Bill C-27

Thank you, Mr. Chair.

Mr. Balsillie, you discussed the difficult interoperability with Europe in the context of Bill C‑27. Could you be more specific on that subject?

That's very interesting. Thank you.

Ms. Fortin LeFaivre, do you think that Bill C‑27 should align with Quebec's legislation and that the latter should prevail?

As an ethicist, I am very happy to hear you refer to norms and values that must be in harmony in order to create this act, which would be exemplary.

You've previously spoken out about the fact that political parties aren't subject to Bill C‑27. Would you please clarify that view a little further?

Thank you very much.

Mr. Balsillie, what do you think the foreseeable effects of Bill C‑27 will be based on jurisdictions and, in particular, in comparison to Quebec's Bill 25?

Mr. Balsillie, I had the pleasure of sitting with you when Mr. Breton, the European commissioner, was here. I believe it was last year or something like that. I think we were talking somewhat about the issues that we're talking about today.

The Europeans have been the first movers on a lot of aspects of the new economy or industrial revolution 4.0 or 5.0—whichever clichéd term we want to use. You have brought your views here in terms of what you think is wrong and why. I respect that, of course. We all do.

In terms of what Bill C-27 intends to do in relation to the modernization of privacy and how we deal with privacy and AI, are there aspects of the bill where we are going in the right direction? Is it just absolutely going in the completely wrong direction?

Okay.

I would like to follow up. I believe the CMA commented that it enabled small and medium-sized businesses to compete in the global economy through Bill C-27 as it is. Can you elaborate on that? Bill C-27 is a pretty in-depth bill. I almost wish I had gone to law school to understand most of it, but we're trying to get through it. Could you comment on that aspect quickly?

Then I have a follow-up question for Mr. Balsillie, if I have time.

Thank you, Mr. Chair.

Welcome, everyone.

Bill C-27 is a very important bill for consumers, for individuals and for businesses, both domestically and internationally. One of the things I've been able to glean just from the testimony today is the regulatory alignment that's needed between us and other jurisdictions, and also that we in Canada benefit, sometimes, from what's called a fiscal federation. Sometimes the provinces move first, and sometimes we do, but we need to be on the same page due to the importance of the material here.

This is for the Canadian Bankers Association.

In 2018, I was part of the finance committee when we did the statutory review on money laundering and terrorist financing. “Moving Canada Forward” was a report that we issued in November 2018. You've raised some good things and some potential amendments and so forth with regard to the CPPA in relation to money laundering and terrorist financing. Can you comment on that and add any more colour that you wish to add in that vein?

I call this meeting to order.

Good afternoon, everyone.

Welcome to meeting No. 93 of the House of Commons Standing Committee on Industry and Technology.

Today's meeting is taking place in a hybrid format, pursuant to the standing orders.

Pursuant to the order of reference of Monday, April 24, 2023, the committee is resuming consideration of Bill C‑27, An Act to Enact the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act and the Artificial Intelligence and Data Act and to make consequential and related amendments to other acts.

I would like to welcome our many witnesses today and also apologize for the brief delay caused by votes in the house.

Today we welcome, from the Canadian Bankers Association, Lorraine Krugel, who is vice president, privacy and data.

From the Canadian Labour Congress, we have Siobhán Vipond, who is executive vice-president, and Chris Roberts, director, social and economic policy. From the Centre for Digital Rights, we have its founder, Jim Balsillie. From the Financial Data and Technology Association of North America, Steve Boms is with us via video conference.

From the Canadian Marketing Association, we have Sara Clodman, vice president, public affairs and thought leadership, and David Elder, head of privacy and data protection group, Stikeman Elliott LL. Lastly, we have, from the Canadian Chamber of Commerce, Catherine Fortin LeFaivre, who is vice president, strategic policy and global partnerships, and Ulrike Bahr-Gedalia, senior director, digital economy, technology and innovation.

So we have a lot of witnesses with us today. Once again, I thank you for being here.

I would also inform my member colleagues that the meeting will adjourn at 6:00 p.m. today. Please bear that in mind.

Without further ado, I give the floor to Ms. Krugel for five minutes.

Thank you, Mr. Chair.

We've had some meaningful discussions. However, I'm wondering whether this committee will really have the will or capacity to move quickly and help get this bill passed. To be honest, I even wonder if the government really wants to get Bill C‑27 passed at this point, in the context of this legislature.

Having said that, I feel like asking you some questions, Dr. McPhail.

In your publications, you put a great deal of emphasis on developing responsible artificial intelligence and transparent governance of artificial intelligence.

Because the rapid development of technology poses significant data security and privacy challenges, what are your thoughts on establishing a technological sandbox that would isolate emerging technologies in a separate environment, with a view to assessing their compliance with privacy standards before they are made available to the public?

Thank you, Mr. Chair.

My question is for Mr. Krishnamurthy.

You wrote an article in May 2022 called “With Great (Computing) Power Comes Great (Human Rights) Responsibility: Cloud Computing and Human Rights”—great title, I might add. In the article, you stated that the human rights impacts of cloud computing have not been studied to nearly the same extent as newer technologies that are powered by the cloud. Can you expand on this in relation to Bill C-27, recognizing privacy as a human right?

Thank you, Mr. Chair.

Dr. Geist, I'd like us to discuss the data the government collects.

Is this something we should be concerned about? Do people feel that the public and private sectors are equally subject to the provisions of Bill C‑27? Should we feel reassured? Is our data adequately protected, given what the various levels of government do with it?

Thank you, Mr. Chair.

Thank you to our witnesses here today.

I'm somewhat concerned about this bad bill before us today.

With Bill C-11, the Government of Canada had an opportunity to enshrine the fundamental right to privacy for children, to define what a minor is, to define perhaps an age of consent and do a whole bunch of stuff to ensure that children were protected. That bill died on the Order Paper.

Then, we had Bill C-27 when this Parliament opened up again. The minister again had an opportunity to enshrine the fundamental right for children to protect their privacy in some of the actions they may take online. Then the government had the opportunity to define what sensitive information is—likely in the context of a child. They had an opportunity to define what a socially beneficial purpose was in the context of a child.

The minister came before us a few weeks ago. He said, “I have this bill. It's going to do so much work to protect children, but we have to amend it.” Then we had to put a motion forward to get a copy of those amendments. We're here today. I am not going to relent on this until we have more clarification and I hear from as many witnesses as possible to ensure that children's rights are protected.

My question is open-ended. I'll start with you, Mr. Geist. What clauses of the bill do you believe need to be amended to ensure that a child's fundamental right to privacy and their online actions are not used in a way that will compromise them as adults, or at a future period of time in their life?

Thank you very much.

With respect to the shortcomings of the Canadian law, in an article entitled “What political parties know about you”, one thing you talk about is the factors affecting how political parties, MPs or independent candidates protect the personal information of Canadians that they may have in their possession. In the current context, Bill C‑27 makes no mention of protection of this kind.

Is the government falling short of protecting voter data and perhaps moving forward in the quest for open and transparent governance?

Do you think Canada should follow Quebec's lead and subject federal parties to the same privacy standards as organizations?

Thank you, Mr. Chair.

I'd like to thank all the witnesses.

Mr. Bennett, in your February 12, 2021, submission to the public consultations on Bill C‑11, you distinguished between the concepts of interoperability and harmonization. I believe this is particularly germane to the subject before us, because these two concepts can be confused. You showed the difference between the two with an example I'd like to quote:

For instance, the processes for doing PIAs should be interoperable between the federal government and the provinces. If an organization does a PIA under the authority of one law, it may need the assurance that the PIA will also be acceptable in another jurisdiction. But that does not necessarily mean the harmonization or convergence of rules.

First, can you provide us with a definition of these two distinct concepts?

Second, can you tell us whether the provisions of Bill C‑27 promote the interoperability of processes among the various levels of government or rather the harmonization of rules?

Good afternoon, everyone. I call this meeting to order.

Welcome to meeting no. 92 of the House of Commons Standing Committee on Industry and Technology.

Today's meeting is taking place in a hybrid format, pursuant to the standing orders.

Pursuant to the order of reference of Monday, April 24, 2023, the committee is resuming consideration of Bill C-27, An Act to Enact the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act and the Artificial Intelligence and Data Act and to make consequential and related amendments to other acts.

I'd like to welcome our witnesses today and also apologize for the brief delay caused by a vote in the House.

Joining us today are Colin J. Bennett, professor; Dr. Michael Geist, professor of law and Canada research chair in Internet and e‑commerce law; Vivek Krishnamurthy, associate professor of law at University of Colorado Law School; Dr. Brenda McPhail, acting executive director of the public policy in digital society program; and lastly, Teresa Scassa, Canada research chair in information law and policy, Faculty of Law, Common Law Section, University of Ottawa.

I'd like to welcome you all.

We'll begin the discussion without further ado.

Mr. Bennett has the floor for five minutes.

Mr. Speaker, today, we are debating Bill 34, an act to amend the Investment Canada Act, at report stage. We are dealing with a new amendment to this bill from the Conservative side of the House, as well as some housekeeping amendments from the government side.

To make sure everybody watching understands what the Investment Canada Act is about, it deals with the acquisition of Canadian companies by foreign entities: companies and governments that come to Canada to try to acquire our businesses. There is a government process, through Investment Canada, that these entities need to go through with the Minister of Innovation, Science and Industry and cabinet. Through the bill before us, cabinet would be removed from the process. I will speak to this in a moment.

Wayne Gretzky, whom I know everybody here admires, said, “You miss 100% of the shots you don't take”, and this bill fits that description. While it would make administrative amendments and speed up the process a little, it missed the opportunity to look at what is happening in the Canadian economy and deal with the increasing acquisitions of assets and businesses of various sizes, from small businesses worth a few million dollars up to minerals rights and large corporations, by states that are hostile to us. As has been said before, it has been 14 years since the act was amended. A lot has changed in the world, in particular around the way that state-owned enterprises have become extraterritorial in taking over companies around the world for their own economic interests. The Conservatives' challenge with the bill is that it thinks small. It did not use this opportunity to take a shot on net and score a goal by recognizing the change in the global economy and what is happening with the outright sales of Canadian businesses and assets to hostile states.

