content of omnibus bills.

Mr. Speaker, you are not empowered to do what the member for Pickering—Scarborough East is asking you to do by ruling on the content of the ways and means motion and the budget implementation bill. It is up to this House to pass judgment on the content of the motion and the bill.

I will re-emphasize once again that in a minority Parliament it is fully within the power of those members in opposition to pass that judgment contrary to the will of the government if they see fit to do so. They are seeking not to do so and seeking, instead, Mr. Speaker, to have you do that for them.

For the integrity of the government's fiscal plan, the government believes that if Bill C-253 becomes law, then it must be repealed in order to implement the provisions of the budget. We are talking about $900 million to $2 billion in lost revenues annually for the federal government and $450 million to $1 billion in lost revenues annually for provincial governments.

When the House adopted Bill C-253, it had not yet seen the detailed proposal that is contingent on repealing an earlier proposal. I see nothing procedurally wrong with the proceeding on the matter. One recent example is Bill C-27, the identity theft bill, which includes a coordinating amendment that would effectively replace the provisions of Bill C-299, a private member's bill currently before the Senate on identity theft, with the provisions in Bill C-27.

Ultimately, it is up to the House to decide. Speakers have consistently ruled that they do not have the authority to divide a bill and the question of the contents of a bill is best left as a matter for the House to decide.

Mr. Speaker, the final authority I would draw your attention to is the ruling of Speaker Fraser on November 28, 1991. It concluded, as well, that these issues are matters for the House to decide. The bill in question in 1991 was Bill C-35, an act to correct certain anomalies, inconsistencies, archaisms and errors in the Statutes of Canada. It proposed to amend, under certain conditions, a bill that was at second reading, a bill that had just received third reading, two other bills that were at third reading and two bills that were at committee.

The Speaker noted:

The legislative process affords ample opportunity for amending proposed legislation....

Speaker Fraser's observations in 1991 are a worthy guide to your role here, Mr. Speaker.

He concluded that:

It is the duty of this Chair to safeguard the rights of the Members and the House to make fully informed decisions on the matters before it....

He continued:

The legislative process offers ample opportunity....

Then he goes on to review the options and scenarios, such as amendments, refusal, approval, further study and more, but ultimately he concludes:

All of these avenues offer Members full remedy to this conditional approach to legislating should they object to it. That decision rests with the House.

I repeat that key conclusion: that decision rests with this House.

The authorities are clear. Beauchesne's states the Canadian rule authoritatively:

A bill is in order when substantially different from another bill on the same matter previously disposed of during the same session.

Yes, the ways and means motion and the budget implementation bill do, in small part, touch the same subject matter as Bill C-253, but they are substantially different: different in scope, different in breadth of issues, and different in the substance of what they seek to do on the limited subject matter that they do have in common.

That difference in substance renders the ways and means motion and budget bill in order and properly a question to be decided by this House, not, with the greatest of respect, by you, Mr. Speaker. It may not be the British way, but it is the Canadian way from the time of Sir John A. and the days when he represented the fine constituency of Kingston in this House, which you represent today.

I do have a question, because I recall as well that some of the issues surrounded the definitions of information.

I see in this bill—and I'll sort of can it here for you, or for me, maybe—first, “identity information”, which is in the legislation and in the Criminal Code, “means any information...commonly used...to identify...an individual”. I'm cutting out a bunch of words. It includes biological or physiological, of course, but it's any information commonly used to identify an individual.

In PIPEDA, the definition is “information about an identifiable individual”, but then, importantly, “does not include the name, title or business address or telephone number of an employee of an organization”. So, essentially, what Bill C-27 does is use “personal information” from PIPEDA and add—am I right or not?—the name, title, business address, or telephone number of an employee of an organization. If I recall, that was one of the problems with Bill C-299.

Thank you, Mr. Chairman.

Thank you, Minister and officials, for being here. It's nice to get back to some black letter law and discuss what I think is a very good initiative, Mr. Minister.

I think some credit has to go to a member of Parliament, Mr. Rajotte, whose private member's bill we discussed. It's somewhat fresh in my mind.

Not to be overly protective of backbenchers and private members, I see there is a provision in this law that seems to suggest that if another piece of legislation, Bill C-299, comes into effect, this legislation will kill it.

We were aware at the time that there were some gaps in it. Are you satisfied that Bill C-27 covers everything that Bill C-299 was going to cover? I am just going from memory, but it seemed to me there was a fair amount of nervousness from the private investigating community and from other communities with respect to what they could and couldn't do.

Do you think Bill C-27 makes things better with respect to what we identified as gaps at previous hearings?

Mr. Speaker, it is an honour today to rise on Bill C-27, an bill that seeks to protect Canadians from identity crime.

At the outset of my speech, I do want to particularly thank the Minister of Justice, the Parliamentary Secretary to the Minister of Justice and the entire department for all their work on this issue. I had an opportunity to work on it with respect to a private member's bill that was unanimously adopted by the House in the last session. I was very pleased that the government did bring forward a much more comprehensive piece of legislation on identity theft in general.

The reality is that technology has made financial transactions virtually instantaneous, but it has also made personal information more vulnerable to misappropriation and misuse. Identity information has in reality become a commodity. It is easily acquired and can be instantaneously transferred from one person to another.

Identity thieves can use stolen personal information to open credit card and bank accounts, redirect mail, rent vehicles, obtain government benefits and even secure employment. When this happens, unsuspecting victims are left with unpaid bills and bad credit. Thousands of Canadians are victims of identity theft every year. Many of them contacted me in the course of preparation and adoption of my private member's bill.

In November 2006 an Ipsos Reid survey indicated that 73% of Canadians are concerned about becoming victims of identity theft and 28% said that they or someone they know has already been a victim of identity theft. In 2006 almost 8,000 victims reported losses of $16 million to PhoneBusters, the Canadian anti-fraud call centre. Many more cases are thought to go unreported. The PhoneBusters numbers likely represent only the tip of the iceberg as they do not include reports made directly to local police agencies, or all the incidents that go unreported for one reason or another, nor do they include identity thefts that have not yet been detected.

The Canadian Council of Better Business Bureaus has estimated that identity theft may cost Canadian consumers, banks and credit card firms, stores and other businesses more than $2 billion annually.

Credit card losses in Canada were reported by the Canadian Bankers Association to have reached nearly $300 million in 2006. Losses from debit card fraud approached $100 million in 2006 according to the Interac Association.

It is already a crime to fraudulently use another person's identity information and Bill C-27 strengthens the protections against identity fraud. But Bill C-27 also gives the police, prosecutors and courts new tools to catch, prosecute and punish those who commit identity crime by creating new offences that allow the police to intervene at an earlier stage of criminal operations before identity fraud or other crimes that actually cause financial or other harms are attempted or committed. These provisions will help stop criminal activity before Canadians fall victim to identity fraud.

Let me explain how the bill will accomplish its objectives. There are two phases to identity crimes. The first is in preparation where identity thieves gather and exchange personal information about others for later fraudulent use. The second phase is where identity thieves actually use that information to commit identity fraud.

Until now, only the second phase, the actual identity fraud, is a criminal act. Bill C-27 criminalizes the first stage by creating new offences for identity theft. These new offences will let the police intervene at the earliest stages when identity information is collected and transferred for the purpose of committing identity fraud. In this way, criminalizing identity theft will help prevent identity fraud and the victimization that ensues as a result.

Bill C-27 criminalizes identity theft because identity theft enables identity fraud. Before someone can commit identity fraud, he or she must obtain another person's identity information. This information, such as a credit card number or bank account number, is not considered to be property within the meaning of the theft provisions in the Criminal Code currently. For example, an unscrupulous salesperson who surreptitiously retrieves the information from a bank card or credit card during a purchase, a process which is known as skim and clone--something that happened to me--cannot be charged with theft because no physical object was stolen and the card holder has not been deprived of anything other than the ability to control the flow of the information. This is not subject to the current law on theft.

Other common ways of collecting identity information are going through another person's garbage, a practice known as dumpster diving, or catching a glimpse of account numbers or personal identification numbers of the person next to them, a practice known as shoulder surfing.

Another way for identity thieves to gather information is called “phishing”. Identity thieves send unsolicited emails that look like they are from a bank, credit card company or other merchant. The unsuspecting recipient is asked to provide his or her account numbers and passwords. The information is then sent straight back to the identity thief.

It is important to remember that identity information is not always obtained clandestinely. Identity thieves can get a potential victim's name and address from the phone book. They can browse social networking sites like MySpace or Facebook or gather other personal details that have been posted by users.

Social networking sites encourage users to share their birthdates, hobbies, interests, friends and addresses. In the wrong hands this seemingly harmless personal information can be used to perpetuate identity fraud.

Identity theft is a necessary step on the road to identity fraud. That is why Bill C-27 proposes to get tough on those who traffic and possess identify information for the purposes of later committing an offence involving the deceptive use of someone's identity. To this end, it creates three new offences.

First, Bill C-27 would make it an offence to possess or obtain, without lawful excuse, certain government issued identity documents. This new offence targets those who have official government documents with false information or who, without excuse, have the official documents of another person.

Official government documents are particularly useful to identity criminals because they are used to obtain other identification and access to government services. Criminalizing the simple possession of official documents, without lawful excuse, is at the outside of the criminal law power. However, the danger of having these documents fall into the wrong hand warrants these steps to protect them. It will be clear that people who hold these cards on behalf of family members or for legitimate business purposes are not committing an offence. Only where there is no lawful excuse for the possession will an offence be made out.

It is not only government documents, however, that need to be protected. Bill C-27 would create two offences that would target unlawful conduct in relation to identity information, whether or not the information was captured in an official identity card or document.

The first of these offences prohibits the obtaining or possessing of another person's identity information with the intent to perpetuate identity deception. Identity information is defined very broadly and includes anything that can identify an individual.

In addition, it explicitly includes a range of key pieces of information, such as name, date of birth, biometric information, financial account numbers, crucial alphanumeric identifiers issued by a range of authorities. This new offence targets those who have information about others, but who intend to use it to commit an offence that involves fraud, deceit or falsehood.

The second new offence also targets the illegal flow of identity information. This offence, however, goes after those who profit from supplying identity information to others, but do not themselves use it to commit offences. This offence prohibits trafficking in identity information, where the person knows or is reckless as to whether the information would be used to perpetuate an offence.

Each of these three new offences targets a separate aspect of the early stages of identity fraud. They are all dual procedure offences and punishable by up to five years in prison.

One concern in criminalizing the deceptive use of identity is to ensure that we do not inadvertently prohibit the use of undercover identities by police and other agencies. Toward this end, Bill C-27 contains two exemptions for the benefit of law enforcement.

The first exemption allows police officers engaged in undercover work to obtain and use forged documents in the course of their duties. The second permits document issuers, who sometimes are called upon by various government agencies to produce false documents for use in undercover operations, to continue to produce those documents without fear of prosecution for forgery. These two exemptions ensure that the new protections against identity crime will not hinder the legitimate work of law enforcement.

Bill C-27 would make other amendments to existing offences in the Criminal Code. All of these either supplement existing offences or clarify or expand their scope.

Additional Criminal Code amendments will create a new offence of fraudulently redirecting or causing redirection of a person's mail and a new offence of possessing a counterfeit Canada Post mail key. There are already certain Canada Post and mail related offences in the code, but the addition of these two new offences to complement the others are necessary because mail fraud continues to be a technique commonly used by identity thieves to get valuable personal information.

