Sure. Thanks, Chair.
You're right, I was getting a little bit off topic there.
I'll tell you, it's easy to be passionate about the billions of dollars in economic impact that my people have—the people I'm proud to represent. It's billions of dollars that they have, yet, unfortunately, the Liberals seem to disregard that. They would toss it away for some dream that certainly is more of a dream than any reality, especially when we could be supplying our partners like Ukraine with clean, green Canadian natural resources.
When it comes to Bill C-26 and its relevance here on the Bill C-33 conversation, we have this connection that exists. Why I went down the path of talking about how proud I am of Canada's energy industry is that it's not always recognized how closely connected physical infrastructure and the security associated with that are to the cyber elements of how that works.
I would provide a local example, Chair.
A pipeline company just opened up a new control centre in Hardisty. This example is very relevant to both the physical infrastructure that Bill C-33 represents and the reference that it has to cybersecurity, which is referenced in Bill C-26. There's this close connection that exists. We cannot dismiss that. It goes further when it comes to our rail systems. It's not out of the realm of possibility to see how there's that close connection that exists between the cyber and physical security side of things.
If we don't see Bill C-26 addressing those things appropriately, if it's not responsive to the economic needs, if it doesn't take into account the privacy concerns of Canadians, if it gives too much power to a few individuals in our nation's capital who may not be responsive, or if, likewise, when it comes to Bill C-33 there's not this appropriate delegation of authority that takes into account.... I often refer to the word “tension” or what could be referred to as the Aristotelian mean. We have to find that correct tension or that mean place where we have that balance. I'm fearful that we simply don't get it when it comes to Bill C-26 and some of the elements that we have discussed at length, although most of the clauses have in fact passed.
There's been a change in who is in charge of the public safety file. I won't get into the host of criticisms that have been levelled by Conservatives against the ministers of public safety. They seem to come and go at an alarming rate.
I would, however, like to read from the Canadian Civil Liberties Association when it comes to some of the concerns surrounding Bill C-26. Then I will be happy to cede the floor to my colleagues, who I know have a tremendous amount to add to this conversation as well.
Although this letter is dated September 28, 2022, there's particular relevance to what we're discussing here today. It's written to the former minister and the leaders of the opposition parties, including Ms. May as the parliamentary leader of the Green Party. I think she's now co-leader of the Green Party.
It is titled, “Joint Letter of Concern regarding Bill C-26”, and I'll read it directly into the record, Mr. Chair:
Dear Minister,
We, the undersigned organizations, are writing to express our serious concerns regarding Bill C-26: An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts.
In your press release announcing this legislation, you were quoted as stating “In the 21st century, cyber security is national security.” We agree, and we share your goal of helping both the public and private sector better protect themselves against cyber attacks.
Isn't this very agreeable up until this point?
The Canadian Civil Liberties Association goes on to say:
However, in its current form, Bill C-26 is deeply problematic and needs fixing.
I would note—because the stickers on my iPad triggered certain members of this committee, I won't show you—that it's actually bolded. Those previous words are bolded because the CCLA wanted to make sure they were emphasized in the context of this conversation.
It says:
As drafted, it risks undermining our privacy rights, and the principles of accountable governance and judicial due process which are the fabric of Canadian democracy. The legislation needs to be substantively amended to ensure it delivers effective cybersecurity protections while safeguarding these essential democratic principles.
As you know, Bill C-26 grants the government sweeping new powers over vast swathes of the Canadian economy. We believe these powers need to be strictly delimited and accompanied by meaningful safeguards and reporting requirements to ensure Canadians can hold their government and security agencies to account.
Next, this is in bold again, Mr. Chair, and I reference that because it's obvious that the CCLA wanted to ensure that this was emphasized:
Put simply, with great power must come great accountability.
With a view to improving this legislation, we share with you the following specific areas of concern:
Opens the door to new surveillance obligations: Bill C-26 empowers the government to secretly order telecom providers “to do anything or refrain from doing anything.” This opens the door to imposing surveillance obligations on private companies, and to other risks such as weakened encryption standards—something the public has long rejected as inconsistent with our privacy rights.
Termination of essential services: Under Bill C-26, the government can bar a person or company from being able to receive specific services, and bar any company from offering these services to others, by secret government order. This opens the door to Canadian companies or individuals being cut off from essential services without explanation. Bill C-26 fails to set out any explicit regime, such as an independent regulator with robust powers, for dealing with the collateral impacts of government Security Orders.
It goes on to mention that it:
Undermines privacy: Bill C-26 empowers the government to collect broad categories of information from designated operators, within any time and subject to any conditions. This may enable the government to obtain identifiable and de-identified personal information and subsequently distribute it to domestic, and perhaps foreign, organizations.
I would just note, Chair, that when it comes to the de-identified side of things, that's often an excuse that gets used. I know from my role on the ethics committee that we had a study that was undertaken when it was learned that the government had purchased a huge amount of data on movements during the COVID-19 pandemic. Although it was claimed to be de-identified, there were massive question marks associated with the amount of data the government received. I know that there was an overwhelming amount of concern that I certainly heard.
A number of people reached out to us when they did not hear back from Liberal members of the committee who didn't echo some of the concerns about how much information was being gathered: things like people knowing that the government could determine when people were going to the grocery store and liquor stores and other things. Certainly, in a free and democratic society, there were concerns about it. It was unclear. Canadians are pretty trusting, but they want to be respected. I talk about that tension or that Aristotelian mean that needs to be found, and I fear that this government has pulled that tension totally out of whack.
However, I digress. I will get back to what the CCLA has to say.
It goes on to say that there are “No guardrails to constrain abuse”.
Bill C-26 lacks mandatory proportionality, privacy, or equity assessments, or other guardrails, to constrain abuse of the new powers it grants the government — powers accompanied by steep fines or even imprisonment for non-compliance. These orders apply both to telecommunications companies, and to a wide range of other federally-regulated companies and agencies designated under the Critical Cyber Systems Protection Act.... Prosecutions can be launched in respect of alleged violations of Security Orders which happened up to three years in the past.
I would just note that in a late show that I was a part of yesterday—and I know that my colleague was actually there, too—I was shocked that the parliamentary secretary from Winnipeg North talked in support of a policy that actually sent farmers to prison. Now, I wouldn't want to go off topic here, so I won't get into the conversation around the Wheat Board, but my goodness, how concerning is it that the government would support policies that threw farmers into prison for wanting to sell their grain without the government controlling it? It is unbelievable that that's the point that these Liberals would go to, and that they still support it even after it was very clear that Canadians and farmers wanted the ability to sell their grain without the government controlling them. Truly it was an unbelievable level of control, which was specifically targeted at the west. It's quite something to have heard, and I'm sure my colleague here would agree with me that it was unbelievable to hear that be brought up in conversation in the House of Commons yesterday, that they would prefer to throw farmers in prison than to have a legitimate conversation around the impacts of, in that case, the carbon tax.