The minister is the minister of broken bills, which is why we are having to make more amendments to this one. On his other bill, Bill C-27, after a year and a half, he has had to make amendments. Perhaps if he had spent more time here in Canada understanding what was going on, he might have produced better legislation. The Liberals missed the chance to think big and understand what is going on in our economy. What is going on in our economy is what I call the Chinese government cold war. We are in a new cold war. It is not one of bombs and the military in that sense; it is the silent takeover of the economic assets of other countries. This is how China is gaining influence all around the world. We all know about the election interference issues, but those things are perhaps a little more obvious than this is to Canadians, this creeping strategic control by the Communist Party of China of Canada's assets and those of other countries. Other countries have put mechanisms in place within their investment acts to recognize this and prevent it. The bill, as it was introduced in the House and debated at second reading, did not contain any of that.

Small businesses in my riding, such as lobster buyers, are $2-million businesses being bought for $10 million by China. The Chinese government owns a number of lobster businesses in my riding. It is how it is getting control of our seafood assets behind the door. It is doing the same in agriculture. It is buying land and farms in western Canada and mineral rights in our land. It is buying more obvious things, which I will speak to. It is buying companies like the only producing lithium mine in Canada. Therefore, Bill 34 missed a lot and would just make small administrative changes.

The Communist Party of China cold war's being ignored in Canada might be out of incompetence, but it also could be the case, as we know, that the Prime Minister believes that China is his most admired country, so maybe it is more strategic. Let us take a look at the Liberal government's record on this issue.

In 2017, the Liberal government allowed a telecom company from B.C. called Norsat to be acquired by a company called Hytera, which is Chinese-based. Hytera does not make any money. Conservatives demanded, at the time, a full national security review. The Liberal minister of the day refused to do one and approved the acquisition. Lo and behold, in 2022, Hytera was charged with 21 counts of espionage in the United States and was banned from doing business there, but only eight months later, the RCMP in Canada, shockingly, bought telecommunications equipment from Hytera to put in its communications system. When I asked the RCMP, at the industry committee, because it was in all the newspapers, whether its members were aware that eight months before, Hytera had done this and been banned in the U.S., the RCMP, shockingly, said no.

I referred earlier to the Tanco mine, our only producing lithium mine, which was bought by the Sinomine Resource Group, a Chinese-owned mining company. Every ounce of that lithium in our critical minerals industry goes to China.

The record on this is very awkward for the government to hear, but it is a growing concern. It did not take those things into consideration in drafting the bill before us, As a responsible opposition to His Majesty, the Conservatives proposed a number of amendments in committee, and thanks to the support of the other two opposition parties amidst the objections of the Liberals, we made some significant amendments. Those amendments include that with any state-owned enterprise from a country that does not have a bilateral trade relationship with Canada, the threshold for review by the Government of Canada would now be zero dollars. Any transaction over zero dollars would be reviewed, compared to the threshold now, which is $512 million. China is buying a lot of assets for under $512 million, and the threshold would now be zero. The same would apply for a new concept we added, which is that all asset sales would need to be included in that test with a state-owned enterprise.

Today, we are also taking this one step further by saying that the minister has made yet another error. That error was trying to consolidate all his power and ignore his cabinet colleagues. The bill would change the Investment Canada Act process that requires that at the beginning, when an acquisition is made, the minister take his recommendation on how far to go with a national security and net benefit review into a study. The bill before us says that he would not have to do that anymore and that he could decide on his own, that at the end of the process, whatever the results are, he would come back and say he will decide whether or not he goes to cabinet with the results.

Removing cabinet from the decision-making process would mean that we would not get the breadth of experience of people around the cabinet table and that we also would not get the breadth of experience from regional perspectives. For example, there have been companies bought in Quebec. If an industry minister is from Ontario and our public safety minister is from out west, they would make the decision on their own without any input from Quebec. I suspect that the Bloc Québécois would be opposed to that issue and would want to see Quebec representation in those decision-making processes, but the bill before us has the potential to eliminate that part of it.

We are proposing common sense Conservative amendments, as we did in committee. Thankfully we upped the ante of the bill and made it more than an administrative bill such that it would deal with the serious international challenges we had, through the four amendments that were accepted. By the way, there are two national tests in there. One is on national security and the other is on the net benefit to Canada. Conservatives in committee added a third: if a company has been convicted of bribery or corruption, the minister would now have to take that into consideration in deciding whether to approve the acquisition. It would add much benefit, but, for some reason, Liberals did not think it was worthy when they voted against it.

We believe that Conservatives have improved the bill dramatically. We are trying to improve it again in the spirit of good public policy for Canada and protecting our economy against hostile interests, which the Liberals seem not to care about. I urge the House, including all members from the Bloc Québécois, the NDP and the government, to recognize that cabinet's decision-making process is essential to getting the full breadth of things, and I urge members to vote for our amendment.

Very good. Thank you.

I want to turn my attention to digital technology and Bill C-27.

One concern that's been raised is people worrying about deepfakes, this generative AI that will make anybody look like they're saying or doing things they didn't.

Did you provide any recommendations to the minister or do you have any thoughts on how to fix that?

Thank you, Mr. Chair.

Mr. Therrien, in the context of Bill C‑27 and, more specifically, in the context of artificial intelligence, I would like to hear your opinion on industry self-regulation standards. That is, I would say, the new approach that is being put forward, both in Europe and by Mr. Champagne as a temporary or transitional measure. Can we trust industry to regulate itself?

Bill C-27, in my humble view, is a groundbreaking piece of legislation. I'll use that term. I think it is groundbreaking in terms of the update it's providing to the act and to privacy.

Mr. Therrien, you're fully versed on privacy issues relating to Canadians. When I think of this bill and I think of my constituents back in the city of Vaughan in my riding of Vaughan—Woodbridge, I would tell them how their privacy is being protected and not being protected on a very granular basis. I would use layman's terms. What would you tell me to tell them in terms of your view of BillC-27?

Thank you very much.

Mr. Therrien, Bill C‑27 emphasizes the need for informed consent by devoting an entire section to it. However, we have seen the rise of platforms favouring the use of opt-out formulas. These are the famous opt-out rather than opt‑in options. In your opinion, does this bill do enough to protect users of digital platforms from the pitfalls of these opt-out formulas?

In another connection, Bill C‑27 obviously raises the issue of the precedence of Quebec's recently updated private sector privacy legislation. As you know, Minister Champagne has made public a letter he sent to members of our committee to clarify the federal government's position in this regard. He acknowledges that the provisions of the Quebec legislation are essentially similar to those of the federal bill, and that they can take precedence. Do you agree with this analysis?

Could you give us your opinion on the measures that Bill C‑27 provides in terms of data protection?

—and Bill C-27 was tabled.

Did either of those bills reflect the advice you gave them?

Obviously not, since you asked for a number of errors to be...but did they reflect the desire to have fundamental right included in the bill?

I call the meeting to order.

Good afternoon. Welcome to meeting number 91 of the House of Commons Standing Committee on Industry and Technology.

Today's meeting is taking place in a hybrid format, as per the rules. Pursuant to the order of reference of Monday, April 24, 2023, the committee is resuming its study of Bill C‑27, an act to enact the consumer privacy protection act, the personal information and data protection tribunal act and the artificial intelligence and data act and to make consequential and related amendments to other acts.

I would like to welcome our witnesses today. We have, appearing as individuals, David Fraser, partner at McInnes Cooper; Éloïse Gratton, partner and national leader, privacy and data protection, at BLG, who is joining us by video conference; and Daniel Therrien, lawyer and former Privacy Commissioner of Canada. Ms. Gratton was my professor at Université de Montréal for a short time, so it's nice to see her again. Finally, from the Canadian Anonymization Network, we have Adam Kardash, partner, and Khaled El Emam, professor, both joining us by video conference.

Thank you all for being here today.

We are fortunate to have this panel for our study of Bill C‑27, so without further ado, I will turn the floor over to Mr. Fraser for five minutes.

Mr. Speaker, as this is the first time I rise in the chamber with you at the helm, I want to say congratulations for all the work you have done in Parliament as a parliamentary secretary and also for your tenure as Speaker in this chamber.

I am glad to speak on this motion, Motion No. 79, from the member for Elmwood—Transcona. I have affectionately referred to this bill as “ending Ottawa's entitlement to my entitlements” motion, because that is really what this is about. This is about the traditional gatekeepers in this facility who have kept the doors closed against many Canadians, at the same time protecting their self-interests. I will get into that a little bit later.

When prorogation was used by the Prime Minister, it could have been characterized as the “running to your mommy or daddy to protect you from the people around you” bill. They go running to the monarchy to beg for forgiveness. It was the Queen before and now it is the King. It is because “I can't handle it anymore. Please save me”. It is ridiculous. In a modern democracy we should not have to turn to our mommies and daddies as adults in this place. That is really what it is about. That is what has taken place with prorogation. It has been used to protect someone's own interests.

I think one of the biggest things that we want to see with this motion is greater accountability to the public so they understand the rules. At the end of the day, prorogation is about, “Well, I just simply don't have to do it anymore so the rules don't apply to me. I'll see you later.” I am sure a lot of Canadians can relate to that. They wish they could prorogue their laundry, their dishes or their awkward conversations with people who they do not want to be around, but they cannot. They have to deal with them.

It is sad because that is really what we are dealing with. I have seen this happen in the worst of circumstances with then prime minister Harper who did not want to deal with the House of Commons at that time and I have seen it with the current Prime Minister when he did not want to deal with the WE scandal, for example. It is a very serious issue, as it is a way of keeping privileges and entitlements. I was thinking about gatekeeping this morning and about protecting entitlements. There is the protection of the entitlements one gets as a prime minister with all the perks. For my Conservative friends, there are the perks of keeping Stornoway and all the privileges there. By the way, Stornoway does have a gate, because it protects the gardener, the butler, the person who is making the meals, and the $70,000-a-year budget. It has a history of being part of the entitlements that we need to get rid of.

