Bill C-11 (Historical)

Thank you for that.

During your time as deputy in the last Parliament, the government introduced a privacy bill, Bill C-11, and Minister Bains would have been the lead for that.

Do you recall that bill?

Madam Speaker, I want to thank my hon. colleague for giving a great speech. It seems like nine years ago that we sat on the ethics committee, but I think it was only three years ago. We use the number nine a lot in the House.

Today, I want to speak about why nations fail. To quote Acemoglu and Robinson, “Nations fail today because their extractive economic institutions do not create the incentives needed for people to save, invest, and innovate.” As a whole, that also includes privacy: the right of businesses to operate and the freedom of citizens to operate.

We can go all the way back to something I am very fascinated with. North America and South America were founded around the same time, but how did North America end up becoming so rich and wealthy and South America did not? It comes down to those same pillars. We allowed freedom to operate. We allowed freedom for patents to be developed, especially in the Industrial Revolution. We allowed people the freedom to have their own land, to have privacy on their own land and to own businesses with patents, allowing privacy for those businesses to operate, to get investments and capital and to grow.

What we saw from that was a tremendous amount of wealth, more wealth than the world had ever seen. It formed a capitalist society that allowed wealth to be owned by individuals. People who used to be poor became wealthy, and that allowed a nation like Canada to have socialist capitalism. With this tremendous amount of wealth, there was the ability to have socialist programs like a universal health care system.

When we do not follow the narrow corridor, and it is a very narrow corridor, not only with liberty but also with capitalism and socialism, and we stick with the fundamentals of privacy, investment, free capital and patents, we lose the wealth of the nation. With that, the citizens suffer.

After nine years, we are seeing that reality here in Canada. We have the worst housing crisis this country has ever faced. Rents have doubled. Mortgage payments have doubled. The amount needed for a down payment has doubled. Nine million Canadians are now food insecure. That is one-third of Canadians, and that number in the U.S. is barely 13%.

We see the problem with businesses fleeing this country. We talk a lot about what that means for AI and having great ideas. We also talk about IP, the currency of innovation. When we look at what happens in Canada, the numbers are startling. Canada files 40,000 patents annually compared to the 374,000 the U.S. files, and only 13 out of 100 patents are owned by Canadians. That means we give away over 87% of our patents to foreign nations; we give that data away.

When we look at what that means for the Americans, we see they generate 12 million jobs and $2 trillion from patents and IP. Of course, AI is among that. In Canada, that number is less. The best way to look at it is by using GDP per capita or income per capita. The GDP per capita for Canada is $53,000, compared to $80,000 for the U.S., more than a 36% difference. We have seen less capital and less ability to invest, save and innovate.

We can couple that with the problems with the business investment and productivity we have seen in Canada and the lack of privacy. Of course, the government has tried, but as with a lot of things, it has tried and failed. It presented Bill C-11 before the last Parliament and could not get it through. In this Parliament, it submitted Bill C-27, and at the last minute, it threw AI legislation in it called the AIDA. What happened at committee? I know the Conservatives get blamed for this, but at committee, the Conservatives, the Bloc and the NDP all came together to say this bill was terrible in the way it was presented. Even the Liberals were filibustering it in committee at one point.

We need these bills to work. The Conservatives have been steadfast that privacy is a fundamental human right, and not only privacy for individuals in Canada but privacy for our children. We know the results of not having the right legislation come forward and not having privacy protection in Canada. We saw it at the ethics committee two years ago when we faced the daunting speculation of privacy in facial recognition technology.

This technology was misused. A company called Clearview AI scraped images off the Internet, and we know how many images are on the Internet. It scraped everyone's face off the Internet and sold those images, which should not be owned by anyone.

Privacy is a fundamental right. However, the thing we have come to also understand about AI, which was discussed at committee but was not in the legislation, is that it should never be able to use someone's face or likeness without their permission. Those are the biggest problems we are having. The biggest thumbprint we have, the most unique thing about us, is our face. Our colleague from the NDP brought this up, but the main point that came up at committee about facial recognition technology was this: When this technology was used by the RCMP and our police forces in Canada in terms of marginalized and minority groups in Canada, Black women and Black men, the technology misread their face and misidentified them 30% of the time. That is terrible.

