Bill C-59 (Historical)

National Security Act, 2017

An Act respecting national security matters

This bill was last introduced in the 42nd Parliament, 1st Session, which ended in September 2019.

Sponsor

Ralph Goodale  Liberal

Status

This bill has received Royal Assent and is now law.

Summary

This is from the published bill.

Part 1 enacts the National Security and Intelligence Review Agency Act, which establishes the National Security and Intelligence Review Agency and sets out its composition, mandate and powers. It repeals the provisions of the Canadian Security Intelligence Service Act establishing the Security Intelligence Review Committee and amends that Act and other Acts in order to transfer certain powers, duties and functions to the new Agency. It also makes related and consequential amendments to other Acts.
Part 1.‍1 enacts the Avoiding Complicity in Mistreatment by Foreign Entities Act to authorize the issuance of directions respecting the disclosure of and request for information that would result in a substantial risk of mistreatment of an individual by a foreign entity and the use of information that is likely to have been obtained as the result of mistreatment of an individual by a foreign entity.
Part 2 enacts the Intelligence Commissioner Act, which provides that the duties and functions of the Intelligence Commissioner are to review the conclusions on the basis of which certain authorizations are issued or amended, and determinations are made, under the Communications Security Establishment Act and the Canadian Security Intelligence Service Act and to approve those authorizations, amendments and determinations if those conclusions are reasonable. This Part also abolishes the position of the Commissioner of the Communications Security Establishment, provides for that Commissioner to become the Intelligence Commissioner, transfers the employees of the former Commissioner to the office of the new Commissioner and makes related and consequential amendments to other Acts.
Part 3 enacts the Communications Security Establishment Act, which establishes the Communications Security Establishment and, among other things, sets out the Establishment’s mandate as well as the regime for authorizing its activities. It also amends the National Defence Act and makes consequential amendments to other Acts.
Part 4 amends the Canadian Security Intelligence Service Act to
(a) add a preamble to that Act and provide a mechanism to enhance the accountability of the Canadian Security Intelligence Service;
(b) add new limits on the exercise of the Service’s power to reduce threats to the security of Canada including, in particular, by setting out a list of measures that may be authorized by the Federal Court;
(c) provide a justification, subject to certain limitations, for the commission of acts or omissions that would otherwise constitute offences;
(d) exempt employees of the Service and persons acting under their direction from liability for offences related to acts committed for the sole purpose of establishing or maintaining a covert identity;
(e) create a regime for the Service to collect, retain, query and exploit datasets in the course of performing its duties and functions;
(f) make amendments to the warrant regime that are related to datasets; and
(g) implement measures for the management of datasets.
Part 5 amends the Security of Canada Information Sharing Act to, among other things,
(a) emphasize that the Act addresses only the disclosure of information and not its collection or use;
(b) clarify the definition of “activity that undermines the security of Canada”;
(c) clarify that advocacy, protest, dissent and artistic expression are not activities that undermine the security of Canada unless they are carried on in conjunction with an activity that undermines the security of Canada;
(d) provide that a disclosure of information is authorized only if the disclosure will contribute to the carrying out by the recipient institution of its national security responsibilities and will not affect any person’s privacy interest more than reasonably necessary;
(e) require that information disclosed be accompanied by information about the accuracy of the disclosed information and the reliability of the manner in which it was obtained; and
(f) require that records be prepared and kept in respect of every disclosure of information and that every year a copy of every record prepared in the preceding year be provided to the National Security and Intelligence Review Agency.
Part 6 amends the Secure Air Travel Act to authorize the Minister of Public Safety and Emergency Preparedness to collect from air carriers and operators of aviation reservation systems, for the purpose of identifying listed persons, information about any individuals who are on board or expected to be on board an aircraft for any flight prescribed by regulation, and to exempt an air carrier from providing that information, or from the application of any provision of the regulations, in certain circumstances. It amends the Act to authorize that Minister to collect personal information from individuals for the purpose of issuing a unique identifier to them to assist with pre-flight verification of their identity. It also reverses the rule in relation to a deemed decision on an application for administrative recourse. Finally, it amends the Act to provide for certain other measures related to the collection, disclosure and destruction of information.
Part 7 amends the Criminal Code to, among other things,
(a) make certain procedural modifications to the terrorist listing regime under section 83.‍05, such as providing for a staggered ministerial review of listed entities and granting the Minister of Public Safety and Emergency Preparedness the authority to amend the names, including aliases, of listed entities;
(b) change the offence of advocating or promoting terrorism offences in general, in section 83.‍21, to one of counselling the commission of a terrorism offence, and make corresponding changes to the definition of terrorist propaganda;
(c) raise one of the thresholds for imposing a recognizance with conditions under section 83.‍3, and amend when that section is to be reviewed and, unless extended by Parliament, to cease to have effect;
(d) repeal sections 83.‍28 and 83.‍29 relating to an investigative hearing into a terrorism offence and repeal subsections 83.‍31(1) and (1.‍1), which require annual reports on such hearings;
(e) require the Attorney General of Canada to publish a report each year setting out the number of terrorism recognizances entered into under section 810.‍011 in the previous year; and
(f) authorize a court, in proceedings for recognizances under any of sections 83 and 810 to 810.‍2, to make orders for the protection of witnesses.
Part 8 amends the Youth Criminal Justice Act to, among other things, ensure that the protections that are afforded to young persons apply in respect of proceedings in relation to recognizance orders, including those related to terrorism, and give employees of a department or agency of the Government of Canada access to youth records, for the purpose of administering the Canadian Passport Order.
Part 9 requires that a comprehensive review of the provisions and operation of this enactment take place during the fourth year after section 168 of this enactment comes into force. If that section 168 and section 34 of Bill C-22, introduced in the 1st session of the 42nd Parliament and entitled the National Security and Intelligence Committee of Parliamentarians Act, come into force within one year of each other, the reviews required by those sections are to take place at the same time and are to be undertaken by the same committee or committees.