I think that it is really important that people know that prorogation is unique and special at the workplace. People do not get to call a time out in a democracy, which is really what this is: I cannot get my act together. I cannot get my caucus together. I cannot do whatever and I get to call a time out. The problem with that is there are serious issues. One prorogation was over the documents of women and men and issues over Afghanistan. We have that legacy to this day. The devastation to individuals and what took place subsequently would have been shining spotlights on those things. The consequences are still felt now, because we have many Afghanistan men and women who served under our country's banner who are still in harm's way. Some still cannot even come to this country because we do not have our act together on that.

The legacy of prorogation goes beyond the moment of the day because all the stuff in the House of Commons ceases. Everything grinds to a halt, which costs money. To the parties who often champion their role of being the custodians of the public purse, the last unnecessary election sent another $630 million down the drain. A time when Harper did it resulted in a freeze of all of the House of Commons' operations, along with all of its work, worth hundreds of thousands of dollars in that year alone between the studies that would have been done, the people who were flown in for hearings, getting witnesses to come forward and producing reports. All the work that was done in the chamber and all the hours that go into moving bills were basically liquidated at that point in time.

Dozens and dozens of important bills were killed by the Conservatives and the Liberals; some bills had to go on to the next Parliament. That is where the real damage is done. The rest of the world does not get a time out or time off. People do not go running to mommy or daddy to try to figure things out. The world still goes on. The grinding of Parliament starts and the grinding of Senate follows. What that means is that we have to start over.

I cannot say how many of those bills dealt with social justice, women's rights, housing, the environment and the auto industry. They dealt with a number of things that we are trying to compete with in the world. If the Prime Minister, right now, chose to prorogue this Parliament, we would lose the GST rebate, a modest housing initiative and work on the Competition Bureau. They would all be gone.

In the committee I sit on, there are 96 witnesses and about 140 who want to work on Bill C-27, Canada's first bill on artificial intelligence. As the entire world is moving beyond us right now, that would be the real consequence. If an election is called because we have to bend a knee to the monarchy again in the system that we have because the Governor General can decide, we would be into another costly election. none of these bills could be brought back unless there was unanimous consent. On top of that, there would be months and months, if not more, perhaps almost a full year, to get back into order the work that would be gone.

That is critical if we are trying to compete with the rest of the world and world events are taking place, as they are now. My heart goes out to those who are suffering due to what is taking place. So many people are suffering. It is not just the wars, it is famine. Canadians are dealing with an opioid crisis. There is a whole series of issues on housing affordability and people cannot afford groceries. The Prime Minister of the day could basically say he is calling a time out, everyone can deal with it on their own and he will keep all of his privileges intact.

What is funny is when that happens, the Prime Minister's salary, the perks of the residence and everything else are not prorogued. They continue. What does not continue is the hard work that is necessary to improve lives. That is why the member for Elmwood—Transcona is onto something here. It is critical that he get some type of recognition because this issue has not gone away.

The member's father, the former member for Elmwood—Transcona, Bill Blaikie, would be proud of him today. I stood in this chamber with Bill Blaikie many times and listened to his statesman approach, which is missing in many respects, and his maturity in trying to work toward trying to better this place and establish some rules, which is the legacy that current member for Elmwood—Transcona is carrying on. That is what Bill often did in this place: He brought sense and logic to it.

At the end of the day, this motion is about creating a balance of rules. It does not end all the rules but improves upon them in taking a credible step forward. That is critical, because we just cannot have what we have today. Imagine if Parliament shut down tomorrow. What is at stake is our lost voices.

I want it to be clear that this is a reasonable, modest, sensible and practical approach to changing the rules. Conservatives and Liberals should think about this. I know they do not often end some of the privileges in this chamber because they think they can constantly switch back and forth. There will be a new day when they are not there and they will be wishing for this legislation, because all their constituents will need it, instead of the ego of the member who occupies the Prime Minister's seat.

With that, I move:

That the motion be amended by replacing the words, “(iii) in Standing Order 45(6)(a)”, by adding, after the words “An exception to this rule is”, the following: “the division on a confidence motion pursuant to Standing Order 53.2(9) and”, with the words, “(iii) in Standing Order 45(4)(b)”, by adding after paragraph (v), the following: “(vi) a confidence motion pursuant to Standing Order 53.2(9).”

These are housekeeping amendments to improve this bill and make it even stronger.

I'm not trying to give you ammunition to ask for even more funds, but I suspect that there's a lot of online activity and a lot of data being collected, and I suspect that it would be very challenging to try to monitor and detect any breaches of the obligations that would be in Bill C-27. With respect, I think you have your work cut out for you in the future. I don't envy you that, but I appreciate the work that will be undertaken.

Maybe I'll leave it there for the moment on that.

I have another question or two. On the flip side of this—and I think my colleague Mr. Van Bynen asked some questions about this—what are the risks in going too far? By “going too far”, I mean are there risks within this legislation and this debate we're having, such that we could go a step or two too far and impede all of the positive benefits Canadians are getting out of the use of these online tools?

The data that's collected has enhanced our lives in a lot of different ways. There's a sense in which there's that balancing act between innovation and privacy, which you've already talked about. I guess I want to know specifically whether you see any risks in going too far. We really have been talking from the other side, about not going far enough on privacy rights. If we go too far, we might also stifle innovation. Would you agree with that, and are there any risks to that?

Just as a thought experiment—because I'm sort of testing this in my mind—I'm sure there are cases of bad actors who are not forthright in fulfilling their obligations in certain instances. I guess what I'm asking is whether you have sufficient powers and tools to be able to really detect those nefarious activities where they may not, and intentionally may not, be living up to the obligations, even once Bill C-27 has passed?

Thanks, Commissioner.

There's some really great conversation today. I really appreciate all the questions and the positive engagement here. I think this is really good for this work and this legislation.

I want to get back to a line of questioning that I started on and didn't quite finish.

I sort of take it that Bill C-27 and the minister's letter, which provides details, introduce new obligations for organizations and companies. It's also giving your office and you new powers, which I think are both positive.

One of the questions that keep coming up for me when considering what work you'll have ahead, once we hopefully get this bill through and strengthened in many ways, is whether there is enough around detecting non-compliance. It seems to me that it must be hard to detect who is not complying with these additional obligations that are being introduced in Bill C-27.

Can you speak to how you'll undertake that? I know you mentioned it with the last question about additional resources needed. I'm certain that's part of it, but could you speak to how you'll detect non-compliance when it does occur?

Allow me to interrupt.

Among the eight recommendations that have clearly not been taken up by the minister so far, which are fundamental and should find their way into Bill C‑27?

Thank you. I appreciate that.

The other thing that often comes up for me is thinking about how companies often collect information. We've heard stories about Tim Hortons collecting the location information of users of its app. I think it's concerning for many Canadians—to be tracked and not know how that information is going to be used. How could Bill C-27 prevent that from happening in the future?

Commissioner, answer yes or no: Are you comfortable that Bill C-27—in not defining “legitimate interest” for businesses, as it currently stands—allows the government to make lists of activities and regulations that would balance businesses over the privacy of individuals?

Thank you, Chair.

Welcome, Commissioner.

Commissioner, on October 3, two or three weeks ago I guess it was, you provided keynote remarks to the Big Data & Analytics Montréal Summit 2023. I've had a chance to go through your remarks. In one of the sections, entitled “Law reform and the regulation of AI in Canada”, you reference changes to the CPPA and also to the AIDA. You also comment about being “encouraged by the introduction” of the bill and—I'll use my own words—the tone and direction of the bill. One of the comments you make is about the protection of fundamental privacy rights.

In terms of reading your speech on Bill C-27, the direction of the bill, you are encouraged.

I call this meeting to order.

Good afternoon, everyone.

Welcome to meeting number 90 of the House of Commons Standing Committee on Industry and Technology. Today’s meeting is taking place in a hybrid format, pursuant to the Standing Orders.

Pursuant to the order of reference of Monday, April 24, 2023, the committee is resuming consideration of Bill C‑27, An Act to enact the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act and the Artificial Intelligence and Data Act and to make consequential and related amendments to other Acts.

I’d like to welcome our witnesses today, from the Office of the Privacy Commissioner of Canada. First, we are hearing from Philippe Dufresne, Privacy Commissioner of Canada.

Thank you for joining us again today.

Next, we have Lara Ives, executive director, Policy, Research and Parliamentary Affairs Directorate, as well as Michael Maguire, director, Personal Information Protection and Electronic Documents Act, Compliance Directorate.

I thank all three of you for coming back. I'm confident that everything will go well today—I'm looking at my colleagues—and that we'll have a chance to have a normal meeting and benefit from your insights on Bill C‑27.

Without further ado, Mr. Dufresne, I'll give you the floor for five minutes.

Thank you, Mr. Chair.

When Minister Champagne was here, I asked him about Quebec's data protection law. In his letter, he mentions that a few provinces have privacy legislation that is substantially similar to PIPEDA, meaning that, in many circumstances, the provincial law applies instead of the federal law. The paragraph basically says that that will continue.

In the specific case of Quebec, it is anticipated that the designation of its provincial privacy regime as “substantially similar” will continue and that its law would apply instead of the consumer privacy protection act, or CPPA. I think that addresses the first issue related to law 25, which could indeed apply.

Currently, is a transition period anticipated? That's new information that came out the day after the minister appeared before the committee. Until Bill C‑27 is passed, will Quebec companies have some sort of transition period?

Thank you, Mr. Masse. I appreciate that consensus-building effort.