Technology is supposed to make things better, and we could not believe what we were hearing. Police representatives were at this committee multiple times and testified that it misidentified these groups 30% of the time. That is a failure; it is ridiculous. This is something that should not be used. We went through all the reports on ethics and brought the final report to Parliament two years ago, in October 2022, with the recommendation to outlaw this technology until it gets better.

Here we are today, two years later, and this technology has not been outlawed. It has been in place for two years since the ethics committee found that there were these breaches. It is terrible that these breaches have been happening for so long. Today, as we stand in Parliament, facial recognition technology, which we call digital racism, is still allowed to be used in this country.

Again, it follows the bigger problems we have with the government, and not only with the recommendations that come from committee. The government always talks about filibustering. These are recommendations in a report that could have been done without Parliament's consent, because it was enacted by Parliament and came to the House to begin with. Here we are two years later, and that has not happened.

Let us talk about all the other things that have not happened either. With respect to privacy, Bill C-27 is still in committee based on, again, the fact that the Liberals are filibustering their own bill. It is just terrible and needs to be redone. I think we all agree on the first part of PIPEDA and how that is going to be done. The Liberals do not, but we agree that the tribunal should be eliminated and that more power should go to the Privacy Commissioner. Again, those privacy breaches and the rights should be governed by the Privacy Commissioner as a whole.

We looked at the proposed AIDA as a whole. AIDA was riddled with delays and inefficient guidance. It failed to provide the necessary oversight, allowing technologies such as facial recognition to remain largely unregulated. It was supposed to be prioritized legislation, yet it was wrong. The industry minister brought the legislation to the committee, and three months later, he brought 60 different amendments to his own bill. We had never even heard of that before, and it certainly was not a good bill.

I want to talk briefly about what is happening because we do not get privacy investment right in Canada. This is going to have long-term impacts. The capital gains tax hike is expected to reduce Canada's capital stock by $127 billion, resulting in 414,000 fewer jobs and a $90-billion drop in GDP. We cannot afford to lose control of our most valuable ideas or allow unchecked technologies to undermine our freedoms. Nations fail today because their extractive economic institutions do not create the incentives needed for people to save, to invest and to innovate.

The consequences are already visible. Nine million Canadians are food insecure. Two million Canadians are visiting food banks, and this rate is 36% higher than that in the United States. It is time to reverse course. Let us regain control over our privacy. Let us make sure we give those fundamentals back to save, innovate and invest back into Canadian businesses. Let us bring home capitalism once again, where people can make a good wage, have a good job and bring home savings for them and their families.

Let me pose my questions, if I could. Thank you.

I understand all of that, and there are different systems, but privacy commissioners all talk to each other. They're not some sort of independent, isolated person. In fact, they talk to each other around the world.

I'm sure you've read this, but in the current Privacy Commissioner's submission on Bill C-11 in 2021, he wrote:

The central issue in this design is as follows. In order to enhance consumer confidence, we believe that the decision-making system for adjudicating complaints should be as fast and efficient as possible. In order for individuals to have confidence, they would expect there to be real and timely consequences when the law is violated. Of course, the system must also be fair to businesses. Over a 40-year period, the OPC's performance in this regard has been excellent, and we welcome making our procedures more transparent and consulting on ways to enhance them. We are also prepared, should Parliament grant us the power to impose monetary penalties, to have to take into account any relevant factors, beyond those set out in—

He mentioned a particular section in the previous bill.

He continued:

In our opinion, the design of the decision-making system proposed in the CPPA goes in the wrong direction. By adding an administrative appeals Tribunal and reserving the power to impose monetary penalties at that level, the CPPA encourages organizations to use the appeal process rather than seek common ground with the OPC when it is about to render an unfavorable decision. While the drafters of the legislation wanted to have informal resolution of cases, they removed an important persuasive tool from the OPC. Moreover, this design is outside the norm when compared with other jurisdictions.

We've had a lengthy discussion on that already.

He continued:

Given these considerations, our primary and strong recommendation is to remove the provisions relating to Personal Information and Data Protection Tribunal....

That's from the previous bill, Bill C-11, which has been put forward again.

When the Privacy Commissioner appeared before this committee on October 19, 2023, he said:

Third, there remains the proposed addition of a new tribunal, which would become a fourth layer of review in the complaints process. As indicated in our submission to the committee, this would make the process longer and more expensive than the common models used internationally and in the provinces.