The bill would also create new forgery offences to complement those already in existence. Currently, it is a crime to make a forged document and to use a forged document as if it were in fact genuine. The bill would add to these new offences of trafficking in forged documents or possessing forged documents with the intent to either traffic or use them. These amendments should cover off all possible situations in relation to the handling of forged documents so there should always be a chargeable offence.

The legislation also proposes a few clarifications to the personation offence. We are proposing to rename the personation offence “identity fraud”. Personation is somewhat of an historical term that seems out of place in our modern world. More important, there is a great deal of confusion and uncertainty over what the terms “identity theft”, “identity fraud” and “identity crime” mean from one context to another. By renaming personation as “identity fraud” and by introducing preparatory offence for “identity theft”, we hope that this would at least bring some uniformity to the discussion about these issues in the Canadian criminal law context.

A few other more technical amendments will clarify that the offence of unlawfully possessing or using debit card data includes the PIN, or personal information number, of the bank card and will clarify that it is a crime to possess instruments for copying debit card information, devices known as “skimming” machines.

Bill C-27 gets tough on identity criminals, but we must not forget that thousands of Canadians are victims of identity crime.

Bill C-27 would allow a judge to order that a person convicted of identify offences be required to provide restitution of reasonable costs associated with the rehabilitation of the victim's credit rating and identity. This restitution power would supplement the existing restitution provisions, which allow for an order of restitution in respect of actual financial losses. It would help victims recover the costs associated with restoring their identities, in addition to whatever direct financial losses they suffered as a result of a fraudulent use of their identities.

I am sure all members of the House are concerned about the growing threat of identity crime. I know that I certainly am. That is why I introduced my private member's bill, Bill C-299. I want to thank all members for unanimously supporting that bill to go to the Senate, where it currently is.

I am very pleased that Bill C-27 would create new offences for possession and trafficking in identity information.

Bill C-27 would get tough on those who perpetrate identity crime. The government is responding to the demands of Canadians to do more to combat this problem. However, the identity theft problem will not be solved by government action alone. There are simple precautions that all Canadians can take to minimize the risk of falling victim to identity crime.

Prudent Canadians should take steps to protect their identity information. Experts of all types suggest: shredding all documents with personal information before putting them in the recycling or garbage; not clicking on links in unsolicited email messages; using automatic bill payments or secure online banking sites; only carrying essential identity documents in a purse or wallet; carefully reviewing all bank card and credit card statements and following up promptly on any unusual or unfamiliar charges; and contacting Visa or Mastercard or whatever institution with respect to travelling overseas that might result in payments. All these steps should be taken by Canadians in order to be prudent in the protection of their information.

Finally, some Canadians may want to take advantage of credit monitoring services that watch for signs of identity theft. Early detection of identity theft is crucial for minimizing the repercussions of the crime.

Identity theft and identity fraud are serious crimes. By tightening the identity fraud provisions of the Criminal Code and introducing new identity theft provisions, the bill would provide police, prosecutors and the courts the tools they need to combat identity crime.

Certain elements of the legislation are rather technical and complex. The criminal law has never before criminalized the acquisition of information that is, in many cases, in the public domain and widely and freely shared by millions of Canadians. The criminal law must ensure that this information is not used fraudulently to the detriment of others.

I believe all members are equally concerned about these problems. I also believe all members will be supportive of the approach we have taken. I ask all members of the House, as I did for my private member's bill, to stand in unison, support the bill and ensure that there is greater protection for Canadians with respect to their personal information and take some real action on identity theft.

Mr. Speaker, one of the things everyone can agree on in this government is that we have an extensive crime fighting agenda that is moving forward in a number of different areas.

I appreciate the member's concern for control of database information and all of us, of course, applaud and welcome every attempt by the private sector and others to disclose that information. As he quite correctly pointed out this is not just a Canadian problem. We see these gaps in other parts of the world.

However, I think the member will agree that this legislation is a significant step forward in cracking down on those individuals who exploit others and take advantage of them to make money at the expense of other people's identity.

I have spoken with a number of police agencies across this country which were the ones, among others, who pointed out the gaps that exist in the present legislation. The individual who is using a forged credit card obviously runs afoul of the law as it stands in this country. That person is charged for any number of offences that can apply to that individual. But these other groups of individuals who are trafficking and collecting personal information about others, there exists this gap within the Criminal Code.

We have been very careful to make this focused, to address the concerns of police agencies and others. They are quite concerned about a $2 billion a year loss. That is what we are talking about in this area and they want something done.

I appreciate suggestions, as I always do, from the hon. member. I have found him to be a thoughtful individual when it comes to these issues. As I have indicated to him before, I appreciate suggestions that he has made and I am sure will continue to make in the criminal law area.

However, with respect to this particular legislation, as he knows, it is more extensive and it goes beyond Bill C-299. So, in that sense, because it is expanded and is focused on what everyone would agree is a challenge for us in society today, I hope that it will get speedy passage from this House.

moved that Bill C-27, An Act to amend the Criminal Code (identity theft and related misconduct), be read the second time and referred to a committee.

Mr. Speaker, I am pleased to rise today to speak to Bill C-27, an act to amend the Criminal Code on the subject of identity theft.

This bill follows through on the promise made by the government in the Speech from the Throne to fight identity theft.

It also furthers the government's larger agenda of tackling crime and making our communities safer.

There is no universally accepted definition of “identity theft”, but it is generally understood to refer to either or both the acquisition or the use of identifying information of another person to perpetrate fraud or another related crime.

In most cases, the impersonation of someone else to obtain something of value is the goal of identity theft, as in the case of credit card fraud when someone pretends to be the cardholder in a transaction. In more serious cases, a criminal impersonates someone else to accomplish a more sophisticated fraud, such as real estate title fraud or mortgage fraud. We have seen this very recently in the province of Ontario, where by impersonating a property owner, a criminal sells or takes out a mortgage on a property and then disappears with the proceeds. The true owner then is left to struggle to retain title and perhaps also to fight with the mortgage lender to avoid the liability of that debt.

Sometimes impersonation is not committed for the purpose of using someone else's identity to obtain something of value, but rather to conceal the criminal's own identity. For instance, some criminals maintain and use the identities of others for run-of-the-mill transactions that are themselves part of a larger criminal scheme. For instance, they may use an innocent person's identity to rent an apartment in which they plan to manufacture drugs or from which they intend to sell illegal contraband. When the crime is detected, the trail can lead back to the innocent person who was unlucky enough to have his or her personal information stolen and used to protect the guilty. There may be little in the way of a trail leading to the guilty persons themselves.

Identity theft is not new, but it has certainly mushroomed in modern society. Our world is different in ways not imagined by earlier generations. Information itself has become a commodity. It opens the door to goods, services and places. In this new world, people are mobile and commercial transactions can happen across borders via technological means rather than direct human verification in near instantaneous timeframes.

New technologies have complicated the task of authenticating identities in yet an additional way. The very same technological innovations that have increased the speed, efficiency and convenience of our transactions with governments and the private sector have simultaneously created new opportunities for fraudsters and other criminals. This is because massive amounts of information are now stored in computer systems. Unless appropriate precautions are taken, the information stored in this way is vulnerable to being accessed and copied and effortlessly transferred in many cases across the border for criminal purposes.

We also know that identity theft has been linked to organized crime and also to terrorism. Identity theft is useful in both of these contexts as a method of revenue generation. It is also a method of identity concealment, which I also spoke about, that allows organized criminals and terrorists to avoid raising suspicion or being detected by authorities, especially in cases where their true identities are already known to law enforcement and other agencies.

While we do not have complete statistics on the cost of identity theft, it has been reasonably estimated that this costs Canadians approximately $2 billion a year. The cost of credit card fraud alone for the year 2006 was estimated by the Canadian Bankers Association to be close to $300 million and debit card losses were close to $100 million in that same year. These numbers have been going up incrementally over the last decade or so.

It is unmistakable. Identity theft hurts businesses, governments and individuals. Aside from the financial repercussions, individuals whose identities have been stolen report, not surprisingly, distress, anxiety and depression in terms of the effort involved in rehabilitating their reputations and credit histories and recovering lost property. They also report a significant emotional impact of having had their identities used by another person.

In the rare cases where the identities of innocent people are used to shield a criminal's identity, the victims must also struggle to demonstrate their lack of involvement in the criminal's scheme in order to protect themselves from suspicion of criminal responsibility.

In short, identity theft is both a crime in itself and a tool for the facilitation of other crimes. For offenders, it offers the potential for high financial risk coupled with a low risk of detection. Over the last 15 years, it has grown in frequency and seriousness and the criminal law has not kept up with these changes.

When I first announced that we intended to make these changes in Montreal, a reporter asked me if this was my attempt to stay one step ahead of the bad guys. I said that we just wanted to catch up with the bad guys. This is the challenge that we have in the Criminal Code as technology continues to change. The time has arrived for the government to improve the Criminal Code and to ensure that it fully meets the needs of Canadians today.

Let me focus on those particular problems that we have identified.

First, members would understand that there are obviously some significant challenges vis-à-vis terminology in this area. The terms “identity theft”, “identity fraud” and “identity related crime” are bandied about regularly, yet none of these terms have a precise or universally understood meaning. They are no terms that are currently defined in the Criminal Code and so the phrase “crime of identity theft” can immediately generate uncertainty as to exactly what is meant. One of the objectives of the bill is to bring some clarity to these terms in the context of the criminal law.

It may be helpful to first appreciate that there are two phases of an identity crime. The first is the collection of information and the second is the actual use of that information in connection with a crime.

Our criminal law addresses many of the situations where people actually use the identity of other people or some of their identity information in the commission of an offence. It is helpful to characterize this form of conduct as identity fraud, the focus being on the actual fraudulent use of an identity.

The crime of personation, for instance, directly targets the fraudulent impersonation of someone under certain circumstances. Specifically, a person commits the crime of personation when he or she personate someone else with intent to obtain property, another type of economic benefit, or even with intent to gain an advantage that is not economic in nature, or with intent to cause a disadvantage to any person. The Criminal Code also contains offences which prohibit the making of false documents and the use of those documents to deceive someone.

There are also offences in relation to the misuse or misappropriation of credit or debit cards and even the unlawful possession of certain types of credit or debit card data. All of these offences are punishable, as they should be, by up to 10 years imprisonment.

Another crime that frequently applies to an identity theft situation is the offence of fraud. Where the value of the fraud is over $5,000, the offence carries a maximum term of 14 years.

There are already strong sanctions in the Criminal Code for the actual use of another person's identity, but there are limitations. Most important, our Criminal Code does not currently criminalize the early phases of identity crime operations which involve the acquisition and transfer of the identity information for a later fraudulent use.

Unless people commit some other existing crime in the course of acquiring the information, such as the theft of a wallet or misuse of a computer system, they cannot be stopped when they gather or trade sensitive, personal information that subsequently gets used in crimes. This means that where the police find people in possession of comprehensive dossiers on individuals, including all manner of identifying information, they may be unable to lay a charge or even to seize the data. Likewise, where people set up shop of acquiring that information and then selling it for a profit, knowing that it might be used in the commission of a crime, there may be no chargeable offence.

We can group together various aspects of this early stage of an operation under the term “identity theft” as contrasted with “identity fraud”, which refers to the actual subsequent use of the information.

It is time for our criminal law to catch up with the criminals, and this is what Bill C-27 does.

First, it would create three new offences that would be directly target the identity theft stage of a criminal operation. All of these, I should point out, are punishable by up to five years in prison.

The first new offence would make it a crime to acquire, obtain or possess another person's identity information in circumstances giving rise to a reasonable inference that the information was intended to be used deceptively or fraudulently in the commission of a crime.