It's removing (a), (b), (d) and (e), and it orders the minister's department and the Department of Justice to produce draft texts of amendments to Bill C-27 as discussed by the minister on September 26, pertaining to part 1 of the bill, provided that these documents shall be deposited with the clerk of the committee in both official language no later than October 20, which is this Friday.

That is the amendment proposed by Mr. Masse.

Is that correct, Mr. Masse?

Thank you, Mr. Chair.

I think a number of messages have been conveyed throughout today's meeting. Obviously, we don't support the idea of gag orders. For the sake of credibility, it is paramount that the committee have this debate. This may be one of the most important debates of the next two decades. Bill C‑27's passage will have consequences that go beyond politics. That is why I would like us to begin examining its content as soon as possible.

However, I think the concerns raised by my Conservative and NDP colleagues are entirely legitimate. I urge the government members to provide the documents requested. I don't think we need a formal motion to obtain clarification. That would only delay what comes out of this work. Clarification and predictability, by the way, are keywords the minister uses to send the industry a message. That is the message we, as parliamentarians, need to hear. The industry needs to hear it, as do all the witnesses who come before the committee. I think the committee should receive the text of the amendments.

That said, I think the letter the minister sent is a worthwhile mea culpa. It recognizes aspects of his testimony that provide clarity, specifically in relation to the application of Quebec's law 25, which could take precedence over the Canadian data protection law. I encourage the committee to proceed with its work, and begin the study by hearing from witnesses.

Just to be clear, before we vote, we're debating the amendment by Mr. Masse to remove section (a) of the motion entirely and modify section (e) to order the minister to produce the three amendments he referenced in his presentation before the committee on September 26 pertaining to Part 1 of Bill C-27.

Are there any comments on the amendment proposed by Mr. Masse? I see none.

Madam Clerk, I will ask for a vote on the amendment proposed by Mr. Masse.

We have a tie. I'll vote against it.

(Amendment negatived: nays 6; yeas 5 [See Minutes of Proceedings])

MP Masse, if I'm hearing you right, section (e) starts out with “orders the Office of the Law Clerk and Parliamentary Counsel to produce copies of the texts”, and then instead of “of any amendments to Bill C-27”, it would read, “of the three privacy amendments”.

Thank you, Mr. Chair.

I'll be supporting the motion, but I have a couple of amendments.

Briefly, this is a train wreck for no reason. We had Bill C-27 tabled in the House of Commons. The reason it's tabled in the House of Commons and goes through first reading is so that we can have discussion and it can be publicly examined, not only by ordinary citizens but also by the groups that want to have input. That's why we have a process of debate. It took a long time to get out of the House, and it came here.

I won a prima facie case in the past because my ability as an MP was impeded by the actions of another government. It resulted in changes, to this day. This is how I view it: You had the minister come forward. He talked about amendments. There were going to be goals and objectives from those, which had to be clarified. After this was clarified, I had a point of privilege, and then it was admitted there weren't amendments. Government members went back to saying, “Tell me more about these amendments.” We're back to where we shouldn't have to be. I've heard nothing but shock from people who are interested in this bill. What is the government's agenda on this?

I think it is a fairly reasonable approach—and that is my appeal—to look at getting the three privacy ones in front of us. In fact, it should be separate legislation. However, the government created flawed legislation by putting three acts together when it probably shouldn't have done that. That was a critical error to begin with. This was raised, and it's probably one of the reasons why, structurally, we have issues right now. There's no reason we can't do some of these things separately. In fact, it would have been wiser and we would have actually gotten things through.

To me, the minister can't just come here and say, “Okay, we have eight specific amendments” and then not provide them—not for us, but for the other people coming here. We have groups and organizations paying lawyers to draft legalese and make submissions to us. They need to know what's in front of us. We don't have that anymore. That's terribly unfortunate. Having the background letter from the minister is fine, but I also want to go over a best practice.

I knew it was going to be bad when it began, because the minister.... A lot of times, ministers come to committees with prepared documents and table them for members to go through while they give their presentation. That's a fairly common practice. A minister will come with a preamble and even the material they will present. Not only did we not get that.... I asked for that. I made a joke about how we'd have to put that testimony into ChatGPT to create the amendments for the minister, because that's all we have to go by.

I want to see whether we can move forward with some consensus here.

I would like to amend the motion to have the three privacy amendments...and I would also like to make an amendment to drop section (f). The reason for dropping section (f) is that—I'll be quite frank—I don't need the minister to come here anymore. I just need his amendments so others can see them. I don't need to have another group of clown cars showing up and distracting us from the work we have to do. That's what this is about. For my part, I would like the three privacy amendments to be tabled, and I don't need the minister to come here anymore. I want to get on with the work here. I can't have people continuing to speculate about what they have to present in front of us. It continues to be like a dog chasing its own tail. That's what we're doing right now.

I'd like to amend section (e) for the three privacy amendments; it can just say “privacy amendments”. Then I'd like to drop section (f), because I don't need the minister to come here.

Thank you, Mr. Chair.

Thank you to what almost seems like our weekly regular witnesses and officials. I appreciate that.

In the minister's opening testimony here in September on Bill C-27, he said, “we will propose an amendment to recognize a fundamental right to privacy for Canadians.”

In the letter that was sent to the committee in response to our production of documents resolution from about a week and a half ago, the details of number one on page 1 of the appendix of the letter are that they will amend clause 5 “to qualify the right to privacy as a fundamental right.” There's stuff in there about the preamble, but ultimately the preamble doesn't matter because it has no legal basis once the statute is passed.

Clause 5 of Bill C-27 reads, “The purpose of this Act is to establish...rules to govern the protection of personal information in a manner that recognizes the right of privacy of individuals with respect to their personal information and the need of organizations to collect, use or disclose personal information”.

Can you tell me which words in that clause will change?

I call the meeting to order.

Welcome to meeting number 89 of the House of Commons Standing Committee on Industry and Technology. Today's meeting is taking place in a hybrid format pursuant to the Standing Orders.

Pursuant to the order of reference of Monday, April 24, 2023, the committee is resuming consideration of Bill C‑27, an act to enact the consumer privacy protection act, the personal information and data protection tribunal act and the artificial intelligence and data act and to make consequential and related amendments to other acts.

I’d like to welcome our witnesses today. From the Department of Industry, we have Mark Schaan, senior assistant deputy minister, strategy and innovation policy sector; Samir Chhabra, director general, marketplace framework policy branch; Runa Angus, senior director, strategy and innovation policy sector; and Surdas Mohit, director, strategy and innovation policy sector.

Thank you for appearing before the committee yet again in connection with our study of Bill C‑27. I expect we will probably ask you back, but since you were here with the minister for his recent appearance, there aren't any opening remarks. Without further ado, we will go straight to questions.

You may go ahead, Mr. Perkins. You have six minutes.

Mr. Speaker, I rise today to speak to a bill that is vital to residents of Abitibi—Témiscamingue and Quebec, and that is Bill C‑244, which was introduced by the hon. member for Richmond Centre.

Bill C‑244 amends the Copyright Act in order to allow a person to circumvent a technological protection measure, or TPM, if the circumvention is solely for the purpose of diagnosing, maintaining or repairing a product.

This bill was examined at almost the same time as Bill C‑294 on interoperability. What is interesting is that the Standing Committee on Industry and Technology was able to look at the issue from different angles and improve the bill's content to allow for the right to repair, to fight waste and to better protect the jobs of repair people, mechanics and technicians in the regions.

Over the past few years, it has become a lot more complicated to repair objects. Our vehicles are turning into motorized computers, and access to programming codes is needed to diagnose problems with them. Unfortunately, more and more manufacturers are refusing to share those codes or are charging independent mechanics exorbitant fees to get them, supposedly for security reasons. This situation is jeopardizing these small businesses and threatening their survival.

How are we to manage when our brand new smart phones get a cracked screen or some other defect? What do we do when our high-end, front-loading washing machine suddenly stops working? What about our three-year-old farm machinery in need of repair?

Let us consider Apple's policy on repairing its products, for example. All Apple products must be repaired at Apple stores, if the parts are available.

By patenting the majority of these parts, Apple holds on to its monopoly, while the electronic locks created by its operating software, protected under the Copyright Act, make counterfeiting liable to prosecution. For a resident of Abitibi—Témiscamingue, the situation is even more troublesome considering that the region has no Apple store. To get the service they are entitled to as consumers, these residents have to ship their product by mail or travel more than 600 kilometres to a large urban centre. Incidentally, the situation is practically the same for passports. That needs to change.

Manufacturers are increasingly choosing the answer for us: toss it out and buy a new one. Tight grips on replacement parts, restrictive design, the use of digital locks and other legal protections have all contributed to the difficulty in repairing and maintaining the increasingly high-tech things that surround us.

Bill C-244 presents a solution to the calls from many individuals who support the right to repair in Quebec. Their message is consistent: The government must make legislative changes that will give us both the right and the ability to repair the objects we own without violating intellectual property laws and other laws.

Although the purpose of the Copyright Act is to protect creators and intellectual property, the way companies have been using it to impede repairs over the last few decades is harmful to society as a whole. It impedes the second-hand market and harms small businesses specializing in repairs.

By supporting this bill, the Bloc Québécois is also supporting Quebec's small businesses that are committed to becoming repair centres, mechanics, computer specialists and artisans who have acquired the skills to repair our everyday products. This industry plays a key role in our energy transition and supports jobs throughout Quebec. Even though repair people are becoming increasingly rare in our communities, this bill lends direct support to their work. It will provide a living for many Quebeckers.

It is not just consumer electronics that are under the microscope. The bill also targets industrial equipment, agricultural equipment, medical devices, electric cars and many other machines that are becoming notoriously difficult for independent technicians to repair and maintain. This increases businesses' operational costs, curtails market competition and discourages follow-on innovation.

The costs of our increasing inability to repair things go beyond pocketbook issues. It is imperative that we consider the environmental impact as well. My colleague from Repentigny will be happy to hear me mention this. The manufacture of new devices generates considerable electronic waste and consumes precious resources. It is therefore crucial to give consumers the right to repair their products. I would like to draw my colleagues' attention to a new law in Quebec that is along the same lines as this one. It reminds manufacturers that they have a role to play in this equation.

