Bill C-26 (Historical)

Madam Speaker, I am not really sure how we get these types of critical remarks coming from the opposite side of the House given that in my speech I gave very tangible examples of two agencies that have been set up and some pretty significant investments that have been made since 2018. The $4.8 billion for cybersecurity is no small amount. We are making investments and setting up the systems and tools.

I have been briefed, as a member of the procedure and House affairs committee, on our House of Commons cyber-infrastructure and cybersecurity. Although those briefings were in camera, I know full well that very strong and resilient systems have been set up to identify and neutralize threats ahead of time to ensure our critical infrastructure in the House of Commons is protected. I think that extends right across Canada with the work that our government has been doing.

Madam Speaker, I want to take a moment to apologize to the interpreters for when I completely forgot my headset previously. I am not feeling my best, and I am obviously not on my game.

I want to thank my colleague for his intervention today. It was very interesting. I agree with my colleagues from the Conservative Party that we are very late to the game, but I think it is vital that we get it right. It is just so important that we do that balance.

One of the concerns we are hearing from the stakeholders we have spoken to is that this bill has orders that will be exempt from the Statutory Instruments Act. Therefore, it would be unable to be reviewed under scrutiny at the regulations committee. Could the member speak to why the government made that decision?

Madam Speaker, as I am not sure of the specific details the member opposite is referring to in her question, I would have to say, in good faith, that I will get back to her on that after doing a bit more research on why that decision was made.

What I can tell her is that the key provisions in this act really do further the overall objectives of protecting our critical infrastructure. It specifically adds to the Telecommunications Act the objective of the “promotion of the security of the Canadian telecommunications system as an objective of the Canadian telecommunications policy and to”—

I must interrupt the hon. member. We are way over time.

Resuming debate, the hon. parliamentary secretary to the government House leader, Senate, has the floor.

Madam Speaker, I thank the member for Whitby for sharing his time with me.

It is very important that we talk about such an important piece of legislation that has been brought forward, Bill C-26. The reality is that the changes in technology are happening so incredibly quickly. At times, it seems a daunting task to keep up with them and to make sure that we are always ahead of those actors out there, whether state or non-state, who are trying to engage in activities that could seriously cripple our economy or other aspects of society in Canada.

It seems as though it was just yesterday that we did not have the Internet. I remember vividly when I signed up for my first Internet connection, a dial-up connection, and having access to the Internet. That was when I was a computer engineering student at a local college in Kingston back in 1995 or 1996. Downloading something as simple as a single image sometimes would take two or three minutes to get the full image on the screen.

Madam Speaker, it was not an image of the member opposite who is asking.

The point here is that things are evolving so quickly, and we have come so far in such a short period of time in terms of our ability to utilize, perfect and, for lack of a better term, exploit everything that the Internet has to offer. We have seen it change commerce. We have seen it change how we engage with each other. We have seen it change just about every aspect of our lives. Unfortunately, with that comes new opportunity for people to try to affect what we do in our day-to-day lives. They are trying new forms of fraud, theft, harassment, intimidation and influencing elections, which are all nefarious manners in which people are trying to now utilize the Internet.

Of course, cybersecurity is a huge part of any government operation now, and every government should be seized with doing everything it can to secure it, because when we think about it, everything is connected. There could be a cyber-attack on a utility company, on a functioning parliament, a democracy. There could be an attack on just about every aspect of our lives, and it is critical that we have legislation in place to ensure that we can properly safeguard those things.

I have heard individuals in the House, and in the last two questions, one from the Conservatives and one from the NDP, suggesting that this is taking way too long and that we are behind other countries. I would caution members on that and suggest that it is not entirely accurate. For example, the United Kingdom has a very similar bill to this one that is being studied right now by its members of Parliament, a Conservative government, I might add. They are going through the exact same process as we are now. I think it is always easy to say, and it is one of the things we hear quite a bit from opposition parties, why is this taking so long?

I have my own opinion on why things take so long in this House, but the reality is that I do not believe we are significantly trailing behind other countries. Yes, some countries have done more than us. I am not going to disagree with that, but I disagree that we are significantly behind. I will come back to the United Kingdom where a Conservative government has introduced a very similar piece of legislation to what we have. This brings me to the legislation that we are debating today.