This offence directly attacks those people who, as a first step to a later crime, hack into a large corporation's computer systems to obtain customer information, or who send phony emails out tricking people into providing their personal information to them, or who dive through, incredibly enough, people's garbage cans looking for discarded credit card information or utility bill information. It would also make a criminal out of the person who receives identity information from someone else for later use to commit a crime.

A complementary offence would be created for those people who set up business as information traffickers. These people are not involved in the ultimate criminal use of the information, yet they provide the tools necessary for the criminals to engage in their crimes. The bill would therefore make it a crime to transfer or otherwise provide to another person the identity information of a third person, where the trafficker would know or would be reckless about the future criminal use of that information.

For both these offences, the legislation would create a broad definition of identity information which covers all types of information that could be used for criminal purposes. The definition includes name, date of birth, address, biometric information, various forms of alphanumeric identifiers, such as driver's licence numbers, passport numbers and financial account numbers, and any other information capable of being used in that way.

An important feature that members should notice here is that these offences are directed at the mishandling of information. This means it will not matter whether the information is contained in an official identification document, or it is copied or stored in some other form.

Another situation that the police are concerned about is the situation where they find people in possession of numerous cards or documents, which are commonly used for identification purposes, such as driver's licences, health cards and social insurance cards. It may be obvious that these documents were intended for criminal use, but there may be no chargeable offence.

To remedy this situation, the bill would create a new offence for unlawfully procuring, possessing and trafficking in specified government issued identification numbers belong to or containing information of other people or containing fictitious information. These documents are crucial tools for authenticating identity in the course of a wide range of interactions between citizens, the government and the private sector and for obtaining additional documents. They are easily misused by criminals and they must be better protected.

The bill would also amend existing provisions in the Criminal Code to create a complete package of criminal laws addressing identity theft.

First, the bill would complement the existing set of forgery offences by adding new offences of trafficking in forged documents and possessing forged documents with intent to use them or traffic in them.

It would also add new offences for fraudulently redirecting or causing the redirection of a person's mail. This one I like as well. We can see how easy that may be to start to redirect somebody else's mail to another place so that information can then be gathered up and used improperly. We make it a crime to possess a counterfeit Canada Post mail key.

In addition, the bill would make clear that the offence of fraudulently acquiring, possessing, trafficking and using debit card data includes the debit card PIN number, or the personal identification number.

The law also would be clarified to ensure that it would be an offence to possess instruments for copying debit card data, which are known as skimming devices, in addition to the existing offence of possessing instruments for forged credit cards. Again, this is an attempt to update the Criminal Code.

The offence of personation will be amended to make it clear that it is a crime to use another person's identity to evade arrest or prosecution.

Another clarification will help courts understand that personation can be an ongoing, multi-transaction occurrence, a true “identity takeover”, or a simple case of fraudulently using someone's information just one time, such as a single fraudulent credit card purchase.

Also, we are proposing to rename the offence from personation to “identity fraud” to better highlight its significance and to contrast it against the preparatory stages of identity theft.

We are concerned about the victims of identity theft. To help address the impact that identity theft has on victims, this bill would amend the restitution provisions of the Criminal Code to ensure that, as part of the sentence it imposes, a court can order the offender to pay the victim reasonable costs associated with the rehabilitation of that individual's credit rating and identity.

It is appropriate at this time to commend certain members of the House who have brought this matter forward. My colleague from Edmonton—Leduc has brought forward Bill C-299. It was originally drafted to address one aspect of identity theft, which is called pretexting. Bill C-299 passed third reading in the House on May 8, 2007 and is awaiting second reading consideration by the Senate.

In the world of identity theft, pretexting is the technique of using deception of one kind or another to get people to reveal personal information about themselves. Because Bill C-299 only deals with pretexting and not with other methods used by identity thieves to gather personal information, we are proposing that it be repealed, if it should be passed, when this legislation comes into force.

When Bill C-299 was before the justice committee, it was evident that all committee members were deeply concerned about the problem of identity theft and were motivated to act collectively to build consensus on an effective solution.

We all appreciate the efforts of the member for Edmonton—Leduc and I would like to take the opportunity as well to thank a couple of other members of the House. The member for Regina—Lumsden—Lake Centre and the member for Fleetwood—Port Kells have also previously tabled private members' bills in this area. Their combined efforts have helped educate all members of the House on the problem of identity theft.

I indicated there are limitations in the current criminal law. We intend to update and extend the use of the criminal law to keep up with the changes of technology that have taken place in this country. I urge all members to support this bill and get it enacted as quickly as possible.

Order. It appears we have a few moments and to save time later I will inform members of something they are just aching to hear about now.

As hon. members know, our Standing Orders provide for the continuance of private members' business from session to session within a Parliament.

The list for the consideration of private members' business established on April 7, 2006, continues from the last session to this session notwithstanding prorogation.

As such, all items of private members' business originating in the House of Commons that were listed on the order paper during the previous session are reinstated to the order paper and shall be deemed to have been considered and approved at all stages completed at the time of prorogation of the first session.

Generally speaking, in practical terms, this also means that those items on the Order of Precedence remain on the Order of Precedence or, as the case may be, are referred to committee or sent to the Senate.

However, there is one item that cannot be left on the Order of Precedence. Pursuant to Standing Order 87(1), Parliamentary secretaries who are ineligible by virtue of their office to be put on the Order of Precedence will be dropped to the bottom of the list for the consideration of private members' business, where they will remain as long as they hold those offices.

Consequently, the item in the name of the member for Glengarry—Prescott—Russell, Motion M-302, is withdrawn from the Order of Precedence.

With regard to the remaining items on the order of precedence let me remind the House of the specifics since the House is scheduled to resume its daily private members' business hour starting tomorrow.

At prorogation, there were seven private members' bills originating in the House of Commons adopted at second reading and referred to committee. Therefore, pursuant to Standing Order 86.1:

Bill C-207, An Act to amend the Income Tax Act (tax credit for new graduates working in designated regions), is deemed referred to the Standing Committee on Finance;

Bill C-265, An Act to amend the Employment Insurance Act (qualification for and entitlement to benefits), is deemed referred to the Standing Committee on Human Resources, Social Development and the Status of Persons with Disabilities;

Bill C-305, An Act to amend the Income Tax Act (exemption from taxation of 50% of United States social security payments to Canadian residents), is deemed referred to the Standing Committee on Finance;

Bill C-327, An Act to amend the Broadcasting Act (reduction of violence in television broadcasts), is deemed referred to the Standing Committee on Canadian Heritage;

Bill C-343, An Act to amend the Criminal Code (motor vehicle theft), is deemed referred to the Standing Committee on Justice and Human Rights;

Bill C-377, An Act to ensure Canada assumes its responsibilities in preventing dangerous climate change, is deemed referred to the Standing Committee on Environment and Sustainable Development; and

Bill C-428, An Act to amend the Controlled Drugs and Substances Act (methamphetamine), is deemed referred to the Standing Committee on Justice and Human Rights.

(Bills deemed introduced, read the first time, read the second time and referred to a committee)

Furthermore, four Private Members' bills originating in the House of Commons had been read the third time and passed. Therefore, pursuant to Standing Order 86.1, the following bills are deemed adopted at all stages and passed by the House:

Bill C-280, An Act to Amend the Immigration and Refugee Protection Act (coming into force of sections 110, 111 and 171);

Bill C-292, An Act to implement the Kelowna Accord;

Bill C-293, An Act respecting the provision of official development assistance abroad; and

Bill C-299, An Act to amend the Criminal Code (identification information obtained by fraud or false pretence).

Accordingly, a message will be sent to inform the Senate that this House has adopted these four bills.

Hon. members will find at their desks an explanatory note recapitulating these remarks. The Table officers are available to answer any further questions that hon. members may have.

I trust that these measures will assist the House in understanding how private members' business will be conducted in this second session of the 39th Parliament.

(Bills deemed adopted at all stages and passed by the House)

Thank you, Mr. Chair.

Thank you, witnesses, for coming again.

It becomes pretty apparent that this is a three-stool approach to a solution.

First of all, we need to make consumers aware, and I agree with your recommendation. I think that's prudent and that's something that needs to be done very soon, and we should take the initiative to do that.

Secondly, yes, I think there must be responsibility to corporations and those that handle credit information.

Thirdly, we mustn't forget one element that needs to be addressed, and continuously needs to be addressed in society, and that's the criminal element. There is a private member's bill, Bill C-299. Are you familiar with that? Do you understand that it deals with phishing and it deals with I think the phone soliciting, the pretext. How do you feel about that? Are we heading off in the right direction? Are we pretty excited about that now?

Mr. Speaker, I, too, rise in support of Bill C-299. I will speak very briefly on the matter because I think it is a subject that all Canadians should be concerned with, and it is fitting that the House of Commons is seized of the issue today.

I am not sure that all Canadians realize the magnitude and the scope of this problem. Today in testimony at the access to information, privacy and ethics committee we heard that it is estimated there are roughly 30 million incidents of identity theft or breaches of personal information in the United States per year, which could lead to identity theft. In fact, there were 104 million incidents in the last three years.

Coupled with the initiative by my colleague from Edmonton, Bill C-299, our committee has undertaken a comprehensive study and analysis. We will be doing a full review and study of identity theft in all its forms.

One of the things that comes to mind, and people who are following this subject might be interested in this, is the justice committee has also been dealing with the issue. I believe my colleague, the justice critic for the NDP, was aware of this. Back in February, it submitted a report to the House of Commons, urging the Minister of Justice to amend the Criminal Code to include identity theft as a separate item under the Criminal Code, thus recognizing the severity of the problem in society.

We heard evidence from the Privacy Commissioner today. She tried to give some definition to a problem that is abstract in nature and poorly understood by so many. I do not think people realize the number of ways identity theft is being planned and implemented as we speak. There are people out there with great technical skills who are busily engaging themselves in identity theft now, not always resulting in injury to a Canadian but it should still be considered a crime in the context of the RCMP looking into it.

One of the assistants to the Privacy Commissioner currently is a former deputy commissioner of the RCMP specializing in identity theft. We take some comfort that we are well served with expertise, watching out for our best interests in this regard. However, they are wrestling with how we might better protect Canadians from this problem.

One of the more egregious examples that came forward in testimony today is the situation, which happens from time to time in our country and in the United States, where houses are sold right out from underneath people, without them realizing it. Unwittingly and unknowingly to them, someone has usurped their identity, gone through the motions and actually sold their homes. The titles have been transferred and they are sitting in homes that they thought were theirs, but they have been stolen from them. That is perhaps one of more glaring or shocking examples, but people should be taking that seriously.

We note the commissioner of privacy in the United Kingdom has just issued a report on this issue of identity theft and uses the word “shocking” at some of the revelations of the criminal activity going on in that country. One of the more shocking things they have uncovered and revealed to us, and that we have taken note of, is the fact there are moles willing to sell information to undercover police or undercover journalists, as was exposed in that country, in virtually every aspect of the financial sector. They are willing to sell personal information for the purposes of illegal activity and identity theft.

It can be through phishing attacks or fake bank e-mails, which is another one Canadians should be cautious of. It has been brought to our attention that people are getting phony e-mails, using the banner and the template of a local bank, asking them to please verify their bank account numbers and their pin numbers so the bank can double check to ensure everything is on the up and up. Those are fraudulent messages but they are so professionally executed that even people who are cautious of identity theft in their personal information are falling for this and are sending their most highly protected personal information to these individuals with sometimes tragic results.

There are robots, Bots, circulating throughout the IT sector, Trojans and worms that creep into the electronic systems. On a cautionary note, people must become aware of and be cautious of the Facebook and MySpace domains, especially young people, because there are people trolling through that database of information for the purposes of identity theft.