Quebec has passed a new law on planned obsolescence. We applaud the leadership of the Quebec National Assembly, which recently passed this legislation to ensure that these products operate properly and to prevent the sale of seriously defective vehicles, what we call lemons.

Let me get back to the shameful waste of raw materials. Extraction of raw materials, use of rare earth metals, lead soldering, shipping and packaging are just a few examples of the ecological toll imposed by the short lifespan of many modern devices and equipment. Electronics waste is now globally among the fastest-growing types of waste, increasing at a rate of 3% to 4% each year. As the global microchip shortage reveals, ostensibly every industry is now the electronics industry. The failure of one electronic part often renders things inoperative, making them all the more likely to end up in a landfill prematurely.

I strongly recommended to my colleagues on the Standing Committee on Industry and Technology that we study the metals, plastics and electronics recycling ecosystems from a circular economy perspective, because the critical minerals in these electronics are important. We must stop them from ending up in landfills. This study will resume once our consideration of Bill C-27 is complete.

We need to address this shameful waste of resources to reduce our tonne of garbage. Quebeckers have had enough. I urge all parliamentarians to support this bill. By voting in favour of this bill, we are demonstrating our commitment to our local businesses, we are contributing to the fight against waste and we are meeting a fundamental need to repair for all our constituents. By supporting this bill, we are sending a strong, united message about our determination to promote a more sustainable and accessible future for all. This is an opportunity for us, as legislators, to make a positive difference in the lives of our constituents and to work in favour of an economy that is more environmentally friendly.

Let us make sure that the right to repair becomes a reality for everyone.

Thank you, Chair. Yes, I would.

Just by way of background, this is revisiting the discussion we had when the member who brought the bill forward was here. We spent the last parliamentary session trying to modernize a lot of the legislation to make sure we captured the digital changes that have happened.

We updated Bill C-11, Bill C-18 and Bill C-27 to all reflect the digital age. We want to make sure that “digital creations” are included. Then, when we had the language discussion, we agreed that English and French were important but, as has been pointed out, there are indigenous languages that people do creative activities in and there may also be ethnic-specific ones. In order to reflect that diversity and the digital creations, this amendment is to add the following:

filmmaking and digital creations that reflect the diversity of Canada, including with respect to the languages in use and its ethnocultural composition.

That's brought to you by the legislative people who know the legalese terms.

Thank you.

Mr. Speaker, Western University's brief has a pretty good outline of what some of the definitions of these are, and I would go back to it, as it has been thought about. I think there are two dozen references of other literature in there that I would draw my colleague's attention to.

I would ask colleagues on the justice committee to intersect with some of the work that is being done on the industry committee regarding Bill C-27, the artificial intelligence and data act, to ensure that our laws are harmonized as we move forward and make sure that is done in a way so women, others, people in public life and children are not victimized.

I call the meeting back to order.

We were on Mr. Perkins' subamendment to Mr. Turnbull's proposal.

However, I would like to start by thanking Mr. Dufresne, Ms. Ives and Mr. Maguire for being here. I apologize for the turn of events. These things happen in parliamentary life. I'm sure we'll have an opportunity to invite you back. Anyway, our study of Bill C‑27 has a long way to go, as you can see. Thank you very much. You're free to go, if you wish.

We can now resume debate on Mr. Perkins' subamendment.

To remind members, it was to modify what has been circulated by Mr. Turnbull and add a deadline that conforms with the original motion that Mr. Vis proposed.

Go ahead, Mr. Perkins.

If members want to proceed to clause-by-clause consideration of the bill, we will of course pass a motion to that effect. We're ready to do the clause-by-clause study, but we know full well that we won't have heard the necessary testimony.

The usual practice for all House of Commons committees is to receive evidence and use that to inform amendments. The chair has confirmed that no date has yet been set to proceed with clause-by-clause consideration and submit our Bill C‑27 amendments or clauses. When the committee decides to proceed with clause-by-clause consideration, the amendments will be moved. I'm sure the Conservatives will have comments to make and amendments to propose. They've said as much. Mr. Masse, for one, said he was ready to put amendments forward, too. I'm sure the Bloc Québécois will also have amendments to propose to Bill C‑27. It's standard practice for a committee to set a date for submitting amendments.

I don't see what's going on here, other than not wanting to hear from Mr. Dufresne. What's happening here is not contempt of Parliament. It's perfectly normal for a minister to say he's open to amendments and prepared to accept them. Regardless of which parties put them forward, we'll debate them once the committee has decided on a date.

That's all I wanted to say. I'm not a regular member of this committee, but I sit on other committees and I know how things work.

Just to make sure we're all on the same page, we're now debating the subamendment that Mr. Perkins has submitted. I would, however, volunteer a small comment. Based on the text of the motion, it asks for the production of certain documents “within five business days”. We have the PBO on Tuesday, so for the next five business days we're not studying Bill C-27. To me, then, it seems moot to add this subamendment.

If you want to maintain it, we can, but—

Thank you, Mr. Chair.

Our parliamentary system is obviously based on trust and respect between parliamentarians, particularly in the context of a minority government. However, I can't consider last Tuesday's exercise to be a model of trust and respect, particularly with regard to these aspects, especially in a context where we're being told about the urgency of passing Bill C‑27 and bringing ourselves in line with European law, specifically with regard to data protection.

This is a bill that was tabled in June 2022, I remind you, that the government only addressed three or four times in the House over one year, last year. We can't claim it's because the legislative agenda was particularly heavy last year.

So I find it worrying that the government is pressuring us and, on top of that, pulling these amendments out of its hat as though they were a done deal upon which we were to rely. If only that were all. We learned through the media—and not through parliamentary collegiality, since the minister was not transparent with his fellow MPs—that there would be a voluntary code of conduct pending legislation. In my opinion, a voluntary code of conduct, given what we are to debate, is the opposite of the highest industry standards. By not announcing this news to his colleagues before it reached the media, the minister has not been transparent.

Of course, in front of industry, it might be a fine show and elicit applause, but the minister is accountable to parliamentarians. I cannot understand why he didn't tell us the day before, on Tuesday. It's another element that adds to the context in which we feel that the bill we will be debating is now obsolete, for obvious reasons. ChatGPT didn't previously exist. Technology has evolved. They talk about fundamental principles, saying that the law they want to replace is over 25 years old, and that Facebook and the iPhone didn't exist back then. Where is Facebook, or Meta, now? These are the people who have taken control of our democracy, who prevent our local media from functioning and who laugh at Canada's Parliament and parliamentarians. They boast about legislation that lasted so long, when it has actually caused major setbacks.

So it seems rather irresponsible to allow things to continue in this manner. We began this study on the wrong footing, and I think there needs to be more transparency and collegiality. Not only will we be asking people for about fifteen meetings to react and draw on their expertise to tell us about the repercussions, but companies also need predictability, and we don't know what we'll be debating.

I therefore urge that we obtain these documents as quickly as possible, and even make them public, because we need to be able to do our job. Right now, however, we're not equipped to do so.

Thank you.

Thank you, Mr. Chair. I appreciate it. I just want to make sure, because when you're attending virtually, sometimes you don't get seen. I know you're diligent on that.

I support this motion. It's been pretty interesting, what's taken place over the last number of hours. The minister has been actively lobbying me to move this bill as quickly as possible, and I do support that, but I also support a proper process. Mr. Dufresne and his team are very valuable pieces of what needs to be done even outside of Bill C-27, which is updating the Privacy Act in several different ways, and it's the same with the Competition Bureau.

I find it hard to accept that the minister sat across the table from us.... He talked about amendments. Government members even referred to them as amendments. I actually did a point of order, if you remember, Mr. Chair, with regard to whether they were ideas or amendments. We know that right now they're just ideas that were presented in front of the committee, despite having over a year. I'm glad that we had the context of them, and some of the stuff that was floated about is important, but I don't know how it's reasonable to expect people to come in front of us in this speculative process that we have, when the minister says he is actually going to fix his bill, which he already acknowledged is flawed and has errors. We discussed that in the House of Commons and now we have come here. This committee also passed a request to the witnesses coming forward on whether they could bring amendments to us as well so that we could properly vet them and also share them with other presenters so that people could look at those things.

How do you start something so important and so critical with only a speculative process? I know that right now I would have a motion to bring back the Privacy Commissioner's team after we know exactly what is there.

There's also the process of respect that Mr. Perkins mentioned. The minister sat right there, and then the next day went out to the public and provided new information that he didn't provide to us as members of Parliament. He went to basically a public event and disclosed new information that he wasn't willing to provide to his own committee the day before. It's pretty hard to accept that and also to be responsible for one of the most important pieces of legislation.

I would point out that some of the groups coming forth will be from the not-for-profit sector or the private sector. They actually have to use time, resources and in some cases money to draft their amendments into a legal form and context to present them to us. They also sit there, in front of the world, with their reputations on the line over what they present to us, and it's a mockery to them when they don't even know exactly what they're presenting to.

I can't believe that we're proceeding in such a way and that the government doesn't have the amendments to table in front of us so that we can also make sure that they'll be in a context that will be accepted within the bill. I spoke at the last meeting about how the government had amendments to my legislation. The government brought them forth, theminister himself, and then the Liberals not only did that but also ruled them out of order themselves.

We don't know exactly where this is going, but I'd like to have the proper context of how we're going to analyze the bill. I think it's bad, when we have our guests in front of us, that we have to go on the fly about what the minister may or may not have and whether he's serious on all the points that were raised. Are they actually going to be ones that will be collectively put together? I don't know. What's the point of our spending resources, time and energy and then treating our guests so poorly? They have to come here and wing it in terms of what theminister and the government have as legislation.

