Bill S-4 (Historical)

There are five motions in amendment sitting on the notice paper for the report stage of Bill S-4. Motions Nos. 1 to 5 will be grouped for debate and voted upon according to the voting pattern available at the table.

moved:

Motion No. 1

That Bill S-4 be amended by deleting the long title.

moved:

Motion No. 2

That Bill S-4 be amended by deleting Clause 1.

Motion No. 3

That Bill S-4 be amended by deleting Clause 6.

moved:

Motion No. 4

That Bill S-4 be amended by deleting Clause 7.

moved:

Motion No. 5

That Bill S-4 be amended by deleting Clause 10.

Mr. Speaker, unfortunately we will oppose Bill S-4 for the reasons I will provide in my speech.

What I am especially disappointed about is that we all voted in good faith for this bill to be studied in committee before second reading. We told ourselves that we could perhaps work together to improve the bill and eliminate the most problematic parts or ensure that it would truly protect Canadians in the digital age. Unfortunately, that did not happen, even though we know that there are more and more risks associated with protecting personal information online.

For more than four years, we have been in Parliament with the same government that rejects all our motions and refuses to work with us in committee. This time, I do not know why, but I had hoped that we could work together.

Usually, a bill is sent to committee before second reading because there are problems with the bill and we want to make changes. Perhaps we want to change something or make changes to PIPEDA that go beyond the immediate scope of the bill. We had hoped to work together. Unfortunately, that did not happen.

That is why I moved three motions today to remove the most problematic sections from this bill. These motions will be voted on together.

We heard over and over that these two sections—clauses 6 and 7—are extremely problematic. These clauses will make it easier to share people's personal information without their consent and without them even knowing that their personal information is being shared. The government is trying to broaden the scope of situations in which information can be shared without consent. That is extremely problematic.

Obviously, there are sometimes extreme circumstances that require personal information to be shared. Such situations exist. Everyone knows that. We take issue with the fact that there is no transparency. There is no mechanism in place to ensure that this information is shared only in exceptional and urgent circumstances. What is more, the threshold of reasonable suspicion is very low.

As a result, we voted against these clauses when the bill was examined in committee. Unfortunately, the Conservatives decided to go ahead with them anyway.

We even proposed amendments to improve these clauses by restricting the kind of situations in which information sharing can happen and creating a system that encourages transparency. There has to be an accountability or oversight mechanism to ensure that this information sharing only happens under exceptional circumstances. That is really not the case.

As I said, we proposed amendments to improve the bill because everyone in the House of Commons knows that protection of personal information is a big issue right now, one that is really important to our constituents.

I even give computer security courses to seniors in my community because they want to understand how to use new technology and they want to have a certain level of confidence when it comes to protecting their information and their identity.

Everyone agrees that this is an important issue and that we have to update PIPEDA to ensure that it can better address the threats present in the digital age in the 21st century.

Unfortunately, the Conservatives' approach was to put something on the table and refuse to accept any amendments or listen to what the witnesses had to say. They just forged ahead.

All of the parties proposed amendments, except for the Conservatives, of course, and all of the amendments were rejected. The NDP even proposed 18 separate amendments that were all rejected.

Most of all, I deplore the fact that from the beginning of the committee's examination of this bill before second reading, the Conservatives said they did not want to change anything. Why should we bother voting to send something to committee before second reading if, from the beginning, the Conservatives have already decided that they will not change anything? It makes no sense. It also demonstrates bad faith. We are supposed to examine bills with an open mind and a desire to improve them, correct their shortcomings and work together. That is what it means to live in a democracy.

The Conservatives even insulted some of the witnesses during the study in committee, telling them that they could choose to either vote for the bill in its current form or accept that there would be no changes to the Personal Information Protection and Electronic Documents Act before the next election. I understand we are having an election soon, but the Conservatives had plenty of opportunities to modernize the Personal Information Protection and Electronic Documents Act. There was Bill C-12, which simply disappeared because of prorogation. The bill that I introduced in the House contained very similar provisions to the ones found in Bill S-4, but the Conservatives voted against my bill.

These changes could have already been in the legislation. Unfortunately, the government suddenly says the timeframe is too tight and the only thing we can do is pass the bill as is despite all its problems and flaws. The government simply wants to pass the bill as is. I think the Conservatives are being disingenuous about this. To tell all the witnesses that the choice is between this bill and nothing is really insulting to them after they took the time to travel here to share their opinions and present their proposed changes.

Since the government rejected all the amendments and we did not manage to improve the bill, the NDP will have to vote against it even though we recognize that some provisions are a step forward, although they do not go as far as they should. Nonetheless, I cannot vote in favour of a bill that will create more opportunities for personal information to be shared without consent, without authorization, without the individual concerned being informed, and without a proper oversight mechanism. That is what this bill would do.

Clauses six and seven, which my motions would eliminate, will weaken the protection of privacy by allowing the sharing of personal information without the consent and authorization of the individual concerned. I already stated that the threshold was very low. I proposed raising the threshold so that the organization asks questions before sharing this information. The Conservatives refused. The Privacy Commissioner even raised concerns about this provision. He said that it could open the door to abuses, and that is what we found. This government made 1.2 million requests to Internet service providers to obtain personal information as a result of flaws in the Personal Information Protection and Electronic Documents Act. There have been actual abuses. As members of Parliament, we cannot consciously open the door to further abuses. However, that is exactly what clauses six and seven of this bill do.

I will now read what the Privacy Commissioner said at the February 17, 2015, meeting of the Standing Committee on Industry, Science and Technology:

Under the proposed amendments, potentially any organization will be able to collect or disclose personal information for a broad range of purposes without any mechanism to identify which organizations are collecting or disclosing the information and why.

This is very problematic because according to its title, this bill is supposed to create the digital privacy act. I am sorry, but there is a problem when parts of the bill contradict its objective. You do not have to be a genius to understand that.

I would like to share a quote from Michael Geist, who also testified at the Standing Committee on Industry, Science and Technology on March 10, 2015:

...the broad provision that we have here opening the door to massive expansion of non-notified voluntary disclosure without any of the kinds of limitations that we typically find even the courts asking for should be removed....With respect, it is both not well studied and ought to be fixed. Canadians deserve better.

He also took the opportunity to disagree with the process that the Conservatives put in place and the idea that we should pass this bill without amendment because we are out of time.

The warning mechanism for a data security breach proposed in the current bill is another problem. Many parliamentarians understand the need for such a mechanism. This was brought up in the committee on which I sit, the Standing Committee on Access to Information, Privacy and Ethics, while we were studying this bill.

As the Privacy Commissioner has said many times, we must require that organizations notify individuals when their data are compromised. In a number of cases, as with Target and Home Depot, the data of thousands of people have been compromised or lost completely. Since the people in question are not always informed, they are not in a position to protect the compromised data. That is a huge problem.

Bill S-4 fixes this problem but does not really go about it in the right way. The proposed model is much too subjective because it allows the organizations themselves to determine whether a data breach creates a real risk of significant harm to an individual. The organizations therefore have to police themselves. They also decide for themselves whether to inform, or not, the Privacy Commissioner and the individual affected of any data breaches that occur.

The model that I am proposing is more objective. I proposed it before when we were examining this bill in committee and when we were examining my private member's bill, Bill C-475, which could have been passed already had the Conservatives not voted against it. This model would give the Privacy Commissioner the power to determine whether a security breach is serious enough to inform the individual. Thus, it would not be up to the organizations to do it.

What is more, PIPEDA covers all organizations, from convenience stores to large digital technology corporations. Some organizations, such as convenience stores that have only a couple of employees, are unable to determine how serious a data breach is. It is therefore important to allow them to turn to an expert, namely the Privacy Commissioner.

I would like to read a quote from John Lawford, the executive director and general counsel for the Public Interest Advocacy Centre, who testified before the Standing Committee on Industry, Science and Technology on February 19, 2015. He said:

Unfortunately, Bill S-4, as written, will very likely result in fewer reported breaches than even now and operate in an opposite manner. Namely, it will create a culture of fear, recrimination, and non-reporting. Bill S-4, incentivizes not reporting data breaches by leaving the determination of whether a breach creates a real risk of significant harm to an individual totally in the hands of the organization that suffers the breach. This obvious conflict of interest is fatal to the purpose of the bill as there is no advantage to a company to report and every advantage to hide a data breach.

As he said, the proposed mechanism is much too subjective. It is unfortunate that the Conservatives refused to implement a more objective system.

This bill does not give the Privacy Commissioner the power to issue orders. The former privacy commissioner, Jennifer Stoddart, asked for that repeatedly. Provincial privacy commissioners also wanted it because they have that power.

All too often, organizations do not act on recommendations made following an investigation by the Privacy Commissioner. Big international companies do not think they need to comply because it is just Canada, but Canada's laws must be respected. When our laws and the Privacy Commissioner's recommendations are constantly ignored, we need to fix that problem.

We could give the Privacy Commissioner the power to issue orders, but there is nothing about that in the bill. Instead, it calls for compliance agreements, which do not go far enough and do not really motivate organizations to act on the recommendations because they are not orders. We wanted to fix this problem, but once again our proposal was rejected.

I would have liked them to adopt the model I proposed in Bill C-475. I suggested following the usual investigation procedures, after which the commissioner would issue orders and set a deadline for compliance. The parties would act in good faith. For example, if problems were not resolved within a year, the Federal Court would impose a fine.

This system would give organizations that comply with the law and the recommendations a chance, with no repercussions whatsoever. However, if we do not find a solution and do not encourage organizations to respect privacy, there will continue to be abuse, and the law and the Privacy Commissioner's recommendations will continue to be ignored.

Bill S-4 is a step in the right direction, but it does not go far enough. That is what I said throughout the entire study. As a matter of fact, some witnesses also said it was important to have a system that truly encourages privacy protection.

What is more, given that we studied this bill in committee before second reading, we had the opportunity to correct other problems with the Personal Information Protection and Electronic Documents Act, because we knew there were some flaws. Under what circumstances is it acceptable for the government to submit at least 1.2 million requests a year for personal information to Internet service providers? This is a serious problem, but nothing is being done about it.

I thought we could sit down as parliamentarians and come up with ways to put oversight and transparency mechanisms in place and even get rid of these flaws and abuses. This was a missed opportunity.

Recently, the Supreme Court established in Spencer what was reasonable and not with regard to privacy protection. Unfortunately, that ruling was not taken into consideration during the study in committee. The Personal Information Protection and Electronic Documents Act was not amended in order to make it consistent with the Supreme Court ruling. That needs to be done. The government needs to show some vision and correct these flaws to provide better protection of Canadians' privacy because that is what Canadians deserve.

Mr. Speaker, I appreciate the comments made by the member, but I do want to express some concerns as to the manner in which Bill S-4 was brought into the House.

The member made reference at the beginning of her comments about how she was optimistic at the beginning. I think there was a shared sense of optimism that we had the bill go on a different routine. As opposed to completion of second reading and then go to committee, we wanted the committee to provide some feedback so that we could look at making some more significant changes.

There were a number of presentations made. A number of amendments were brought forward. At the end of the day, the government showed no sympathy in terms of accepting what witnesses were telling the committee, nor amendments that were being brought forward, whether from the Liberal Party or others. Given the importance of information, in particular online banking and things of this nature, and the issue of privacy, we have really lost an opportunity to make some positive contributions through changes to the legislation.

I would ask the member to reinforce what she started off her speech with: the importance of the government recognizing a sense of co-operation that was there at the beginning and not responding well, which has ultimately led to a great deal of opposition to the bill we are now being asked to vote on.

Mr. Speaker, I thank my colleague for the question.

Indeed, the way this bill was examined is very problematic. From what I remember, and someone will correct me if I am wrong, this is the only time a bill has been sent to committee for study before second reading. In such a situation, one might think there are changes to be made, otherwise why would we do that? Furthermore, this exceptional measure would allow the committee to put forward amendments that go further than the strict substance of the bill, and it is therefore a good opportunity.

We were not able to seize the opportunity, however, because the Conservatives came into the committee room saying that we should just accept the bill, otherwise there would be no changes at all to the Personal Information Protection and Electronic Documents Act, or PIPEDA.

Yes, we are running out of time. We understand that. However, the Conservatives had many opportunities to amend this legislation. They waited for years to review PIPEDA as they were supposed to do, given that under the existing legislation, the act is supposed to be reviewed every five years. We could have passed my bill, Bill C-475, which could have become law. Bill C-12 disappeared. In short, they had many opportunities.

Instead, they dragged their feet for years. When we were hearing evidence and during the study in committee, they said that time was running out and we had to accept the bill as is. Well, that is no way to operate, especially in a democracy like ours.

Mr. Speaker, I would like to thank my colleague for her speech. She did a good job of explaining the short history of this bill.

She also explained how, once again, Canada is is missing the mark when it comes to the protection of personal information, the new technologies at our disposal and how they could be used by certain companies and even the government.

On many occasions she has also condemned the failures of the government, the losses of personal information, and so on.

I would like her to tell us what we could do. What countries have brought forward legislation to protect personal information in a highly technological world? Could we take a page from their book? Could she give us some examples and expand on this subject?

Mr. Speaker, we can learn quite a lot about protecting personal information from others. For example, Europe is bringing forward some very interesting ideas. However, are these the ideas that we want to include in our system or to consider for our Canadian system? We can consider them, but that does not necessarily mean that we will accept them in their present form. There are discussions under way about this. Unfortunately, we are not even able to have these discussions in this place because only the Conservatives' approach is the right one, and so it is that or nothing. That is really a problem.

We could also look to the provinces, especially British Columbia, Alberta and Quebec, which have good legislation and systems. In British Columbia and Ontario, the information and privacy commissioners have the ability to make orders following their investigations. Thus, there is already a precedent in Canada, within our own country, that we could use as a model.

I cannot understand why the bill before us does not include a clause to give the privacy commissioner the authority to issue orders. That is really ridiculous.

Mr. Speaker, I would like to thank my colleague from Terrebonne—Blainville for her work on this issue, which she knows a lot about.

We know that the Conservative government introduced Bill S-4 as a way to protect consumers. It is trying to sell the bill as a bill for consumers. However, consumer advocacy groups, lawyers, professors and even the Privacy Commissioner have indicated that there are problems with the bill, such as the provision on voluntary disclosure.

Can my colleague comment on the lack of balance in this bill?

Mr. Speaker, we heard from a lot of witnesses. We could always hear from more, since the study of a bill can go on for a long time. We heard from professors, the Privacy Commissioner and many experts. Most of them pointed out the problems that could arise because the bill opens the door to sharing personal information without consent, without authorization and without even informing the person concerned. The bill is opening that door even wider. That concern was raised, but unfortunately, the proposed amendments were not accepted.

Some amendments were very reasonable. The Privacy Commissioner even made some suggestions, which were submitted in the form of amendments during the clause-by-clause study of the bill, but those amendments were rejected. We proposed implementing a system to at least ensure that when an organization shares personal information under exceptional circumstances, a public report is issued indicating how many times such information was requested and why it was requested so that we know and we at least have a little transparency when it comes to the sharing of personal information.

There have been cases of abuse. This government and government agencies made 1.2 million requests to Internet service providers. There were no explanations, which is extremely problematic. We want to fix this problem, but instead, the Conservatives decided to keep doing things their own way, without consultation and without including what witnesses told us in committee about this bill.

Mr. Speaker, I thank my colleague from Terrebonne—Blainville for her speech.

There is something that strikes me and is very upsetting. Every time we meet in committee, the Conservatives block the committee from seriously studying opposition amendments. It is especially disturbing because one of the Conservatives' excuses, if I understand correctly, is that we cannot amend this bill since it came from the Senate and it will go back to the Senate. We have to wonder why the government chose to introduce such an important bill through the Senate.

Could my colleague tell us what she thinks about the government blocking the work that could have been done in committee to improve a bill that could potentially lead to some serious breaches of privacy?

Mr. Speaker, I thank my colleague for his question. He is right; this is a huge problem.

We heard the witnesses talk about problems, but from the very beginning, the Conservatives were not willing to give anyone the benefit of the doubt. They said that they would not change a single thing because they did not have time. There is always a way to speed things up. Where there is a will, there is a way.

I would like to emphasize another aspect of this issue. The Conservatives said that, since the Senate had already studied the bill, senators had already heard from all of the witnesses and studied the proposed changes. That is false.

Many of the witnesses who appeared during the study by elected members of the House of Commons had not testified during the Senate's study.

Furthermore, the Supreme Court's ruling in Spencer had not yet come down when the Senate was studying this bill. That is an important element to consider because it may have a direct impact on the way we treat personal information here in Canada. The Conservatives wanted to ignore all of that.

They said that the Senate studied it, but I am sorry: senators are neither elected nor accountable. I have a problem with that.

It would be better for us, the elected members who represent the ridings, to be able to make changes ourselves.

Mr. Speaker, I want to start by expressing my sincere thanks to my colleague from Terrebonne—Blainville, who just delivered a very important speech. She worked very hard on her own bill on this topic, and I think her bill should have been passed. In my opinion, her bill was far superior to Bill S-4.

I share the sentiments of the hon. member for Winnipeg North. He, like the member for Terrebonne—Blainville, said that all the opposition parties thought that in light of the work that went into the current bill and all the others, such as Bill C-12, the government might make the effort to take a collaborative approach with the other parties. Unfortunately, that was not the case.

Here we are, looking at Bill S-4, a bill that comes to us after, as we have heard from other members, a convoluted process, a bill that died on the order paper, a superior private member's bill that failed when the Conservatives did not support it. It is an effort to bring up to date the Personal Information Protection and Electronic Documents Act, otherwise known as PIPEDA.

This is, of course, a very significant area of citizen and consumer concern. PIPEDA was passed in 2000, and a lot has changed in the world of digital information, privacy concerns, and information held by Internet providers, banks, and a great number of organizations to which Canadians trust their private information online.

Bill S-4 should have been an attempt, and may in fact have been an attempt that failed, to adequately balance the privacy rights of Canadians and the important facilitation of commerce in Canada. That would certainly be the expectation.

The larger context around which the bill comes to us is one in which we have had some rather spectacular accidental breaches of the privacy of Canadians through the release, through various errors, human errors, of health information, consumer information, and banking information because of breaches in the system.

One would have thought, especially in the specific context of the last year, that in drafting the bill, the government would have been very cognizant of the decision of the Supreme Court of Canada in June 2014 in the Spencer decision. That was a decision written by Mr. Justice Tom Cromwell, one of my former friends and professors from my time at Dalhousie Law School, a brilliant legal mind and someone who has, within the Supreme Court of Canada, written a number of critical and important decisions. The Spencer decision is one of them.

The Supreme Court of Canada, in Spencer, came down very clearly on the side of the privacy rights of Canadians. Mr. Justice Tom Cromwell wrote in his decision:

...the Internet has exponentially increased both the quality and quantity of information that is stored about Internet users. Browsing logs, for example, may provide detailed information....

He went on to note that users would never really know when their information was forming some sort of pattern that resulted in a review, and users, consumers, would not know when their information might be becoming accessed. However, in entering into agreements with ISP providers, the Supreme Court of Canada, through Mr. Justice Cromwell, noted that there is a “reasonable expectation of privacy in subscriber information”.

There is no denying that Bill S-4 would do some things that are fairly universally approved of by those who are leading critics in this area. The Privacy Commissioner for the Government of Canada, and of course, the Privacy Commissioner is an officer of Parliament, saw a number of significant improvements.

The Privacy Commissioner started his review by turning his attention to the purpose of PIPEDA in the beginning, back in the year 2000, noting:

The purpose...is to establish, in an era in which technology increasingly facilitates the circulation and exchange of information, rules to govern the collection, use and disclosure of personal information in a manner that recognizes the right of privacy of individuals with respect to their personal information and the need of organizations to collect, use or disclose personal information for purposes that a reasonable person would consider appropriate in the circumstances.

Given the fast-changing world of digital communications, with the Internet, the cloud, and all the various ways in which we now store information online, fortunately Parliament saw fit in the year 2000 to include a five-year mandatory review of PIPEDA so that we could keep up with the ways in which technology moves so rapidly.

Generally speaking, some of what is being done here has met with universal support. The risk-based approach that would allow organizations to assess each incident on a case-by-case basis was supported by the Privacy Commissioner, at least. The Privacy Commissioner would have an opportunity to enter into compliance agreements, but while the Privacy Commissioner found this acceptable, numerous other commentators did not. They did not feel it went far enough or actually protect privacy information adequately.

The things that met universal approval I will list briefly. The improvements in Bill S-4 include the additional qualification and clarification of what is meant by the standard of consent, the extension of a deadline to take cases to the Federal Court, and of course, the expansion of the powers of the Privacy Commissioner to publicly disclose information related to findings. These were things the Privacy Commissioner liked.

Leading critics include, and my friend from Terrebonne—Blainville has already pointed to one of the leading critics in this area, Professor Michael Geist, advisers, and a very exceptional group of lawyers who now work a lot on information privacy law at the Public Interest Advocacy Centre, where, in the 1980s, I was also associate general counsel. However, in those days, believe me, we did not have open files on Internet data and privacy, because we were mostly dealing with trying to advocate in areas of technology that now seem very outdated. In any case, the Public Interest Advocacy Centre has stayed on top of the technology.

We had from the Canadian Bar Association, the Public Interest Advocacy Centre, Professor Michael Geist, and of course, members of opposition parties a rich group of substantive and helpful amendments that would have led to universal support for this bill at that moment. Unfortunately, those amendments were all rejected.

I want to look at three aspects in the time I have left this afternoon: compliance agreements, the expansion of voluntary disclosure, and transparency reporting.

Compliance agreements are a source of concern. The way in which they are drafted in Bill S-4 would have been acceptable had they been strengthened and had penalties or had an order-making power been available to the Privacy Commissioner, but they have none of those things. The Canadian Bar Association brief made this point about it:

Our principal concern is that while entering into such an agreement with the Privacy Commissioner stays any court enforcement by the Commissioner, it does not have any effect on any affected individual’s right to go to court against the organization for the same matter under investigation. This omission means that there is a much lower incentive for organizations to enter into such agreements. Also, it is not consistent with the regime in other similar schemes.