If there are 30 million people per year whose personal information is being compromised by people who would and could use this identity theft to inflict financial injury on us, just by sheer ratio and proportion, we could safely say that there are roughly three millions Canadians per year who are suffering this.

The reason I raise this and the reason I wanted to intervene today is that it is wrong that companies are not required to notify individuals if their personal information has been compromised. Companies have no obligation or duty to notify people in the case of a breach.

Even if I did not suffer any financial loss, if my personal information and my privacy were compromised, I would want to know because I may choose to change where I am doing business if its security network is so lax that once, twice or ten times my personal information has been compromised.

One of the recommendations of the committee which just did a statutory review of the PIPEDA legislation, the personal information protection legislation, was that there must be a duty and an obligation on the company to notify people, whether it is the credit card company or the bank that has lost the records or whatever, that their information has been compromised.

We are taking this very seriously. Bill C-299, or what is left of it, would only help us in one aspect of all that needs to be done. It does in fact call for the Criminal Code to be amended so that identification information obtained by fraud or false pretence would be a stand-alone offence.

It has always struck me as odd that it is a stand-alone offence to steal a cow but it is not a stand-alone offence to steal an automobile for instance, and it is not a stand-alone offence to engage in this criminal activity which is very much a sign of the times and one that was never contemplated when the Martin's Criminal Code was put together. However, it is a much more pervasive problem today than a lot of Canadians realize.

We are not trying to upset people or to cause a panic. We believe that, by and large, our financial institutions do provide adequate security but if there are creative and highly skilled technical people who are looking for every opportunity possible to penetrate whatever security walls might have been put up in order to gain access to our personal information for nefarious reasons, we must to take this seriously. If we do nothing else in this particular area, in this particular Parliament, we should be able to tell Canadians that we are seized with this issue and that we will do all we can to protect their financial and personal information.

Mr. Speaker, it is my honour and privilege to announce that the Liberal caucus, the official opposition, intends to support Bill C-299. We believe that this bill addresses a serious issue and that the committee's amendments have resolved the problems with the original version of the bill.

We were very pleased that the member for Edmonton—Leduc accepted the amendments proposed in committee, specifically to change the definition of personal information, as was pointed out by my colleague from Moncton—Riverview—Dieppe in the debate at second reading. The definition that we originally found in Bill C-299, which was taken from the PIPEDA, was not appropriate for the issue of identity theft and pretexting.

We also pointed out that we were a little dismayed that the government was not addressing the issue of identity theft in its entirety. The department has been studying and consulting on the issue for over three years. At least two reports have come out on the issue with regard to the kinds of amendments that need to be brought forward in the Criminal Code and other legislation in order to address the issue in its entirety.

We would have preferred to see that kind of omnibus bill and overall reform rather than piecemeal, but I have to commend the member for Edmonton—Leduc for deciding not to wait on his government, which seems to be dragging its feet, and to move forward at least on this issue.

Liberals are pleased with the amendments brought forward at committee and are prepared to support Bill C-299 as reported back from committee.

Mr. Speaker, before I get started on my remarks, I would like to say hello to my mother, 87 years old, who has been ailing of late and is doing much better. They say behind that every successful man there is a surprised mother-in-law, but behind my mother there are 10 children, 60 grandchildren and 70 great-grandchildren, and we are all glad that she is still with us.

I am pleased to speak to Bill C-299. This bill was introduced by the hon. member for Edmonton—Leduc. It was supported at second reading and referred to the Standing Committee on Justice and Human Rights.

In February, the committee heard from the sponsor. During clause by clause consideration, the committee also heard from witnesses from the Department of Justice. Those discussions were very fruitful.

The objective of Bill C-299 is oriented toward a particular problem, specifically the practice which is commonly known as pretexting. Pretexting is the act of getting people to reveal personal information by various kinds of deception.

In this case, the sponsor of the bill was particularly interested in the obtaining of information about people by deception of other parties. The bill was focused on deception generally and also specifically on deception that takes the form of impersonating another person.

For example, there are many reported instances of people calling a telephone company and pretending to be a subscriber. The caller then asks for the subscriber's phone records. The telephone company, believing the caller to be an actual subscriber, releases the records. The caller then obtains the records, which reveal a significant amount of information about the subscriber.

This kind of practice can be a flagrant violation of privacy. It is also a tool used by identity thieves to obtain identity information that can be used to impersonate the subscriber in a range of different contexts.

In its original form, the bill amended the Criminal Code, the Competition Act and the Canada Evidence Act. It created new offences and other measures designed to address this form of pretexting conduct.

The justice committee of the House heard that there were some concerns with the bill as it was originally drafted. One set of concerns related to the offences that were proposed for enactment in the Criminal Code. For instance, as originally drafted, Bill C-299 would have created offences that criminalize the very act of obtaining personal information by deception of some kind, without anything more.

I mentioned previously that this kind of act can be a privacy intrusion or it can be the first step to an identity theft enterprise, but there are also legitimate circumstances in which deception is used.

For instance, deception is a legitimate investigative technique used by police. Undercover police are constantly deceiving the targets of their investigation as to their true identity, all with a view to obtaining evidence against those targets. Outside of the undercover context, the police can also use deception when they interview suspects.

There are many other legitimate circumstances in which people use deception to obtain information. Investigative journalists likely employ such techniques when they are tracking down a story. Although it may be distasteful to think about, it is probably also the case that parents, friends and spouses sometimes tell each other lies in order to uncover information.

Simply put, lying is not sufficient to amount to a crime. All of this is to say that the original wording of the offences proposed in Bill C-299 was too broad. It captured too many circumstances by also criminalizing deception that is undertaken for legitimate or non-harmful purposes.

I believe the hon. member for Edmonton—Leduc was in agreement with this assessment. As a result, the committee, with the sponsor's approval, amended those proposed criminal offences by adding an additional component.

Simply put, the additional requirement is an intent to use the information obtained to impersonate the person or to defraud someone. In the criminal law context, people obtain other people's information in order to use it to impersonate them. This is what is commonly referred to as identity theft.

Using another person's information like a key, the identity thief can then access their financial or bank accounts, sell their property, make purchases on their credit card, and so on.

While the acts of impersonating and defrauding someone are already criminal offences, the act of obtaining the necessary identifying information is not a crime, even where that is done for the sole purpose of using the information to commit an offence.

Following this logic, the committee adopted the offences that were proposed in Bill C-299 by adding a criminal intention to use the information to impersonate or to defraud someone. The result is an offence that criminalizes the deception as a tool of identity theft. At the same time, the offence would not criminalize lying in other contexts where there is no intention to later use the information to commit another crime. This makes sense.

By criminalizing for the first time one technique that is frequently used by identity thieves, Bill C-299, as amended by the committee, is a significant step forward for our criminal law and should be applauded.

However, the committee acknowledged that the offences, even as they were amended, did not completely address the problem of identity theft.

There are other tactics that identity thieves use to collect valuable information, such as rifling through garbage, hacking into computer databases, and watching over a person's shoulder as they use their cards. These methods do not rely on deception. As a result, Bill C-299 does not make these acts criminal. The committee recognized that Bill C-299 does not comprehensively address the issue of identity theft but viewed it as a good first step, and I would certainly agree.

In this regard, I would like to take the opportunity to remind members that the Department of Justice has been working on proposals to amend the Criminal Code to deal with the full range of identity theft situations. I understand that this work is ongoing. I hope that we will see more comprehensive government legislation in this area in the future.

The committee made a number of other changes to the proposed new Criminal Code offences. For instance, it replaced the definition of personal information that was previously provided. The original definition was the same as the definition from the Personal Identification and Protection of Electronic Documents Act, known as PIPEDA. That definition is “information about an identifiable individual”. This definition is suitable for a statute such as PIPEDA, which is designed to protect the privacy of personal information.

However, privacy is not the primary focus of an identity theft law. Identity theft is about protecting a person's identity from being falsely used, not about protecting privacy for its own sake, although privacy protection is certainly enhanced by identity theft laws. A definition which includes any information about a person is too broad for an identity theft offence because a lot of information that is about people is not useful for impersonating them. For instance, the initial definition would have included information like shopping preferences, a person's religion or height, and an infinite amount of other information. None of these types of information are relevant to identity theft.

The type of information that is pertinent to an identity theft law is information that is capable of identifying a person. This is a much narrower case of information than information that is about a person. For this reason, and again with the consent of the sponsor, the committee replaced the definition originally in the bill with a definition more suitable to the context.

Another change the committee made to the proposed Criminal Code offences was to expand the scope of the offences so they would cover not just the use of deception to get information from third parties, such as a telephone company, but so it captured the use of deception to get information from any person. This change means the use of deception to get a person to reveal identifying information about themselves would also be an offence. This makes good sense. We know that identity thieves do in fact get information directly from the people they intend to impersonate.

Phishing attacks are a good example. A phishing attack is an unsolicited email which falsely appears to be from a legitimate banking or other type of institution. It asks the recipient to provide valuable identifying or financial information, which the identity thieves then use. Phishing scams do not deceive third parties into revealing information; they deceive the victims directly. Bill C-299 has been reported back to the House in a form that would now capture this behaviour.

There were other elements of the original bill. There was a proposal to amend the Canada Evidence Act and proposals to amend the Competition Act.

With the agreement of the hon. member who introduced the legislation, the proposal that would have amended the Canada Evidence Act was deleted from the bill. Those proposals that pertained to the Competition Act were also deleted. It was suggested that the issues raised by those proposals would be raised with the Standing Committee on Access to Information, Privacy and Ethics for consideration as part of its legislative review of the PIPEDA legislation.

I thank the members of the committee for their detailed consideration of the bill and for their amendments to it, which I believe improve the legislation.

I again commend the hon. member who tabled Bill C-299, which represents an important first step in the battle against identity theft.

moved that Bill C-299, An Act to amend the Criminal Code (identification information obtained by fraud or false pretence), be read the third time and passed.

Yes. Bill C-299 is a study on counterfeit and piracy. I think I can speak for the member who presented the bill, as he is the chairman of our industry committee, and we are studying a number of concerns that interconnect somewhat. I think even in our discussion this morning, one of the things that become obvious is that this isn't just a Canadian problem; this is a worldwide problem.

My question would be, are we at the stage where we should possibly be looking at international laws and—this might sound a little extreme—possibly even an international court to deal with some of these issues? Because it's not just happening here; it seems to spread right across this globe.

Thank you, Mr. Chair.

Thank you, Madam Commissioner, for coming. Thank you for this great presentation. It's a serious problem we all know about. We all want to do something about it.

I want to address Bill C-299, a bill which I am familiar with. I'm going to speak on it, as a matter of fact, tonight, and I am the seconder of that bill.

There were some concerns, the concerns being that within the bill's writing, as it was originally drafted, Bill C-299 would have created offences that criminalized the very act of obtaining personal information by deception. The thought behind that was that legitimate circumstances for deception were used. They were talking about police possibly trapping criminals, or possibly even within a family. There are times when lying takes place and they didn't want to criminalize that. On the broader act, I guess the problem that cropped up was something that nobody really anticipated, and it underlines just how difficult legislation like this is.

Should we move forward and make recommendation for a broader act? Can you tell us of other areas possibly you see in the distance that could really create some problems, as what happened with Bill C-299?

Mr. Speaker, I have the honour to present, in both official languages, the 10th report of the Standing Committee on Justice and Human Rights.

In accordance with the order of reference of Wednesday, November 1, 2006, your committee has considered Bill C-299, An Act to amend the Criminal Code, the Canada Evidence Act and the Competition Act (personal information obtained by fraud) and agreed, on Thursday, February 22, to report it with amendments.