Elsewhere

All sorts of information on this bill is available at LEGISinfo, an excellent resource from the Library of Parliament. You can also read the full text of the bill.

Votes

June 11, 2019 Passed Motion respecting Senate amendments to Bill C-59, An Act respecting national security matters
June 11, 2019 Failed Motion respecting Senate amendments to Bill C-59, An Act respecting national security matters (amendment)
June 11, 2019 Passed Motion for closure
June 19, 2018 Passed 3rd reading and adoption of Bill C-59, An Act respecting national security matters
June 19, 2018 Passed 3rd reading and adoption of Bill C-59, An Act respecting national security matters
June 19, 2018 Passed 3rd reading and adoption of Bill C-59, An Act respecting national security matters
June 11, 2018 Passed Concurrence at report stage and second reading of Bill C-59, An Act respecting national security matters
June 11, 2018 Failed Bill C-59, An Act respecting national security matters (report stage amendment)
June 6, 2018 Passed Time allocation for Bill C-59, An Act respecting national security matters
Nov. 27, 2017 Passed Bill C-59, An Act respecting national security matters (referral to a committee before second reading)

March 22nd, 2018 / 12:45 p.m.


See context

Chief, Communications Security Establishment

Greta Bossenmaier

Thank you, Mr. Chair.

The reality is that it is a formidable task. That's why it's something we take extremely seriously. Again, we've been in the business for 70 years, and I'm sure we have the best technology, the best people we can have to work on this task, and to work on it in partnership. We often talk about this being a team imperative. No one organization can have all the information or all the answers, so we do work closely with academia. We work closely with other partners. We work closely with our allies in terms of developing knowledge and capability to be able to defend against this very, very challenging environment.

In addition to what was already discussed around budget 2018.... Budget 2018 is proposing an increase in resources and a consolidation of Government of Canada cyber-operational capabilities within CSE, so it provides a bit of a multiplier effect and a single source of trusted advice and guidance, but this legislation would also allow us to exercise additional authorities in the cyber-protection space. Again, that goes back to ensuring we can collect foreign intelligence in a very challenging world and that we can see threats before they reach our shores, have broader threat information sharing, and deploy our cyber-tools—some of the advanced tools Mr. Jones spoke about—on private infrastructure if that is requested and if it is designated.

Also in the defence of cyber-operations, instead of trying to defend only at the periphery of our networks, if we see something that is outside—in a foreign land, on a server, for example—trying to take down Canadian infrastructure or trying to steal Canadians' information, Bill C-59, this legislation, would authorize CSE to go out and try to protect Canada before that threat actually reaches our systems.

March 22nd, 2018 / 12:45 p.m.


See context

Conservative

Blaine Calkins Conservative Red Deer—Lacombe, AB

Here's my question, and it's not meant to be in any way a slight against the fantastic people we have. I'm sure we have the best and the brightest and I'm appreciative of that, but we know that China has an army of about 200,000 people. We know this from reports we've heard, so it's 200,000 against 500. I'm basically looking to you to tell me why Bill C-59 makes those 500 better off, in defence against what those 200,000 might be doing.