Despite recommendations to improve this, no improvements were made.

Second, the expansion of voluntary disclosure is probably for me the most significant failure of Bill S-4 and is quite inexplicable in that it runs directly counter to the Spencer decision I referenced earlier. This needed to have much more rigour to ensure that there was no warrantless access. This is the key issue. The task force should have come down harder for privacy rights.

Last, in transparency reporting, there should have been reforms to require organizations to publicly report on the number of disclosures they make without knowledge or consent and without a judicial warrant.

This information should have been disclosed on a regular basis for transparency, and organizations should have been required to notify affected individuals within a reasonable time of any accidental disclosure.

With that, I regretfully conclude that Bill S-4 does not meet the standard this Parliament should expect of an update to PIPEDA.

Mr. Speaker, the hon. member spoke at length in her comments about the Spencer decision.

The digital privacy act, to be clear, would not force companies to hand over private information to the police or anyone else without a warrant, and the independent officials who came before the committee, not cabinet ministers, who the hon. member has apparently such a hatred for, said that the Spencer decision has absolutely nothing to do with this piece of legislation.

I would like the hon. member to take this opportunity to point out very specifically where the Spencer decision has anything to say about PIPEDA or this particular legislation.

Mr. Speaker, first, I hasten to correct my friend. I have never spoken in this place, or in any serious location, with anything but respect and love for my colleagues.

My second point runs to the testimony provided by Professor Michael Geist that Bill S-4 runs contrary to the spirit of the Spencer decision and that, in fact, by allowing the disclosures to be made with upfront Internet service providers from telecom companies and so on without having the notification to the holder of the information, in his words:

The provision opening the door to massive expansion of warrantless, non-notified, voluntary disclosures should be removed....

Mr. Speaker, I have a question as a follow-up to the question that my Conservative colleague asked the hon. member.

The R. v. Spencer ruling came down after this bill was studied in the Senate. What is more, Bill S-4 is based on models from British Columbia and Alberta. Some aspects from Quebec are included as well.

However, we saw that a report was tabled by the Legislative Assembly of British Columbia, the region my colleague represents, saying that in light of the ruling in Spencer, it would amend its personal information protection legislation, known as PIPA. If we are basing our legislation on a model that is changing, then I think we have a problem.

Why are we incapable of working together to see what repercussions the Supreme Court ruling might have on our laws, when other legislation, on which we are basing our bills, is in the process of changing?

Mr. Speaker, I agree with my colleague.

With Bill S-4, the government missed out on an opportunity to introduce a system that is in line with the Supreme Court decision in R. v. Spencer.

It is too bad, because this really could have been possible with the amendments brought forward by the opposition parties. Every party here brought forward amendments that would have worked. However, the government decided to reject all of them.

Mr. Speaker, certainly the amendments the hon. member had presented at committee, both from the official opposition and by us, were just routinely dismissed. There was very little discussion, if any, and absolutely no room for any kind of serious work to be done because of the issue that if there were any changes, the bill would have to return to the Senate.

I would like to ask my hon. colleague if that was the reason all of our amendments were so quickly dismissed.

Mr. Speaker, I would have to say for my hon. friend from York West that I cannot offer any explanations for why amendments are rejected. We can say, though, that there is a pattern.

I have had the great good fortune—and I have to say I was very pleased—that in the committee looking at the pipeline safety act, two of my amendments were accepted. That is far more the exception than the rule. The vast majority of times in this place recently, bills go from first reading to royal assent without any amendments. That is quite against the tradition of the Parliament of Canada and the legislative drafting process and the role we all play as members of Parliament in improving legislation. That is supposed to be the point of the committee process. The legislative process is that we work together to improve legislation, not turn it into a partisan battle over every single amendment.

Mr. Speaker, I am pleased to be here today to speak to Bill S-4, the digital privacy act, which has been referred back to the House by the Standing Committee on Industry, Science and Technology.

As consumers, we are all aware that, in the digital world we live in today, our personal information has become increasingly more accessible. People and organizations exchange huge amounts of information over the course of the day, whether it be through email, Internet browsing, or financial transactions. Digital networks have fast become the most efficient and convenient method of communication for Canadians.

Our government takes the protection of this personal information very seriously. We recognize the importance of having strong privacy protections in place to ensure that organizations are properly safeguarding the personal information of individuals across this country. Bill S-4 would implement changes to the Personal Information Protection and Electronic Documents Act, known as PIPEDA. These modifications would ensure that organizations are taking the appropriate steps to address the handling and protection of information in today's digital era. This bill, entitled the digital privacy act, sets out specific rules that businesses and organizations must follow when personal information they hold is lost, stolen, or accessed, either for malicious purposes or as the result of an accident.

As we have seen in the past year, data breaches continue to present themselves as a major challenge to the privacy and security of information. Breaches can happen in any number of different ways and to any type of organization. Digital information can be stolen through sophisticated cyberattacks or through simple software vulnerabilities that are made public.

Take the Heartbleed incident, for example. According to Symantec, this software glitch that was exposed in 2014 left approximately 0.5 million trusted websites at risk of a serious data breach. Financial information and sensitive customer data can also be left vulnerable in the event of a data breach. Unfortunately, this is a familiar topic for Canadians in today's digital age. Take, for example, last September when Home Depot announced that a data breach by unknown hackers left as many as 56 million debit and credit card customers across North America vulnerable to fraud.

Research shows that the majority of today's data breaches are conducted with malicious intent. The Symantec Internet threat report states that nearly half of all breaches are caused by outside attacks and that these attacks are becoming increasingly sophisticated. Canadians are concerned about this. A recent nationwide survey on Canadian attitudes around data breaches concluded that this issue is creating significant public anxiety. The survey found that 79% of Canadians are worried about being a victim of a data breach. Data breaches are a top-of-mind issue for Canadians. This is not surprising, given the importance of the Internet in the day-to-day lives of Canadians.

Organizations should also be concerned about data breaches, given how expensive these incidents can be to businesses. It is estimated that the cost to combat and recover from data breaches worldwide last year was approximately $364 billion. Business owners need to know that consumer demand for responsiveness to data breaches is increasing. A nationwide survey highlighted that Canadians assume that companies will take immediate action in the event that personal information is lost or mishandled.

That is not all Canadians expect. The same study concluded that over half of all respondents want companies to do the following: provide clear information and instructions on how individuals can protect themselves; and provide them with free credit monitoring for a certain period of time in the event that a breach occurs.

With the digital privacy act, our government is responding to the needs and concerns of Canadians. First, companies would be required to put in place strong security measures to prevent data breaches. Second, companies would be required to respond to a breach if and when it does occur or risk facing a strong penalty. With the changes we have proposed in the digital privacy act, if a company has its computer systems hacked and believes personal information has been stolen, or if that information has been lost inadvertently, the company would need to take a number of steps.

The company would be required to assess the risk resulting from the breach, and if it determines that the incident poses risk of harm, it would need to notify the affected individuals and file a report with the Privacy Commissioner of Canada. On the subject of mandatory breach reporting, the Privacy Commissioner has stated that:

Mandatory breach notification will bring enhanced transparency and accountability to the way private sector organizations manage personal information.

An organization would also have to keep a record of the event, regardless of whether a breach poses an obvious risk of harm. These records would not only allow organizations to demonstrate due diligence in their risk assessment, but they would also require companies to keep track of when their data security safeguards fail. This would help businesses determine whether or not they have a systemic problem that needs to be corrected.

What is more, organizations would be required to provide these records to the privacy commissioner at any time, upon request.

This record-keeping requirement would provide a mechanism for the commissioner to hold organizations accountable for their obligation to report serious data breaches.

Here is what the Privacy Commissioner had to say on record keeping:

I believe that the organization experiencing the breach is in the best position to assess risk and decide whether notification of individuals is warranted.

To provide an appropriate incentive to implement these measures, we believe that there should be serious consequences for intentionally ignoring them or attempting to cover up a data breach. Bill S-4 would make such deliberate acts a serious offence, punishable with fines of up to $100,000 per offence.

These changes are widely supported by stakeholders, as is evidenced by witness testimony during the committee's review of the bill.

The Canadian Internet Policy and Public Interest Clinic said that:

...we're very grateful to see this notification obligation coming into force. It's much delayed and needed.

The Canadian Bankers Association also came out in favour, stating that:

The banking industry supports the requirements in the Digital Privacy Act for organizations to notify individuals about a breach of their personal information where there is a real risk of significant harm.... We also support the Commissioner’s new oversight powers to ensure organizations comply with these new provisions.

Finally, the Canadian Pharmacists Association also expressed its support, saying:

For pharmacists who access a significant amount of sensitive information related to the medication and health of their patients every day, a breach or disclosure of this information has the potential to put the patient at risk.... As a result, CPhA believes that...reporting this breach to the individual concerned and the Privacy Commissioner are reasonable steps to take in order to mitigate any risk that may occur.

It's also reasonable for the organization in question to maintain proper records of these occurrences....

While there was broad-based support for the bill among stakeholders, the committee did hear some concerns about certain elements. One issue on which the committee heard different views is the threshold for reporting data breaches to the commissioner. Some stakeholders felt that the threshold is too high and that more breaches should be reported. Others thought the threshold is too low and that only material breaches should be reported to the commissioner.

The digital privacy act would take a balanced approach, one that avoids over-reporting of harmless incidents and yet allows the commissioner to oversee how organizations are meeting their obligations. The Privacy Commissioner agreed, telling the committee:

I support the risk-based approach that will require organizations to assess the seriousness of each incident and its impact on affected individuals.

Some stakeholders also expressed concern that the obligation to keep records of all data breaches is burdensome. However, the Privacy Commissioner, again, believes that the digital privacy act would get it right, telling the committee:

Requiring organizations to keep a record of breaches and provide a copy to my Office upon request will give my Office an important oversight function with respect to how organizations are complying with the requirement to notify.

Record-keeping can be done in a way that would minimize burden while still allowing businesses to demonstrate that they are conducting the proper risk assessments. The government would need to enact regulations to elaborate on what these records would need to look like and how long companies would need to hold on to them.

As a result, consultations during the regulatory development process would allow for further discussion, with stakeholder input, on this important issue.

Finally, some have questioned the need for fines in this area. The government recognizes that many organizations already notify individuals of data breaches in a responsible manner. However, we know from experience that there will always be those who try to break the rules.

The penalties in the digital privacy act would target those organizations that wilfully and knowingly disregard their obligations under the law or, worse, cover up a breach. These fines would not apply to organizations that make a mistake in good faith.

The Canadian Internet Policy and Public Interest Clinic at the University of Ottawa told the committee that:

We're very grateful to see a penalty regime for instances where the breach notification obligations are knowingly ignored.... The fines currently in PIPEDA are designed as penalties for very overt offences.

Bill S-4 would encourage all organizations to play by the same rules and implement adequate controls and safeguards around the personal information they hold.

Furthermore, I encourage the House to oppose the motion put forward by the Green Party to delete clause 10 of Bill S-4. This would remove the new requirements for organizations to notify individuals who have been put at risk if their personal information is lost or stolen. The amendment ignores the advice of numerous privacy advocates including the Privacy Commissioner of Canada.

On several occasions, the commissioner has recommended that PIPEDA be amended to require mandatory data breach reporting. The digital privacy act would act on this recommendation, and the commissioner has expressed strong support for the approach taken in Bill S-4. The Privacy Commissioner and the majority of witnesses who appeared before the standing committee agreed that Bill S-4 is a significant improvement to PIPEDA and a necessary step in ensuring Canadians' personal information is safeguarded.

I think the Canadian Life and Health Insurance Association said it best in its witness testimony. It said that Bill S-4 takes a balanced approach to the responsibilities placed on business and organizations, but most importantly, it would protect the consumers of those businesses and give individuals the information they need to take corrective action when necessary.

Both business and consumers have been empowered in the digital age, but if Canada is to remain a leading digital nation, Canadians need to have confidence that their online transactions are safe and their privacy is secure.

Bill S-4 would strengthen these rules and increase the protection of Canadians' personal information. In summary, the digital privacy act would balance the privacy needs of Canadians and the ability of businesses to access and use personal information in their day-to-day operations. It would do this in a way that avoids over-reporting of harmless incidents while making it clear to businesses what their legal obligations are.

I hope we can count on the opposition's support and quickly pass the digital privacy act into law.

Mr. Speaker, the Conservatives came to the committee study of this bill with their minds already made up. They said that we absolutely had to pass this bill in its current form without any changes, otherwise the process would take too long, especially with the upcoming election. Everyone in the House knows that we will be having an election soon, but the Conservatives had four years to do something.

The member even said in his speech that this bill was overdue and that it was needed. Of course this bill is long overdue, because the Conservatives waited four years before they introduced anything. Bill C-12 disappeared completely, and some reviews of PIPEDA simply fell through the cracks because the Conservatives did not act. They could have voted in favour of my bill, Bill C-475, and the legislation would already be amended.

Why did they adopt that attitude at the committee meetings? How can they justify such an undemocratic attitude towards this bill?

Mr. Speaker, I find this question very interesting. Oftentimes we hear members of the opposition stand and complain that we are passing legislation too quickly. However as we pass this legislation, legislation that is really important to Canadians from coast to coast to coast, on the other hand, members obstruct time and again, moving motions that delay the operations of the House so that we cannot pass legislation that we need to get passed.

In this case, we have a piece of legislation that is incredibly balanced. Witness after witness throughout the committee process said as much. Certainly there were people on one side of some parts of the legislation and people on the other side of other parts of the legislation. We found time and again that the legislation came right down the middle.

Witness after witness said it is important for us to get this legislation passed, and I hope we can count on the opposition members. The opposition member who just asked the question has come out praising the legislation. We hope we will be able to get this legislation passed soon with the help of the opposition.

Mr. Speaker, I was not planning on asking my colleague a question, but I absolutely have to, when my hon. colleague talks about all of these witnesses after witnesses. It is like most of their legislation. I believe we had four or five meetings in total. At the Senate there were two or three, and in fact Professor Geist was one of the first witnesses who came to committee, and his first complaint was the fact that at the Senate there were two or three meetings, and that was it.

This is an important piece of legislation. My colleague suggests that there were so many meetings and lots of witnesses who came out. Yes, there was support because this is needed legislation, but there are ways of making the legislation better, which is what the official opposition, the Liberal Party, and the Green Party were trying to do. We were trying to improve the legislation, but we were given no chance at all.

Mr. Speaker, I do not know if there was a question there. It sounded more like a statement, and I find the statement interesting, because she sits on the committee. She is a good friend, but I do not remember her at any point, in committee or even privately, coming up to me and saying that we were not having enough meetings on this legislation. No one made that argument. Certainly amendments were put forward and were voted on by the committee.

I would also point out that the legislation we are looking at today largely comes from a unanimous report in 2007 that was supported by members from all parties. Many of the measures that we are talking about and hearing about in speeches from the other side are measures that were put in place based on the recommendation of a unanimous report from all parties in 2007.

Mr. Speaker, I thank my colleague for his presentation today on this important legislation. I would like to ask him, with regard to Bill S-4, if he could elaborate on how our government is working to protect and help vulnerable Canadians, especially children.

Mr. Speaker, again, that was an important part of the committee hearings. Witnesses came before the committee and talked about how the legislation needs to be changed to enable the sharing of information about financial abuse of senior citizens and others, for example, and not just information dealing specifically with children. They said that we needed to ensure that we struck a balance in protecting people's privacy while still being able to share information when people were vulnerable to financial abuse.

They also talked specifically about taking steps to ensure that when organizations are specifically targeting children, the information that they are asking for is clearly communicated in a way that a child or the person being asked for information would understand.

These are common sense changes that make this legislation even better.

Mr. Speaker, I find the question that was just asked to be a bit rich, given the fact that it is the current government that refused to spend $10 million and ripped it out of the RCMP budget. It was actually geared toward sexual exploitation. If the Conservatives are really serious about protecting youth, that is where they should have spent that money.

With respect to the bill, when we look at the amount of testimony and the number of people who indicated that there should be some amendments to it, we see that the opposition submitted 18 amendments, all of which were rejected. It is as if on that side of the House, they do not think anything can be improved unless it corresponds to their mindset.

Given that we proposed several amendments and that they refused to listen to the concerns expressed by the witnesses during the study, and given that every single witness and group that appeared before the industry committee argued in favour of amending the bill and making it better, I wonder why they did not do it. Why are they rejecting all amendments that could give Canadians the protection they want for their personal data and electronic documents? Why push forward with this legislation, which would likely not withstand a constitutional challenge? Can the member guarantee that this legislation would actually pass a constitutional challenge?

Mr. Speaker, let us start by saying that the hon. member was not on committee and was never at any of the hearings, so I reject the vast majority of her question.

Regarding this idea that the committee did not hear from witnesses, the fact of the matter is that for almost every one of the suggested amendments, there was a group of witnesses on one side saying that we should be tougher and another group of witnesses on the other side saying that it should be easier. We struck a balance somewhere in between. Certainly we had the opportunity to hear a variety of witnesses across the board.

When it came to hearing amendments, there were several amendments moved by the opposition. Someone mentioned 18, but I cannot remember what the number was. Many of them were redundant, in that many of them were the same amendment moved in different areas. In several cases, I remember that the member's own party moved amendments that did not make any sense and had to withdraw those amendments before they were even debated at committee.

Certainly we had the opportunity to hear the experts from Industry Canada weigh in on the legislation and give very well-reasoned arguments about why the legislation was the way it was. I think we came forward with a piece of legislation that would make PIPEDA stronger than it has ever been.

Mr. Speaker, surely the member would recognize that Bill S-4 was put in a unique situation in that it went to committee before it received second reading, thereby creating what turned out to be a false expectation that the government was open to making changes. In reality, all the amendments brought forward were defeated. It was almost like a normal routine of other pieces of legislation that have just gone through the normal process at second reading.

My question to the member is this: why did he feel it was important to isolate this piece of legislation by bringing it to committee before it completed second reading and then sending it to committee stage? Why change the normal procedure, given that the government had no intention of making amendments?

Mr. Speaker, the hon. member, who has said a few words in the House on a few different topics over time, was not actually at committee, and I do not think he could actually name one of the amendments that were moved.

We heard the amendments. We had a good discussion at committee. We heard the suggested amendments, and as a government we decided that in each case the bill was better if we left it the way it was.

I would point out that not every one of those amendments was defeated by only our side voting that way, and nobody else. During the consideration of those amendments, there were often other members who agreed with our side that the amendment was not the way to go.

Again, our legislation will be stronger when this bill passes, and I urge all members of all parties to support it.

Order. It is my duty, pursuant to Standing Order 38, to inform the House that the questions to be raised tonight at the time of adjournment are as follows: the hon. member for Louis-Hébert, Public Works and Government Services; and the hon. member for Surrey North, Public Safety.

Resuming debate, the hon. member for York West.

Mr. Speaker, I am pleased to have an opportunity to speak to Bill S-4. I will be sharing my time with the fabulous member for Winnipeg North.

I am pleased that we are discussing this bill, but again, unfortunately, it is the same Conservative divisive policy of “You are either with us or you are against us.” Members from all sides wanted to see some improvements to Bill S-4, but unfortunately the bill came from the Senate, and any changes were going to disrupt the process of trying to get legislation through very quickly, which is typical, of course, of the government's plan. I can only say that I was disappointed and that I have to stand and say that I have recommended that the Liberal Party vote against Bill S-4.

It is legislation that could have given our digital privacy laws the shot in the arm they so desperately need, and Liberals would have welcomed it if we had had the opportunity to make it better. That was certainly the intention from the Liberal Party's perspective.

As Canadians are increasingly turning to online commerce, education, banking, recreation, and communication platforms, our laws must keep pace in order to protect all of us. Sadly, the government has a wilful ignorance and reckless disregard for reason on such matters, and Bill S-4 proves it again very clearly.

Information oversight and management are not areas that the government has excelled in, so forgive me if my confidence is shaken a bit. I simply cannot accept without proof the government's word that it is actually protecting consumers' interests.

Of course, the way the government looks at personal information protection and privacy has already been subject to a Supreme Court ruling, and once again the court gave the government another failing grade.

This should come as no surprise to anybody who is paying attention to politics in Canada right now. We all remember when the government lost a hard drive that held the social insurance numbers, medical records, birthdates, education levels, and occupations of 5,000 Canadians. In addition, we remember when the interim privacy commissioner revealed that telecommunication companies receive an average of 1.2 million requests from federal enforcement bodies for private customer information every year. That is approximately 3,300 requests every single day for Canadians' personal information.

Perhaps I should also mention the headline that appeared in The Hill Times this week. It warned that Canada's access to information regime is slipping into—guess what—irrelevance. The article went on to reveal that the Centre for Law and Democracy ranks our ATI regime 56th out of 89 countries. I repeat, we are 56th out of 89 countries. We are really way up there, are we not?

The article also said that in September 2014, Canadian Journalists for Free Expression noted that ATI “is severely failing to meet its minimum requirements, let alone adequately serve the population’s needs.”

While I understand that access to information laws are different from digital privacy laws, these examples all point to a government that does not understand information management, yet refuses to seriously consult or listen to the experts on the matter who came before committee. The government stubbornly refused to listen to experts such as Professor Michael Geist and many others who appeared, including lawyers and professors, who said it was a good piece of legislation but that it could be better.

The intent, certainly on the Liberal side, was to try to make it better, but as everyone here knows, Bill S-4 was referred to the committee after first reading, as my colleague mentioned.

This is typically done for procedural reasons, and because it more readily allows for substantive amendments, the referral traditionally indicates the government's willingness to compromise. It was really very unusual for the government to do this, but it was very welcome. We thought that maybe the government had seen the light and that together we could improve this important piece of legislation, so we gladly supported it after first reading. We were preparing to move amendments, work together with the government, and make it a good, strong bill. It was on this implied promise that the Liberal caucus was prepared to support Bill S-4.