To wrap up, we know two things. One, there's a high degree of interest in this bill. It's very technical. Part of it is new. The second thing we know is that when we invite people to come in front of us, we know that the bill right now is critically flawed. It's had one debate in the House already, and it's our job to fix it. The minister has indicated that it needs fixing, but we don't know what parts they're supportive of or not supportive of. That's unfortunate. Again, I've been open to trying to move this legislation along as quickly as possible, but I'm not going to be part of a broken process from the very beginning.

That's just unfortunate, because I think we all want to move on this.

Thank you, Mr. Chair.

I'd like to thank the witnesses for being here today.

Mr. Dufresne, I want to thank you for your excellent work, including the 15 key recommendations that you put forward with respect to Bill C-27. For what I am about to do today, I apologize. I know your time is very valuable, but I am about to move a motion with respect to the testimony that was given by the minister at the last meeting. I am doing so because the minister indicated that he would be making amendments to the bill, but he wouldn't provide the committee with those specific amendments.

As such, I am going to move a motion right now, Mr. Chair. I move “That pursuant to Standing Order 108(1), the committee order the Minister of Innovation, Science and Industry and his department to produce the amendments, briefing notes and memos referencing the amendments discussed by the minister in his opening remarks to the committee on September 26, 2023, provided that these documents be provided to the clerk of the committee within five business days.” I believe that was just sent to the clerk to be sent around.

I am tabling that because I believe the minister came forward in good faith with those changes, largely based on the recommendations from our witness here today, and I believe it is in the interest of Canada and all members of this committee to have that information before we proceed accordingly.

Thank you, Mr. Chair.

I call this meeting to order.

Good afternoon, everyone.

Welcome to meeting No. 87 of the House of Commons Standing Committee on Industry and Technology.

Today's meeting is taking place in a hybrid format, pursuant to the Standing Orders. Pursuant to the order of reference of Monday, April 24, 2023, the committee is resuming consideration of Bill C‑27, An Act to Enact the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act and the Artificial Intelligence and Data Act and to make consequential and related amendments to other acts.

I'd like to welcome our witnesses today, who honour us with their presence and who are here to answer our questions.

Joining us from the Office of the Privacy Commissioner of Canada is Mr. Philippe Dufresne, Privacy Commissioner of Canada, whom I now welcome. We are also welcoming Ms. Lara Ives, Executive Director, Policy, Research and Parliamentary Affairs Directorate, as well as Michael Maguire, Director, Personal Information Protection and Electronic Documents Act, Compliance Directorate.

We are pleased to have you with us. Thank you for taking the time to appear before the committee. On behalf of our committee, I apologize for the slight delay today.

Without further ado, Mr. Dufresne, you have the floor for your opening remarks.

This is a friendly motion. Hearing from witnesses today is extremely important in the context of Bill C-27. I would like to move, and hopefully get unanimous consent, that we invite the officials back as soon as possible—at your discretion, Chair—to provide us the time we need to begin examining this bill.

That is indeed the motion you tabled a week ago. There was agreement to work on it with the parliamentary secretary, Mr. Turnbull, among other people. I think that has been done.

Is it the will of the committee to adopt this motion, knowing that we might not begin that study for some time, given the work involved in considering Bill C‑27?

Is there unanimous consent to adopt the motion presented by Mr. Lemire?

(Motion agreed to)

Thank you, colleagues.

We now have only 10 more minutes with officials. It will depend on the committee's will.

You might be reinvited, though I'm sure that comes as no surprise to you, Mr. Schaan.

We'll use the time we have left. I would suggest we split the time to three minutes, three minutes, one and a half and one and a half.

Go ahead, Mr. Vis.

No one was expecting that Bill C‑27 would be passed in its entirety.

Thank you, Mr. Chair.

Thank you, Mr. Minister.

The part of Bill C‑27 that pertains to artificial intelligence relies a great deal on self-regulation. The bill has been designed so that companies can create codes of conduct to regulate themselves more independently. The government will therefore have to approve codes of conduct that may not be very strong, which is a concern. What accountability will there be? Will there be audits? If so, how will those audits be monitored? I am referring to governance, protecting innovation, transparency, which is essential, and copyright protection.

That leads me to a fundamental question: If there were an abuse or someone had to be reprimanded for violating a person's privacy, who would be held accountable? That isn't clear. Would it be the developer, the seller or even the user? The private sector needs us to get clarification from you on that because it is creating confusion and preventing us from moving forward.

I'll say that Brendan has tried to bigfoot me on that.

Brendan, it's good to see you, sir.

Dear colleagues, I have the honour to present Bill C‑27 to your committee today. I want to stress the importance and urgency of this bill. Let us recall that our laws were last updated more than 20 years ago. The last time we did the necessary work for Canadians was more than 20 years ago, before Facebook, Twitter and iPhones even existed. So you can imagine how important it is to act quickly and decisively.

In my view, we cannot miss out on the opportunity to modernize privacy laws for Canadians, who are waiting for concrete action. I think the bill meets their expectations.

Moreover, technology is evolving quickly, as you know. Since we last met, Canadians have witnessed the advent of various new technologies, such as ChatGPT. We are all grappling with the tremendous power of artificial intelligence, which offers great possibilities, as well as risks, to be honest.

Bill C-27 is Canada's much-needed response to these pressing challenges. It will build a stronger framework for privacy protection, and it will introduce a new framework for the regulation of artificial intelligence, putting into practice the principles of Canada's digital charter.

Bill C‑27 will introduce key reforms to better align our privacy bill with international best practices, including the European Union's general data protection regulation. A large part of that is expanding the powers of the office of the Privacy Commissioner of Canada so it can make orders, require businesses to provide information and recommend some of the strongest sanctions in G7 countries.

It is also urgent to provide guardrails around artificial intelligence technology. AI is advancing at a rapid pace and is quickly being adopted across Canada's economy.

I'm happy to say that tomorrow there's a huge summit that I'll be attending in Montreal. It's the All In summit with Yoshua Bengio. Thousands of people are coming from around the world to listen to Canada and to see what we can do together.

Bill C-27 proposes robust guardrails for the responsible development, deployment and use of AI systems. Part 3 of the bill, the AI and data act, is designed to protect Canadians from the risks associated with AI, to encourage trustworthy innovation and to solidify Canada's place as a global leader in responsible AI.

Canada is one of the first jurisdictions in the world to propose a legal framework for AI. Passing AIDA will make Canada's AI synonymous with safe AI around the world. I can tell you that our Japanese, European Union and American colleagues have all been in touch. They see Canada as taking a leadership role in these regards.

First of all, let me tell you what the future artificial intelligence and data act will not do: it will not duplicate what existing legislation already effectively covers. Nor will it regulate the many creative and useful applications of artificial intelligence that do nor require government intervention, such as checking grammar or deciding what music or movie we might enjoy.

Certain artificial intelligence systems, such as those that determine whether a person gets a loan or a job they want, can nonetheless have real consequences for Canadians families and consumers. In my view, what we are proposing will allow for responsible innovation, along with a certain number of rules to protect Canadians.

There are also new AI technologies, like ChatGPT. I don't need to tell you—you've all seen it in recent months and even yesterday—that they're new innovations and we don't really know everything they're capable of. You don't need to take it from me, but I would advise you to read the letter that was signed by Yoshua Bengio, and hundreds of people from around the world, warning us that we need to take action.

We know that they can do a lot of useful work for us, but they can also be used to spread fake images or videos on a scale that we have never seen before. Our laws are not currently set up to deal with these kinds of risks, but AIDA will fill this gap.

I know all parties care about these issues, and I know this committee can play a vital role in protecting Canadians. Let's ensure that the technology is fair for all Canadians and that we have trust again.

In short, our bill has solid foundations. I should note, however, that I have also listened to suggestions to improve it, as we must always do.

My office and department have had more than 300 meetings with academics, businesses and members of civil society regarding his bill. We have also heard important contributions from the committee and our fellow parliamentarians. I also spoke directly with the Privacy Commissioner and listened to his recommendations. Not only did we consult and listen to him, we also followed through with amendments based on his requests. I think my colleagues will be pleased to see the amendments we are proposing.

Throughout the last 18 months, we have also taken action to advance the foundation for privacy in Canada, including by increasing the funding of the Privacy Commissioner by nearly $20 million. We have also prepared a companion document for the AI and data act to shed more light on the responsible AI framework.

Now, I want to put on the table specifically what our government will propose to improve the bill. These are the amendments that we are proposing to the bill, and I would encourage my colleagues to pay attention, particularly to that part of what I will be saying.

First, we will propose an amendment to recognize a fundamental right to privacy for Canadians. I think this is a big win for Canada. This is a major step forward, and I give credit to my colleagues, to this committee—you said that to me before—and to stakeholders across the country for enabling us to move forward on this.

The bill already recognizes important new privacy rights, including the requirement for clear language from companies to improve consent, and the right to data mobility and the right to request that data be deleted.

Specifically, we want to assure you that Canadians can be confident that their right to privacy will be respected. So I encourage all my colleagues to vote for the amendment. Let us all guarantee Canadians' fundamental right to privacy.

I think this is a major step forward, and I think Canada will be seen as a world leader in doing it.

Next, you have heard me talk about children. I think we need to take care of our children, especially online. I think there is broad consensus on this across the country.

I have two young stepdaughters and this is important to me, as it is to all parents in Canada. That is why our government will put forward amendments to recognize and strengthen the protection of children's right to privacy. In my opinion, we still have to do more to protect them online, and that is certainly what we intend to do.

Lastly, I want to highlight that, while the bill significantly strengthens the Privacy Commissioner's ability to issue orders for compliance as well as to recommend some of the highest penalties in the world, I understand that it's important to enable him to pursue justice more quickly. That's why we will propose amendments to give the commissioner more flexibility to reach compliance agreements with companies that are non-compliant with privacy law, allowing for quick resolution of matters without implicating the tribunal or the courts. That's also something I've heard from colleagues around this table.