This is why we've recommended two options to resolve this problem. The first would be to have decisions of the proposed tribunal reviewed directly by the Federal Court of Appeal, and the second would be to provide my office with the authority to issue fines and to have our decisions reviewable by the Federal Court without the need to create a new tribunal....

He's an expert, but that was also shared by the former privacy commissioner when he appeared before this committee. He also pointed out that every provincial privacy commissioner opposes the tribunal. In fact, specifically, the Information and Privacy Commissioner of Alberta stated before this committee, at meeting number 104, that:

We are concerned about whether the inclusion of the tribunal as an appeal body to the Privacy Commissioner's orders would impact our ability [as provincial privacy commissioners] to conduct joint investigations.

There's a lot of opposition to this. That's what we've heard. I'm at a loss to see.... Almost anybody who's an expert in this has said this will lengthen the process and make it more difficult—everybody except the government.

Thank you, Mr. Chair.

Thank you, officials.

Before I ask a couple questions on this, which I don't believe I've talked to yet, I note that this is the third meeting we've had on CPC-7, most of which has been driven by the government's desire to amend and change it. I note this only because the government suggested that clause-by-clause would take four meetings and the government is the one pushing to make it longer.

Mr. Schaan, I'm a little concerned by your testimony earlier about the Privacy Commissioner. Bill C-11, which was the predecessor to this bill, attempted to make Privacy Act changes in the last Parliament, and I would like to read from the Privacy Commissioner's submission on it to committee, if I could:

While the OPC and the courts have provided some interpretations of sensitive information, it would be preferable to have a legislative definition that sets out a general principle and is context-specific, followed by an explicitly non-exhaustive list of examples (such as those included in article 9 of the GDPR). This would provide greater certainty for organizations and consumers as to the interpretation of the term. For instance, such a definition might read:

Sensitive information means personal information for which an individual has a heightened expectation of privacy, or for which collection, use or disclosure creates a heightened risk of harm to the individual. This may include, but is not limited to—

Does that sound familiar? It's in MP Garon's subamendment.

—information revealing racial or ethnic origin, gender identity, sexual orientation, political opinions, or religious or philosophical beliefs; genetic information; biometric information for the purpose of uniquely identifying an individual; financial information; information concerning health; or information revealing an individual’s geolocation.

That was for the last bill, so it comes as a surprise to me, Mr. Schaan, that you said the Privacy Commissioner has not asked for that. It's right in his brief.

Thank you, Mr. Chair.

This one's not a test, I don't think.

Throughout the bill, the term “lawful authority” appears. Now, we're in the early stages of the bill, and we found that our concern was that nowhere in the definition section of the bill does it actually define what “lawful authority” means. Without even providing that term, I think it provides a bit of ambiguity in there.

For instance, proposed section 44 of Bill C-27 allows an organization to share “an individual's personal information” with a government institution upon request “for the purpose of enforcing federal or provincial law”. The language of proposed section 44 is taken from PIPEDA, as I understand it, and it is problematic, given that it outlines few privacy safeguards that have been afforded to individuals in the past with Supreme Court decisions like the 2014 R. v. Spencer case. I'm sure everyone on the committee is familiar with that—I know that some of the witnesses are—but I'll just go over a summary of it.

R. v. Spencer, in 2014, according to Wikipedia, “is a landmark decision of the Supreme Court of Canada on informational privacy. The Court unanimously held that internet users were entitled to a reasonable expectation of privacy in subscriber information held by Internet service providers. And as such, police attempts to access such data could be subject to section 8 of the Charter of Rights and Freedoms. At issue was whether the police could request subscriber information associated with an IP address from an Internet service provider without prior judicial authorisation, who could then voluntarily provide it. The Supreme Court ruled that the request for internet subscriber information infringed on the Charter's guarantee against unreasonable search and seizure.”

Law enforcement, with some exceptions, in my view—in our view—generally should be required to produce a court order when asking for somebody's personal information: a bank account, personal messages, health information and that kind of thing.

The ambiguity with respect to the meaning of “lawful authority” that existed in PIPEDA with regard to disclosures to law enforcement remains in the CPPA and will likely result in continued disclosures of personal information without consent by organizations to police and to other law enforcement agencies in the absence of a court order.