Committee members heard from several experts, including the privacy commissioner, IBC, the Canadian Bar Association, Professor Michael Geist and so many more. We took their counsel to heart in those four meetings.

After the hearings concluded, over 42 substantive amendments were presented in good faith, most taken directly from expert testimony. Those 42 amendments came from the three opposition parties in the House.

Let me give an example. I introduced an amendment that was specifically proposed by several witnesses and contributed to the committee study, including the Insurance Bureau of Canada. The amendment dealt with the reporting threshold for privacy breaches. My amendment would have required the reporting of any unlawful breach of personal information security so long as the said breach presented a significant threat of harm to an individual. That same amendment also clarified what a company needed to do to remedy the breach, including a requirement to warn victims that their information was lost. That sounds pretty basic. If my credit card was compromised or my personal information was lost, I would want to know that.

However, the government was unmoved. In just one short meeting, government members defeated every one of those 42 amendments without any explanation or defence. Some of them were out of date already by the time other ones had been defeated. There was no explanation or no big defence. It was simply the silent majority on the other side of the House voted them all down, just like they do all the time at all committees.

Despite warnings of overly broad, cumbersome and nebulous provisions within Bill S-4, the Conservatives took less than three minutes each to consider, discount and defeat everything that the experts had warned us about. As a result, Bill S-4 remains flawed. It has never been fully considered and should not be accepted or passed without a true and unbiased evaluation.

To be clear, there are positive elements to Bill S-4. For example, the legislation grants the Privacy Commissioner the ability to enter into enforceable compliance agreements with companies that have likely breached the act. This provides a regulatory remedy for certain actions and is a positive development. Public Safety Canada said that the bill would help to protect the security and privacy of Canadians by limiting the number of police and security officials who could request subscriber data and applying new requirements for recording, reporting and auditing those requests.

These may be good things, but several independent and credible sources outside of government expressed their concerns with Bill S-4. For example, many warned that metadata could be used to track specific individuals on the Internet and when in the wrong hands, that tracking could represent a serious threat to personal privacy. Bill S-4 utilizes a similar approach, and this is an issue of tremendous concern for those of us on this side of the House.

I want to ensure that law enforcement officials have the information they need to keep us all safe, but a blank cheque approach is inappropriate and promises limited success. We could do better if the government would just listen to the experts and then work with the opposition.

In broad strokes, Bill S-4 represents a shift in the way we deal with digital privacy. Privacy laws have traditionally outlined the rules and procedures needed to protect information and personal data, but in this case the legislation sets up circumstances under which that material could be released.

In a world where crimes involving personal data theft, identity fraud and online stalking are on the rise, protecting data is crucial. Data is not just information; it is a commodity. It is power and it is a back door into our private lives. The Liberals are deeply concerned that the government's commitment to safeguarding personal information and privacy of Canadians is less than absolute with Bill S-4.

Whether driven by Conservative ignorance or intent, Canada is clearly on the cusp of a paradigm shift with respect to privacy laws, and the Liberals are worried about the consequences of Conservative insolence.

Mr. Speaker, I would like to thank my Liberal colleague for her speech.

With respect to the meetings of the committee that studied this bill, we recognized that it was very difficult to get amendments adopted and make corrections to the bill. As my colleague the digital issues critic put it so well, this bill is flawed. The government and the Standing Committee on Industry, Science and Technology did not listen carefully.

I would like her to expand on what she considers to be one of the most problematic flaws in this bill and tell us how we can fix it.

Mr. Speaker, part of the reason why we on this side of the House supported the bill going to committee after first reading was so something as important as it could be improved by working together to ensure that we were better protecting Canadians. The flaws were there. However, the unfortunate part was that it was like all of our committees. They do not function. We can go and put in our hours, but the government has the majority. The Conservatives do exactly what they want. We sit there, we contribute, we try to make sense of some of these things, but it is a major waste of time.

I have been here for 16 years. Committees used to function very much in a non-partisan way. There was give and take, and people listened so we could make the legislation better.

I continue to have a major disappointment when I see the House not working that way. I cannot wait until we have an election and hopefully we can straighten things out so we can get back to doing the kind of work Canadians expect us to do at committee level.

Mr. Speaker, I take the member's point about amendments really being dead on arrival in committee these days. It is getting to the point where the days when amendments from opposition parties were accepted in committee are fast becoming part of Canadian folklore. They are so far back in the past.

I have a question about one of the amendments the hon. member mentioned. I would like her to expand a bit upon it. That is the amendment that would have required credit card companies to divulge some information when a client's card was defrauded and so forth. I am not sure exactly what information and that is why I am asking.

Mr. Speaker, let me use the telecommunications companies as an example. There were thousands of times that telecommunications companies were giving access to personal information; that is our information and the information of many others.

My privacy and that of other Canadians needs to be protected. It should not be randomly given out because somebody asks for it. On anything to do with fraud, Canadians should be aware that their credit cards have been compromised. Individuals should be notified of that fact so they can monitor it themselves, not just assume that the credit card company will be on alert to protect their interests. Far too often the consumers are not notified of those kinds of things.

Again, on the issue of committee, my colleague has been here for quite a long time. He is knows how parliamentary committees are supposed to work, and have always worked. When the government came into power, it decided it was not interested in committee work anymore. It did what it had to do to fill in time to go through the basic process.

Bill S-4 came in through the Senate. The bill should have come in through the House, and had the proper work done through a member of Parliament or minister. That is a proper way to deal with legislation. However, bringing it in through the Senate is the back door way of getting things done, and the government has used that approach several times to get through what it wants done.

Mr. Speaker, I thank the member for York West for allowing me the opportunity to share a few thoughts on Bill S-4.

I am used to the member talking very passionately on a wide variety of issues, particularly regarding our seniors. She is a very strong advocate for our pension programs and so forth. It is also very nice to see that she takes the same sort of attitude in wanting to hold the government accountable on an issue that is important to seniors and all Canadians, which is the digital privacy laws, especially since the Internet and the use of it has exploded over the last decade or so.

When we get advancements in technology and witness it first hand, to the degree in which we have, one would expect the government to have an interest in wanting to ensure we stay on top of the issues related to those advancements. However, the government has not done that.

In fact, it is interesting that we are today debating Bill S-4, which is an important issue. If we were to consult our constituents, I think we would hear genuine concern with respect to the type of information that is on the Internet and just how easy it is for a breach of that security, ultimately causing a great deal of harm to individuals. In a macro situation, it could have a severe impact on the economy.

However, we have an important issue in which the Prime Minister has made the determination that he wants to give the bill that final push as we start to wind down after four years of inaction on the file. Now the Prime Minister, with four and a half weeks of sitting days left, wants to rush the bill through the process and pass into law.

As has been pointed out, we had a different situation in the process with Bill S-4. Not only did it come through the Senate, but it was also stopped before second reading and sent to committee for review. From what I understand, that is very rarely done. The reason it is done is to accommodate significant potential changes to the legislation. That tells me the government, the minister responsible for bringing this legislation before us today, understood there were issues related to the legislation that needed to be dealt with before it completed second reading. I am convinced it was the reason the government took the initiative to take the bill out of the normal process and bring it to a committee first.

I suspect the Independent members, the Liberals and the New Democrats believed the government would be open to amendments. That was kind of the impression that was given to us. However, something happened between the decision to bring the bill to committee and have it voted on in committee with respect to the amendments. This is where the Prime Minister's Office interjected.

Through his office, we found that the Prime Minister was not interested in amendments, because all that would do would prolong the amount of debate, possibly, by having it go back to the Senate. He was more interested in being able to make the statement that the Conservatives had made some changes to the law, even though the legislation was flawed.

I want to focus some attention on the fact that we have very important consumer-type legislation related to something about which Canadians in all regions of our country are concerned, and that is the issue of privacy and protecting it.

The amount of purchasing and other items taking place economically on the Internet is increasing every year. The government wants to try to score a political point by saying it is trying to address the issue. In reality, nothing could be further from the truth. If it were really important to the government, I would suggest that Conservatives would likely have brought it in before the last month or two of this session and that the Prime Minister's Office would have allowed for amendments at the committee stage. Why would Conservatives oppose amendments that would improve the legislation? Unless maybe the government did not want the opposition to support the legislation. There is a lot of merit to that. We have seen that in other pieces of legislation: bring in an idea, give it a label, tell Canadians they are concerned about something, but then leave serious flaws in the legislation to try to maybe get the opposition party offside. Who knows?

What I do know is that there are many deficiencies within the legislation, as has been pointed out by the Liberal Party critic or others, at committee. There are serious flaws in the legislation and there were, I believe, 40-plus amendments that were being proposed. Not one of those amendments passed. The government cannot say that it was political parties that were doing the posturing on it. Many of the amendments, including amendments brought forward by the Liberal Party, were taken from experts at committee who made presentations, some credible organizations, government agencies of sorts that came before the committee.

The government made the decision that it was not going to accept any amendments. What surprises me is that if the Prime Minister's Office had been more clear with the minister responsible for the legislation, the bill could have gone through the normal process. The normal process is not that much better. Ever since the Conservative/Reform government received a majority it had a different attitude in terms of how democracy works here inside the chamber.

I have heard about many pieces of legislation, not only this one, where opposition parties or individual members of Parliament would bring forward amendments and the government consistently said “no” and defeated amendments. The government makes a mockery of the system by not allowing members from all sides of the House to move amendments that would improve the legislation.

Subscriber data requests are very important. People are concerned about that. We know that there are victims who need to be warned when there are breaches of security. Personal identity theft is very real. It is happening far too often. The amount of fraud out there continues to grow and is becoming a serious problem.

We need to protect the privacy of Canadians, and this bill would not go anywhere near far enough to address the many concerns that were brought up, whether at committee or by individual members.

The issues are important. The government has dropped the ball. I would suggest that if the Conservatives really wanted to make a difference, they would allow amendments to pass. In essence, that would provide assurance to Canadians that the government truly does care and that it is more than Conservative spin that it is interested in, but there is no sign of that, unfortunately.

Mr. Speaker, I listened with some interest to the member for Winnipeg North as he intervened on this bill. I was certainly convinced by his arguments. He talked about the fact that there were many witnesses who raised significant concerns about this legislation. He talked about the dangers of not being careful and how we could deal with these privacy issues on the Internet.

Given his strong feelings, I can understand why he would not support this piece of legislation, but I have to tell him that I was a bit flummoxed when I considered the Liberals' response and the response of this member to Bill C-51. We heard the same arguments. The government would not listen to amendments. It would not listen to the experts. The impact of Bill C-51 was going to be extraordinarily significant, but in that case, they turned around and voted for it.

In this case, there are similar arguments and similar positions and they are voting against it. I wonder if the member for Winnipeg North would try to square that circle for me?

Mr. Speaker, I will try to make it relevant to this particular bill. I appreciate the question from the member. Maybe I can assist him by indicating that in debating Bill C-51, because I did get the opportunity to talk about it, we needed to recognize that there was some value to the passage of the bill in the context of time. Through that value, we could provide security for Canadians.

We did have concerns, and we still have concerns regarding Bill C-51. I would suggest that the member need only reflect on what the leader of the NDP and even some of his colleagues said inside the chamber, that if they were in government, they would not repeal the legislation that Bill C-51 brought in, but rather make changes to it. They recognized that there was some value to Bill C-51.

That is not necessarily the same case here. It is nowhere near as time sensitive, and there is no reason why a more all-encompassing piece of legislation dealing with the issues of online commerce and privacy could not be addressed by having a more thorough piece of legislation. If I had more time—

Questions and comments, the hon. member for Beauharnois—Salaberry.

Mr. Speaker, I would like to ask a question.

Bill S-4 has several flaws with respect to the protection of personal information. For one thing, it would lead to a reduction in the number of complaints and reports of breaches because the complaints made would be managed by the companies themselves. It would be up to the companies that receive the complaints to determine if they are serious enough to be addressed.

John Lawford, the executive director and general counsel of the Public Interest Advocacy Centre, says that this will incentivize not reporting data breaches by leaving it up to the organization to determine whether the breach creates a real risk. That is a real conflict of interest.

I am wondering what the member for Winnipeg North thinks about that. Was the committee told that the fact that this bill reportedly protects privacy when it actually does the opposite is a serious concern?

Mr. Speaker, it is important to recognize that victims need to be warned if there has been a breach. That is one of the reasons why the member for York West, on behalf of the Liberal Party, moved amendments specifically dealing with the issue of a threshold and how important it is that companies recognize their responsibility and their role in informing consumers and victims once there has been a breach.

Legislation that would have encouraged this would have gone over a whole lot better, as opposed to what we have here today. That is one of the reasons why, I would suggest, the government was negligent by not accepting a number of the amendments, not just the one I just cited from the Liberal Party critic. There were many other amendments that also could have been passed, I suspect.

Mr. Speaker, as the member of Parliament for Renfrew—Nipissing—Pembroke, it is my pleasure to rise in my place and express strong support for Bill S-4, the digital privacy act. This legislation would make important updates to the Personal Information Protection and Electronic Documents Act, commonly known as PIPEDA.

I take issues of privacy very seriously, just as do the people in my riding, like teachers, parents, and grandparents. The number one concern that is expressed to me by individuals is their right to privacy and their right to be protected from the misuse of private information. When it comes to the Internet, while it has brought many improvements to the lives of Canadians, the concern always is what happens to the information that is collected from the Internet on individuals and how it may be used.

Under the current law, companies must seek permission from an individual to collect personal information and may only use this information for legitimate business purposes that had been identified prior to collection. Businesses are required to protect this information when it is in their possession, and they cannot share it with anyone, except in the case of very narrow, limited circumstances. The digital privacy act would build on these protection policies and would add new requirements by which companies must abide.

For example, the bill would require companies to inform Canadians if their personal information has been lost or stolen and if they have been put at risk as a result. It would also clarify the rules around obtaining individuals' consent to collect their personal information, clarifications that would ensure children and other vulnerable groups would be protected when they go online.

The recent high-profile criminal court case in Ontario of a hand-picked senior Liberal provincial deputy minister being convicted of charges related to the heinous crime of pedophilia using the Internet demonstrates how dangerous a place the Internet is for children and the continual need to try to stay one step ahead of the bad guys. The fact that an individual could occupy such a senior position for years as deputy minister of education and a senior advisor to the Liberal premier of Ontario, and apparently do so undiscovered until uncovered by an international crime investigation, is shocking. Convicted pedophile Ben Levin was photographed happily campaigning with the leader of the third party in this place undetected, apparently, or otherwise. This demonstrates why we must always keep up our guard, particularly when children are involved. The Internet is a dangerous place for children.

My constituents in Renfrew—Nipissing—Pembroke know that, when children are involved, I will always err on the side of caution. As we have discussed many times before, strong rules are meaningless if they are not backed up with strong compliance tools. I would like to focus my comments in this critical area.

Let me begin by explaining how PIPEDA currently works with respect to compliance. The act is enforced by the privacy commissioner, who has the ability to investigate complaints and the power to launch investigations in the event that he feels an organization is in violation of the law. PIPEDA gives the commissioner broad investigative powers, which allow him to enter premises, compel the production of information and gather evidence. It is a criminal offence to obstruct the commissioner in the process of an investigation. However, for the most part, the commissioner acts as an ombudsman, using a range of dispute resolution tools to address any violations of the act he discovers in the course of an investigation. At the conclusion of an investigation, the commissioner issues a report outlining any violations of the act, a list of recommendations, and an assessment on whether corrective action needs to be taken moving forward.

PIPEDA's compliance regime has, for the most part, been successful in resolving issues brought to the commissioner's attention. Most organizations in Canada are good corporate citizens, and when the commissioner identifies that they are in violation of the law, they move quickly to correct their practices.

Unfortunately, as a lawmaker, I know from experience that there will always be those who try to skirt the rules. That is why Bill S-4 would make some important improvements to PIPEDA's compliance framework. These changes would make sure the commissioner has the necessary tools to ensure organizations respect the law and the privacy rights of Canadian citizens.

First, Bill S-4 would increase the amount of time available to take an organization to court. Currently, an application to the Federal Court has to be made within 45 days after the commissioner issues the report of findings. In their testimony to the standing committee, officials from the Office of the Privacy Commissioner explained why this period needs to be increased. They stated:

As we've experienced in practice, 45 days is a very short time period to resolve some of the highly complex technological issues or broader accountability issues that organizations quite rightly need time to rectify.... We...follow up with them several months, if not a year, afterwards to ensure they did follow through on the recommendations they said they would undertake to do.

To address this issue, Bill S-4 would increase the time in which an organization could be taken to court from 45 days to 1 year. As the Privacy Commissioner pointed out to members of the standing committee, organizations are often given up to a year to implement recommendations. This amendment would enable the commissioner to enforce compliance in court if a company fails to take the necessary action.

The second important change brought forward by Bill S-4 would give the privacy commissioner the authority to enter into binding compliance agreements with organizations. A compliance agreement is a regulatory tool that provides an alternative to taking an organization to court if it was found to be in violation of PIPEDA. Compliance agreements are voluntary but binding agreements. They are agreements between an organization and the commissioner. These agreements benefit both sides. From the organization's perspective, it gets certainty and clarity. From the commissioner's perspective, these agreements increase the accountability of the organization to become compliant with the law. Currently, commitments made by an organization to implement the commissioner's recommendation are non-binding. Compliance agreements, however, would make these commitments binding and enforceable by a court.

The inclusion of compliance agreements in the digital privacy act was supported by a broad range of stakeholders during committee hearings on the bill. The Privacy Commissioner himself stated that there are two main amendments that are very necessary and would be helpful for us to implement and apply. The first amendment he was referring to was about mandatory data breach reporting. The second was about compliance agreements. Similarly, Mr. Tamir Israel, from the Canadian Internet Policy and Public Interest Clinic, stated, “We're particularly pleased to see the inclusion of compliance agreements and an extended appeal period...”.

Finally, Bill S-4 would give the commissioner more power to name and shame, or to publicly disclose information when organizations are not co-operating. Under the current act, the commissioner can only publicly reveal information about the way in which an organization handles personal information. However, the commissioner cannot, for example, disclose that an organization is not co-operating with an audit or is otherwise acting in bad faith. For many organizations, the threat of having their lack of action made public would be an effective tool to hold them accountable and encourage them to comply with the law; and the proposed amendment could be used, for example, against foreign-based companies that are otherwise beyond the reach of Canadian courts.

Mr. Speaker, my Conservative colleague spoke about corporate accountability with regard to privacy protection. However, she knows full well that Bill S-4 allows those same businesses to decide for themselves whether or not they will address the complaints people make regarding the use and sharing of their personal information without their knowledge, without consultation and without a warrant.

Many witnesses told the committee that there is a problem with transparency in this bill and that it creates a conflict of interest because the company at fault is the one that decides whether or not the complaint will be addressed. This bill does not provide greater protection for consumers and Canadians. On the contrary, it opens the door to abuse. Many people and experts told the committee that the bill is seriously flawed.

I am wondering how the member opposite can say that this bill is going to protect children when it is flawed. Even the Privacy Commissioner said that the bill does not have the power to really protect Canadians.

Mr. Speaker, if a company refuses to co-operate with requests for information, the commissioner could publicly disclose this fact, which would send a signal to consumers of the privacy implications of the organization's practices. The organization would, in turn, have to explain to its customers why it is not respecting Canadian privacy law, and this change would ensure that Canadians are informed and aware of issues that affect their privacy, so that they can make educated choices to protect themselves.

Our government is taking action to give the privacy commissioner powerful new tools to promote compliance with PIPEDA, whether through binding agreements, the possibility of court action, or being held to public account. These proposed amendments would increase the accountability of organizations to maintain good privacy practices, and if they do not report a breach, they would be heavily fined for each name that is disclosed, up to $100,000. When a company has thousands of clients, that could add up to quite a bit of money.

Mr. Speaker, in committee, one of the issues that was discussed at length is elder financial abuse. I would like to ask the member how Bill S-4 would work to combat this serious problem in our society today.

Mr. Speaker, unfortunately, senior abuse is a tragic fact in our society, and our government has put forth common-sense proposals in the digital privacy act to combat financial abuse of seniors. The digital privacy act would not broadly expand warrantless disclosure but would narrowly allow banks and other financial institutions to voluntarily disclose financial abuse to the proper authorities. It is a targeted proposal that would help combat the unfortunate situation of financial abuse of the elderly.

Mr. Speaker, I am pleased to speak about a topic as important as privacy protection.

We need to amend the Personal Information Protection and Electronic Documents Act to bring it in line with the reality of the digital era. The bill seeks to impose new requirements for the collection, use and disclosure of personal information by a company or organization.

What really bothers me about this bill is the provision that would allow organizations to share personal information without a warrant—yes, I did say without a warrant—and without the consent of the individual concerned. That is a major problem.

Even though this bill is called the digital privacy act, it contains a provision that could really interfere with the protection of privacy. I find that deeply contradictory.

Once again, this Conservative government has proven that it spends more time coming up with grandiose titles than working on content. It is also extremely important to point out that between the drafting of this bill and today's debate, the Supreme Court ruled that information such as the data that Internet service providers have on users and clients—IP addresses, email addresses, names, telephone numbers, and so on—is considered personal information and cannot be obtained without a warrant. I am not the one saying that. It was a Supreme Court ruling.

I have some serious concerns about the constitutionality of this provision. The government must comply with the Supreme Court's ruling and remove all the provisions enabling the disclosure of personal information without a warrant.

During the study in committee, a number of witnesses expressed concerns about this very provision. For example, the Privacy Commissioner said the following in a submission:

Allowing such disclosures to prevent potential fraud may open the door to widespread disclosures and routine sharing of personal information among organizations on the grounds that this information might be useful to prevent future fraud.

We want to protect privacy, but it is questionable to allow access to personal information without a warrant, without consent, without any kind of judicial oversight and without transparency. The Conservatives have a poor record when it comes to protecting privacy, and Bill S-4 will not erase the past.

In one year alone, government agencies secretly made at least 1.2 million requests to telecommunications companies for personal information, without a warrant or proper oversight. Why did they ask for this information? We do not know.