We've seen what's happening right now in the United States with sanctions against China under the guise of security, espionage, and all these kinds of.... It's no secret that the Chinese government has been doing this for years. We've had the current government actually very much engaged with China. We sold some assets to Chinese interests recently, and we've been doing so for years and years. This is not meant to be a partisan comment in any way, shape, or form. How is Bill C-59 helping our 500 against the 200,000? It seems like a formidable task.

March 22nd, 2018 / 12:40 p.m.


See context

Deputy Chief, Information Technology Security, Communications Security Establishment

Scott Jones

Really, when we're talking about a billion malicious actions, we're talking about the gamut, all the way from people poking at our systems, looking to see where they're vulnerable, up to people trying to compromise or install malicious software called malware, or basically exploit any vulnerability that exists. It's a wide range of activities, but what we're trying to do is counter the full range, no matter where it originates. We want to counter any malicious activity that's coming at the Government of Canada, and the number is astonishing. I think that's really where we are going into a few different areas. Number one is making it better. How do we work to make the systems that we have more defendable? That's working with the commercial sector, and that's being able to share more information, being able to share some of our tools and techniques, and pushing it forward.

We've shared some of our tools publicly. We have a system called Assemblyline which we have made open-source and publicly available to anybody who could leverage that. That's how we, for example, defend the government and look at millions of malicious files a day.

The second piece is providing that level of defence that fills the gap between the best available commercial and the state-of-the-art threat activity that we're facing today. Bill C-59 would allow us to then use that on critical systems of importance, as designated by the minister, but also with the informed consent of the system's owners. Informed consent is something that's particularly important in this case.

The third piece is general information sharing, whether that is providing advice and guidance or being able to share what we're seeing, what's going on, and very much clarifying our authorities to share information.

That's where we kind of layer all these things together and start to deal with those billion events.

March 22nd, 2018 / 12:35 p.m.


See context

Liberal

Julie Dabrusin Liberal Toronto—Danforth, ON

Thank you.

I want to bring it out a few layers. We've been getting into some details. I'd like you to clarify some things. You said that a billion times a day there are cyber-attacks on Canadian systems, and then, when you were speaking with Mr. Dubé, you talked about threat assessment and the changing environment that you're dealing with in your threat assessments.

Can you help me understand? In Bill C-59, what are the new tools you have that help you to respond to astronomical numbers, those so large I can't even say the word? Maybe you can help me with that.

March 22nd, 2018 / 12:35 p.m.


See context

Chief, Communications Security Establishment

Greta Bossenmaier

For Bill C-59 and the CSE act in particular, CSE is responsible to the Minister of National Defence.

March 22nd, 2018 / 12:35 p.m.


See context

Conservative

Pierre Paul-Hus Conservative Charlesbourg—Haute-Saint-Charles, QC

In your opinion, the Minister of National Defence must remain the minister responsible for your agency, even though Bill C-59 involves some kind of integration that suggests that the Minister of Public Safety and Emergency Preparedness could play a greater role.

As I understand it, you believe that the Minister of National Defence is the one who should take responsibility for the CSE. Is that correct?

March 22nd, 2018 / 12:20 p.m.


See context

NDP

Matthew Dubé NDP Beloeil—Chambly, QC

That's fair enough.

You mentioned the Privacy Commissioner's investigation, but I'm understanding that both your organization and CSIS have also been tasked with looking into that situation, and so in that particular context, when you're doing the research that's prescribed in the legislation where these exemptions exist, notwithstanding section 25, which talks about protecting privacy, would research not be done on, for example, things like Facebook, as part of this information infrastructure? I don't know if that would fall under the definition of information infrastructure, but if you're being tasked with looking into the situation as well, would you not inevitably come across Canadians' information and be allowed to obtain it even if incidentally under what's prescribed in Bill C-59? And under those circumstances, even though it would be in respect of the mandate—I understand that—while I understand you're taking steps to protect privacy, the information nonetheless could be collected over the course of that type of investigation.

Would that not be accurate?

March 22nd, 2018 / 12:20 p.m.


See context

NDP

Matthew Dubé NDP Beloeil—Chambly, QC

The part of the bill dealing with publicly available information specifically exempts the prohibition on targeting Canadians. So you might not be actively collecting it, but you are permitted to collect it as part of the research that's being done under clauses 24 and 25, if I'm not mistaken.