I also have the honour to present, in both official languages, the 11th report of the Standing Committee on Justice and Human Rights concerning the importance of ethnocultural communities and the prevention of crime, reintegration of offenders and the growth of safer communities.

As committee members know, prior to this meeting, numerous government amendments were distributed to the committee. I wanted to address them up front, and then we can go through them amendment by amendment. Mr. Rajotte mentioned in his remarks last week that the government amendments are considered friendly and within the scope of the legislation.

Mr. Rajotte's bill, Bill C-299, seeks to address the problem of identity theft in our country. The intention of the bill is certainly admirable. The government, however, could not support the bill as it was originally drafted, for a number of reasons. Reasons were also identified by some opposition members during debate on its second reading.

The amendments the government is moving today will focus the bill on clauses dealing only with the Criminal Code. That's further to the last committee meeting also, when we heard from most members on a desire to narrow the scope of the bill and also to further modify the language. There were some questions raised about the language in the bill.

Specifically, the amendments we're moving seek to define identification information to mean information about any person, living or dead, that is capable of being used, whether alone or in conjunction with other information, to identify that person. The amended definition will move away from personal information as defined, which is captured under PIPEDA and was identified as problematic by members of this committee.

The amendments we're moving also seek to clarify the scope of the proposed offences. As drafted originally, the offences were very broad and only captured personal information obtained through deception from a third person. The original drafting also did not specify that the information was obtained or distributed with criminal intent.

The government amendments further specify identification information obtained, sold, or otherwise disclosed from any person by a false pretense, or by fraud or with intent to commit fraud, or personation offences under sections 380 or 403 of the Criminal Code. It's narrowing the scope of the bill.

The other amendments seek to delete the clauses dealing with the Competition Act and the Canada Evidence Act. Members will see, when we come up to them, that it's simply deleting those provisions of the bill that deal with the Competition Act and the Canada Evidence Act, leaving only those provisions dealing with the Criminal Code.

Mr. Rajotte has suggested that the elements of the bill dealing with the Competition Act and PIPEDA could be referred to the Standing Committee on Access to Information, Privacy and Ethics, which is presently conducting a legislative review of the PIPEDA legislation and has a mandate and expertise to better consider these matters. That's a matter for the committee. The government is currently considering the submissions it received on the broader issue of identity theft and will respond accordingly.

Those are my opening remarks. I think as you see the amendments, their intent will be clarified, but basically it's a series of amendments to narrow the bill and better define what's left in the provisions related to the Criminal Code.

I call the Standing Committee on Justice and Human Rights to order.

We are here pursuant to the order of reference for Wednesday, November 1, 2006, Bill C-299, An Act to amend the Criminal Code, the Canada Evidence Act and the Competition Act (personal information obtained by fraud).

First on the agenda will be witnesses from the Department of Justice. We will hear testimony from Mr. William Bartlett, senior counsel, criminal law policy section, and Ms. Joanne Klineberg, counsel, criminal law policy section. Following these presentations we will hear from a member of Parliament, Mr. James Rajotte.

Go ahead, Mr. Moore.

As you know, there was a discussion yesterday between critics and me. We were very much looking forward to Mr. Rajotte's presentation. I appreciate your presentation today, but I would like to move that in the event that Mr. Rajotte is willing to entertain further consideration of the direction described in his private member's bill, we suspend consideration of Bill C-299 until next week, when there will be an advance distribution of the government's friendly amendments to the bill to committee members, so we can better consider that package.

The bill obviously amends three acts. I think both from the second reading debate and from discussions with the two relevant departments and with members, I've come to the conclusion that there's not support to pass the clause on the Canada Evidence Act and the four clauses on the Competition Act. The clauses on the Competition Act, I think, deserve further study. So if the committee studying PIPEDA is willing to look at those, I would be fine sending those there. But obviously my goal here is to move the legislation forward.

The primary point in introducing the legislation was the Criminal Code amendments. I'm not suggesting that we remove any of the clauses, but I understand that the justice department obviously wants some tightening up, and members of this committee want some tightening up, of some of the language of the Criminal Code amendments.

Mr. Comartin, I did want to say that my training is as an economist, as a political scientist. So I sort of gave the direction to drafting counsel to draft it with this intent. But if there are suggestions as to how this should be tightened up, obviously I'm willing to listen to them.

Thank you very much, Mr. Chairman.

Good morning to you, and good morning to all members of the committee. Thank you for allowing me to appear before you today on my private member's bill, Bill C-299. This is with respect to the general issue of protection of personal information.

I want to acknowledge the work of some members on this committee, both in the debate in Parliament—I appreciate that—and also in helping me to move this bill forward.

The purpose of this bill, Bill C-299, is to protect individuals against the collection of personal information through fraud and impersonation. This practice is often known as “pretexting” and is a widespread problem in the growing market for personal information.

This bill aims to close some of the loopholes in Canada's data protection law that allow data brokers to exploit people's personal information for commercial gain.

Specifically, this bill seeks to do three things. First of all, it seeks to make the practice of pretexting illegal through changes to the Criminal Code and to the Competition Act. Second, it seeks to provide a remedy for victims of this kind of invasion of privacy through legal recourse in the courts and compensation. Third, it seeks to tackle the cross-border aspect of pretexting by holding the Canadian affiliates of foreign companies liable for invasions of privacy committed against Canadians.

Mr. Chairman, information is one of the most valuable commodities in the new economy typified by the growing data brokerage industry. Data brokers buy and sell information, usually for commercial or marketing purposes. Sometimes this information is personal. Some of this industry is legal and consensual; however, there is mounting evidence to suggest that many aspects of the data brokerage industry are poorly regulated and that pretexting is a recurring problem.

Broadly speaking, there are two kinds of data brokers with the potential to invade people's privacy. First, there are the larger companies that trade in data, often for commercial or marketing purposes. Much of this is aggregated and not particular to individuals; however, individual information may sometimes be extracted from these databases. Second, a range of smaller companies offer to target individuals for a fee. These companies may simply sell personal information, or they may offer more invasive services, such as private investigation.

At the federal level, as you know, data protection falls under the Personal Information Protection and Electronic Documents Act, known as PIPEDA.

Privacy Commissioner Stoddart submitted a report in May 2006 to the privacy and ethics committee detailing possible improvements to this act. Notwithstanding possible changes to PIPEDA—and I welcome those—there are three major loopholes in Canada's data protection framework.

First, though fraud and impersonation are crimes under the Criminal Code, they do not apply to personal information such as phone records, consumer preferences, or purchases. This bill includes this type of information.

Second, while these actions violate PIPEDA insofar as it says that information cannot be disclosed without express consent of the consumer or a court order, this does not guarantee a remedy. For instance, the commissioner's rulings are not legally binding without a federal court order, and the transgressors are not named. Bill C-299 would change that by making it a crime under the Criminal Code to collect, or to counsel to collect, personal information through fraud, impersonation, or deception.

Third, the Privacy Commissioner has no jurisdiction to pursue complaints outside of Canada. This was a problem in Ms. Stoddart's own case, the case in which her own phone records were obtained by Macleans magazine from a data broker in the United States. This bill would allow Canadian victims of privacy invasion to seek compensation from Canadian affiliates of foreign companies that had invaded their privacy.

Mr. Chairman, I know this bill passed second reading with the support of a majority of the members of the House of Commons, but members at that time raised with me, in a very responsible way, the fact that amendments were needed to this legislation in order to pass it through three readings and through committee stage. I have discussed this with some of you here and I want to indicate that I am very open to amendments, as I was at second reading. I understand there are many concerns regarding elements of this particular bill and that some of you will not support the bill as drafted.

That being said, I believe in the need for this bill to address this issue—one part of privacy, one part of identity theft--and I have undertaken, with members of Parliament and with the offices of both the justice minister and the industry minister, to seek amending advice to improve the bill's effectiveness while alleviating many of your concerns.

So what has been proposed, which I would support as a two-pronged approach, is that this committee entertain significant amendments to tighten the scope of the legislation; and secondly, that a motion be passed referring certain clauses of this bill to the Standing Committee on Access to Information, Privacy and Ethics for consideration under the current legislative review of PIPEDA.

If it is the will of this committee to entertain significant amendments within the scope of the bill, I am informed that the government is prepared to bring forward amendments seeking to, first of all, delete the clauses seeking to amend the Competition Act and the Canada Evidence Act; and secondly, tighten the Criminal Code amendments to criminalize the collection of personal information with the intent of committing fraud or impersonation; the use of deception to obtain personal information from a third party for the purposes of committing fraud or impersonation; and the passing on of personal information of a third party to be used to commit fraud or impersonation.

I certainly welcome comments from the members, but my understanding is that these amendments will address most of the practices currently utilized to obtain, circulate, and execute identity theft and fraud. These amendments, the departments believe, are necessary, as the Criminal Code provisions as currently drafted in this bill might not pass a charter challenge and could also jeopardize current investigative practices used by some of our law enforcement agencies.

I strongly believe in the amendments I have proposed for the Competition Act, Mr. Chairman, but I understand that there are some serious concerns about these. Therefore, I would respectfully ask that the committee refer these to the Standing Committee on Access to Information, Privacy and Ethics, to be studied as part of the PIPEDA legislative review. I have the assurance from both the chair and the vice-chair of that committee that the referral would be welcomed by them.

Mr. Chair, in conclusion, I do want to say that the issue of identity theft is a serious and growing problem in Canada. This bill attempts to deal with one small part of that. I understand that the justice department has been looking at this issue for some time. I welcome that.

I look forward to a more comprehensive piece of legislation to deal with the issue of identity theft in general, but I believe it's important to move forward on this issue in terms of protection of personal information at this time. I would welcome this committee to study this bill and to amend the bill in the fashion I outlined, or I'm certainly willing to entertain any other reasonable amendments.

At this point, Mr. Chairman, I'd like to conclude. I look forward to your comments and the comments from other members of this committee. Thank you.

Mr. Speaker, I want to thank all of the speakers, both those from today and in June. I think it has been a very good debate.

I want to thank: the member for Renfrew—Nipissing—Pembroke; the Parliamentary Secretary to the Minister of Industry; the member for Argenteuil—Papineau—Mirabel; the member for Mississauga South, who had some very good points on identity theft in general; the Parliamentary Secretary to the Minister of Justice, who has been very helpful throughout this entire process; the member for Windsor—Tecumseh, from the NDP; the member for Hochelaga; and the member for Moncton—Riverview—Dieppe, who I think had some excellent suggestions in terms of improving this piece of legislation.

I want to touch on just a few points. First, I know that the two members of the Bloc Québécois have expressed some concern about this legislation. They argue that section 403 adequately addresses the issue of identity theft that I am trying to address in my bill. I would respectfully say that section 403 does not adequately address the issue of identity theft, particularly as it relates to new technologies like the Internet. This is a problem that needs to be addressed.

Second, I want to say very clearly that this bill is not in any way about micromanaging any actions of judges. I am not quite sure where the members were getting that in the legislation, but it is certainly not in the legislation. That is not the intent of this legislation at all.

Very plainly, the purpose of this bill is to protect individual citizens against identity theft. It does not deal with the whole problem of it, but it certainly deals with part of it. Identity theft is a problem that needs to be dealt with.

The purpose of this bill is to protect individuals against the collection of their personal information through fraud or through impersonation. The practice, which is known as pretexting, is a growing problem here in Canada and it needs to be dealt with.

Bill C-299 seeks to do three specific things.

First, it would make the practice of pretexting illegal through changes to the Criminal Code and the Competition Act.