Next, we will work together on the first artificial intelligence bill put forward in Canada. When I introduced the bill in June 2022, we deliberately designed a flexible bill, knowing that artificial intelligence is evolving very quickly. It must absolutely provide the basis for flexible regulations in the future that will enable businesses to continue to innovate and, obviously, to protect Canadians.

Our government intends to put forward key amendments to provide more structure, detail and clarity in the part pertaining to artificial intelligence, while still retaining flexibility. This is what has made it possible for the Personal Information Protection and Electronic Documents Act, which is still in force in Canada, to evolve over the decades. Flexibility is key. This is the Canadian model that has provided for success thus far. The good news is that our bill has been designed to be flexible so that new artificial intelligence categories can be added through amendments.

First, colleagues, let me say that I've heard you. Let me remind you that our bill focuses on only high-impact AI systems. We will propose an amendment to define classes of systems that would typically be considered high impact—for example, AI systems that make important decisions about loans or employment.

Second, we will introduce specific and distinct obligations for general-purpose AI systems like ChatGPT. I think it's very timely that we do that. These are systems that, for example, are available for public use, can interpret a wide variety of commands, and generate text, picture and audio.

Third, I've heard that a clearer differentiation of the AI value chain—that is, a person who develops AI systems versus one who manages and deploys AI systems in their business—is necessary to ensure that companies have a clear set of obligations.

Fourth, we will strengthen and clarify the role of the proposed AI and data commissioner, including by enabling them to share information and co-operate with other regulators—for example, the Privacy Commissioner or the competition commissioner.

The fifth one we'll be proposing in terms of amendments that I wish to highlight is to align with the EU AI Act as well as other advanced economies of the OECD by making targeted amendments to key definitions and clarifying requirements. This change will specifically ensure that Canadian AI companies are interoperable with other jurisdictions and that our companies have access to international markets. It is fundamental to the world we live in to be able to be interoperable.

In conclusion, Mr. Chair, I hope these significant proposed amendments are as compelling for you as they are for me. We really put our best foot forward to get the support of the committee to provide a piece of legislation that Canadians can be proud of.

I am optimistic about Canada's potential in the global digital economy. I am keen to work with you to enact responsible privacy and artificial intelligence legislation, because I think Canada can serve as an example to the world. People around the world are watching Canada to see the kind of framework we will adopt to help our businesses innovate responsibly, while protecting the interests of Canadians.

Thank you.

This meeting is called to order.

Welcome to meeting No. 86 of the House of Commons Standing Committee on Industry and Technology.

Today's meeting is taking place in hybrid format, pursuant to the Standing Orders.

Pursuant to the order of reference of Monday, April 24, 2023, the committee is commencing consideration of Bill C‑27, An Act to enact the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act and the Artificial Intelligence and Data Act and to make consequential and related amendments to other Acts.

I'd like to welcome our witnesses today. With us are the Hon. François‑Philippe Champagne, Minister of Innovation, Science and Industry, accompanied by a regular at this committee, Mark Schaan, Senior Assistant Deputy Minister, Strategy and Innovation Policy Sector, and Samir Chhabra, Director General, Marketplace Framework Policy Branch.

I think I speak for all committee members in saying that we have been eagerly awaiting this study and are very keen to begin it.

Without further delay, I invite you to proceed with your opening remarks, Mr. Minister.

That's fine. Then we can discuss it at the subcommittee. In any case, I think we'll be busy studying Bill C‑27 for the next two months.

This is a suggestion for the committee. I think we're all assuming that we start Bill C-27 on Tuesday. We obviously haven't gone through or been able to get witnesses yet—I don't believe—for Thursday, so perhaps Thursday might be an opportunity for the PBO or the Privacy Commissioner.

I'm wondering when the Parliamentary Budget Officer could come and testify. If the study of Bill C‑27 leads us to have several meetings—the list of witnesses is quite long—would it be responsible to invite the Parliamentary Budget Officer much later in the fall or even in the winter? Would that be the responsible thing to do under the circumstances? Since it's just one meeting, we can probably find an opportunity to meet with him sooner.

Before we move to a vote, this is basically to inform the committee of what we want to study as a committee and what we decide we want to pursue, knowing full well that Bill C-27 takes precedence. That's what we're going to be dealing with for the next few weeks.

Do we need to vote on the first motion? I sense that there's consensus on the motion proposed by Mr. Perkins.

Mr. Lemire, you look skeptical.

Just to provide a bit of context on the idea for Thursday's meeting, I'm hopeful that we'll get Bill C-34 done, and we can free our friends who've been with us over many meetings. Thursday would be a steering committee meeting so that we can hash out the plan, in particular with regard to Bill C-27 and how we intend to approach it, and also, perhaps, if we have time, to vote on some of the motions that have been presented and how we intend to deal with them.

Thank you, Mr. Chair.

I was wondering whether we're going to have a subcommittee meeting to look at what legislation is going to come forth and so forth. Some of these motions are excellent. Actually, they're all really good motions, and in different ways. I have amendments to them, but at any rate, I'm just wondering whether we're going to have our own planning meeting, because it will be interesting to find out out where Bill C-27 stands as we're working through this.

Obviously, the one by Mr. Perkins with regard to the PBO officer is just one meeting, so that's easy to deal with and dispense with, but the other suggestions are more comprehensive and would require planning.

I'll just throw that out there. Maybe you can share with us how you would like to deal with this or if we are going to go one-off at them at the end of the meeting if there's time, or maybe on Thursday, if we can get through Bill C-34 today or next week.

Mr. Speaker, I am happy to talk about the beaches of Bay of Quinte. Sandbanks is the largest freshwater sandbar in all the world. We welcome well over a million visitors a year, and everyone is welcome. Some of us wish we were there today.

The bill deserves the attention that we are trying to give it, as rushed as it is. We need to spend time on a lot of different bills right now. We are dealing with Bill C-34 and are waiting for Bill C-27. The reality is that there is a lot of important legislation that we need to get through, and we need to spend the ample amount of time that these bills deserve to have spent on them. As I have mentioned, we certainly would have liked to see a few more amendments studied. We wanted to see the future of money laundering studied and not just to catch up to today.

There is a lot of great work to happen ahead, and as soon as we are done with the beaches and it gets a little colder, we will see everyone back here in Parliament so we can keep working on behalf of Canadians.

Mr. Speaker, it is amazing. I had just finished saying “Bill C-27”, and the member then stood up. Bill C-27 is what the motion is actually all about. The Conservative Party has actually moved a motion to try to get the government to divide Bill C-27 into more bills so Conservatives would have more opportunity to cause more filibustering in order to deprive Canadians of good, sound legislation. That is what the Conservative Party is doing.

What is Bill C-27? It would be an actual modernization. Believe it or not, and I say this for the Conservative colleagues across the way, technology has changed over the last 20 years. A lot of things have happened. Do members know the last time we actually had a modernization of this legislation? We are talking about over two decades ago, when iPhones and Facebook did not exist. One would think that the Conservatives would have, and be able to comprehend, the need to change the legislation. However, there has been no signal whatsoever coming from the opposition benches to recognize the value of modernizing this legislation.

The Conservatives should be concerned about it. Do they know the amount of data that is collected in both government agencies and private companies? People must understand that, through technological change, we have seen the development of huge data banks. Canadians are concerned about privacy. They want to make sure that the information being collected is, in fact, protected. A flash disk can have literally millions of entries, and that can be very damaging to the population. Twenty years ago, we did not have flash disks. We might have had the five-inch round disks; I can remember having those about 20 years ago. I will use Tim Hortons as an example, and I could easily use the example of McDonald's too. We can look at those restaurants' apps. People should open up and find out how many apps are out there. When we download these apps, whether they are for a restaurant or any other sort of service like a retail store, and we start using them, we are providing information. People should take a look at the airline industry, hotels and the many different industries out there that are actually collecting the private information of Canadians.

In the Government of Canada, we recognize that we have a responsibility to look at what is impacting Canadians today, and to bring forward not only budgetary measures, as we have done to protect the backs of Canadians, but also legislative measures. That is what Bill C-27 would do in this particular area; it would ensure that the privacy of Canadians would ultimately be respected and that these huge data banks that are being created would not be abused or exploited at the expense of Canadians.

We have consulted extensively. Through private, government and non-profit organizations, the department has done its job in terms of bringing forward legislation that would, in fact, modernize the industry. Most important from my perspective is that it would protect the interests and the privacy of Canadians.

I want to emphasize, at the end of the day, the amount of change that we have witnessed in 20 years, as I said somewhat lightly a few minutes ago. We should understand that when I was first elected to the Manitoba legislature, the Internet was something which people dialed into. The first thing we heard was the “ching-ching-ching-ching” and then the dial tone coming. Then we had to double-click and we were into the Internet, and, boy, was it slow compared to what happens today.

There were data banks at that time, and there was information being collected. That is why I would suggest that legislation of this nature is indeed warranted and needed. That is why we have standing committees. Earlier today, in the Conservatives' filibuster, they made a mockery of a standing committee and its efforts by moving an amendment even though the report was unanimously supported. They made a mockery of that.

I will suggest to the members who participate in standing committees of Parliament that they can play a very important role in giving strength to legislation and to improving legislation. We have a minister who is following the debate, listening to what members have to say, and looking for ways we can improve and strengthen the legislation in the name of protecting Canadians, the data banks and our privacy rights.

We want to see stability in the industry. Not only do consumers benefit from that stability, but businesses do as well. If we put more stability into place, also factoring in things like AI, it puts Canada in a better position to be able to continue to grow and expand our economy. This is an important aspect of that.

We have a Prime Minister and a government that have consistently said we want an economy that works for all Canadians from coast to coast to coast, urban or rural. The impact of the Internet on rural communities has been significant in terms of economics, not to mention in many other ways. I will focus on the issue of economics.

Retail stores can now be found within our computer, and the actual locations are often in rural communities. It can be a driving force for growth in rural communities. That is why it is important we get it right, that we have the confidence of consumers and Canadians in the information that is being gathered. We have to make sure that information is protected, whether it is names, financial information, health-related information and so much more.