This bill has two primary parts to it. The first part would amend the Telecommunications Act to add the objective of the promotion of cybersecurity of the Canadian telecommunications system to Canadian telecommunications policy.

It also authorizes the Governor in Council and the Minister of Industry to direct telecommunications service providers to secure the Canadian telecommunications system. I think that is incredibly important. In this process, we have to remember that a huge part of what we need to do is work with private partners and the various telecommunications services that are out there. We need, from a policy or government perspective, to put in place some of the things that they need to do.

The reality is that in a competitive business environment where various different telecommunications companies are fighting to be more competitive and more efficient to maximize profit, which we all appreciate is important in the capitalist environment we live in, we have to respect the fact that in order to ensure that some of these safeguards are in place, we are going to need to make sure that the legislation is there to make sure companies are doing what they need to be doing to create those safeguards. Otherwise, it might not happen to the degree it needs to because of the nature of the competitive environment they are in.

The other aspect of this bill is that it enacts the critical cyber systems protection act to provide a framework for the protection of critical cyber systems that are vital to national security and public safety. Of course, this is key because this is what everything else is built on in terms of our national security and the systems that we have. We need to make sure we can properly safeguard those. In that regard, it authorizes the Governor in Council to designate any service or system as a vital service or vital system. Just think about that.

When I was in college studying computer engineering and I went to get my first dial-up connection, who would have thought that a mere 25 years later we would be talking about designating some of these services as being vital to national security or public safety? The reality is that is where we are now. As we rely so heavily on these systems, we rely so heavily on ensuring that we have the systems in place that we do in order to protect our security as it relates to cyber-threats.

I appreciate the opportunity to talk about this very important piece of legislation. I get the sense it is being widely supported in the House. I hope we can move this along so we can get to the next steps, continue to move forward and get what we need into place in order to properly protect our cyber systems from a security perspective.

Madam Speaker, I thank my colleague from Kingston and the Islands for his speech, which was informative as always.

However, I would like to know how this bill will enhance public trust in the Internet. What mechanism in Bill C‑26 will help guarantee public trust?

Madam Speaker, as I said in my speech, one of the things the bill does is it specifically directs what the various telecommunications providers need to do in order to maintain that security. That is what we do from a policy perspective. We establish what those requirements are that are required of the telecommunications systems in order to ensure that security is there. What we will see coming out of this is that the telecommunications systems, in a unified fashion, will promote these particular policies and safeguards that will be put through those directives.

Madam Speaker, one of the things that has become very clear, particularly since the Russian invasion of Ukraine, is how destabilized our world is and how many bad actors are out there at the state level trying to undermine democracy.

My concern is about the ability of the federal government to withstand cyber-attacks. Earlier today, I talked about 2011 when actors out of China were able to shut down finance and the Treasury Board for days on end with relentless attacks. With the amount of financial information for Canadians that is in those departments, that is very serious.

We know that in the immigration department, which has turned into an absolute nightmare for anybody trying to navigate it, the system is breaking down. Staff in the department cannot access information files because the system is not up to speed. This will require a major investment to protect people, but also to deal with dark forces, whether they are Russians, the Chinese or any other non-state actor.

Has the government put in a credible plan to ensure we get our federal systems up to speed to be able to withstand hackers?

Madam Speaker, this is the basic fundamental principle to having our full and complete autonomy over our nation.

We need to ensure that these systems are secure—

Order. The hon. member's microphone is causing an audio problem that is interfering with the interpreter's audio.

I apologize, Madam Speaker. It is not my first day. I should not have let that happen. I apologize to the interpretation staff, through you.

Getting back to what I was saying, in order to maintain that autonomy which we must have as a country, we need to make sure that the proper investments are in place to do that. The member indicated there would need to be a major investment. My own personal perspective is that we should spare no expense to ensure that security is absolutely robust.

Will there be penetrations or will there be times when it might be challenging to maintain that? Yes, but we learn from those. With regard to his example from 2011, I believe we learned from that and we made our systems even better as a result.

Madam Speaker, I can attest that this is not the gentleman's first day. It seems like I have spent a year staring into his eyes here.

In the legislation, there is a fair bit of gray area with respect to definitions. Will the government be releasing additional information on such undefined terms as “cyber- incidents”?