The government should have taken advantage of Bill S-4 to close the loopholes in PIPEDA that allow this kind of information transfer without legal oversight, consent or transparency.

There is another provision in the bill that made my jaw drop. This bill would require companies to declare a data loss or breach if and only if it is reasonable to believe that the breach creates a real risk of harm. In other words, it is up to the company itself to determine whether or not it should notify the authorities in the event of data loss. That is crazy.

This measure will actually give companies less incentive to report data breaches by leaving it up to the company whose data were breached to decide whether the breach creates a real risk of significant harm to an individual.

This blatant conflict of interest is what really kills the purpose of this bill because a company will see no benefit to reporting a data breach and every benefit to hiding it. Deciding that a breach is benign will save the company money, damage to its reputation and inconvenience

It will also help the company avoid being put under the microscope by the Office of the Privacy Commissioner of Canada for an audit or investigation. It will create a culture of non-reporting because the commissioner would be nothing more than an observer.

In conclusion, the Conservatives say that their bill is balanced, but we can do much better. We are increasingly aware of the harm that data breaches can cause, so we cannot create a bill that will barely be useful.

We need a bill that will do an excellent job of giving Canadians better protection from data breaches. This bill has not been looked at carefully enough, and we need to fix it. Canadians deserve better.

Mr. Speaker, I thank my colleague for her speech.

I completely understand why my colleague was so shocked when she saw the provisions allowing companies that disclose personal information to manage and discipline themselves.

It is quite surprising that, ultimately, the Conservatives are refusing to be guided by the most informed, most qualified experts on the matter. One example is Daniel Therrien, the Privacy Commissioner.

With Bill C-51, once again, the Conservatives tried to take evasive action by not inviting the commissioner. However, in the case of the committee work on this bill, the commissioner was able to have his say.

Can my colleague comment on the fact that the very reasonable amendments brought forward by the NDP, which were inspired by the commissioner's comments, were flat out refused by the government, without any discussion?

Mr. Speaker, I thank my colleague from Beauport—Limoilou for his very relevant question.

As I said, since we have been here, since the beginning of the 41st Parliament, we have learned that this government prefers self-regulation. We have seen this in many areas, including rail safety, drug reporting—until we forced the government's hand—and personal information. Some 18 amendments were brought forward at committee. The commissioner also suggested that the bill be amended to reflect the Supreme Court ruling.

However, we know that privacy is a thorny issue and not a priority for the Conservatives. What, then, is their priority: getting personal information without authorization or income splitting?

Mr. Speaker, why is my hon. colleague across the way opposed to the position of the Privacy Commissioner? The Privacy Commissioner came to committee. The fact is that almost every witness agreed. Some did not agree with Bill S-4, and as we have heard, there were diverse opinions. However, the vast majority supported the changes that Bill S-4 presented, and the Privacy Commissioner was part of those.

Why does the NDP ideology get in the way of recommendations from the committee and the Privacy Commissioner?

Mr. Speaker, I would like to respond to my colleague across the way with some facts and key figures.

In one year alone, the Conservatives made 1.2 million requests to telecommunications companies for Canadians' personal information. What is more, 70% of Canadians feel less protected than they did 10 years ago. That came from a 2013 survey of Canadians on privacy protection.

Some 97% of Canadians would like organizations to notify them in the event of a breach of security of their personal information. It has been proven that there is a directive that is not clear. It surprises me that there is no authorization, no consent, no judicial oversight.

Mr. Speaker, I am pleased to speak to Bill S-4, the digital privacy act, which was recently reviewed by the Standing Committee on Industry, Science and Technology.

Bill S-4 introduces a number of important improvements to the Personal Information Protection and Electronic Documents Act that will increase the level of privacy protection for Canadians.

PIPEDA is privacy legislation that has been in place for more than a decade now. Under the law, organizations are expected to apply stronger protection in situations that are privacy-sensitive. As an overriding rule, businesses must limit what they do when it comes to the collection, use, and disclosure of personal information to activities that one would consider reasonable and appropriate in the circumstances.

Not all individuals have the same capacity to understand what is reasonable and appropriate, nor can they necessarily appreciate the immediate or long-term consequences of providing information about themselves to a commercial enterprise. This is particularly true of minors. The range of online activities today's kids engage in is astounding. They take part in multi-player games with people from all over the world. They explore virtual worlds. They join chat rooms and post comments, photos, and videos about themselves and their friends.

Today's kids have grown up with the Internet and digital technologies. Social networks, gaming consoles, and smart phones have always been a part of their lives. When kids interact with their friends and when they play games, more often than not it is through technology.

According to a survey conducted in 2013, more than 30% of grades 4 to 6 students have Facebook accounts. By grade 11, 95% of students have such an account.

Digital technology offers tremendous benefits to children's education, development, and social lives. In today's digital economy, children must be able to safety and securely use network technologies and access the online world if they are to develop the skills they will later need to find jobs in the digital marketplace.

What children may not be aware of is that the information they share in the context of online play or learning can actually have unintended consequences. Online personal information has become an enormous source of revenue for companies. Kids are able to play online games, download and use apps, and talk to their friends at no cost because companies offering these services generate revenue by harvesting and using personal information for profiling and marketing purposes.

This government does not wish to prevent today's youth from fully realizing the benefits of the digital world. The skills they develop through these many online activities will provide them with significant advantages when they enter the job market as young adults. This government fundamentally believes that digital literacy and skills are at the core of what is needed for individuals to succeed in today's digital economy.

However, with an increased online presence comes added risk. Strong protections for children's online privacy are needed.

PIPEDA already contains defences that safeguard the personal information of minors. For example, the act prohibits organizations from using deceptive means to obtain consent. Most importantly, it requires companies to limit the purposes for which they collect, use, or disclose personal information to reasons that individuals would consider reasonable and appropriate in the circumstances.

Bill S-4 enhances these protections by clearly setting out requirements that organizations must meet when obtaining consent. These new provisions will have a positive impact, especially when it comes to the protection and the privacy of children.

The new measure will require organizations to clearly explain why they are collecting information, what they will do with it once they have it, and what the consequences of providing it will be.

What is more, they must provide this explanation in a way that can be understood by the audience they are targeting with their product or service. This means that any business targeting children must pay very close attention.

The amendments in Bill S-4 mean from a legal perspective that when a company is seeking permission to collect, use, or disclose personal information from a group of individuals such as children, it must take steps to ensure that these individuals are able to fully understand what would happen to that information.

In practice, this would mean that the organization's request for information can be easily understood by the target audience. This includes making sure that the wording and language used in the request are age-appropriate. For example, a video game designed and marketed to preteens would clearly need to take a different approach to obtaining the consent of players to collect personal information than a video game marketed to adults.

We heard from a number of witnesses during the committee's consideration of the bill, and the majority were supportive of our government's proposed amendments in Bill S-4 to enhance consent.

The Privacy Commissioner of Canada repeatedly expressed his support for the amendment. This is what the Privacy Commissioner told the committee:

Consent is a big part of PIPEDA, and I think it's useful to have this clarification of what actually is consent. We obviously know that it is a huge challenge for organizations to properly advise individuals of the reasons they collect information and they use it, so any tool that enhances, that provides an incentive for organizations to be clearer, and to take into account the context of the individual or consumer I think helps Canadians.

The commissioner further emphasized:

So, when the individual is a child, if your product is addressed to children, you should think about what is reasonable to expect of a child in understanding the consent being sought. Overall, I think, again, the definition of consent in Bill S-4 will assist generally and will assist particularly groups that are more vulnerable, like children.

Privacy information must be clear to the user. The privacy policy should be specific to whatever service the child is using and not be a one-fits-all privacy policy.

The standing committee also heard support for this amendment from a number of other witnesses, including from business. For example, the Marketing Research Intelligence Association, a national self-regulatory body that represents Canada's survey research industry, wrote in a submission to the committee that it fully supports the enhanced consent requirements of the bill.

The association noted in particular that the amendment provides “added clarity for organizations when they seek the valid consent of an individual” when collecting, sharing, and disclosing their personal information. It went on to say:

We believe that specifying the elements of valid consent will go a long way to protecting the most vulnerable Canadians, such as seniors and children.

Our government has already taken significant action when it comes to protecting children online. We have made important progress to shield our children from online intimidation, cyberbullying, and other similar threats and abuse through amendments to the Criminal Code of Canada that were passed under the Protecting Canadians from Online Crime Act.

The amendments put forward under the digital privacy act build on those actions taken to address cyberbullying and represent additional real and tangible measures to protect Canadians and their families from online threats.

PIPEDA has been in force since 2001. Concerns about the protection of children's online privacy were raised with Parliament in 2007 during the first statutory review of this act. There was general consensus among witnesses that children warrant extra privacy protection, given their particular vulnerability to deceptive and privacy-invasive practices. Indeed, at the conclusion of its review of the act, Parliament recommended that the government examine the issue of consent by minors to determine if PIPEDA should be amended.

Our government heard stakeholder concerns and is responding to the recommendations of committee by introducing enhanced protection for the privacy of minors that is now before the House. This is an important amendment, and along with all other measures in this bill, it should be passed quickly.

The digital privacy act takes real and tangible steps to protect society's most vulnerable individuals. I hope hon. members will join me in supporting this bill so that these new protections can come into force quickly.

Mr. Speaker, I listened carefully to the speech by the hon. member, who, if I am not mistaken, is also a member of the Standing Committee on Industry, Science and Technology.

The government seems to be in a hurry to move forward with this bill. However, we still have some concerns about privacy protection. The Privacy Commissioner raised those concerns.

Can the hon. member elaborate on how this bill will really protect the privacy and communications of Canadians who communicate honestly and in good faith? Does this bill contain measures that will really protect Canadians' privacy?

Mr. Speaker, the committee heard many witnesses. They provided views and testimony from both sides of the spectrum.

It is important to note, as per my colleague's question, that the digital privacy act would require organizations to tell Canadians if their personal information has been lost or stolen. As well, heavy fines of up to $100,000 would be imposed on companies that deliberately break the rules. The legislation would place strict limits on the type of personal information companies can disclose; establish new rules to protect the privacy of vulnerable Canadians, particularly children, as I just discussed; provide provisions to protect seniors from financial abuse, something we have spoken about extensively this afternoon; include measures to allow the use of information to help find missing children; and give the Privacy Commissioner of Canada more power to enforce the law and help hold offenders to account.

Bill S-4 meets those objectives more than adequately.

Mr. Speaker, I am pleased today to speak to the very important Bill S-4. It concerns the sharing of personal information in the digital age. It deals mainly with the way in which we legislate against companies responsible for the loss or sharing of information. We know this is a very sensitive issue because we are in the digital age where more and more personal information is found online. We think first of banking information, and also of information that sometimes seems not that important, but that is nevertheless part of peoples' private lives. It is information that we share on social networks, such as photos.

This covers all kinds of of complex issues, such as copyright, that we have addressed in the House since the last election, and the dissemination of information pertaining to national security. We had an important debate on this issue during the debate on Bill C-51. We learned that information technology companies, or startups, had concerns about some of the bill's provisions.

Of course, we are all familiar with the infamous story of Bill C-30, where the minister of public safety and emergency preparedness at the time told us that we stood either with the government or with child pornographers. This example shows just how big an issue we are dealing with and the Conservatives' poor record in this regard.

First, I would like to mention something very important and very simple: the obligation to review the privacy legislation every five years. Obviously, this is very important given how quickly technology changes. Unfortunately, such a review has not been implemented. A number of bills were introduced in this regard, but they died on the order paper when the Prime Minister prorogued Parliament. There was, of course, Bill C-30, which is a whole other story, and there was also the bill introduced by my colleague from Terrebonne—Blainville. That bill, which the government refused to support, sought to implement a robust privacy review process, give more power to the Privacy Commissioner and have clearer legislative provisions.

Bill S-4 includes similar provisions. However, they do not go far enough and there are still worrisome loopholes. One of the grey areas that I am particularly concerned about has to do with organizations, such as banks, that could share private information. These organizations are required to report a loss of personal information to the Privacy Commissioner only “if it is reasonable in the circumstances to believe that the breach creates a real risk of significant harm to an individual”. That may seem clear, but when it comes to legislative measures, we can see that there is a lot of leeway in how this provision of the bill is worded. The company could decide that no one's privacy was really violated and that there was no risk of harm to the individual and simply not report the privacy breach.

One of the flaws in this bill is the requirement for a court warrant, which my colleague from Terrebonne—Blainville brought up earlier and which she included in her bill. The Supreme Court recently ruled that any invasion of privacy by the government and any request that the government makes to a private company that is in possession of our information require a mandate. There is no such requirement in this bill, which is extremely worrisome. That is why I made the link earlier to Bill C-51 and the debate on Bill C-30, which did not end up taking place because we managed to get the government to back down. The government seems to be on the wrong track and does not seem to take privacy seriously.

Its record is a great example of that. How many times does the House need to hear criticisms about mismanagement at the Canada Revenue Agency, for example, during question period or at every possible opportunity, whether it is when bills are introduced and petitions are presented or at press conferences?

This department is in possession of the most sensitive information on Canadians, such as their social insurance numbers and their tax information. The department has been the victim of data breaches, and the government does not seem to be taking any responsibility. That makes it hard for us to trust that the government will require private companies to comply with high privacy standards when it is not capable of doing so itself. This situation is extremely worrisome.

We know that this is a complex issue because more and more things are done online. As far as matters of national security are concerned, we know that as legislators we have work to do. We wanted to propose amendments to ensure that this bill went further and complied with the Supreme Court decision. Like a number of witnesses in committee, we question the constitutionality of this bill in its current form.

If I am not mistaken, the 18 amendments the NDP proposed were all rejected. True to form, the Conservatives did not listen to any of the testimony or pay any regard to the amendments proposed by all the parties. The amendments proposed by the NDP were all based on what the public had to say and on the very hard work of my colleague from Terrebonne—Blainville, who was trying to get suitable provisions for 2015, not 2000. Technology changes and so does our reality, and we have to adjust accordingly.

In this context, there are a number of troubling aspects. First, this bill was introduced in the Senate, which, naturally, we criticize every chance we get. The Minister of Industry made an announcement about how he wants to proceed in the digital age, but instead of introducing this bill in the House himself, he introduced it in the Senate. That is one problem.

The second problem is that the Conservatives wanted to skip second reading and send the bill straight to committee. That is not a bad idea in and of itself. The NDP has asked for the same in order to study certain extremely complex files.

For example, we asked to take this approach for Bill C-23, which we called the “electoral deform” bill. Since the government wanted to go straight to committee, we thought it was willing to accept amendments and listen to witnesses, but that did not happen.

The third problem concerns another of the government's bad habits: the honour of the 97th time allocation motion was bestowed on Bill S-4 in order to limit debate. Unfortunately, at this rate, the Conservatives will have moved 100 such motions by the time the election is held. To be blunt, that is pretty shabby.

Although it is important to protect Canadians' privacy and to do what it takes, in 2015, to implement an approach appropriate for the digital age, recent Supreme Court decisions have cast doubt on the constitutionality of this bill.

This bill does not go far enough, and since the government wants to limit debate and does not accept the amendments and the work done in committee, we cannot and will not support this bill. I am very pleased to rise in the House to say that.

Mr. Speaker, the member talked about the ability of corporations nowadays, through the digital area, to accumulate information and the type of information collected. Whether it is through our financial industries or through a lot of groups that sell merchandise over the Internet, there is a great deal of information about virtually everyone in Canada. The government needs to put into place safeguards to protect the identity and other related issues.

Perhaps the member might want to provide more of his thoughts with respect to the important role that government can play in protecting the interests of Canadians who engaging with the Internet and different types of transactions more and more everyday.

Mr. Speaker, I would like to thank my colleague for his question.

There is a lot of information circulating, and our world is changing quickly. The challenge for us as legislators is to stay on top of all these changes.

Sometimes some information that seems innocuous can pose a threat to our privacy. An IP address, for example, can identify the location where we accessed the Internet, the device we used and what we did with it. All manner of information is hidden, and sometimes we are not even aware that it exists.

One aspect of this problem can be addressed through public education. However, as my colleague mentioned, the government has a responsibility to protect Canadians.

A private company with personal information about a citizen has an obligation to protect it. Sometimes, despite great efforts, this information can be lost or even stolen.

The government itself could ask for this information for reasons of national security. That is why the courts need guidelines that must be spelled out in the law to ensure that the government cannot simply extract this information from companies.

If that information is stolen from companies or if they lose it, there has to be a way to ensure that the Privacy Commissioner is informed and has the right tools to take action and protect people.

Mr. Speaker, I am pleased to rise to speak on behalf of Bill S-4, the digital privacy act, which is referred to the House by the Standing Committee on Industry, Science and Technology.

When Parliament first enacted the Personal Information Protection and Electronic Documents Act, commonly known as PIPEDA, in 2001, it recognized there were certain limited circumstances in which an individual's right to privacy must be balanced with other fundamental rights and public interest.

One such interest is the need for investigations into breaches of agreements, contraventions of law and for fraud prevention, which in certain circumstances must be conducted by the private sector.

Examples of these are common. They include investigations into professional misconduct by self-regulating professional associations, like the provincial colleges of physicians and surgeons, as well as the law societies. Another example is cross-sector investigations to detect crime and prevent fraud, such as the work done by the Bank Crime Prevention Centre and Investigation Office of the Canadian Bankers Association and the investigative services division of the Insurance Bureau of Canada.

It is not difficult to see that there is a real public interest in ensuring that these organizations have the ability to investigate. In order to do so, they must be able to obtain personal information that is protected under PIPEDA.

The Privacy Commissioner told the committee:

I totally agree that there needs to be provision in PIPEDA allowing organizations to address the issue of fraud or breaches of agreements that they may face.

The need for such a provision is also recognized within the legal community. The committee heard from Eloise Gratton, leading privacy officer and partner at the law firm of Borden Ladner Gervais and a professor of law at the University of Montreal. Ms. Gratton spoke of her own experience as counsel to private organizations conducting investigations into wrongdoing. She said:

The bottom line is that I agree that we need to have a provision authorizing the disclosure of personal information without consent to address these types of situations.

To enable this type of information sharing, PIPEDA currently has a regime that allows organizations to disclose an individual's personal information in order to conduct certain types of investigation.

As it stands right now under the current law, investigators who want to access personal information must be listed as an investigative body in the regulations. This involves coming forward with an application to the government and if the federal cabinet decides that the application is warranted, the organization is added to the list.

This is an extremely burdensome process for organizations. During the first parliamentary review of the act in 2007, the Standing Committee on Access to Information, Privacy and Ethics recommended that this system be scrapped and replaced with a different set of rules based on those that had been in place for a decade in Alberta and British Columbia. The bill would implement this recommendation.

A number of witnesses who came forward at the committee to express support for the importance of the changes within the bill expressed many positive sentiments in this regard.

The Life and Health Insurance Association of Canada told the committee that these amendments would help the industry's effort to detect, deter and minimize insurance fraud, which is stated to be extremely costly to the industry. A witness from the association explained to committee members that there was a current gap in PIPEDA to which he said:

[It] restricts the ability of organizations to disclose information without consent...for the purpose of conducting an investigation into a breach of an agreement or of a law of Canada.

The Central Credit Union of Canada also testified that it supported the proposed exception for consent for fraud prevention. In the words of the Central Credit Union witness it would:

—reduce the administrative burden associated with some of the activities of...my organization's Credit Union Office for Crime Prevention and Investigation.

Finally, the Insurance Bureau of Canada also spoke to the importance of the proposed amendments for the investigation and prevention of automobile fraud. According to Insurance Bureau statistics, automobile fraud cost the Ontario economy an estimated $1.6 billion in 2014 alone.

The witnesses from the Insurance Bureau explained in detail to the committee how Bill S-4 would make an insurance crime easier to detect and prevent as a result of the changes our government was making, and this is great news. However, I should note that during the committee's review of the bill, some concerns were expressed about the potential for misuse of such an exception to consent or resulting in the over-sharing of personal information, as my colleagues opposite have noted today.

However, the bill would protect against this aspect. Organizations can only make use of the exception to consent when a four-part test is met.

First, the disclosure must be made to another private organization, not to the government or to law enforcement. Disclosure to government authorities must follow a different set of rules, for example, when police must obtain a warrant to get private information.

Second, the exception to consent is only available if the information is being shared for the purpose of conducting an investigation into a breach of Canadian law or a breach of an agreement, such as a contract, and it must be reasonable. This means that an average Canadian must be able to see the merit of disclosing the information in question for the purposes of an investigation.

Third, the investigation has to be legitimate. It must pertain to a contravention of law or a breach of agreement that has occurred, is occurring or is imminent. Information cannot simply be disclosed because an agreement might be broken.

Finally, it must be reasonable to believe that seeking the consent of the individual in question to disclose the information would compromise the investigation, for example, by allowing them to destroy or alter evidence.

The intention of this four-part test is to allow legitimate investigations that are in the public interest to take place in a manner that is being balanced with an individual's right to privacy.

My colleagues have brought up the issue of copyright trolling. Certain concerns have been raised that copyright lawyers could abuse the amendment to target Canadian consumers. Let me be clear. This type of activity is not an investigation. Nor is it fraud prevention. Under no circumstances do we believe this proposed amendment provides a backdoor that could be used for trolling, due to these tests. PIPEDA has always provided a legal certainty with respect to the rights of legitimate private sector investigations. Bill S-4 maintains that legal certainty.

I also want to touch on a couple of comments that have been made in light of the bill.

First is the definition of “significant breach”. There has been some doubt as to what this means. As set out in the bill, a significant breach is a breach that poses a real risk of significant harm based on the sensitivity of the personal information involved in the breach, the probability that the personal information has been, is being, or will be misused and any other factor prescribed in the regulations.

The definition of “significant harm” was also brought up. It is defined in Bill S-4 as bodily harm, humiliation, damage to reputation or relationships, loss of employment, business or professional opportunities, financial loss, identity theft, negative effects on a credit record or damaged or lost property.