Given this issue, the Privacy Commissioner recommended that the definition of “lawful authority” for purposes of sections like proposed section 44 in this bill be amended to clarify that individuals should still enjoy a reasonable expectation of privacy.

In the Privacy Commissioner's submission on Bill C-11 in May 2021, the Privacy Commissioner said:

Beyond transparency, clarity is also required with respect to the impact of the 2014 R v. Spencer decision with respect to when the state can obtain personal information via warrantless access. When Bill S-4 was before Parliament, the OPC recommended that:

a legal framework, based on the Spencer decision, is needed to provide clarity and guidance to help organizations comply with PIPEDA and ensure that state authorities respect the Supreme Court of Canada's decision. Such a framework would provide Canadians with greater transparency about private sector disclosures of their personal information to state agencies.

The Privacy Commissioner went on to state:

The ambiguity with respect to the meaning of “lawful authority” that existed in PIPEDA remains in the CPPA, as evidenced by companies' continued disclosures of personal information without consent to police and other law enforcement agencies absent a court order.

As such, we reiterate and update for Bill C-11—

At the time, that's what he was dealing with.

—a recommendation previously made in our 2015 submission to Parliament on Bill S-4, that a clarifying provision be introduced that defines lawful authority for the purposes of section 44. This provision would make clear that discretionary disclosures to law enforcement following a request should be permissible only where there are exigent circumstances, pursuant to a reasonable law other than section 44 of the CPPA, or in prescribed circumstances where personal information would not attract a reasonable expectation of privacy.

Recommendation 19: That a definition clarifying the meaning of “lawful authority” for the purposes of section 44 be introduced.

It wasn't. In his submission for this bill, on April 26, 2023, the Privacy Commissioner again proposed recommendation 19: “That a definition clarifying the meaning of 'lawful authority' for the purposes of section 44 be introduced” in this bill.

This amendment follows on the recommendations of the Privacy Commissioner on numerous occasions to “make clear that discretionary disclosures to law enforcement...should be permissible only where there are exigent circumstances, pursuant to a reasonable law other than section 44 of the CPPA, or in prescribed circumstances where personal information would not attract a reasonable expectation of privacy.”

That's by way of introduction. I haven't read the actual amendment, which is fairly short, but I know the witnesses have read it.

Do you agree with the Privacy Commissioner that this needs to be added to this bill, that we need to add a definition in the definitions section for “lawful authority”, which is a term used frequently throughout this legislation?

Madam Speaker, on September 19, Bill C-354, an act to amend the Canadian Radio-television and Telecommunications Commission Act regarding the cultural specificity of Quebec and the Francophonie was tabled and read for the first time. From the outset, I would like to thank the member for La Pointe-de-l'Île for giving me the opportunity to reiterate our government's commitment to supporting the French language.

Bill C-354 aims to amend the Canadian Radio-television and Telecommunications Commission Act, and this is closely tied to the government's ongoing work to ensure a broadcasting system in Canada that reflects the evolution of our digital world and in which all Canadians, including Quebeckers and members of the Canadian Francophonie, see themselves represented. In fact, closely linked is an understatement. The government's efforts have already been going very much in the same direction as the objective of this bill.

On February 2, 2022, our government introduced Bill C-11, aimed at reforming the Broadcasting Act so that Canadian laws reflect the evolution of our digital world. The latter aimed to clarify that online broadcasting services fall under the act, to ensure that the CRTC has the appropriate tools, to encourage greater diversity and inclusion in the broadcasting sector and to better reflect Canadian society.

The legislative process surrounding Bill C-11 took a very long time. Indeed, one year to the day passed between the initial tabling of the bill in the House and its adoption at third reading by the Senate. Both the Standing Committee on Canadian Heritage and the Standing Senate Committee on Transport and Communications spent many hours dissecting, analyzing, hearing from witnesses and refining Bill C-11. During the same legislative process, several modifications were made to Bill C-11 to strengthen the commitment to the French language and official language minority communities.

The Broadcasting Act, as recently amended, put in place new guarantees to ensure continued support for the production and broadcast of original French-language productions, the majority of which are produced in the province of Quebec. What is more, the CRTC is required to interpret the Broadcasting Act in a manner that respects the Government of Canada's commitment to promoting the vitality of Canada's French-speaking and English-speaking minorities and supporting their development. Added to this is the fact that the act provides that regulations must take into account regional concerns and needs. It should also be noted that the government is already actively consulting the provinces and territories, particularly when it comes to broadcasting.