Second, it seeks to provide a remedy for victims of this kind of invasion of privacy through legal recourse in the courts and compensation. It is very much about empowering individual citizens to respond to this invasion of privacy.

Third, the bill seeks to tackle the cross-border aspect of pretexting by holding Canadian affiliates of foreign countries liable for invasions of privacy committed against Canadians, one of which was committed against our own Privacy Commissioner, Jennifer Stoddart. I met with her on this legislation. I cannot speak for her, but I think, judging from her reaction, that she would very much like this bill to go to committee and move forward.

I want to also point out that a number of companies, associations and others that deal in the information technology area support this legislation. I am speaking of companies like Alcatel, Bell Canada, Alliance Bell , Telus, Rogers, the Canadian Wireless Telecommunications Association, and ITAC, the Information Technology Association of Canada. All of these companies have pointed out that identity theft is a growing problem here in Canada. They would like to see it dealt with. Even the Chamber of Commerce, which has pointed out some of its issues with specifics of the bill, supports the bill going to committee. The Canadian Manufacturers and Exporters association also has supported this bill.

I have sought to present a bill which deals with a problem that needs to be dealt with here in Canada. I appreciate the comments by all members. It has been a very good debate. I would ask all members to support in principle this bill at second reading and send it to committee, where I would be very open to engaging in a debate and to entertain any amendments that would improve the substance of the bill.

I would like to thank all members of this House for their participation. I look forward to the vote next week.

Mr. Speaker, it gives me great pleasure to rise and speak today in support of my colleague, the member for Edmonton—Leduc, in whose name this legislation is presented.

As a hard-working member of the industry committee, the hon. member is in touch with the concerns of the marketplace and various business practices. I share his apprehension when it comes to the importance of protecting personal information about individuals. I also recognize the fact that this is a challenge of the information age and a relatively new problem.

Defining this issue may mean that more than one attempt may be necessary in order to address the predicament which Bill C-299 is seeking to address.

The issue of personal information, how it is obtained and its various uses, was not an issue that the residents of Renfrew—Nipissing—Pembroke indicated to me was of urging and pressing necessity. However, during the last election, when one of my opponents reverted to an all too depressingly familiar style of negative campaigning that has come to characterize the old Liberal Party, the issue arose in a nuanced context to this private member's bill now before Parliament.

As is the practice of many members of Parliament, I communicate with the constituents of my riding of Renfrew—Nipissing—Pembroke in a variety of different means. One way is by sending birthday greetings. In the case of birthday greetings, individuals will send me details on behalf of a friend or a loved one through various methods. Usually it is a child who sends in details of a parent who has reached a milestone of life and wishes a congratulatory message from his or her MP to help celebrate the occasion.

Only the Liberal Party could see something sinister in sending a birthday greeting or Christmas cards to individuals. Nevertheless, this was the issue that the Liberal Party deemed to be most important in my riding, and it proceeded to attack on that basis.

I am pleased to confirm, by my presence in the chamber today, that not only did this tactic backfire, but constituents tell me this caused my opponent to finish more poorly than did his predecessor. The electors, in their wisdom, gave me the honour of being re-elected for the third straight election with the highest percentage of the popular vote for a Conservative in the province of Ontario. The smart voters of Renfrew—Nipissing—Pembroke are never wrong.

I relate this story to illustrate the difference between what Bill C-299 seeks to accomplish, which is to amend the Criminal Code to act as a deterrent to the fraudulent obtaining of personal information for abuse, and the generic use of information within the public domain, which is not the intent of this legislation to criminalize.

As a Conservative, I am proud to say that my party and I stand for less government, lower taxes, and a desire to interfere in the daily lives of Canadians in as few ways as possible. The one issue that separates the political labels of the left, which Canadians understand to mean Big Brother or more government, and the right, which Canadians understand to mean less government and more individual freedom, is the issue of personal information.

There are few topics I feel more strongly about than the privacy of individuals and the need to keep big government in check. However, the fact of the matter is that Canadians do live in the information age and in the electronic age a balance must be struck between the gathering of information and the use of that information.

Since I was re-elected I have been working on behalf of the people of Renfrew—Nipissing—Pembroke to bring high speed broadband, the information highway, to all the residents in my riding, particularly the residents in the rural parts of my riding who are without high speed Internet service.

New jobs and businesses are opening fast in the field of technology. We need to be able to provide companies that wish to locate in our rural communities with a skilled workforce and access to high speed communications. People cannot develop the skills needed to work in these new jobs if the tools to learn are not provided for them. Businesses will not locate in the rural communities without access to high speed communications. Without broadband technology, businesses in rural Renfrew County will not be able to fully compete on a local or global basis.

The future economic well-being of our residents depends on the smooth flow of knowledge. The difficulty is once the information highway is built, some things that travel on the information highway are not wanted. Spam fits that definition.

The May 2004 Anti-spam Action Plan for Canada defines spam as “unsolicited commercial email”. By this definition, the firm MessageLabs estimated that spam accounted for as much as 80% of global email traffic at the end of 2004, up from about 10% in 2000.

Spam is more than a growing nuisance. It is a public policy issue that challenges governments, internal service providers, ISPs, other network operators, commercial emailers and consumers to work together in new ways, with each stakeholder group fully playing its part to solve the problem that threatens the interests of all. Spam annoys and offends Internet users. It also provides a vehicle for activities that are clearly illegal, or should be.

While Bill C-299 would not curb all spam, it should curb: malicious actions that cause harm to computers, networks or data, or use personal property for unauthorized purposes, for example, viruses, worms, Trojan horses, denial of service attacks, zombie networks; deceptive and fraudulent business practices, including online versions of traditional mail-based frauds, for example, the Nigerian bank account, or 419 scam, and spoofed websites masquerading as legitimate businesses; phising emails designed for identity theft or to steal money; and invasions of privacy, for example, email address harvesting, spyware.

Because of all the above threats, spam undermines consumer confidence in e-commerce and electronic transactions between citizens and their governments. In addition, it imposes significant costs throughout the economy. These costs fall on a wide range of stakeholders, including: ISPs and other network operators, large enterprise users, universities, government departments, which must invest in the technical, financial and human resources needed to deploy anti-spam technologies at the expense of investments in new or improved services and which must allocate resources to respond to customer complaints; legitimate commercial emailers and other users of email services whose messages get filtered out by an anti-spam technology before they reach their intended recipients; and private and public sector organizations which employees waste time dealing with spam sent to their business email address.

Ultimately, all these costs fall directly, or indirectly, on consumers and Internet end-users who must cover the costs of fighting spam not only by purchasing Internet security software, but also by forgoing other kinds of service improvements and paying higher prices for the online products.

In closing, I once again congratulate the member for Edmonton—Leduc for bringing forth this legislation to deal with a serious and growing problem. I look forward to working with the member as we seek to find a solution to this problem.

Mr. Speaker, I rise today to speak to Bill C-299, An Act to amend the Criminal Code, the Canada Evidence Act and the Competition Act (personal information obtained by fraud). I will use my time today to discuss the proposed amendments to the Competition Act and the implications of the proposed bill for the privacy protections established by the Personal Information Protection and Electronic Documents Act, PIPEDA.

Before dealing with the specifics of these amendments, I would like to briefly comment on the overall intent of the bill. As I understand it, Bill C-299 seeks to protect Canadians' personal information from pretexting, that is, the collection of their personal information through fraud and impersonation. This is a very real concern for Canadians. I fully understand the hon. member's desire to combat the collection of personal information through fraudulent means. The Government of Canada has taken a keen interest in this issue given Industry Canada's responsibilities for PIPEDA and its overall goal of building a safer, more secure Internet.

New information technologies have revolutionized the way business is conducted and helped to make Canadian companies among the most efficient and competitive in the world. However, the electronic collection, storage and transmission of personal information, at the same time, carries the risk that personal information may be misappropriated and used without the consent of the individual to whom this information pertains.

What is particularly problematic here is that the full extent of the threat is unknown. Victims often do not know that their personal information has been stolen. When they do find out it can be months or even years. Victims can register their complaints with a variety of different organizations, such as credit bureaus, banks, credit card companies, federal and provincial privacy commissioners and, yes, law enforcement agencies. However, while it appears that this problem is pervasive, many victims do not report the crime at all. These victims silently suffer financial losses, a loss of reputation, emotional distress and the often difficult task of rebuilding their credit rating.

Those victims who do come forward report that their misappropriated personal information has been used in a variety of ways, including to open up a new credit card account, commit insurance or payment fraud, obtain government benefits, open up a new phone or utility account, or take out a loan in their name.

Clearly, we can all agree that this is a very serious problem, and the hon. member for Edmonton—Leduc is seeking to tackle this. However, what is the best way to deal with it? With this bill, the hon. member has proposed a number of avenues through which to do so. It is in this light that I wish to make my comments with respect to the amendments to the Competition Act.

The Competition Bureau is an independent law enforcement agency responsible for the administration and enforcement of the Competition Act, the Consumer Packaging and Labelling Act, Textile Labelling Act and the Precious Metals Market Act.

The Competition Act is an extremely important piece of framework legislation touching on virtually all sectors of the Canadian economy. It promotes and maintains competition so that Canadians can benefit from competitive prices, product choice and quality services. Headed by the Commissioner of Competition, the organization investigates anti-competitive practices and promotes compliance with the laws under its responsibility.

The bill seeks to amend a number of sections of the Competition Act to include provisions dealing with fraud, false pretenses and fraudulent impersonation.

As I mentioned earlier, the Competition Bureau promotes and maintains competition so that Canadians can benefit from competitive prices, product choice and quality services. More specifically, the bureau's mandate, as it relates to misleading representations, is to ensure that consumers are able to make informed decisions based on the most accurate information possible.

Under the Competition Act, misleading advertising is dealt with in two ways: through criminal provisions in section 52 of the Competition Act, and through non-criminal provisions in section 74.01 of the Competition Act.

Bill C-299 seeks to amend section 52. Currently, section 52 of the Competition Act contains a general prohibition to deal with the most severe cases of misleading advertising. It prohibits all materially false or misleading representations made knowingly or recklessly in the promotion of a product or business interest. Misleading advertising occurs when a representation is made to the public that is false or materially misleading and such a representation could influence a consumer to buy the product or the service advertised.

Additionally, Bill C-299 seeks to amend section 74.01 of the Competition Act. Currently, section 74.01 deals with deceptive marketing practices which are dealt with through administrative rather than criminal remedies. Under this section, a person engages in “reviewable conduct” where that person, for the purpose of promoting, directly or indirectly, any product or business interest, makes a representation to the public that is false or misleading in a material respect.

“Reviewable conduct” includes representations to the public as to the efficacy or length of life of a product that is not based on adequate or proper testing. It also includes representations to the public in the form of a warranty, guarantee or promise that is materially misleading.

Finally, Bill C-299 proposes an amendment to section 36 of the Competition Act, which deals with the recovery of damages in criminal cases and where there is a failure to comply with an order of the Competition Tribunal.

As I indicated earlier, the Competition Act is a key piece of framework legislation. If this bill is in fact referred to committee, I would urge a detailed examination of the proposed amendments to the Competition Act.

Let me now turn to my comments on Bill C-299's relationship to the personal information Personal Information Protection and Electronic Documents Act, PIPEDA, and the privacy protections that it establishes. There are varying consequences to deceitfully or fraudulently obtaining personal information. Individuals may be exposed to the risk of identity theft or their address may be obtained by a stalker or abusive ex-spouse. Alternatively, they may find their information populating a data broker's database or they may merely be subjected to unwanted marketing.