There was also some doubt about “private investigation”. It is defined as an investigation carried out by private sector organizations, therefore, not a government authority into an alleged contravention of a Canadian law, or an alleged breach of agreement.

Since we are getting to the end of this session of Parliament, should I not have an opportunity to rise again in debate in the next few weeks, I would like to thank all of my constituents in Calgary Centre—North for the privilege of allowing me to serve them in the last four years, as well as my volunteer team and certainly, in a moment of non-partisanship, my colleagues across the aisle and in the House who every day travel away from their families to spend time in the honour of public service. This is not a job. This is service. Certainly, when we all rise here in debate to discuss these issues, we might be passionate opponents one way or the other but we all do it to build a better Canada.

It is a wonderful position to be in to rise to support bills like this, which are common sense measures to make Canada a better place, to support better legislation, better privacy, better access to information and strengthening Canadian laws. These are the things with which we as parliamentarians are often seized.

It is always a great pleasure to speak in this place and it is a great pleasure to be here as a parliamentarian.

Mr. Speaker, I thank my colleague for her speech.

The Supreme Court recently established that the government must have a warrant to obtain personal information from a private company. In committee, several witnesses said that the bill contained no provisions making it mandatory to get such a warrant from the court, so we have to wonder whether the bill is even constitutional.

Is the minister concerned about that? If so, can she tell us why the government rejected all amendments at committee stage despite the Conservatives' show of good will in sending the bill to committee right away?

Mr. Speaker, as I mentioned in my speech, the changes in this bill affect private investigations, which, as the bill defines, are investigations carried out by a private sector organization, not a government authority.

With regard to the Supreme Court decision, the Supreme Court itself noted that PIPEDA does not create any search and seizure powers for law enforcement; instead, it allows companies to provide information to police should they choose to do so when—and here is the kicker—the police are legally able to obtain the information, meaning through normal warranting procedures.

The court has clearly stated that this is only when police have a warrant, are acting in exigent circumstances, are acting under an authority granted to them in law, or are obtaining information for which there is no reasonable expectation of privacy.

The Supreme Court decision itself clarifies how PIPEDA works, and it does not mean how the act or Bill S-4 needs to change.

I hope that my colleague will inform himself. I know he is well informed on this bill. He certainly knows the ramifications of the Supreme Court ruling in this regard. I hope that he would actually provide the correct information to his constituents and to folks abroad about this. Indeed, as the member for Terrebonne—Blainville said on April 8, 2014, “We have been pushing for these measures and I'm happy to see them introduced.”

This is something that supports all Canadians and is a common sense measure to help strengthen our legal system.

Mr. Speaker, on June 2, 2014, the Supreme Court of Canada handed down an important decision about sharing personal information.

In their decision, the Supreme Court justices stated that information about customers, including their names, addresses, email addresses, phone numbers and IP addresses, could not be shared with a third party without a warrant.

In light of that decision, does the member believe that some of the provisions in Bill S-4 might not be constitutional?

Mr. Speaker, unfortunately the member was not listening to her colleague, who just asked the exact same question from the talking points that the lobby handed them.

I will, in fact, indulge her with the same response. This bill refers to private investigations, and private investigations are defined as investigations carried out by private sector organizations, meaning they would not be a government authority. The Supreme Court itself has noted that PIPEDA does not create any search and seizure powers for law enforcement.

This bill relates to information sharing between private organizations when such investigations are required to prevent fraud. We heard testimony from the law society and the insurance bureau at the committee. The Privacy Commissioner himself put forward a comment saying that this change needed to be made.

Again, to refer back to the decision just so the member is perfectly clear, PIPEDA allows companies to provide information to police should they choose to do so in circumstances where the police are legally able to obtain the information. In terms of relating information to law enforcement officers as part of an investigation, warrants are most often required. What this bill does is ensure that there are information sharing provisions between private organizations as part of an investigation.

Mr. Speaker, I rise in the House today on behalf of my constituents from Surrey North to speak on Bill S-4, an act to amend the Personal Information Protection and Electronic Documents Act and to make a consequential amendment to another act. I rise today because I oppose the bill in its current form.

Members from three parties proposed amendments to the bill so that it would stay within constitutional boundaries. However, the Conservatives rejected every single one of those amendments, even the amendments that were drafted according to the comments and suggestions from the witnesses.

As the official opposition, it is essential that we carefully review the legislation and voice dissenting opinions in order to ensure that each bill is thoroughly examined. In this case, as in most cases that I have experienced in the past four years, it is evident that the Conservatives are determined to push through their own agenda on their own timeline.

I feel strongly that it is important for Canadians to know that their privacy is being protected, especially in the digital age that we live in. However, just because the Conservatives have not conducted the mandatory five-year review of the Personal Information Protection and Electronic Documents Act, PIPEDA, does not mean that we should rush through an unbalanced bill.

I feel very strongly that the bill before us was not well studied and needs to be fixed before it is passed through the House. In fact, the Conservatives did not support or submit any amendments to the bill because they did not think that would allow enough time to pass the bill before the election. This sounds politically expedient to me. Canadians deserve better than what the Conservatives are giving them.

The issues surrounding online privacy and safety are not new problems. Rather, they are existing problems that have become increasingly harder to protect against as technology continues to advance. Therefore, given the changing nature of the problem, it is important that the legislation that we create also evolves.

I am glad that after so many years of inaction, we are finally considering legislation to address online privacy issues. My colleague, the member for Terrebonne—Blainville, tried to take action to protect Canadians' privacy back in 2012 with Bill C-475. Unfortunately, that bill, which was stricter and more effective than the bill before us although very similar to it, was voted down by the Conservatives.

The Conservatives have become very good at pretending they know how to do their jobs and protect Canadians. They are actually able to stand up in this House and lie through their teeth in saying that this is a balanced bill, and they believe that.

Online privacy and security breaches have the potential to significantly harm an individual. Protecting these rights is important for all Canadians so that we do not put anyone potentially in harm's way.

Some Canadians may feel that the bill does not affect them in their daily lives, but I can assure them that Bill S-4 would affect every single Canadian.

One part of the bill that I am very concerned about pertains to the sharing of our personal information. The bill contains a provision that would make it easier for companies to share our information without our knowledge or consent, without a warrant, and with zero oversight. It is troubling to me that there is no mechanism in place for oversight.

Do the Conservatives remember the ruling in Regina v. Spencer? I do. In this decision, the Supreme Court of Canada ruled that Canadians have a reasonable expectation of privacy online. More specifically, the Supreme Court stipulated that spyware data cannot be disclosed to a third party without a warrant.

In light of this decision, it is questionable whether certain provisions in Bill S-4 are even constitutional. There are limits on what the government can do, but the Conservatives seem to have forgotten that.

We are demanding that every clause pertaining to the warrantless disclosure of information be withdrawn out of respect for the Supreme Court ruling and the privacy of Canadians.

There is no doubt that the Conservatives have a dark past when it comes to protecting personal information, and this bill would only add to that darkness. The lack of oversight and the allowance of warrantless disclosure has led to 1.2 million secret requests from Conservative government agencies for personal information from telecommunications companies in one year alone. Under the current Prime Minister, staggering numbers like this show that something needs to change, and it starts with this bill.

The Conservatives' hesitation to accept amendments to this bill makes me question whose interests they are truly protecting. Are they protecting the interests of Canadians, who deserve to trust that their personal information will be protected, or are the Conservatives protecting their own self-serving interests?

We would like to see this bill contain a mandatory data loss or data breach reporting mechanism. However, the bill in its current form would most likely result in fewer breaches being reported. It would be up to the organization that suffered the breach to determine if the breach posed a real and significant risk of harm. Companies want to save their reputation and money, so why would they inconvenience themselves by reporting a potentially embarrassing breach of privacy that could cause consumers to lose trust in them when they could just hide it instead?

There would be no incentive to report a breach and no advantage to doing so. This is a conflict of interest that would deprive Canadians of the information that they need to make informed choices about which companies they decide to share their personal information with.

Furthermore, because of the Conservatives' inaction, PIPEDA, which is supposed to be updated every five years, is falling far behind international standards. Since the first statutory review in 2007, subsequent attempts to amend PIPEDA have died on the order paper. After this long wait to update PIPEDA, the bill would simply not go far enough to protect Canadians in this digital era. We as Canadians are getting the message that the government does not take the protection of personal information seriously.

I, along with my fellow NDP members, truly do not ask for much when it comes to this bill. We have long called for the modernization of Canadian privacy laws. They are not up to date. Instead of making it easy for companies to share our information, the government should put deterrent penalties put in place that would require or encourage these private companies to respect and follow Canadian laws. Following that, we insist that the provisions in Bill S-4 to allow organizations to share personal information without consent or a warrant be removed and that the loopholes in PIPEDA, which do the same thing, be closed.

The point of the Constitution and the Canadian Charter of Rights and Freedoms is to protect the very rights and freedoms contained within them. Warrantless access to our subscriber data and personal information most definitely poses a risk to Canadian privacy.

Modernizing the laws that govern the protection of personal protection is an important issue in the digital age. However, ramming through a bill that has huge holes, such as this bill, is not a fix that can make up for years of inaction by the current government. I urge the Conservatives to accept the amendments to this bill so that we can work collaboratively to ensure that all Canadians can trust that their personal information is being protected to the best of the government's ability.

One of the other things that was very troubling was seeing time allocation moved for the 97th time. Time allocation basically puts closure on this bill. It does not allow for all of the members to bring the views of their constituents into the House, which is one of our primary jobs.

This is the 97th time the Conservatives have done it and I can assure you, Mr. Speaker, they are not going to get the chance after October 19, because Canadians are tired. They have seen democracy and the workings of democracy crumble. These guys are going to be out.

Mr. Speaker, it is my pleasure to be here today to express my strong support for Bill S-4, the digital privacy act. This bill would make significant and long-overdue improvements to Canada's Personal Information Protection and Electronic Documents Act, or PIPEDA.

One question that has been asked repeatedly by members opposite is why the government is not amending PIPEDA in response to the Supreme Court of Canada's decision in Canada v. Spencer. They claim they cannot support the digital privacy act because the bill fails to act on this decision. Those are very strong words and it is clear that the opposition parties have not done their homework before speaking on this matter.

The answer to their question is quite simple. The government is not proposing amendments to PIPEDA in response to the Spencer decision because the Supreme Court confirmed that PIPEDA does not give the police any search and seizure powers. In fact, the whole purpose of the law is to increase the protection of Canadians' personal information.

Given the questions that have been raised around the Spencer decision, it is important that I take time today to clear up some of the misinformation. My hon. colleagues opposite do not need to take my word for it. They can always take the time to read paragraphs 71 and 73 of the decision themselves. The Spencer decision deals with a child pornography investigation carried out by the Saskatoon police department. As part of the ongoing investigation, police identified the IP address of a computer that was being used to access and distribute child pornography.

It is important to understand that the police were able to obtain the IP address simply by going online and interacting with the child pornographer, because computers make their IP addresses public whenever they engage in a file-sharing activity. With this IP address in hand, the police then asked the Internet service provider to voluntarily provide account information for the subscriber assigned to the IP address. The account information included the subscriber's name and mailing address. The police asked for the service provider's co-operation on the good faith belief that the subscriber did not have a reasonable expectation of privacy with respect to his or her basic account information, which is the individual's name and address.

With this information in hand, the police obtained a warrant to search the suspect's house, at which time a computer was seized and found to contain child pornography. Mr. Spencer was charged and convicted of possession of child pornography. Mr. Spencer appealed his conviction on the grounds that he had a reasonable expectation of privacy with respect to the account information obtained by the police. In other words, he argued that the police were required to obtain a warrant before getting his basic subscriber account information from his Internet service provider to make sure that his charter rights were respected.

In its decision, the Supreme Court found that Canadians in general have a reasonable expectation of privacy with respect to their Internet browsing habits and history. This is because the sites we visit and the online activities we engage in can reveal “intimate biographical details” about ourselves, details that we may wish to keep private. Because linking an IP address with a specific account holder enables the police to learn about and observe an individual's Internet habits, the court found in the specific circumstances of the Spencer case that the police should have obtained a warrant from a judge to collect Mr. Spencer's account information.

It is, however, important to note that because the police were acting in good faith, believing that Mr. Spencer did not have a reasonable expectation of privacy in his account information, the court did not exclude the evidence obtained by the police and Mr. Spencer's conviction was upheld.

These are the facts. It is difficult to see how this decision means that PIPEDA, the digital privacy act or Bill S-4 in some way violates the charter rights of Canadians, as the members opposite have asserted at every opportunity. This is blatantly false.

As I stated at the outset of my remarks, the Supreme Court confirmed that PIPEDA does not create any search and seizure powers for law enforcement. Nothing in the law compels companies to provide personal information to law enforcement and the digital privacy act would not change that fact.

Justice Cromwell stated in his decision, “In short, I agree with the Ontario Court of Appeal...on this point that neither...the Criminal Code, nor PIPEDA creates any police search and seizure powers”.

He said, “PIPEDA is a statute whose purpose” as set out in section 3 “is to increase the protection of personal information”. Justice Cromwell further clarified that there are clear restrictions that PIPEDA places on disclosures by private businesses to law enforcement agencies. He stated that even in child pornography cases, the circumstances “cannot override the clear statutory language of...PIPEDA, which permits disclosure only if a request is made by a government institution with 'lawful authority' to request the disclosure”.

This fact clearly demonstrates that PIPEDA prohibits unlawful disclosure unless the requirements of the law are met, including that the government institution demonstrates the necessary authority to obtain, not just simply to ask, for the information.

In addition to a warrant or court order, what might this lawful authority to obtain information include? Justice Cromwell stated:

“Lawful authority” may include several things. It may refer to the common law authority of the police to ask questions relating to matters that are not subject to a reasonable expectation of privacy. It may refer to the authority of police to conduct warrantless searches under exigent circumstances or where authorized by a reasonable law.

Justice Cromwell clearly noted that issues of disclosure and lawful authority arose in this case simply because the investigation was begun by police. This is simply not the case for private organizations. In his Supreme Court decision, Justice Cromwell wrote that, “...entirely different considerations may apply where an ISP itself detects illegal activity and of its own motion wishes to report this activity to the police”.

To summarize, this is what the Supreme Court said about PIPEDA in the Spencer decision.

PIPEDA does not provide law enforcement with any “search and seizure powers”.

Consistent with the charter, PIPEDA permits businesses to disclose personal information to law enforcement without consent in only the following circumstances: law enforcement have a warrant or a similar court order; the information is required to address an emergency, such as information that is needed to stop a crime in progress that threatens someone's life; the law enforcement agency is acting pursuant to a specific law that gives it the authority to obtain private information without a warrant; in response to a routine inquiry by law enforcement regarding information for which there is no reasonable expectation of privacy; or the organization, on its own initiative, provides the information to police to report a crime.

Clearly, the Supreme Court did not find any part of PIPEDA unconstitutional.

I hope that with this clarification, all hon. members will join us in supporting the digital privacy act Bill S-4, the digital privacy act, in ensuring that Canadians' personal information is protected.

Mr. Speaker, we know that Canadians are very much concerned about the digital era. There are many corporations and companies worldwide, let alone in Canada, that collect a lot of valuable information and we should be concerned about that, as we continue to go on the Internet and the compilation of information continues to grow by leaps and bounds.

If the member believes that this is such an important issue, why did it take the government literally months away from an election to start bringing the bill back to the House? Nor was it even initiated by the House of Commons, rather the Conservatives chose to have the Senate initiate the legislation. This tells me that the Conservatives are not concerned about the issue of privacy for Canadians in the digital era.

Mr. Speaker, I reject the premise of that question. My friend from Winnipeg North knows that the House has been very busy, that we do have two bodies in Parliament. We are a bicameral system and sometimes legislation starts in the Senate. This is a bill that was started there. It went through three readings and committee study. We brought it here and had committee study here. Now we have brought it here for second reading with all the considerations and evidence already presented to the House committee on the bill.

It is important that we get together and make sure that we study this. I want to assure the member that we do take this issue very seriously. The digital privacy of Canadians is very important to us and that is why we made sure in the bill that there are more powers for the Privacy Commissioner to ensure that digital privacy is respected, not just by government departments, but by everybody in this country.

The hon. Parliamentary Secretary to the Minister of National Defence will have three minutes remaining time for questions and comments when the House next resumes debate on the question.

Now we are going to statements by members, the hon. member for Bas-Richelieu—Nicolet—Bécancour.

Mr. Speaker, before I begin my remarks on the bill, I would like to pay my respects to the members of the House who rose today and shared personal experiences regarding the Truth and Reconciliation Commission, which reported today. Many of their words were heartfelt and were received that way. The House has work to do and I commit on behalf of my constituents to share in that journey and in that work. It is important work that lies in front of us. Not all of us will get a chance to speak to it today, so I wanted to be on the record with those comments.

Regarding the legislation that sits in front of us, this is yet another piece of legislation that toys with privacy and the impact of changing privacy rules. There have been several in this session of Parliament. Taken in isolation, they all creep toward something that is making more and more Canadians worried about their privacy and the security of their private data, wondering what the true motive of the government is when we take all of the items in concert.

There are ways of rationalizing and accepting, and even valid criteria to act upon in changing the privacy rules around data, but what seems to define the legislation and much of the actions of the government is that each and every one of those pieces of legislation is rushed through. Careful consideration of the impacts that are proposed are almost never part of the consideration, never reflected in amendments, and never reflected in the refinement of rules.

This latest legislation was presented to the House, then presented and pushed through committee and re-presented to the House as perfect from the get-go. I have covered politics most of my life. I have been around legislative processes in all three levels of government in our country and I have never seen such arrogance around the notion of presenting perfect legislation. The record of the government having its rules and regulations tested by the Supreme Court ought to give it pause for consideration, that when wise individuals and learned groups appear before committee and point out glaring mistakes, omissions or concerns there never seems to be a capacity to listen, only to soldier on.

While perhaps I respect the tenacity of the government on these files, errors are being made that put people at risk. However, what it really does, and I think this has been seen in the last part of the session, is that Canadians do not trust the government with their privacy anymore. It leads to speculation, worries and even paranoia, to the point where the faith in the government has disappeared. That is a concern.

In many of the omnibus bills is the kernel of a good idea, of a legitimate process, but it gets obscured by the omnibus nature of some of these bills, by the vagaries of some of the language, and by the intransigence and stubbornness of committee members and members of the opposite party to sit there, to listen, to take input, to make amendments, and to make a good idea a better idea, which is the role of Parliament. It astounds me that the government seems to think it gets it right the first time, every time. I have never seen that in any government. Any government that has that much self-assurance really ought to stop and consider whether it is acting in the best interest even of itself.

One of the dynamics here is that there seems to be this belief that the private sector is acting in the interests of the private sector, that it has the best interests of private individuals at heart. If the government truly believed that surveillance, the sharing of information, and the distribution of that information to third parties was such a wise way to go and was part of the argument toward stronger public safety rules and regulations, imagine if we were not talking about metadata right now and talking about rifles instead. The government would never tolerate, in fact has never tolerated, this kind of tracking, intrusion and data banking of people's information about something which is really dangerous, such as a gun. Yet when it comes to private information, it lets it go this way, that way and every way. It clamps down on the very same individual rights and privileges of people with their data. It will release that information and share it willingly, but will not do it when it comes to guns. There is a contradiction there that does not make sense.

There is a balance that needs to be struck. We hear about that balance all the time around various other debates, but when it comes to sharing information, it seems to go out the window. We have a party that on the one hand says we cannot share any information about who owns weapons in this country, but on the other hand says that we can go into anybody's computer and distribute that information as widely as we want in the name of public safety.

If the party opposite could reconcile that contradiction for me, I would be happy to listen to the arguments. However, from my perspective, we need a balance in both of those issues, and that balance has not been achieved in either one of them. In large part, that is because the paranoia with which the government pursues one file is coupled with a complete lack of trust on another file. As I said, it is contradictory and does not make any sense to me.

The other issue that crops up again and again is the government's inability to orchestrate proper civilian oversight of the changes it is making. Just as it has no doubt about the legislation that it introduces and believes it to be perfect from the word go, the government never seems to think that there is a need to review and be perpetually vigilant about where the legislation may be going off track or delivering results that were not intended or expected. There is no oversight about how this information is being shared or how the agencies that are pursuing, sharing, or developing it are conducting themselves.

The absence of this oversight on so many files tells me another thing. It tells me that the government does not trust civilians as much as it trusts itself. That, at the heart of the legislation, has to raise concerns on the opposite side. Either we trust people or we do not. The government does not trust the opposition. It does not trust ordinary Canadians. Half of the time it does not even trust the courts to provide this oversight and review and to check the government against its own mistakes.

Parliamentarians are human, and they make mistakes. We all have to correct each other, and if we do not build that into legislation, particularly into privacy legislation, we fail each other. That is one of the reasons that, despite there being some good in this bill, on balance it fails.

The bill fails in two regards. In fails in that it would not create a consistent approach or a collaborative effort to create better legislation, which worries us. It also fails because it would once again fail to bring in a mandatory and processional review of how this legislation is performing. Without those checks and balances, the legislation leads to Canadians worrying that their government is not protecting them. Those worries take Parliament, the respect for Parliament, and the respect for the rule of law into places that they just should not go in a modern democracy.

For those reasons, my party and I will not be supporting this bill.

New powers require new responsibilities, and the best way to make sure that they serve both the public and private interests of individual Canadians is to make sure that Canadians have oversight of these rules and regulations. Once again, that is absent from this legislation, even though experts who appeared before the government in committee urged that it be there. That is a failing, and it is a failing that has ramifications far beyond this bill.

Mr. Speaker, I wonder if the member might provide further comment regarding the importance of the government getting legislation of this nature right. We have a continual reliance on and growth in the Internet, where private information is becoming more and more prevalent and corporations and other types of agencies have large data banks where they accumulate all sorts of personal and non-personal information about Canadians.

There is a role for the government to play, but it is absolutely critical to ensure that information is protected and that individuals' rights pertaining to their information are also protected.