You mentioned information that's hacked or stolen, but under the current legislation, arguably, the information that we're discussing in this particular example—I'm sure there are others that we just don't know of—was not obtained unlawfully. So the work Cambridge Analytica—and probably other companies of that sort—was doing for political parties, for example, was obtaining information through Facebook on people, and that's being done legally.

Would that not fall under publicly available information, if a company like that is able to obtain it? There are no legal repercussions because it's not illegal. Could CSE not do the same thing under those dispositions even if incidentally, as laid out in the law, in Bill C-59?

March 22nd, 2018 / 11:55 a.m.


See context

Liberal

Pam Damoff Liberal Oakville North—Burlington, ON

Thank you, Chair.

Minister, it's wonderful to have you here at the public safety committee, so welcome, and welcome back to the officials who are here.

Bill C-59 allows you to conduct active cybersecurity operations against hostile foreign entities. We had some discussion when your officials were here last time about the global infrastructure. I have concerns about how the data of Canadians could get swept up in that, for example, if I'm on holidays in London, England, and you're conducting an operation and I get caught up in that.

You're dealing with strictly foreign entities. What safeguards do we have in place to ensure that you continue to be dealing with strictly foreign entities, as opposed to Canadian citizens?

March 22nd, 2018 / 11:50 a.m.


See context

Liberal

Harjit S. Sajjan Liberal Vancouver South, BC

I can assure you that when it comes to the actions that are taken by our government, we are given the appropriate authorities. This gives the Canadian Armed Forces and CSE the authority to act.

The other aspect of what our government has done is to make sure that we have fully funded our Canadian Armed Forces to be able to meet those needs.

More importantly, it gives CSE, within Bill C-59, the legislation to now be able to actively protect Canadians, whereas it couldn't before. Your previous government, at the time of Bill C-51, neglected to do that.

March 22nd, 2018 / 11:50 a.m.


See context

Conservative

Blaine Calkins Conservative Red Deer—Lacombe, AB

That's just the MO of how business is operated. When we go to Bill C-59, part 3 says that you must consult with the Minister of Foreign Affairs.

My question to you is, has the Minister of Defence's role been diminished to being a junior minister to the Minister of Foreign Affairs? If so, why would we want to set that precedent?

March 22nd, 2018 / 11:50 a.m.


See context

Conservative

Blaine Calkins Conservative Red Deer—Lacombe, AB

If we're talking about the abilities then, is there anywhere in the National Defence Act, in comparison to what we're doing here with Bill C-59, that the defence minister has to ask permission of any other minister, and the foreign affairs minister specifically, to carry out any operations?

That's kind of a yes or no. Is there anywhere in the Defence Act that says you need the permission of the foreign affairs minister to conduct any operations?

March 22nd, 2018 / 11:50 a.m.


See context

Liberal

Harjit S. Sajjan Liberal Vancouver South, BC

One thing that Bill C-59 will do is to make sure we give CSE the right tools, the legislative ability to be able to leverage their technical ability to keep Canadians safe from all threats and emerging threats.

March 22nd, 2018 / 11:50 a.m.


See context

Liberal

Harjit S. Sajjan Liberal Vancouver South, BC

I'm sorry. My policing experience of listening to how people talk and question is coming in here.

I see where you're trying to go with this, and I can assure you, when it comes to the Minister of Foreign Affairs and me, we have a very good relationship when it comes to looking at threats. That's what Bill C-59 is focused on, making sure that we keep Canadians safe but at the same time give Canadians the confidence that their privacy is going to be looked after. More importantly, finally we have CSE being given the ability to leverage their expertise. That wasn't there before, especially when it came to Bill C-51.

March 22nd, 2018 / 11:50 a.m.


See context

Conservative

Blaine Calkins Conservative Red Deer—Lacombe, AB

The Minister of National Defence needs to consult with the Minister of Foreign Affairs, under part 3 of Bill C-59, and will now be junior in that role if the act does come to pass, and will need the advice of the Minister of Foreign Affairs to make decisions. I'm asking right now, given that link, whether he has been advised by the Minister of Foreign Affairs per se. Has he had any conversations with any of his ministerial colleagues? Has he had any conversations with any of his colleagues who are members of the legislative body and not members of the executive with regard to who should or shouldn't appear before a standing committee of the House of Commons?