I would note that PIPEDA already addresses certain situations that Bill C-299 proposes to capture in relation to pretexting. For example, PIPEDA requires that organizations obtain individuals' knowledge and consent prior to the collection, use or disclosure of their personal information in the course of commercial activity.

Under the act, consent must be obtained anew for any use or disclosure for a purpose that differs from the purpose for which it was originally collected. On this basis, the act already requires that personal information be collected by fair and lawful means and that consent not be obtained through deception.

A very important aspect of PIPEDA makes organizations accountable for the information that is in their custody, including information that has been transferred to third parties for processing. Accountability is maintained whether these third parties are located in Canada or abroad. In this respect, there may be situations where PIPEDA provides a sufficient and adequate legislative response to the deceptive collection of personal information.

The member for Edmonton—Leduc has indicated that with this bill he aims to provide a remedy for individuals who have been subjected to the invasive practice of pretexting. I agree that effective recourse is essential to dealing with privacy violations.

Such a mechanism exists under PIPEDA, where privacy related conflicts are resolved through mediation and dispute resolution mechanisms with the assistance of the Privacy Commissioner of Canada. Unresolved matters may be taken to Federal Court, which has the power to order organizations to modify their practices and award damages to the aggrieved.

In light of the wide range of activities related to identity theft and the urgency of addressing the many facets of this issue, I would hope that linkages between this bill and other related government initiatives be considered.

For example, during the first hour of debate of this bill, the Parliamentary Secretary to the Minister of Justice and Attorney General of Canada noted that justice officials had been consulting with key stakeholders on improving the Criminal Code of Canada to deal with identity theft, adding that the department was committed to ensuring that Canada's criminal laws contain comprehensive and effective tools to combat identity theft.

The parliamentary secretary noted that he looked forward to working with his colleague, the member for Edmonton—Leduc, on protecting Canadians' personal information from misappropriation. Similarly, I would suggest that the upcoming review of PIPEDA will provide an opportunity for members of Parliament to assess whether the act's oversight and redress regime provides sufficient recourse for victims of privacy invasions such as pretexting.

I expect that a collaborative approach could be quite effective in addressing these issues that are of great concern, including phishing, spyware and related Internet threats, all of which can facilitate identity theft in the online environment.

I take this opportunity to echo the parliamentary secretary's suggestion and express my support for collaboration to ensure the development of a coherent and comprehensive solution to address issues related to the deceitful or fraudulent acquisition of identity information and to identity theft.

Mr. Speaker, I am pleased to speak on behalf of the Bloc Québécois about Bill C-299, An Act to amend the Criminal Code, the Canada Evidence Act and the Competition Act (personal information obtained by fraud).

I will try to summarize the content of Bill C-299 for the people who are watching. I will also try to explain the Bloc's position on this bill, which is at second reading. After the vote, we will decided whether or not the bill will go to committee.

The purpose of this bill is to amend the definition of “personal information”. The Personal Information Protection Act says:

“Personal information” means information about an identifiable individual, but does not include the name, title or business address or telephone number of an employee of an organization.

The bill will create three new criminal offences: obtaining personal information from a third party by a false pretence or by fraud, counselling a person to obtain personal information from a third party by a false pretence or by fraud, and selling or otherwise disclosing personal information obtained from a third party by a false pretence or by fraud.

Consequently, the bill really adds one new offence to the Criminal Code: obtaining personal information on a third party. In our view, at first blush, the Criminal Code already includes these types of offences. Once again, the Conservatives are trying to control the work of the judiciary, the work of judges, so that they have no leeway.

I will read section 403 of the Criminal Code, because it gives a good idea of the existing offences with regard to personal information. Section 403 of the Criminal Code says this:

Every one who fraudulently personates any person, living or dead,...is guilty of an indictable offence and liable to imprisonment for a term not exceeding ten years or an offence punishable on summary conviction.

Section 403 of the Criminal Code already provides that it is an offence to impersonate someone else. We feel it is pointless to add “personal information on a third party” because it is already included in the Criminal Code.

Section 403 says this:

Every one who fraudulently personates any person, living or dead: (a) with intent to gain advantage for himself or another person, (b) with intent to obtain any property or an interest in any property, or (c) with intent to cause disadvantage to the person whom he personates or another person ... is guilty of an indictable offence and liable to imprisonment for a term not exceeding ten years.

To add “with intent to obtain any record containing personal information about a third party” serves no purpose, in our opinion. Once again, this shows the Conservative tendency to try to restrict judges and lead them in a certain direction, although this is not the authority our society has given itself in the Criminal Code. The values defended by Quebeckers, and the values defended by the Bloc Québécois on behalf of Quebeckers, are very important to us. We support a society founded on a justice system that is balanced between the harm caused and the sentence that the courts may impose on a person who commits a crime.

We must always strive for balance. This is why our judicial system is based on an independent judiciary. For some time, we have been repeating in this House that we are anxious to see the day when patronage appointments no longer exist in the judiciary, and when we have independent committees to select our judges to ensure they are the most competent individuals for the role. I am not saying that the current judiciary is incompetent. What I am saying is that judges are often appointed on a partisan political basis. The press often criticizes this state of affairs, thus informing the general population.

Lastly, we hope to pass on to today's youth the values that we learned from our parents, grandparents and great-grandparents. This is the society that Quebeckers want, an equitable society based on a fair balance between the crime committed and the sentence imposed.

That is why we put our trust in the judiciary. Every time members introduce bills such as Bill C-299, the Conservative Party seeks to provide a framework for the work of the judiciary, that is, they try to package the work of the justices so that, in the end, all they have to do is read the text and apply the sentence. Quebeckers do not want this kind of society or these values. That is why the Bloc Québécois always challenges these bills.

In our opinion, the changes that Bill C-299 seeks to bring about are already found in the Criminal Code under section 403 and other sections that the bill would amend. Why try to add just a little bit more? This question comes up all the time. Our citizens are entitled to question the values of the Conservatives, these values that are often borrowed from the Republicans in the United States. That is why, although they only came into power nine months ago, the Conservatives already seem to be an old government. They clearly have a tendency, particularly as a minority government, of trying to pass on their values as quickly as possible.

When justice issues and amendments to the Criminal Code are at the fore, as in Bill C-299, we have an unfortunate tendency to try to control the judiciary's work and restrict judges' decision-making freedom. Obviously, this could be counter-productive and not in the best interest of the citizens we represent. We, the Bloc Québécois, are trying to maintain a balance here.

This is why, since 1993, a majority of Quebeckers have given Bloc Québécois members their vote of confidence: because the men and women of the Bloc Québécois know how to listen to what their constituents want. They did not make anything up. We trust the society our parents and grandparents left us. This is the very society we are fighting for today—a society seeking greater justice and equality. We hope it will be less controlling. It is this desire for control that leads to legislation like Bill C-299.

Since being elected, the Conservative government has been attempting to direct the decisions taken by the judiciary and judges. The fact is that no two crimes are committed under the same circumstances. That is why we as a society chose to have a judiciary system. Juries are sometimes brought into play. This is all pretty complex. An entire system is called upon in an effort to determine the appropriate sentence for the crime committed.

Of course, this unfortunate tendency to make penalties harsher or to take responsibilities away from the judges is reminiscent of the right-wing Republican tendency in that regard, and it is increasingly obvious from the actions of this Conservative government. Those are not values that Quebeckers defend or values that they want members of the Bloc Québécois to defend.

One might understand that, under the circumstances, we are not to eager to see Bill C-299 passed, especially since it concerns personal information about a third party. This could be interpreted quite broadly. We must bear in mind that there are certain realities in our society. I often think of our businesspeople trying to establish a client list who sometimes ask for information. We would not want matters of everyday life in our society to be misinterpreted. If the purpose of this bill is to prohibit the obtaining of any personal information, efforts should be made to strike a balance between the reality and business opportunities today.

Essentially, we have laws and amendment to the Criminal Code. There is no point adding in the Criminal Code that obtaining personal information about a third party constitutes a criminal offence. As I said, section 403 is already very clear:

403. Every one who fraudulently personates any person, living or dead,

(a) with intent to gain advantage for himself or another person,

( b) with intent to obtain any property or an interest in any property, or

(c) with intent to cause disadvantage to the person whom he impersonates or another person,

is guilty of an indictable offence and liable to imprisonment for a term not exceeding ten years or an offence punishable on summary conviction.

We believe obtaining personal information on a third party by fraud is already an offence that carries a maximum jail sentence of ten years, under section 403. Therefore, we see no reason to change that. However, the bill will probably be sent to committee and we will be open to debate the matter, and perhaps even to make amendments, in order to protect good citizens from bad ones.

Quebeckers were right again to put their trust in the men and women of the Bloc Québécois, because they will yet again protect their interests and make sure that the penalties imposed by the Conservative government strike a fair balance, given the offence committed.

Mr. Speaker, a recent poll conducted by PhoneBusters of Canada has revealed that approximately 9,000 people have fallen prey to identity theft in the last 10 months. Almost 77% of them were concerned about it, but only a meagre 10% of us are aware of what we have to do to protect ourselves from identity theft.

The financial damages caused by this crime amount to $7.2 million.

Another shocking personal fact is that nearly 45% of Canadian adults do not monitor their credit card bills. This is part of the problem.

I looked at some of the statistics generally available and found that persons under 18 years of age represented only about 2% of the persons who fall victim to this crime of identity theft. Those from ages 18 to 29 were at about 25%, those 30 to 39 were at about 28%, those 40 to 49 were at about 20%, those 50 to 59 were at 12%, and those over 60 years of age were at a little less than 10%.

So it appears that working people between the ages of 18 and 50 account for about 75% of identity theft. These are the people who have assets and cash that it may be able to detect.

The reason I raise this is that Bill C-299, which is before us today, seeks to address the whole issue of identity theft. It is an act to amend the Criminal Code, the Canada Evidence Act and the Competition Act.

We have had some excellent speeches from the members who spoke during the first hour, including the mover, the member for Edmonton—Leduc, as well as the member for Hochelaga, and also the member for Moncton—Riverview—Dieppe, I believe.

I think that what was concluded by the speakers was that there is a general agreement that in principle this is a matter which has to be addressed from the standpoint that it is a function of the improvement in the technological tools available. It is a function of criminals becoming more sophisticated in what they are doing. It is a function of the need of Canada to continue to ensure that it keeps pace with the changing approaches that those who would perpetrate identity theft have evolved to.

I am not going to talk too much to the specificity of the bill, other than to suggest that hon. members already have raised some concerns about details within the bill, but we are at second reading, which asks hon. members to consider approving the bill in principle, this being that we should examine and identify ways in which we can mitigate the impact and consequences of identity theft.

I doubt very much that there are too many members in this place who are going to argue with the basic premise or the fundamental principle of this bill. Therefore, I will be supporting it at second reading to go to committee and I will be recommending that to my caucus colleagues.

Having said that, I note that committee is the best place to address some of the points that have been raised by hon. members in debate with regard to potential deficiencies or areas in which the approach may be augmented. I believe in having the experts come before committee to provide more detailed analysis and consideration of perhaps the deficiencies within Criminal Code amendments, or ways in which there may be enhancements, and also to deal with section 403 of the Criminal Code. On section 403, there seems to be some disagreement between the Bloc and the Liberal member who spoke.

Notwithstanding that, I believe these matters are reparable in committee or at report stage. I much suspect that they will be.

I thought it would be useful simply to use the rest of my time to advise Canadians on how they can protect themselves from identity theft.

There are government and general websites that include a substantial amount of information about consumer protection. Let me highlight a few suggestions.