Mr. Speaker, there is an old saying that the pen is mightier than the sword. The government is sometimes more afraid of the pen than it is of the sword. We can see that in its approach to managing the firearms issue in this country.

When it comes to information, it is completely paranoid. It wants to track every computer, it wants to look into every set of data, it wants to use that data, and it wants to share that data as widely as possible.

I would suggest that there is a need for balance here. Just as there are legitimate reasons that someone might want to track data and just as there are legitimate ways in which someone might do that, with checks and balances in place to make sure that private individuals' rights are protected, the same care should be used when it comes to the sword as it is with the pen.

What I find funny about the government is that it does not care where the weapons are in this country, but it really wants to know what people's thoughts are. When it comes to that, what we are thinking as a group of libertarians is somehow more dangerous than what we are doing. I find that very strange in a government that claims to be on the side of the individual. It is not. It is tracking them. It is not taking care of that information, and when it comes to checks and balances, it is missing in action.

Mr. Speaker, I listened to my Liberal colleague's speech.

He said he is extremely concerned about protecting Canadians' personal information. However, his party voted in favour of Bill C-13, which represents a major threat to protecting Canadians' personal information. He himself voted in favour of Bill C-51, which truly poses serious risks to personal information protection, since it allows our personal information to be shared among a number of government agencies without any parliamentary or judicial oversight. It is very disconcerting.

I am confused. Does the hon. member want to protect personal information or is it not as important as all that?

Mr. Speaker, I thought the member could hear from my comments that it is never an either-or total proposition. There are changes that are constantly required to protect public safety, just as there are changes constantly required to protect the public's charter rights. We rely and depend heavily on our courts to protect those charter rights.

In the situation of the legislation that was referred to, sometimes there are elements in an omnibus bill that one supports and other parts one fights to change. One continues to work toward the change.

I will give an example. Civilian oversight to me is a fundamental principle. I know there is a private member's bill before the House that advocates for civilian oversight of security forces. What we could not achieve through committee we are going to continue to fight for in the House, and we will continue to fight after the next election as well.

Yes, there are ways of framing an issue as being perfectly black or perfectly white, perfectly this or perfectly that, but when it comes to public safety, public charter rights, and the way in which we guard our civil liberties, it is a nuanced position that is constantly being evolved and crafted.

I share the concerns of the opposition party down the aisle on this issue. We cannot simply let legislation lie still and hope it defends rights. We must constantly re-evaluate it. There must be sunset clauses in provisions like this one. There must be civilian oversight.

As parliamentarians we need to agree where we agree and disagree where we disagree, but we must never lose sight of the fact that constant vigilance on this file is the only way it is going to be made right. Having an independent judiciary is fundamental to that as well. Those are the principles I think we can agree on while we sometimes disagree on specific parts of specific legislation.

Mr. Speaker, I am pleased to rise in my place today to express support for Bill S-4, the digital privacy act, which was first introduced in April of last year. The digital privacy act would make important changes to Canada's private sector privacy law, the Personal Information Protection and Electronic Documents Act, or PIPEDA, to better protect the privacy of Canadians.

I would like to spend my time highlighting the measures in Bill S-4 that are designed to better safeguard the privacy of minors and protect vulnerable members of our society. In our modern digital economy, it is absolutely critical that we make sure our children have safe and secure access to online resources.

Being digitally literate is no longer merely nice to have; it is now a necessary prerequisite for young Canadians, whether to be successful in school or to find their first job. In fact, a recent survey revealed that in 2013, 99% of Canadian students were able to access the Internet outside of school.

While there are many benefits to being digitally connected, going online can also expose our children to risks. As we have unfortunately seen, young people can become targets of online intimidation and abuse. Our government has acted to protect our children from cyberbullying and other similar threats through Bill C-13, the Protecting Canadians from Online Crime Act. This bill, which came into force on March 9, 2015, ensures that all Canadians can freely access the Internet without fear of victimization.

Bill C-13 protects children and adolescents from online predators and exploitation. Provisions of the bill permit and empower the courts to penalize those who harass, intimidate, exploit, or threaten others online or through telecommunication devices. In other words, Bill C-13 serves to counter cyberbullying in Canada.

The Government of Canada takes cyberbullying very seriously and supports a no-tolerance framework. In January 2014, our government launched the anti-cyberbullying national awareness campaign called Stop Hating Online, which raises awareness of the impact of cyberbullying and how this behaviour amounts to criminal activity.

We have also taken further steps to protect children from online predators. Our government has invested $14.2 million a year through the national strategy for the protection of children from sexual exploitation on the Internet. In addition to Bill C-13, our government has implemented other concrete measures to keep young Canadians safe online and in their communities. Such measures include increasing the maximum penalties for luring a child online, strengthening the sentencing and monitoring of dangerous offenders, and strengthening the sex offender registry, to name only a few. All of these initiatives align with our government's commitment to stand up and protect Canadians.

Bill C-13 was introduced to provide a safe and secure environment for Canadians online, and the digital privacy act seeks to accomplish this as well. In this rapidly growing digital world, we must be aware that going online can expose vulnerable Canadians to privacy risks. For example, minors can be subject to aggressive marketing tactics or can have their personal data collected and shared without them truly understanding what is being done and the potential long-term privacy consequences.

To address this concern, the digital privacy act includes an amendment to clarify requirements for the collection, use, and disclosure of personal information. Specifically, the bill clarifies that when a company is seeking permission to collect, use, or disclose personal information from a group of individuals, such as children, it must take the necessary steps to ensure that, as a group, these individuals are able to understand what would happen to their personal information. In practice, this means that the organization's request for information must be presented in a clear and concise manner and must be appropriate for and easily understood by the target audience. This includes making sure the wording and language used in the request are age-appropriate.

Let me take a minute to give an example explaining to the members of the House how this would work. Let us say that an online service designed for children wishes to gather information about who visits their site. In order to seek consent, the company would be required to design and present its request to collect, use, and disclose information using language that a child could reasonably be expected to understand. If a child could not be expected to understand what the website seeks to do with their information, the child's consent would not be valid. As a result, consent from a parent would need to be sought.

The Privacy Commissioner expressed his strong support for this amendment when appearing before the standing committee. This is what the Privacy Commissioner said:

I think with the clarification that Bill S-4 provides, it is a useful clarification of what consent is, and it has the potential of improving the situation for the issue of consent sought from children....

There are additional amendments in Bill S-4 that are also designed to better protect the interests of other vulnerable individuals. I would like to bring to the attention of hon. members two particular amendments that would allow information to be more easily shared in emergency situations.

The first of these amendments would allow organizations to share personal information in order to contact a family member of an injured, ill, or deceased individual. The importance of this amendment was well summarized by the representative of the Canadian Pharmacists Association in her appearance before the standing committee when she said:

Pharmacists, as well as any health care provider, may find themselves in the difficult situation of having to deal with patients who may be severely ill, unconscious, or incapacitated for any number of reasons. In such circumstances it may be imperative for the pharmacist or other health professional to immediately contact family members or next of kin to inform them of the patient's condition, or to seek valuable information on the patients' medical history. But seeking permission or consent to contact those individuals in advance may simply not be reasonable nor in some cases possible. This clause would provide pharmacists and other health care providers with the comfort and knowledge that in the case of a severe health emergency they will not be in contravention of PIPEDA for acting in the best interests of their patients by contacting next of kin or authorized representatives.

The second of these amendments would allow information to be shared in situations such as accidents or disasters, in order to assist in the identification of injured, ill, or deceased individuals. For example, this would allow dentists to provide an individual's dental records to authorities in order to identify victims of a natural disaster.

These two amendments are clearly in the public's interest and are long overdue.

The government is committed to protecting the privacy of Canadians. The digital privacy act would take necessary actions to protect the most vulnerable members of our society, including children.

Mr. Speaker, I very much appreciate the comments of my colleague from Elmwood—Transcona on this very important act.

I wonder if the member could expand on exactly how our government is helping to protect Canadians' personal information by mandating that organizations inform their clients when personal information is lost or stolen.

The reason I ask is that I know the people I serve in Winnipeg South Centre are very concerned about this issue, and so I would like to know what we are doing on it.

Mr. Speaker, it is very important that we have this protection and the mandating of organizations to inform their clients when their information has been lost or stolen. It is critical that Canadians know if their personal information has been lost or stolen, so they can take the necessary actions to protect their privacy going forward.

Organizations would have to tell individuals what steps they need to take, and would also guide them through the process and the actions they need to take to make sure of their credit card PIN, for example, or email password, if that had been compromised. They would not only have this ability but would be walked through the steps necessary to protect their privacy. This is very important.

It should also be noted that organizations that do not comply with this measure would face some very significant penalties—up to $100,000 for every individual they fail to notify. Obviously, this would make corporations and organizations very aware of the fact of keeping this information private in the first place, because they do not want to be facing fines of $100,000 each. That can add up very quickly if they have the data or information of many Canadians compromised in their system.

Mr. Speaker, I am less interested in the speech that my colleague was given to read into the House of Commons today and more interested in hearing his views about the fact that the bill is labelled “S-4”, which means it did not originate in the House of Commons; it originated in the Senate.

In my view—and I would like the view of the member for Elmwood—Transcona, to see if he agrees with me—senators have no legitimate right to introduce legislation. No one elected them to be legislators. In fact, they are appointed, usually because they were good fundraisers on behalf of their party. They were hacks and flacks and fundraisers, and they get rewarded with this lifetime sinecure in the other place.

For God's sake, how did we ever get to the point where we are debating legislation that they have developed? How have we slipped to this, in the status of our parliamentary democracy, that it is the House of Commons' job, that the elected representatives, the duly, democratically elected representatives in the House of Commons, have to end up debating legislation that was put together by a bunch of unelected, undemocratic, and under indictment half the time, senators?

Does he agree with me that there is something fundamentally wrong with this picture? Will he stand up on behalf of his elected colleagues in the House of Commons and say the bill has no legitimate right to be in the House of Commons, never mind the points he was making about its relative merits?

The hon. member for Elmwood—Transcona has just about a minute.

Mr. Speaker, I am not quite sure whether it is a question. It sounded like quite a long rambling commentary of somebody who has been in this House for a long time and should have a clear understanding of the rules and how the rules in this House and in Parliament work.

If he still has not understood that after these many years, I do not think that in the minute you have given me, Mr. Speaker, I am going to be able to educate him on that.

With respect to the bill, though, this is a bill that is very important. I did outline in my statement some of the great things it would do to protect our young people and the vulnerable in our society, and I will continue to support any legislation that would protect the vulnerable in my riding of Elmwood—Transcona

Mr. Speaker, it is my pleasure today to rise and speak to Bill S-4.

As my colleague mentioned a couple of minutes ago, I too have very serious concerns that here we are in a parliamentary democracy with elected MPs sent here by their constituents to do the work of Parliament, and Conservatives have brought forward a bill introduced by the unelected Senate. It sort of begs this question. What was the real agenda behind doing this? Was it to fast-track it? Was it to try to give the Senate some sense of credibility as it goes through some very difficult and challenging times?

Nevertheless, it is about process, and now that I have made my point, I also want to make the point that in Parliament, as my colleague across the way pointed out, there is a natural rhythm as to how bills are introduced in the House and debated. The government, in its wisdom, first took a Senate bill instead of spending the time, of which it has a lot, to bring forward its own bill. It took a Senate bill and, even before second reading, basically declared that it was not willing to accept any amendments, which really makes one wonder what the purpose has been behind a lot of legislation.

Now I know that my colleagues across the way have an allergy to evidence, science, and data and do not really like listening to all the expert witnesses that are flown in to appear before committees. The interesting thing is that even before they heard from those witnesses, they started to make comments such that they did not want to accept any amendments because if they did, the bill would have to go back to the Senate. It does not seem to me to be a good reason to bring forward legislation that is poorly thought out.

I am not saying it is not needed. It is.

As a matter of fact, my esteemed colleague from Terrebonne—Blainville introduced Bill C-475, which would have actually addressed many of the concerns that Canadians want addressed. That is an example of a well-thought-out bill that would not overreach but would actually do the job that is needed, which is to modernize our code of conduct around personal information. With the advent of electronic and digital media, we absolutely need some changes.

Getting back to the bill, once again, it is a process that is flawed. Experts came forward and gave testimony. I sometimes wonder, if the government's mind is already made up that it is not going to accept any amendments, what the purpose is of flying in experts to present their testimony. To me, that is the highest sign of disrespect. It basically says the government has already made up its mind, but just to make witnesses feel better, it will hear from them. That is really bad form.

Here is something else. The NDP put forward 18 amendments, well thought out and researched, supported by the evidence that was presented and by experts; and other people presented 14 other amendments. True to their commitment or the bizarre statement before the bill got debated, there were zero amendments accepted by my colleagues across the way. So much for committees working with consensus.

I have often heard ministers from the other side of the House say they have to rush things through the House because at committee stage experts will be heard and that is when we get to have the really meaty debates. I have never bought that, and evidence bears out that it is not how committees work. Despite hearing expert witnesses and hearing from the opposition, the Conservative government accepted zero amendments, and that says a lot about the process.

Now the bill is back in the House, and we are debating it, but once again, there is time allocation. The government could have moved on the bill over the last number of years, but it chose not to. Here we are in the last three weeks, when suddenly the Conservatives have rediscovered that they had better do something. After all, it is election time. They are now moving time allocation to prevent the Canadian public from knowing what is really in the bill. One way to do that is to limit and shut down debate, which seems to be a very common move by the government.

Here are some facts and figures. The Conservatives made 1.2 million requests to telecommunication companies to obtain Canadians' personal information in just one year. Some 70% of Canadians feel less protected today than they did 10 years ago. With this bill, they have reason to feel even more concerned and worried, because now there are all kinds of loopholes in the bill whereby their information can be shared way beyond the person they give it to.

Some 97% of Canadians say they would like organizations to let them know when breaches of personal information occur. That is reasonable, but if companies are giving away data themselves, I personally see that as a breach, because they have breached my trust, because I gave the data to them. We have some concerns around that as well. Some 80% of Canadians say they would like the stiffest possible penalties to protect their personal information, and 91% of respondents—not 51%, not 41%, not 21%, but 91%—are very or extremely concerned about the protection of privacy. It seems to me that the government should be paying some attention to what Canadians are feeling and their fears.

There was also a Supreme Court ruling, on June 13, 2014, pertaining to the sharing of personal information. The Supreme Court stipulated that subscriber data, including name, address, email address, phone number, ID address, et cetera, cannot be disclosed to a third party without a warrant. In light of this decision, the constitutionality of certain provisions in Bill S-4 is questionable.

I am sitting here thinking that a government that really wanted to do due prudence would actually pay attention to the fact that the Supreme Court had made a ruling. Despite that ruling, we did not see any amendments from the Conservatives, nor were they willing to accept any of ours, which really lets me know that to pander to their friends, they are willing to sell out Canadians, they are willing to ignore the Supreme Court ruling, and they are burdening hard-working taxpayers with future challenges in the courts, because that is where this will certainly end up.

The NDP believes that Canada needs a mandatory data loss or data breach reporting mechanism based on objective criteria. We are not the only ones who are saying that. Witness after witness said that we need the Privacy Commissioner to have some powers over this.

Huge companies get our data through nefarious means, some of them very innocent, like when we pay bills with a credit card. They not only get what we paid and where we bought something but all that micro-targeting information can now be moved on to other companies when a company deems fit. To me, that is just not acceptable.

I would urge my colleagues across the way to not ignore Canadians or the Supreme Court ruling. Let us make sure that we address the deficiencies in this bill.

Mr. Speaker, I thank my colleague for her speech on defending privacy and people's personal information.

Through Bill S-4, the Conservatives are making a third attempt at talking about privacy protection, but they missed the mark yet again. As my colleague pointed out, the opposition parties, including the NDP, proposed a number of amendments, but the Conservatives categorically rejected them all.

Some of the amendments would have prevented companies from determining whether or not privacy has been breached and whether or not complaints should be addressed. We want a third party to take care of this in order to keep the process transparent and effective.

We are also calling for the Federal Court decision to be complied with so that information shared between companies is better protected and Canadians' personal information cannot be shared without their permission.

Bill S-4 does not do any of that. We are talking about a very serious breach of privacy. The current Privacy Commissioner raised some concerns about this. This bill still has a number of major flaws.

I would like my colleague to comment on that.

Mr. Speaker, I want to thank my hard-working colleague for the very thoughtful question. There is nothing more important than one's private information. There is some information people just do not want to share with other people. We have insisted on removing the provisions in Bill S-4 that would allow organizations to share personal information without Canadians' consent and without a warrant. We have also said that there are loopholes in this bill that need to be addressed. We tried to address them with amendments, but of course, we were ignored.

However, we are not the only ones who are saying that. Here is a quote from Michael Geist, who is a law professor at the University of Ottawa:

the broad provision that we have here opening the door to massive expansion of non-notified voluntary disclosure without any of the kinds of limitations that we typically find even the courts asking for should be removed.

He has also said:

While the government has claimed that this provision should not concern Canadians, the reality is that the broadly worded exception will allow companies to disclose personal information to other companies or organizations without court approval.

It is a lack of transparency, a lack of disclosure, and a lack of reporting requirements and believing that these companies can police themselves. Surely we have learned lessons from other situations. There are some glaring omissions in this bill, and they should be addressed.

As a matter of fact, Michael Geist even says, “[This bill] is both not well studied and ought to be fixed. Canadians deserve better”.

Mr. Speaker, it is important to me that anyone watching this debate today keep in mind that there is nothing normal about the way the Conservatives ram through their aggressive legislative agenda.

First, there is nothing normal about the House of Commons debating a bill that originates in the Senate. There is nothing normal about the Conservatives moving closure on every single piece of legislation they introduce. Sometimes the same day they table the legislation, they move closure on the legislation.

It undermines everything that is good and decent about our parliamentary democracy to see these guys systematically strip down all the checks and balances, all the controls put in place to make the Westminster parliamentary democracy one of the best systems in the world. It should offend the sensibility of anyone who calls himself a democrat to realize that these guys have not allowed a single amendment to a single piece of legislation in the entire 41st Parliament. They do not respect Parliament.

I want any Canadian tuned in today to know that this is not normal. This will not be tolerated. We have to restore everything that is good about our parliamentary democracy and stop the current Conservative government in its tracks before it does more irreparable damage and harm.

Mr. Speaker, I absolutely agree. Ditto.

Mr. Speaker, I am pleased to rise in the House today to speak to a bill, perhaps for the last time in this 41st Parliament. I would like to thank the interpreters, who have helped us so much these past four years, as well as the team of clerks and pages and everyone who supports our work every day.

In the digital age, privacy is extremely important. It often feels as though I have a clone that is wandering around computer networks with information on my life, my past, my present, my sexual orientation, my purchases, my consumption and my travels. All of these data are like a twin over which I have no control. That is a problem.

Unbeknownst to me, my twin goes from company to company, government agency to government agency. No one will inform me that an agency is using the information my clone carries to determine how it will approach and deal with me.

A number of distinguished analysts who testified obviously told us that this bill could be challenged by the Supreme Court. The court recently ruled that a warrant was required to access the personal information and IP addresses of customers of Internet service providers. It is therefore highly likely that a number of provisions in this bill will be challenged by the Supreme Court.

The Conservative government has a strange relationship with the Supreme Court. This will not be the first time that a bill has ended up before the Supreme Court. Under the Conservative government, we have gotten used to seeing bills that, according to experts and parliamentarians, violate our charters and our laws. These bills risk being challenged by the Supreme Court and, in fact, they are being challenged. The government has suffered many defeats, and yet again it is risking being put in its place.

Introducing these constitutionally weak bills is a real waste of time. How insulting it is to the intelligence of the members of this Parliament and the members of civil society who give their input on these issues. What contempt it shows for our institutions and the Canadian Constitution.

The Conservatives have botched the drafting of dozens of bills. Take Senate reform as an example. Everyone knew that that measure would be declared unconstitutional, because 50% of the population would have had to agree, but the government went ahead with the measure anyway.

As for the appointment of Justice Nadon, everyone said that it would not work. The appointment was challenged, and Justice Nadon was ineligible under the Supreme Court Act. The matter still had to go to court, but everyone knew how it would end. Once again, it was an insult to the intelligence of parliamentarians and the experts who were advising us.

Another example is the repatriation of Omar Khadr. Two Federal Court rulings and a Federal Court of Appeal ruling ordered his repatriation, but the government still took the matter to the Supreme Court. What happened? The Supreme Court of Canada upheld that young man's rights and even said that they had been violated since he was captured in 2002. The government's attitude puts it at odds with civil society, the opposition members and the Supreme Court.

We told the House that mandatory minimum sentences were not constitutional. The government pushed ahead anyway. What happened? The Supreme Court said that the opposition was right and that these sentences were not constitutional. The Federal Court of Appeal had come to the same conclusion, but the government did not listen to that court.

The government tried to close safe injection sites by passing a law. What happened? The Supreme Court found that the site in Vancouver could continue to operate without the risk of criminal prosecution. The government's refusal to grant an exemption to InSite violated the right to life guaranteed in the Canadian Charter of Rights and Freedoms. This once again showed the Conservative government's contempt for our institutions, the Canadian Constitution and the Canadian Charter of Rights and Freedoms.

The Conservative government also lost its case before the Supreme Court regarding the retroactive application of the Corrections and Conditional Release Act. It was not constitutional to do away with accelerated parole review. Those who challenged it were granted parole. The NDP told the House that the measure would not work and that it violated the Canadian Constitution and the Canadian Charter of Rights and Freedoms. The government did not listen. It went to the Supreme Court and lost once again.

Another case that the government lost before the Supreme Court is the case regarding the Canadian securities commission. We told them that setting up a Canada-wide commission would not work since that is an area of provincial jurisdiction. The government did not listen to us and said that it was going to set up the commission anyway. The government went to court and the Supreme Court told the government exactly what the opposition had told the House. What is more, the Supreme Court suggested that the government take a co-operative approach. This government has failed to co-operate with the provinces, as we have seen with the TFSAs in the latest budget. By 2080, that measure will cost the provinces $34 billion. Did the government discuss that with the provinces? Did it seek to co-operate with them? Not at all.