At each stage of the process surrounding the implementation of the Online Streaming Act, the provinces and territories were consulted. In particular, the government consulted its provincial and territorial counterparts as part of the consultations related to the decree of instructions proposed to the CRTC concerning the implementation of the law.

The final decree also contains various instructions to support the official languages of Canada and official language minority communities. The decree recognizes, among other things, the minority nature of the French language in Canada and North America and the fact that the broadcasting system should promote the development of Canada's official language minority communities and promote full recognition and use of French and English in Canadian society. A section was even added to the final version of the decree to support the creation and availability of programming in French.

In addition, for its part, the CRTC has published a road map describing the main stages of the implementation of the act and is already actively consulting the public. It should be noted that as an administrative tribunal, the CRTC already holds in-depth consultations before making decisions under the rules of practice and procedure that it adopted in order to respect the principles of procedural fairness and of natural justice incumbent upon it. Provinces and territories have the opportunity to participate in CRTC consultations. To this end, the provinces and territories, including Quebec, can already present observations to the CRTC on issues of provincial interest during hearings and consultations.

It is important to specify that the Government of Quebec has the right and already uses its right to intervene in the CRTC's consultative processes. The Broadcasting Act provides for three forms of consultation, depending on the decisions it is considering. They are, in no particular order, one, with official language minority communities on any decision likely to have a detrimental effect on them; two, with CBC/Radio-Canada on its conditions of services; and three, with any interested party for decisions regarding conditions of services. The latter is an open consultation, where provinces and territories and, in fact, any interested intervenor can put forward their opinions and concerns.

In other words, the addition of the consultation obligation provided for by Bill C-354 could raise concerns that are being addressed in the course of the work of the CRTC and under the requirements of the Broadcasting Act. An obligation for the CRTC to consult elected provincial governments could also have an impact on public confidence and the independence of the CRTC. It is important that we are all mindful of not just the independence of the CRTC but the importance of that independence.

As outlined, “The CRTC is an administrative tribunal that regulates and supervises broadcasting and telecommunications in the public interest. [It is] dedicated to ensuring that Canadians have access to a world-class communication system that promotes innovation and enriches [the] lives [of Canadians].”

Further to this, under the section of the CRTC's own website entitled “We listen and collaborate”, it states that, in order to “fulfill [its] mandate, [it] must understand the needs and interests of Canadians who make use of broadcasting and telecommunications services.”

In conclusion, the government supports and will continue to support the French language. The Online Streaming Act and the act to amend the Official Languages Act are concrete examples of our commitment to the French language. Once more, the government regularly consults the provinces and territories, including Quebec.

The minister has consulted her counterparts on numerous occasions when it comes to regulating the broadcasting sector. The government will welcome any questions from members regarding Bill C-354 as the debate on this legislation continues.

I'm going to turn to the other witnesses now.

Did any of you participate in the consultations on Bill C-11 or the bill the committee is currently studying, Bill C-27? Please nod your head if you did.

I see that no one was consulted. All right.

In light of what we've seen since we began our study a few weeks ago, no one seems to have been consulted, but the Minister of Innovation, Science and Industry says that 300 individuals and organizations were consulted after the bill was introduced. I'd like to find those individuals and organizations. I don't know where they are.

In a moment, I'll be giving notice of a motion, but I'd like to ask you a question, first, Ms. Piovesan.

Mr. Balsillie appeared before the committee, and I'm sure you read his remarks. He likened the bill to a bucket that has holes. What witnesses have told us so far seems to suggest that the bucket basically has no bottom. That's what it seems like.

You talked about the fact that the committee has heard opposing views from witnesses. Take the tribunal, for instance. Some suggested getting rid of it because we didn't need it, while others argued the opposite, that having a tribunal in the sector was important.

Given how far apart on the spectrum people's views are, do you think the bill should have been split from the beginning? We've heard from the start that the bill is almost monstrous, that it's too big, that the privacy piece and the AI piece should have been dealt with separately.

What do you think?

Thank you, Mr. Chair.

Thank you to the witnesses as well.

Today's discussion is fascinating. I am very interested in what you have to say.

Ms. Piovesan, if I understood correctly, you helped draft Bill C-11, the predecessor to the bill before us today, Bill C-27.