The most important thing obviously is to prevent access to our personal information. It is recommended that people not release their social security or account numbers in response to email, phone or in person requests. Instead of using Internet links, type the full address. Keep all sensitive documents, cheque books and credit cards securely locked away at home and at work. Carry only those credit cards that one needs to have on one's person or in one's wallet.

All private documents should be shredded before discarding them. Retrieve paper mail promptly from the mailbox and place outgoing cheques or other sensitive documents in the postal box directly and do not keep them on one's person for any great period of time.

Signing up for automatic payroll deposits is another preventive approach. Replace paper bills, statements and cheques with on-line paperless versions. Keep passwords hidden even in one's own home and change them frequently. Use regularly updated firewall and anti-virus protection software on computers. The public should know that computer access is one of the growing areas in which identity theft is occurring.

Do not respond to suspicious emails. Delete them, and if there is any doubt, contact the company from which they were sent. Do not discard a computer without completely destroying the data on the hard drive. Even in the case of a severely damaged computer where the hard drive does not work, very important information still can be recouped from the hardware components.

Another aspect of taking regular general prevention measures is to detect unauthorized activity. That includes reviewing bank, credit card and bill statements weekly through on-line access accounts. Contact the financial provider if statements are not received in a timely manner. Often what happens is people will take mail out of someone's mailbox.

We should review our credit information regularly. Free annual credit check reports are available through the web. Use email based alerts to monitor transfers, payments, low balances, withdrawals, or to detect other irregular activity in an account. Visit banks, credit card and other bill statement websites frequently to monitor regular account activity.

After doing the prevention and following some good habits, if something should happen, it is absolutely vital that the conflict be resolved. Some members have already indicated that in some cases resolving a loss related to identity theft and sorting out all the problems with regard to the accounts can take weeks, months and maybe even years. It may be quite expensive and very disruptive.

This invasion of personal matters is very disruptive. With regard to resolving matters which come up, obviously we want to minimize losses and protect the credit record. Having one's credit record jaundiced is a problem.

The financial provider should be asked about zero liability guarantees. Victims of theft should notify the financial providers and begin monitoring the accounts more frequently in the event that there may be subsequent attempts. Federal and local enforcement authorities should be alerted if one suspects identity fraud.

These are just some examples of things that we can do. This is all because the member thought it important enough to bring to the House a bill that in principle says we need to be more vigilant to reduce the incidence of identity theft. It is a good bill in principle. In my view, any matters on which concerns have been raised would appear to be reparable at committee and report stage.

I congratulate the hon. member for bringing this bill forward.

moved that Bill C-299, An Act to amend the Criminal Code, the Canada Evidence Act and the Competition Act (personal information obtained by fraud), be read the second time and referred to a committee.

Mr. Speaker, it is my pleasure today to rise to speak to my own private member's bill, my first that has been debated in the House, Bill C-299, an act to amend the Criminal Code, the Canada Evidence Act and the Competition Act, personal information obtained by fraud.

The purpose of the bill is to protect individuals against the collection of their personal information through fraud and impersonation. This practice is often known as “pretexting” and is a widespread problem in the growing market for personal information.

The bill aims to close some of the loopholes in Canada's data protection law that allow data brokers to exploit people's personal information for commercial gain. As a legislator, I believe this is an area where the House, Parliament, can truly make a difference and needs to step up to the challenge.

The bill seeks to do three things in particular. First, it seeks to make the practice of pretexting illegal through changes to the Criminal Code and the Competition Act. Second, it seeks to provide a remedy for victims of this kind of invasion of privacy through legal recourse in the courts and compensation. Third, it seeks to tackle the cross-border aspect of pretexting, by holding the Canadian affiliates of foreign companies liable for invasions of privacy committed against Canadians.

By introducing the bill, I hope, above all, to open the debate on how our laws can keep pace with changing technology to meet the needs of Canadians. In doing so and in asking members to support the bill, I would like to discuss three things: first, the need for the bill in the new information economy; second, the loopholes that currently exist in Canada's data protection framework; and third, what the bill means for Canadians.

First is the need for the bill. It is our job as legislators to ensure that the law can keep up with the evolution of technology. The communication revolution of the last decade and the growing information economy have accelerated the exchange of information around the world. All kinds of data circulate around the globe and across borders at the click of a button in ways never before imagined. Furthermore, more data is being created, stored and traded than ever before. As with any new evolution, new possibilities breed new relationships and new patterns of transgression.

To evoke a cliché, knowledge is power and this has never been truer than it is now. Information is one of the most valuable commodities in the new economy, typified by the growing data brokerage industry. Data brokers buy and sell information, sometimes personal, usually for commercial or marketing purposes.

Some of this industry is legal and consensual, however, there is mounting evidence to suggest that many aspects of the data brokerage industry are poorly regulated and that pretexting is a recurring problem.

In a free and democratic society, individuals should be able to control how information about them is used and accessed. Personal information should not be treated as a saleable commodity like any other. We see that in a networked economy, where innocuous details about people's personal lives and transactions can be transformed into a complete profile of the person with a variety of serious implications.

Simple details like a birthday, postal code or graduation date can be used to obtain credit card records and can track an individual's location, activities and purchases without their knowledge. The possibility to track people without their knowledge, aided by data brokering and pretexting, ultimately undermines the inherent autonomy and independence of the individual and leaves him or her vulnerable to numerous abuses.

An individual's data profile can be used for a wide range of purposes, from unsolicited marketing to fraud, identity theft or intimidation of the individual and his or her family. Apart from the economic and security risks attached to invasions of privacy, there is a significant psychological dimension. Do we really want to live in a society where we know that our actions can be traced without our knowledge for commercial or other purposes?

We have to think about how this will change the way individuals think about themselves and society. As Canada is a society that has adopted many of the values of the Enlightenment, I think it is appropriate to quote one of my favourite philosophers, John Stuart Mill, from his treatise On Liberty. He states:

The only part of the conduct of any one, for which he is amenable to society, is that which concerns others. In the part which merely concerns himself, his independence is, of right, absolute. Over himself, over his own body and mind, the individual is sovereign.

These are important issues and questions to look at in our changing technological environment.

The second issue is the loopholes in Canada's data protection framework.

First, it is important to remember that as a democracy, the police and judiciary require a warrant in order to access people's personal information. The bill in no way changes the powers or information available for the purposes of law enforcement.

Now let us consider the following. The very same personal information that police officers require a warrant for could very well be purchased online for a few hundred dollars in a matter of hours.

This is exactly what happened to federal Privacy Commissioner Jennifer Stoddart in an investigative report done by Macleans magazine in November 2005. In the report, journalists were able to purchase Ms. Stoddart's cell phone records and access conversations between the commissioner and members of her family. The purchase was done through one of at least 40 online services that offered to track down significant personal information using just a name and postal address. This was possible despite the fact that the Privacy Commissioner was obviously more savvy about protecting her personal information than the average Canadian.

The journalists reported that pretexting was a major factor in obtaining the Privacy Commissioner's records. Common practices include masking phone lines so that the call appears to come from the account in question and hacking into accounts using passwords, birthdays and other personal information. Frequently, however, pretexters are able to simply ask for the information from service providers by impersonating the victim with the use of other personal information.

Broadly speaking, there are two kinds of data brokers with the potential to invade people's privacy.

First, there are the larger companies which trade in data, often for commercial or marketing purposes. Much of this is aggregated and not particular to individuals; however individual information may sometimes be extracted from these databases.

Second, a range of smaller companies offer to target individuals for a fee, as in Ms. Stoddart's case. These companies may simply sell personal information or they may offer more invasive services such as private investigation.

At the federal level, data protection falls under the Personal Information Protection and Electronic Documents act, known as PIPEDA. Commissioner Stoddart has already submitted a report to the privacy and ethics committee detailing possible improvements to the act in May of this year.

Notwithstanding possible changes to PIPEDA, there are three major loopholes in Canada's data protection framework.

First, though fraud and personation are crimes under the Criminal Code, they do not apply to personal information such as phone records, consumer preferences or purchases.

Second, while these actions violate PIPEDA insofar as it says that information cannot be disclosed without the expressed consent of the consumer or court order, this does not guarantee a remedy. The commissioner's rulings are not legally binding without a federal court order and the transgressors are not named.

Bill C-299 would change that by making it a crime under the Criminal Code to collect or counsel to collect personal information through fraud, personation or deception. Bill C-299 would also change the Competition Act to make it an illegal trade practice to obtain personal information through fraud, deception or personation. It would also characterize the promotion of a product that is provided by means of fraud, false pretense or fraudulent personation as a false or misleading representation to the public.

Third, the Privacy Commissioner has no jurisdiction to pursue complaints outside of Canada. However, as in Ms. Stoddart's case, Canadians can easily be targeted by data brokers in other countries, particularly the United States. In Ms. Stoddart's case, the Canadian phone service providers had to seek an injunction against the offending data brokers in a Florida court. Going abroad to get injunctions is both expensive and yields unpredictable results in different jurisdictions.

Bill C-299 would allow victims of privacy invasion to seek compensation from Canadian affiliates of foreign companies that invade their privacy. This is not a perfect solution, but it helps to deal with the problem of extraterritoriality.

Third, what does the bill mean for Canadians? If the bill is implemented, it would help preserve the trust and individual autonomy in a society that Canadians enjoy today. The legal remedy for invasions of privacy in Bill C-299 does two things. First, it assures Canadians that their right to privacy is recognized and seeks to compensate them for damages caused. Second, it seeks to catch invasions of privacy before it leads to more serious criminal activity.

In seeking criminal sanctions for intentional invasion of privacy for commercial purposes, it weakens the invasive parts of the data brokerage industry as a whole. For example, if the practice of pretexting is criminalized it will cut down on the instruments of identity theft. Charges can be brought for the invasion of privacy before they have to be brought for more large scale financial fraud and theft of identity. Moreover, cutting down on identity theft is in and of itself an important aspect in the fight against organized crime and international terrorism.

Furthermore, the bill recognizes the economic, social and psychological harm caused by the systemic invasion of privacy. It seeks to stem the fraudulent and invasive aspects of the data brokering industry, particularly, the practice of pretext.

If a law-abiding citizen has undergone the anxiety and inconvenience of being traced or interfered with for commercial gain, the bill would provide for recourse, through the courts, for a recovery of damages. In the event that the perpetrator is a foreign company with a Canadian affiliate, that Canadian affiliate may be held accountable.

Bill C-299 seeks to respond to the new challenges of information technology and close some of the gaps in our legal system. Invasion of privacy, through pretexting and data brokering, is a growing area and we need to open a debate on how to enforce meaningful protections.

Therefore, I ask all members to consider this legislation very seriously. It is a serious issue, which is growing, and it needs to be addressed. I am putting forward the bill to obviously address the protection of personal information. We also need to address, however, the whole issue of identity theft as well.

I believe the bill is the first step to do that. I look forward to the comments of other members. I note one of the Liberal members opposite has offered some helpful comments, as has the parliamentary secretary to the justice minister.

I would ask members to discuss the bill in principle at second reading, to move it forward to committee. If amendments are needed in terms of the bill itself, I would look forward to those. I am willing to work with all members in the House to improve the bill to address this important issue.

moved for leave to introduce Bill C-299, An Act to amend the Criminal Code, the Canada Evidence Act and the Competition Act (personal information obtained by fraud).

Mr. Speaker, the bill is intended to address some of the serious challenges related to the theft of personal information. The bill would amend the Criminal Code, the Canada Evidence Act and the Competition Act in order to protect individuals against the acquisition of their own personal information through fraud and impersonation. I encourage all members to examine and support the bill.

(Motions deemed adopted, bill read the first time and printed)