I am getting to my last and main point: Internet users' privacy. The issue is whether searching through people's personal information is lawful or not. I am reiterating this because the government has to understand that it cannot use any pretext whatsoever to search through people's personal information: the police need a warrant to obtain the name, address and telephone numbers associated with a subscriber's IP address. The Supreme Court has told the government that.

We are debating Bill S-4, which could still go to the Supreme Court. How do we know? We listen to the experts. Not all members claim to be experts in law, computer issues and general issues that apply to data management. People appeared before the different committees, in the Senate and the House of Commons, to explain why the current version of this bill is weak. We spoke about Michael Geist earlier. In his testimony, he said that although the government claimed that Canadians should not worry about this provision, this exception will let companies share personal information with other companies or organizations without the court's authorization. That is one of this bill's flaws. He added that the failure to require transparency, disclosure and accountability with respect to the communication of information without a warrant was a glaring omission in this bill.

This is not the first time that we have told the Conservatives that their laws are flawed. They are unconstitutional. Here again, provisions will be struck down by the court. Why not fix this now? Why waste time, money and energy in the Supreme Court just to be slapped on the wrist again? The Conservatives have been slapped on the wrist 10 times by the Supreme Court. They may want to continue. Perhaps systematically going against Canada's Constitution and the Canadian Charter of Rights and Freedoms is part of their political agenda. That seems to be the case. The Conservatives do not like the Canadian Charter of Rights and Freedoms, because in the case of the 10 laws that I mentioned, the Conservatives went against the charter.

Is there someone who can read it and interpret it properly? Why not listen to the opposition once in a while?

Mr. Speaker, I want to inform my colleague that the Supreme Court specifically noted that PIPEDA does not give any special search and seizure powers and that information can only be shared with law enforcement when it is legally able to be requested and obtained.

I also want to let the member know that in every meeting of the industry committee, I was in attendance. I chair that committee. I heard witness after witness. Each witness had differing opinions about some aspects of the bill, but when asked by my colleagues on the committee, all of them said that they would prefer to have the bill pass and move forward and have some kind of update on PIPEDA.

I wonder if my colleague might consider what all of the witnesses said. They said they would like to see the bill move forward, and it would obviously come back to the government with more improvements later.

Mr. Speaker, parliamentarians are concerned about how personal information is handled, and what I read in the testimony in no way reflects the opinion that the hon. member just expressed.

We demand that the government withdraw the provisions in the bill that allow companies to share information on subscribers without a warrant and without their knowledge or consent because the constitutional validity of those provisions is dubious and they are a threat to Canadians' rights and privacy protection. That is what we want.

Mr. Speaker, I thank my colleague for his speech.

I would like him to comment further on the government's attitude toward the opposition's ideas given that the government rejected all of the amendments the opposition put forward.

We warned the government of the dangers inherent in various bills studied by various committees over the past four years.

Can my colleague comment on the government's marked tendency to reject all ideas from parties other than its own and the threat such an attitude can pose to the constitutionality and effectiveness of the bills introduced and debated in the House?

Mr. Speaker, I thank the member for his question. I would like to commend him for the excellent work he is doing in his riding, as well as the member for Terrebonne—Blainville if I may, who also helped us understand this very complex, multi-faceted bill.

The Conservative government likes to provoke the opposition and the Supreme Court by always pushing the limits imposed by our institutions. The Conservatives always think they are right. They are blinded by their ideology, which also makes them immune to any arguments presented by experts in various domains.

It is no coincidence that the Conservatives have made huge cuts to the sciences since 2011. They do not like to hear the opinions of experts; they would rather hear an opinion that lines up with their ideology.

However, it does not always work that way in the real world, which is fortunate, because we have institutions that are stronger than the Conservative Party of Canada.

Mr. Speaker, I am pleased to have the opportunity to speak to Bill S-4, the digital privacy act. The bill would make significant improvements to Canada's private sector privacy legislation, the Personal Information Protection and Electronic Documents Act, or PIPEDA.

One aspect of the digital privacy act that has not received a lot of attention is how the bill would help reduce red tape for businesses. Reducing red tape for Canadian businesses saves money and helps encourage greater investment in our economy. I would like to focus my comments today on these important changes.

We must always bear in mind that strong privacy legislation is not just good for everyday Canadians; it is also good for businesses. In our rapidly evolving digital economy, personal information is becoming increasingly valuable, creating tremendous new opportunities for businesses to innovate and develop new products and services.

Canadians will not provide their private information to businesses if they do not trust that it will be protected. At the same time, if the rules are too cumbersome and complex for businesses to manage and show no clear benefit to consumer privacy, then companies will struggle to implement them. It is for these reasons that the digital privacy act proposes a number of common sense changes to help businesses protect privacy in a way that does not hinder their ability to conduct business.

All of these changes make sense. They were all identified by the Standing Committee on Access to Information, Privacy and Ethics when it conducted the first statutory review of PIPEDA back in 2006. Businesses have been waiting a long time for these changes, and it is important that we move now to implement them. I would like to briefly touch on each of these important changes.

The first changes are in relation to business transactions. Currently, if a company wants to examine personal information as part of its due diligence—for example, if a business is thinking of buying a magazine and would like to look at the list of current subscribers—it first needs to obtain the consent of each individual subscriber. This requirement not only presents a tremendous burden for the company but is also often impractical, given the confidential nature of most prospective business transactions.

Bill S-4 fixes this problem by creating an exception to the requirement for consent that would allow businesses to share information in this context. This must be done in such a way that the privacy interests of those involved are protected.

Under the digital privacy act, information could only be shared for the purpose of assessing the feasibility of the transaction. If the transaction did not proceed, the information would have to be destroyed or returned. If the transaction did proceed, then the individuals would have to be informed.

This amendment would implement a recommendation made by the standing committee during the first statutory review and is modelled after a similar exception that is currently in place in Alberta and British Columbia under their private sector privacy laws.

In addition, the amendment has widespread support among stakeholders. Ms. Éloise Gratton, a lawyer with the Borden Ladner Gervais law firm, appeared before the Standing Committee on Industry, Science and Technology. She said:

I offer my support to two important provisions in the bill: mandatory breach notification and business transaction exception.

The next important amendment I would like to highlight is the change to how business contact information is dealt with under PIPEDA. Currently, certain types of business contact information are not defined as personal information. Specifically, a person's business title, address, and telephone number are not considered personal information and are therefore not regulated.

As was pointed out during the first statutory review of PIPEDA, this would present an obvious problem: only a few bits and pieces of information are considered to be business contact information under PIPEDA. A person's work email address or fax number or their LinkedIn account or a business Twitter handle are all considered personal information.

The digital privacy act would correct this problem by creating a technology-neutral definition of “business contact information”. It would do this by being inclusive of all types of communication points of contact, such as social media applications like Twitter and LinkedIn. With this change, a sales manager would now be allowed to share an employee's work email address with a client without having to get permission first. This would create a better balance between protecting privacy and allowing information to flow in a digital economy. At the same time, the act would continue to protect business contact information if it is used outside of a business context.

Another important amendment in the digital privacy act would be the clarification around the rules for when someone's personal information is included in their work product. An example would be when a garage mechanic signs off on a vehicle's inspection or a work estimate. The fact that the mechanic signs off on the estimate would mean that it now contains his personal information.

Currently, under PIPEDA, a business must obtain an individual's consent to use or share any work product he or she creates if it contains the individual's personal information. Again, this seems like a rather silly and unnecessary bit of red tape. Bill S-4 would fix this problem by ensuring that businesses can use their employees' work without getting the employees' consent.

Finally, the digital privacy act would ensure that insurance companies can use witness statements when assessing or processing any insurance claim. Witness statements provided to the police or other investigating authorities may contain personal information. For example, if I were to witness someone running a red light that results in a car accident, my statement to the police would include personal information. Currently, under PIPEDA, an insurance company processing any claims for the accident would need to get the consent of anyone named in my witness statement in order to use it. Such a requirement would create the potential for someone who breaks the law to use privacy as a shield to avoid responsibility for his or her actions.

The digital privacy act would fix this problem with an amendment that would enable an organization to obtain a witness statement without having to obtain the consent of an individual whose personal information is contained within it. However, this experience would only apply when the information is necessary to assess, process or settle an insurance claim.

In addition to strengthening privacy protection in Canada through measures like mandatory data breach reporting and stronger enforcement powers for the Privacy Commissioner, which had been discussed extensively in this place, the digital privacy act would also make a number of important changes that would cut red tape for Canadian businesses.

I hope hon. members will join with me in supporting a balanced and carefully considered bill that would dramatically improve Canada's privacy law.

Mr. Speaker, the NDP is entirely supportive of the need to update our privacy laws, especially in the digital age, when we frequently share our private lives online. However, something about this bill really bothers me, which is why the NDP will not be supporting it.

Unfortunately, although the bill is called the digital privacy act, some of its measures actually work against privacy by opening the door to more sharing of personal information among organizations, on a voluntary basis, without the knowledge or consent of the individuals in question. The Privacy Commissioner even raised some concerns about this. This will really open the door to a lot of information sharing. Sometimes it will be for legitimate reasons, and sometimes not.

Why has the government not taken action in this regard? Why did it not include the amendments put forward by the Privacy Commissioner to ensure that this bill really does protect Canadians?

Mr. Speaker, I assure the member opposite that our government takes the privacy of Canadians very seriously. That is why we introduced the digital privacy act, which contains important new protections for Canadians. Based on the testimony heard at the industry, science and technology committee, our government believes that we have struck the right balance in this bill.

We take the privacy of Canadians seriously, and so do Canadians right across our great country. I want to share a quote from a well-known Canadian, the current Privacy Commissioner. He stated:

I am greatly encouraged by the government's show of commitment to update the Personal Information Protection and Electronic Documents Act, and I generally welcome the amendments proposed in this bill.

Mr. Speaker, I thank my colleague for her speech.

I would like her to come back to why this bill is coming from the Senate. The question was asked earlier, but the government did not provide an answer.

Would the hon. member like to tell us why the government has decided, more than once, to have unelected senators introduce bills that in fact are government bills, and likely from the Minister of Industry?

Why did the Conservatives decide to send this bill to the Senate before elected members of the House could look at it? They could have simply introduced the bill here and let it follow the usual process, like most bills introduced by the government.

Mr. Speaker, I assure the House, and the member opposite must know as well, that this bill has to go through the two Houses regardless. Therefore, that is the path we chose. It will be well worth it to get it moving on, and well received by all Canadians because it is a very important change.

Mr. Speaker, the thing that bothers me about this whole process is that this bill was introduced in the Senate first, as the hon. member for Sherbrooke mentioned in his question, and then brought to the House.

We even adopted a motion to study the bill before second reading stage, which instilled confidence and was a sign of good faith. We thought we could amend this bill and make the necessary changes to ensure that it truly protects Canadians' personal information in the digital age.

However, the government kept saying we did not have enough time to amend the bill because it needed to be passed as quickly as possible.

I want to point out that this government introduced similar bills in the past and I myself introduced a bill on this topic that we could have passed and would already have become law. The Conservatives refused it all. They did nothing and now suddenly they are making this an urgent matter.

Why did they fail to do anything about this before it became an urgent matter?

Mr. Speaker, I assure the member opposite, and all members of the House, that our government is getting the job done, and that is why we are moving on.

Mr. Speaker, I am pleased to rise today to speak Bill S-4, the digital privacy act, which would significantly strengthen Canada's private sector privacy law.

In today's increasingly digital world, Canadians need to have confidence that their online transactions are secure and their privacy is protected. Unfortunately, data breaches, computer hacks, malware and other online threats are simply a reality of today's modern digital landscape. If Canadians do not trust that their private information is safe when it is in the hands of business, then they will not provide it. Without the free flow of information, our digital economy will stall. This is why strong, effective privacy laws that protect personal information are essential to building consumer trust and confidence. Canadian businesses need clear and balanced rules to follow so that their handling of personal information meets the expectations of Canadians.

The digital privacy act would provide important improvements to Canada's private sector privacy legislation, the Personal Information Protection and Electronic Documents Act, PIPEDA. Canadians want control over their personal information and our privacy laws give them exactly that. PIPEDA requires businesses to obtain a person's consent before collecting his or her personal information and ensures that this information is used only for the stated purposes. PIPEDA also gives Canadians control over which type of information is collected about them, how it is used and with whom it is shared. PIPEDA holds businesses accountable for the private information they hold, requiring them to keep it safe and out of the hands of hackers or thieves.

Further, the law gives Canadians the right to access their information at any time to make sure that it is accurate while also giving the Privacy Commissioner strong tools to enforce compliance. Privacy is a major concern for Canadians and they want to know that their personal information is secure. Businesses that can offer that security have a clear competitive advantage.

If I have a choice between a company that does not make protecting my personal information a priority versus one that tells me exactly what information it is collecting and how it is protecting it, I am going to choose the business that offers me the most protection. Businesses that are clear about what they are doing with personal information and have appropriate safeguards in place to protect that information will have an advantage in the marketplace.

Thankfully, limiting the collection, use and disclosure of personal information, having appropriate safeguards and being open about privacy practices are all part of the founding principles of PIPEDA. PIPEDA applies to all private sector organizations operating in Canada. It came into force on January 1, 2001, and its framework has stood the test of time. It is based on a set of 10 internationally recognized principles called the fair information principles. These principles give individuals control over their personal information and the way it is managed in the private sector. They establish strong privacy rights for Canadians and real obligations for companies.

By requiring businesses to protect personal information, PIPEDA is not only protecting the privacy rights of Canadians but is helping contribute to a vibrant Canadian economy. These founding fair information principles for PIPEDA mean that the act is flexible and scalable and allows data to move seamlessly across borders, all of which are good for Canadian businesses. PIPEDA is a flexible piece of legislation. It is technology neutral, which means that it evolves and will apply to new technologies in businesses as they emerge. It applies to all categories of businesses, not just one sector. It also lets companies find innovative new ways of protecting privacy because it is not overly prescriptive.

As I said, PIPEDA is also scalable. It applies to organizations of all sizes in Canada. Whether a small business or a large multinational corporation is doing business in Canada, it is governed by PIPEDA. Having a foundation based on these internationally recognized principles, being flexible and scalable, all contribute to PIPEDA reducing unnecessary red tape for businesses while also maintaining and protecting the privacy rights of Canadians. This puts Canada at a strategic advantage globally.

PIPEDA's balance between these two approaches allows Canadian businesses to be competitive in different markets around the world. By not being overly burdensome, PIPEDA allows Canadian businesses to adapt to new technologies as they emerge, thus allowing them the opportunity to compete with international markets and increase their revenues. At the same time, because PIPEDA is not overly lenient, Canadians can feel secure that their personal information will be protected in their dealings with businesses in Canada. It is clear that privacy is important for businesses and our economy.

Clearly, PIPEDA supports business activities, while protecting the personal information of consumers. Bill S-4 takes Canada's privacy protection a step further and clarifies rules for businesses.

Our government recognizes that companies need to have access to and use personal information to conduct business activities. That is why Bill S-4 provides a clear set of guidelines for businesses when it comes to the collection, use and disclosure of the personal information of Canadians in the course of commercial activities. These activities can include undertaking a merger or acquisition, processing an insurance claim or simply share an employee's email address and fax number with another company.

Bill S-4 would maintain PIPEDA's balanced approach and would provide important clarifications for businesses to conduct themselves with confidence, while at the same time offering consumers the assurances they need that their information is being protected.

The digital privacy act would also provide for oversight and accountability to ensure that when safeguards failed, individuals would told about it and could take the appropriate measures to protect themselves.

The balanced approach found in PIPEDA and continued in Bill S-4 is an important element in establishing a growing trust and confidence in today's digital economy. Once again, it is that consumer trust and confidence that will help businesses and the economy to flourish. It is that trust and confidence that will help us to continue to build a digital Canada.

Thanks to PIPEDA and the improvements proposed in Bill S-4, Canadians can be confident that their privacy is being protected when they provide their personal information to businesses.

The digital privacy act proposes common sense changes that will reduce red tape for businesses, while also maintaining and protecting the privacy of Canadians. A clear set of rules for privacy protection allows businesses to focus on providing exceptional service to their clients, while simultaneously offering them an advantage in today's increasingly competitive worldwide marketplace.

I want to take this opportunity to urge all hon. members to join me in supporting the bill.

Mr. Speaker, this bill establishes a mechanism to be used by organizations to report data breaches, data thefts, and so forth, which is very important. I called for such a mechanism in the House and proposed one in my Bill C-475.

However, the model proposed by the government in this bill is extremely subjective. The organization itself determines whether or not the data breach is serious and whether or not to notify the people concerned. Some data breaches may not be reported to the commissioner or the individuals in question. The individuals would not have the opportunity to take the necessary steps to properly protect themselves.

Instead of implementing a subjective measure, why not implement an objective measure that would put more power in the hands of the individuals whose identity or personal information has been stolen or breached?

Mr. Speaker, the member talked about the bill she brought before the House. However, I think we all have to agree that Canada does not need a heavy-handed approach that would add red tape for businesses and increased cost. We are all about increasing business in our country, driving our economy, and trying to create jobs and seeing Canadians work.

The Privacy Commissioner also agrees with us. He said:

—we believe it would be counterproductive to require organizations to notify individuals of all breaches. Similarly, we do not think it would be practical or efficient to require organizations to notify our Office of all breaches.

The Privacy Commissioner understands that the heavy-handed approach that the member opposite talks about in requiring more red tape for our businesses does not drive our economy. It is not beneficial to Canadians as a whole, and that is why we could not support that approach.

Mr. Speaker, I simply want to respond to the hon. member's answer. My proposal ensured that the Privacy Commissioner was the one who determined whether the data breach was significant enough to report. What the Conservatives are proposing will put the burden on companies because, regardless of how big they are, this law applies to them. There are larger companies that have departments responsible for ensuring that people's privacy is respected and our country's laws are complied with. However, it is more difficult for small companies to determine whether that is the case. Some have no idea what to do, not because they do not want to co-operate, but because they simply do not have the people to do it. Why not help them out a little by giving them access to the Privacy Commissioner's resources and expertise?

I would like to reiterate that the Conservatives' bill provides far less help to small and medium-sized businesses.

Mr. Speaker, Bill S-4 would better protect the privacy of Canadians by requiring organizations to inform Canadians when their personal information had been lost or stolen. Organizations would also be required to keep all records of data breaches and report significant breaches to the Privacy Commissioner of Canada. Organizations that deliberately covered up a data breach or intentionally fail to notify individuals and report to the commissioner could face up to $100,000 for every individual they have failed to inform.

The law being put into place would protect Canadians. It would force businesses to be expedient when they were dealing with the personal information of Canadians. I trust that businesses in our country will take this very seriously when they look at the penalties that are in place for any breach of privacy that might occur.

By keeping these records, if a complaint is laid, the Privacy Commissioner can go to the records at any time and if the breach has not been recorded or if there is any further breach, the maximum penalty can be applied.

It is my duty, pursuant to Standing Order 38, to inform the House that the questions to be raised tonight at the time of adjournment are as follows: the hon. member for Charlesbourg—Haute-Saint-Charles, Official Languages; the hon. member for Windsor West, Tourism Industry.

Mr. Speaker, it is my pleasure to speak to Bill S-4, and I would like to do so by addressing three themes. The first will be how Bill S-4 reflects rather badly on our democratic process. The second theme will be that Bill S-4 is already hopelessly out of date. It is behind the technological times. The third theme is that there are worrisome features in Bill S-4 to the extent that it would inadequately protect privacy, even within the limits of what it is trying to do.

On that first theme of democracy, we should recall that a lot of what has subsequently come through the House in a series of different bills started with Bill C-30, which I always called the Internet surveillance bill. It got so panned by experts and civil society that the government tried to take it off of the table in the House by sending it to committee for study before second reading. It then disappeared, because the government knew that too much in there had attracted too much early attention from Canadians.

I mention that, because parts of it have begun to reappear in bits and pieces since Bill C-30 disappeared.

Bill S-4 uses one of the same techniques as Bill C-30 to try to take it away from public scrutiny. It is ironic that the method it would use is one that was recommended by the McGrath committee in 1982 or 1984, which is to make better use of committees by having them look at bills before the principle of the bill has been fixed, by having the government send the bill to committee before second reading. That is between first and second reading. It would allow committees to effectively look at the bill as a strong draft from the government, but for MPs, presumably from all parties, to try to improve and perfect the bill without being hamstrung in the way we are now in our committee study of bills by the principle having been fixed, as it gets fixed when we go to second reading for a bill in principle.

Bill S-4 did get sent to committee and, surprise, surprise, with the way that the government has operated since I have been here and since it got a majority in 2011, there were no amendments. The government rejected every amendment and presented no amendments itself. It was as if it had not heard anything that had convinced it of anything, despite all of the witnesses who had appeared and who, in very measured tones and with a very focused analysis, had indicated that there were ways, even within the limited confines of what the government was trying to do in the bill, that the bill could be improved. However, the government, through its MPs on that committee, decided that the bill was fine as-is.

Look at House of Commons Procedure and Practice, second edition, on page 742. It tells us what this procedure was intended to be when the McGrath report came down in 1982 or 1984. It was intended to be an empowering mechanism for the House in relation to government legislation. It was meant to create more of a partnership between MPs and the government. It says:

This empowers Members to examine the principle of a bill before second reading, and enables them to propose amendments to alter its scope.

In the end, this was a subterfuge. Who here is going to doubt that the reason it was sent to committee between first and second reading was to get it off of the agenda in the House, which can tend to lead to a bill receiving more public attention and producing the kind of civil society push back that we have seen meet the government's bills on and on for the last little while? It was a mechanism to reduce its visibility and to have it reappear just about now, with two weeks to go, when there is no steam, no energy, nothing left for civil society to get its mind around in terms of general resistance.

My colleagues have mentioned a problem with this bill, as with other bills that start in the Senate, which is a structural problem that will hopefully be dealt with after the next election by having the Senate put in its proper place. There is also something here, which is that there has been no acknowledgement by the government that this bill probably does conflict with the Spencer decision of 2014 in the Supreme Court of Canada.

This decision recognized the nature of the privacy interests in Internet users' data, including all the metadata that identifies various features of their existence on the Internet, and indicated that in a police context, warrants are needed in order to get access to that information.

PIPEDA, as amended by Bill S-4, would now allow private sector organizations, using the guise of fraud investigations, contractual breach investigations, et cetera, to request of any other private actor all that same information, and nothing is put in here by way of safeguards. It is as if the Spencer decision never came down.

We have had no opinion tabled anywhere from the Department of Justice, through the Minister of Justice, to say that under section 4.1 of the Department of Justice Act, the minister has assessed that Bill S-4 complies with the charter, even after the Spencer judgment. That is because the government never tables opinions and never takes charter arguments seriously.

The record is clear. Last year alone, something like a dozen judgments came from the courts, and 10 out of the 12 found that the government's legislation breached the charter or other principles of law.

The bottom line is that this bill is not a good story for democracy, but that again, I am sorry to say, is not a new story.

The second theme is that the bill has missed the boat.

This all started in 2007. That was when the PIPEDA review was mandatory under the statute, and very quickly a couple of different bills began to appear in the House. They just never got through the minority Parliament at all. Nothing really changed along the way. The government is still stuck back in whatever its thinking was around 2007.

Let me quote from the Library of Parliament's background paper on Canada's federal privacy laws. It says:

As advances in technology increase the ease with which information about individuals can be gathered, stored and searched, the need to protect the privacy of such information presents a rapidly evolving challenge for legislators.

That challenge has not been met. It is as if the government does not know how much of an information economy we have rapidly, almost exponentially, year by year, evolved into being.

How about these basic facts?

The world's largest taxi company right now has no cars. It is the largest taxi company because it has information. That is Uber.

The world's largest accommodations company, Airbnb, owns no property, but it is the richest and largest company by virtue of how it owns information.

The world's largest retailer has absolutely no inventory. That is Alibaba, in China.

This is the world we live in now, and there is nothing in the PIPEDA amendments, in Bill S-4, to indicate the government is at all aware of what it means to be living in this economy.

We should think about the so-called Internet of Things. According to recent research, by 2020, 26 billion devices will be connected to the Internet. That is roughly an average of something like three or four per person on earth. There is no evidence that this bill even comes close to understanding the privacy issues that arise from the fact that we are increasingly living in a connected world in which our phones will be reporting on our heart rates, our fridges will report on our eating habits and even order our groceries, self-driving cars will be out there on the roads, and thermostats and smart meters will monitor our every movement. There is nothing in the bill in that regard. All I would say is that amendments that are 10 years out of date are not exactly something to write home about.

The third theme is the inadequacies and the problems in the bill.

Let me just list them. They have been mentioned before.

First, the way in which the bill deals with giving consent on the web is inadequate after the Spencer case.

Second, the loophole that allows for private organizations to pass on information without any kind of safeguard system analogous to a warrant system, on the simple basis that they are investigating breaches of agreement or fraud or financial abuse, is a recipe for incursions into privacy.

Third, I would end by saying that the reportability standard whereby, if there is a breach of data, a company or holder of the data must tell the person whose data has been lost on the basis of a real risk of significant harm is a subjective standard that is assessed by the company. There is no real system to ensure that it does not become a mechanism for breaches to be hidden from public view and hidden, therefore, from accountability.

Mr. Speaker, I want to thank my colleague across the way. I always find him to be a very learned member who always brings to the debate a level of intelligence and levelheadedness.

He mentioned the Senate in his speech. He said that after the election, he has a plan to solve the Senate. I would like him to extrapolate what he means by that and explain his rationale or how he is seeking to solve it. I would like to hear a little more about that.

Mr. Speaker, I am sure my colleague would, but I think we will keep the topic on Bill S-4 today.

I did raise it. You are correct.

Mr. Speaker, there are a whole range of measures that we would ask the Senate to consider to put itself in the proper relationship of complementarity to the House of Commons for so long as it exists. I will be releasing those measures at some point, but not at the moment. Meanwhile, we will do everything we can to convince Canadians and the other partners in Confederation that the Senate has seen its final days.

Mr. Speaker, my colleague wonders whether the NDP might be looking at changing its position on the Senate, but that is not why I stood up.

My question is in regard to privacy-related issues. Privacy continues to be a major issue in the minds of Canadians, and justifiably so. With the growth of technology, growth in participation in the Internet, and growth in the concerns related to privacy, whether in relation to government or in relation to private sector companies, we want to make sure that this information is being guarded. We want to make sure that the government can provide leadership in the form of legislation and that the potential for fines will in fact be realized.

The member referred to the government's lack of enthusiasm in dealing with this concern. Does he believe that the government has failed in terms of understanding the need for robust legislation that would protect the interests of consumers and has lost the opportunity to do so, as Canadians will likely want to see change toward the end of the year?

Mr. Speaker, the short answer—and I think I spoke to it in my speech—is yes, the government has generally lost the plot.

Privacy is more rhetorical from that side of the House, at least from the government ranks. I am not saying that is the case for all members of Parliament, but I do not think the Conservatives have any sense at all of where privacy absolutely needs to be taken seriously versus when it is used as a shibboleth for other kinds of agendas, as my colleague from Trinity—Spadina pointed out very well in his speech by noting that when privacy suddenly rears its head on such things as the long form census and the long gun registry, it does not quite rear the same head when it comes to privacy in the Internet context.

Mr. Speaker, I congratulate my colleague on his speech.

I would also like to talk about the process this bill would establish. The government could have taken this opportunity to fix the flaws in the Personal Information Protection and Electronic Documents Act, in order to ensure that Internet service providers and government agencies could no longer voluntarily share information without a warrant. There were at least 1.2 million requests in a single year. We have no details about why or about the circumstances surrounding these requests. The one thing we do know is that there was no warrant.

Could my colleague talk more about this missed opportunity?

Mr. Speaker, I thank my colleague for the question and for all her work, without which I would not be even half as informed about this bill as I believe I am.

The issue is ultimately that the government is not at all interested in having Canadians know the extent of something even so comparatively innocuous as the government asking for voluntary disclosure of information from private companies. The minimum, for example, that certain witnesses asked for is just to have statistics that the Privacy Commissioner and everybody else could be looking at, so that people would have a sense of the scope of the phenomenon. Nothing like that is even in the bill, let alone a regime that would actually regulate the phenomenon.

The bottom line is that the more Canadians know about the scope of government access to private information, the more concerned they become. The government is quite far behind on this issue. I think the Conservatives have a tin ear when it comes to where Canadians are on privacy issues.

Mr. Speaker, I am pleased to rise to speak to Bill S-4, the digital privacy act, which has been referred back to the House by the Standing Committee on Industry, Science and Technology.

Last year, our government launched digital Canada 150, an ambitious plan for Canadians to take full advantage of the opportunities of the digital age. It is a broad-based, ambitious plan to take full advantage of the digital economy as we celebrate our 150th anniversary in 2017. It is the next step to build our nation and connect Canadians to each other.

As the digital economy grows, individual Canadians must have confidence that their personal information is being protected. That is why, under digital Canada 150, one of the five pillars is known as “protecting Canadians”. The digital privacy act would provide important and long-awaited updates to our private sector privacy law, the Personal Information Protection and Electronic Documents Act, commonly known as PIPEDA.

PIPEDA provides a legal framework for how personal information must be handled in the context of commercial activities, while also setting guidelines for the collection, use, and disclosure of personal information. These rules are based on a set of principles developed jointly by government, industry groups, and consumer representatives.

The digital privacy act would strengthen marketplace rules set out by PIPEDA in important ways. In addition to protecting and empowering consumers, amendments would clarify rules for businesses and reduce red tape. These guidelines would also ensure that vital information is available to Canadian businesses, so they have the necessary tools to thrive in the global digital economy.

Balancing the individual expectations for privacy and the needs of businesses to access and use personal information in their day-to-day operations is important, and Bill S-4 gets it right. It would ensure individuals that, no matter the transaction, their personal information would continue to be protected under Canadian law.

The need to update rules for online privacy continues to grow. Breaches of personal information held by retail giants like Target and Home Depot, where the credit card information of millions of Canadians was stolen, underscore the need to strengthen PIPEDA with mandatory breach requirements.

The bill before us would do exactly this by establishing new requirements for organizations to inform Canadians when their personal information has been lost or stolen and there is a risk of harm. The privacy commissioner must also be notified. An organization that deliberately covers up a data breach, or intentionally fails to notify individuals and report to the commissioner, could face significant fines as a result.

Let me now take a minute and point out some of the ways in which the bill before us would create an effective and streamlined regime for reporting data breaches. The digital privacy act would establish a clear and straightforward test that businesses must apply to determine whether or not they are required to report a breach. If a business determines that a data breach creates a significant risk of harm to a customer or client, then it must report this information both to the individual affected and to the privacy commissioner. If the organization determines that a data breach does not pose a risk of significant harm—that is, their data security safeguards were compromised but they avoided a situation where their customers are exposed to threats like identity theft, fraud, or humiliation—then that organization must keep a record of the breach.

The requirement to maintain these records, even if the breach is determined not to be serious at the time, would serve two purposes. First and most important, it would require companies to keep track of when their data security safeguards fail, so that they can determine whether or not they have a systemic problem that needs to be corrected. An initial breach may not be serious because the information lost is not particularly sensitive. The next time, however, the company and the individuals affected may not be so lucky. Keeping track of all breaches would help companies identify potential problems before individual privacy is seriously harmed.

Second, these records provide a mechanism for the privacy commissioner to hold organizations accountable for their obligations to report serious data breaches.

At any time, the privacy commissioner might request companies to provide these records, which would allow him to make sure organizations are following the rules. If companies chose to deliberately ignore these rules, the consequences, as set out under the digital privacy act, would be serious.

Bill S-4 would make it an offence to deliberately cover up data breaches or intentionally fail to notify individuals and report to the commissioner. In these cases, organizations could face fines of up to $100,000 for every individual whom they fail to notify. These penalties represent just one way in which the digital privacy act would safeguard the personal information of Canadians.

The Privacy Commissioner of Canada strongly supports the proposed data breach rules in Bill S-4. He told the standing committee that:

...I am greatly encouraged by the government's show of commitment to update the Personal Information Protection and Electronic Documents Act, and I generally welcome the amendments proposed in this bill.

Proposals such as breach notification, voluntary compliance agreements and enhanced consent would go a long way to strengthening the framework that protects the privacy of Canadians....

Similarly, the Canadian Bankers Association voiced its support for these amendments, telling the committee:

The banking industry supports the requirements in the digital privacy act for organizations to notify individuals about a breach of their personal information where there is a risk of significant harm.... We also support the commissioner's new oversight powers to ensure that organizations comply with these new provisions.

I think it is clear that Bill S-4 would deliver a balanced approach to protecting the personal information of Canadians, while still allowing for information to be available in a growing, innovative digital economy.

Mr. Karl Littler, vice-president, public affairs, Retail Council of Canada, summed it up best, when he told the standing committee:

Generally speaking, Bill S-4 strikes the right balance between action to protect digital privacy on digital fraud and financial abuse, while recognizing the strengths of PIPEDA and its forward-thinking technologically neutral approach.

I think we have it right with the digital privacy act. Both business and consumers have been empowered in the digital age, but if Canada is to remain a leading digital nation, Canadians need to have confidence that their online transactions are safe and their privacy is secure.

Bill S-4, the digital privacy act, would strengthen the rules protecting the personal information that is essential to the conduct of business in virtually all sectors of the economy. The digital privacy act would go a long way to improving the protection of privacy for Canadians.

I urge hon. colleagues to join me in supporting this bill.

Mr. Speaker, I would like to pose the same question I asked another colleague of the member, and that is in regard to the timing of the legislation itself and the government's unwillingness to recognize the need to allow for amendments of its own legislation, which could ultimately provide greater strength and improve the legislation itself.

No doubt the member recognizes, as I am sure all members of the House would, the concern Canadians as a whole have in regard to privacy-related issues. It is somewhat surprising that the government has been unable to really bring in robust legislation that would, in fact, provide assurances to Canadians that the government really understands the issue.

At the last minute, months away from an election, with only a few weeks to go, now we seem to see the government in a hurry-up mode or attitude, in terms of, well, this is the best we can get.

Does the member recognize that the government has actually fallen short in addressing the very important issues that Canadians have, related to protecting their privacy, especially given the growth of the Internet and other technologies and the amount of information available on the Net today?

Mr. Speaker, clearly, the time to act is now.

These ideas have been around for a long time. We have debated them for quite a period of time. What Canadians are looking for is action. This is not a perfect bill by any means, but we do not let the perfect be the enemy of the good.

Chantal Bernier, former interim privacy commissioner, says, “I welcome proposals” in this bill. The bill contains “very positive developments for the privacy rights of Canadians...”. “I am pleased that the government has” addressed such issues as breach notifications.

The current Privacy Commissioner, Daniel Therrien says:

...I am greatly encouraged by the government's show of commitment to update...[PIPEDA], and I...welcome the amendments proposed in this bill.

I submit that it is time to act, and that is precisely what our government is prepared to do.

Mr. Speaker, I thank my colleague from Nipissing—Timiskaming for his speech on Bill S-4.

I worked on Bill C-51, which thousands of Canadians opposed. They were worried that the bill would invade their privacy and violate their rights and freedoms. In the answer he just gave, my colleague said that this bill was not necessarily perfect but that we need to take action. I have a question for him.

Bill S-4, and also Bill C-13, would allow greater access to personal information without a warrant and without provisions for a proper oversight mechanism. This is reminiscent of the extremely distressing Bill C-51, which we studied not too long ago.

Why is the government working so hard to allow snooping without a warrant by creating bigger holes with Bill C-13 and Bill S-4?

Mr. Speaker, as I indicated, I believe that this bill strikes the right balance. I believe the time to act is now.

We certainly have ample support from across Canada: the Canadian Chamber of Commerce, the Canadian Bankers Association, Credit Union Central of Canada, the Insurance Bureau of Canada, the Retail Council of Canada, the Canadian Marketing Association, the Canadian Pharmacists Association, and the Canadian Life and Health Insurance Association. All of these groups show a good, broad, strong base of support for this legislation, and I submit that the time to act is now.

Mr. Speaker, I am very happy to be in this place and to rise on behalf of the people of Okanagan—Coquihalla. I am also pleased to express my support for Bill S-4, the digital privacy act.

Bill S-4 provides a number of important updates to the Personal Information Protection and Electronic Documents Act. In my view, these updates are long overdue and will better protect Canadians, in particular consumers, seniors, and children, who could be more vulnerable to sharing personal information online.

I believe that most parents would agree that today's kids' use of the Internet and related digital technologies is unprecedented in our history. Today, children have access to everything online, from information for school projects to gaming, music, movies, and much more.

A wide variety of devices are used to engage in activities such as socializing or gaming with friends, and of course, sharing photos and videos on social media sites that can be viewed by people all over the world. A young teenager may have a picture or a self-made video viewed by tens of thousands of people. While that may be an exhilarating experience, I would also say that it could potentially be a dangerous one.

As we know, a survey conducted in 2013 found that 30% of grade 4 to grade 6 students had Facebook accounts. By grade 11, that increases to 95% of all students, and that is just Facebook. What about Twitter or Instagram or Snapchat?

Businesses are not naive to these trends. Online services can generate massive amounts of revenue. The action of collecting and analyzing personal information for marketing purposes is huge and increasingly valuable. This includes personal information taken from websites, apps, and search engines aimed at kids.

Do kids have any idea that their information is being gathered? Do parents? Is there a clear understanding of what happens to that information that is required to register and download or play a free online game?

Our government recognizes that the digital world offers benefits to children. We are also aware that the online community is often a reality in our day-to-day lives.

The skills kids develop by participating and navigating in online activities can create a significant advantage as they grow up and transition into the job market. Indeed, many high-school-aged kids today have as much, or more, online literacy than a technician would have had a decade ago. However, with growing participation in the online world come increased threats to privacy.

PIPEDA currently contains provisions that protect the personal information of children. As an example, businesses cannot obtain consent in a deceptive or misleading manner. The act also prevents companies from denying access to services on the basis of a refusal to share personal information.

The digital privacy act proposes an amendment to increase protection by creating new safeguards related to the collection, use, and disclosure of personal information. The bill would require that an organization ensure that users, as a group, were able to understand what happens to the information that is collected about them.

I would like to provide this place with a few examples of how the proposed amendment would work.

One example could be an educational website designed to help elementary school kids develop math skills. Under the proposed amendment, requests by that particular website to collect, use, or disclose personal information would need to be understandable by the average elementary school student. This would ensure that these requests used words and language that was appropriate for the website's target audience. Under the digital privacy act, it would not be reasonable to simply expect average elementary kids to understand what clicking the “I agree” box actually meant. If there was no clear understanding as to why the information was being collected, the company would not have valid consent.

As another example, in the case of a mobile app that allowed teenagers to create music recordings, that app would need to obtain the consent of these teens in a manner that would be different if the app were targeting adult users.

I am also aware that during the committee hearings on Bill S-4 , a number of witnesses shared their views on the proposed consent measures.

The Privacy Commissioner of Canada, when expressing his support for this amendment, stated the following:

it is a useful clarification of what consent is, and it has the potential of improving the situation for the issue of consent sought from children.... So, when the individual is a child, if your product is addressed to children, you should think about what is reasonable to expect of a child in understanding the consent being sought. Overall, I think, again, the definition of consent in Bill S-4 will assist generally and will assist particularly groups that are more vulnerable, like children.

The committee also heard from other expert witnesses who offered their support for the consent amendment. For example, the Retail Council of Canada stated its wholehearted support for this proposed amendment on valid consent, emphasizing in particular that, “a vulnerable population such as children should be protected”.

In addition, the Marketing Research and Intelligence Association, which represents the Canadian survey research industry, also wrote to the committee to share its views on Bill S-4. In its submission, it stated that the amendment “provides added clarity for organizations when they seek the valid consent of an individual when collecting, sharing and disclosing their personal information” and “that specifying the elements of valid consent will go a long way to protecting the most vulnerable Canadians, such as seniors and children”.

These are positive endorsements, and I believe they speak to the idea that children need and require extra protection when it comes to their online activities and the protection of their privacy.

In early May of this year, an international network of privacy commissioners, called the Global Privacy Enforcement Network, or GPEN, conducted a worldwide spot check on children's privacy protection. This privacy sweep, as it was called, looked at whether apps and websites worldwide inappropriately gathered information on children.

For some background, GPEN began conducting worldwide privacy sweeps in 2013. The first sweep focused on website privacy notices, and then in 2014, it focused on mobile apps. These sweeps have involved the active participation of Canada's own Privacy Commissioner. They have highlighted areas where privacy practices are lacking. Each time the sweeps have successfully resulted in concrete positive changes to a large number of apps and websites.

This year GPEN also looked at the types of information being collected from children and whether protective controls exist to limit that collection. This year's sweep also looked at whether these sites and applications take steps to make privacy policies understandable to kids, using things like simple language, large print, audio and animation, and whether parental involvement is encouraged.

The Privacy Commissioner of Canada had this to say about the children's privacy sweep:

Children are more connected than ever before and these platforms must bear that in mind when seeking potentially sensitive data such as name, location or email address. This is about protecting children. I can’t think of anything more important than that.

I agree with the Privacy Commissioner.

This year's sweep was a privacy spot check that included 29 data protection authorities from 20 countries, including the Privacy Commissioner of Canada. I believe that many members of this House will look forward to the results of this groundbreaking privacy sweep when it is released in the fall. I expect the results will be of assistance to the Privacy Commissioner and the private sector in determining where changes need to be made to comply with the new enhanced consent requirements under the digital privacy act.

Earlier this year, our Privacy Commissioner also published a top 10 list for protecting children's privacy for organizations with services aimed at children and young people. These tips offered by the Privacy Commissioner emphasize that when it comes to children, the privacy protection bar needs to be set extremely high. I submit that this is why the Privacy Commissioner of Canada has publicly recognized that the amendment would enhance the concept of consent.

We have heard from the Privacy Commissioner and from privacy commissioners that this is an emerging field. I believe that the amendments made to PIPEDA will help protect our children and other vulnerable populations, like seniors. I would humbly ask all members in this place to give these provisions their due review and support.

Order. It being 5:15 p.m., pursuant to an order made Thursday, May 28, it is my duty to interrupt the proceedings and put forthwith every question necessary to dispose of the report stage and second reading stage of the bill now before the House.

The question is on Motion No. 1. A vote on this motion also applies to Motion No. 4.

Is it the pleasure of the House to adopt the motion?

All those in favour of the motion will please say yea.

All those opposed will please say nay.

In my opinion the nays have it.

And five or more members having risen:

The recorded division on Motion No. 1 stands deferred. Accordingly, the recorded division will also apply to Motion No. 4.

The next question is on Motion No. 2. A vote on this motion also applies to Motions Nos. 3 and 5.

Is it the pleasure of the House to adopt the motion?

All those in favour of the motion will please say yea.

All those opposed will please say nay.

In my opinion the nays have it.

And five or more members having risen:

The recorded division on the Motion No. 2 stands deferred. The recorded division will also apply to Motions Nos. 3 and 5.

The House will now proceed to the taking of the deferred recorded division at the report stage of the bill.

Call in the members.

I declare the motion defeated and therefore declare Motion No. 4 defeated.

The next question is on Motion No. 2. A vote on this motion also applies to Motions Nos. 3 and 5.

The hon. member for Bas-Richelieu—Nicolet—Bécancour on a point of order.

Mr. Speaker, I ask that my vote be recorded in favour of the motion.

Does the hon. member have the unanimous consent of the House to have his vote counted in favour?

I declare Motion No. 2 defeated. I therefore declare Motions Nos. 3 and 5 defeated as well.