The legislation is good. It is sound. We would like to be able to encourage the Conservatives to see its value. By supporting the legislation, they are supporting Canadians. This legislation is a reflection of what Canadians want to see put into law.

On that point, I know there is legislation the Conservatives say they support. Let us see if we can stop the filibustering here in the chamber so we can pass additional legislation so Canadians will be even better served by the House of Commons.

Mr. Speaker, I always welcome the opportunity to point out the hypocrisy of the Conservatives. Sometimes they just make it too easy.

When I first walked in this morning, honest to God, I really thought we were going to be passing historic legislation. I really thought we were going to be talking about Bill C-22. After all, if anyone went on the Internet and looked at what is happening in Ottawa, what would be debated in the House of Commons, the first thing in government business was Bill C-22.

I am sorry, Bill C-22 is another national program, that is the disability program. We do so much good stuff, there so much out there. We are supposed to be talking about Bill C-35, and it did not take a Conservative to point that out. They kind of get lost in the numbers.

At the end of the day, we were supposed to be talking about Bill C-35 today. It is a national child care plan, from coast to coast to coast, and we are enshrining it into law. We had 20 minutes to go, and then it would go into law.

However, no, the Conservatives had a different agenda. They have a partisan agenda. They have an agenda that says “cause frustration, do not allow legislation to pass.” The previous speaker stood up and said that we needed to have more legislation, referring to Bill C-27. He wants to multiply Bill C-27 into three bills. He wants us to introduce three more pieces of legislation so that the Conservatives have more to filibuster.

The member is criticizing the government, saying that it has been months since we last called this legislation. A lot of issues are happening on the floor of the House of Commons, even with the frustrations caused by the Conservatives, and they cause a lot of frustration. I will give them that much. They know how to play a destructive force. Never before have I seen an opposition, and I was in opposition for 20 years, so focused on playing a destructive force with respect to legislation.

Earlier today, I reminded the opposition that it was a minority government, and I acknowledge that. We accept the fact that we were elected as a minority government, and we thank Canadians for recognizing us and allowing us to continue in government. We take that very seriously. I kind of wish the Conservative Party would recognize that as well.

Do they not realize there is a sense of “responsibility” for opposition members as well. Providing endless filibusters and trying to prevent every piece of legislation from passing is the goal of the Conservative. Just last week, and I referenced it this morning, the Conservative leader made a strong statement, and it made the news. It was on Newswatch in fact, not to mention other news agencies. The Leader of the Conservative Party said that he was going to speak and speak and speak, and he might have said “speak” a few more times, to filibuster our budget implementation bill. Let us think about all the things in that the budget implementation bill, and there is not enough time to elaborate on that. That was his intention. He was going to speak until we changed it, and four hours later it passed.

We have these mechanisms to ensure that at least, even with the destructive force of the Conservative Party, we can still get things done for Canadians.

Let us fast forward things here. The Conservatives did not want to debate the child care bill this morning. Instead, they wanted to talk about an issue that now brings us to Bill C-27—

Mr. Speaker, I thank the hon. member for his arguments to divide the bill. I particularly dislike Bill C-27 for the artificial intelligence act that is included in it. It essentially would exempt the government from any kind of serious harms and any designated provincial government, while saying to business and innovation that it would hang this threat of a criminal offence over their heads, but not telling them what this means. It is going to push our industry and innovation down to the United States, where there is no legislation.

Does he believe this bill needs to have a full vetting, because generative artificial intelligence can be something that we can innovate in Canada? It is powerful. I would not say dangerous, but this kind of bill would push that activity to areas that are not regulated.

Mr. Speaker, I am pleased to rise today to speak to Motion No. 426, which deals with Bill C-27. For those watching who do not know Bill C-27, it is the government's piece of legislation to update our privacy laws and introduce a new act on artificial intelligence.

As to the purpose of this motion, even though the bill went through second reading and is now awaiting study at the industry committee, we are asking that the bill be split in three, because it really is three separate bills. The first bill, as my colleague from Bay of Quinte just mentioned, is the part of the legislation that deals with updating the Privacy Act, including all of the privacy terms for protecting an individual's privacy and protecting the rights of others to use someone's privacy, that is, how they can or cannot use it. The second piece of the legislation would create a new agency called the privacy tribunal. It is really a separate piece of legislation. In fact, it is classified as a separate piece of legislation, an act within this act. Then the third piece is the artificial intelligence and data act.

It really is three pieces of legislation in one bill, and that is why we have moved this motion asking that the bill be split in three. It is a massive 120-page piece of legislative change impacting every person and every business in this country. It deserves to be studied as three separate pieces, and members of the House of Commons deserve to vote separately on those three separate pieces of information.

I will start with the first piece, which is the privacy piece. We talked at second reading about the difference between our views on the purpose of this bill, this act, and the government's views. The government made the claim that this bill was making greater steps toward protecting the personal information of the individual, yet that is not what the bill does.

Clause 5 is the purpose section, the most important section of any bill that sets out what the legal structure or purpose of legislation is. It says that it tries to balance the protection of personal privacy with the rights of businesses to use people's data. It puts business interests on a par with individual privacy interests. As my colleague from Bay of Quinte just said and as I said in my second reading speech, that is a fundamental flaw of this bill. The Privacy Commissioner has already spoken out about it.

There has been discussion about whether privacy is a fundamental human right. There is language on this in the preamble, but the preamble of the bill has virtually no legal impact. It says that privacy is among the fundamental rights people have, but it is not in the purpose section. We have been seeking and will be seeking a broad discussion at committee on that issue and the legal implication of it. The purpose section of the bill, clause 5, should say that the protection of personal privacy is a fundamental right. It is not balanced between business needs and individual needs but is a fundamental right.

That is important not only for the reasons that I just outlined, but because further down, clause 18 of the privacy part of the bill creates a concept called “legitimate interest” for a business. Clause 17, just prior to that, lays out that there has to be the express consent of an individual for a business to use privacy data, but clause 18 goes on to say that there is a legitimate interest for the business to not care about an individual's express consent. In fact, it lets a company say that if something is in its legitimate interest as a company, even if it causes individuals harm, it is okay for it to use their data for something that they did not give permission for. It says that right in the legislation.

This is a fundamental flaw of a bill that pretends to be protecting people's fundamental privacy rights. It in fact protects big corporate data and the right of big corporations to use our data however they wish. It does give additional power, which is needed, to the Privacy Commissioner in that, but the second part of the bill then takes it back with the creation of the privacy tribunal.

Maybe the best explanations of the privacy tribunal is to compare it to and understand the way the Competition Act works. There are two aspects to how we decide competition issues and appeals. One is the Competition Bureau that looks at merges and acquisitions, and it says whether they are anti-competitive or not and will rule on that merger. Then there is a Competition Tribunal, like the privacy tribunal as proposed in the bill, which is the legal framework where the law gets done and the battle gets fought between the company that thinks it should do the merger and the Competition Bureau that thinks it should not.

A classic example recently was the Rogers-Shaw takeover. Quite a bit of time was spent both through the Competition Bureau process and the Competition Tribunal process, which ruled whether that sale could happen and then whether an aspect of that sale, being the sale of Freedom Mobile to Vidéotron, could be done.

The government wants to create that kind of process in the privacy law now. It is a separate act that creates this bureaucracy and this appeal mechanism, where six individuals will decide, as a privacy tribunal, whether a company has breached a person's privacy rights. However, out of the six individuals, only three of them need to any familiarity with privacy law. The others do not need any familiarity with privacy law, no familiarity with business, no familiarity with human rights, nothing. They do not need any other qualifications other than, perhaps in this case, they are a Liberal and are appointed to this board.

I have discussed this with a number of law firms since the bill was tabled a year ago. These law firms have very different views about whether this speeds up or slows down the process of dealing with individual privacy law issues. We need to have a separate study within the committee on that aspect. In fact, I have been talking to the chair of the committee about that structure, trying to get the hearings to be set up in a way that looks at these three pieces separately.

The third piece, which my colleague for Bay of Quinte spoke eloquently about, is on artificial intelligence.

Remember, the first two parts of the bill are essentially a modest rewrite of a bill from the last Parliament, Bill C-11, when the government tried to amend these acts and then complained that the bill did not pass, because it called an early election. The Liberals could not figure out why it did not pass. However, the Liberals reintroduced the bill, but then they bolted on this other thing, which has absolutely nothing to do with the first two parts.

The third part is called the “artificial intelligence act”, but it has nothing to do with the privacy of individuals and it has nothing to do with the appeal of a person's privacy. It is all about how to regulate this new industry, and it gets it wrong. The government is basically saying that its does not know what artificial intelligence is, which is not surprising for the Liberals, but it is going to regulate it. It is going to define it in regulation, and the minister is going to be in charge of defining it. The minister is going to be in charge of setting the rules on whether the law has been breached. The minister is also going to be in charge of fining someone who has breached the law of this thing the government cannot define. It is a total usurping of Parliament. The Liberals are saying that they do not know what it is, but we should trust them, that they will never have to come back to Parliament to deal with this again.

We are asking the House to split the bill into three, because it really is three separate pieces of legislation. The government would have more success in its legislative agenda if it actually brought in these pieces properly, individually, rather than a mini-omnibus bill of different types of issues. Then they could be properly studied, properly amended, properly consulted on and properly dealt with by Parliament. The government is choosing not to do that, which is why it is having such poor legislative success in all of its efforts to date.

Mr. Speaker, it is an interesting tactic. The Conservatives still do not want to talk about child care. I guess they have an objection to that. I think we could pass this historic legislation in about 25 minutes, but they are having an allergic reaction to yet another national program. It is somewhat unfortunate.

The member wants to talk about AI and splitting a bill that is already in committee. I think the Speaker at one point made a ruling on it, but the Conservatives want to continue to kill time. I understand and appreciate that. This is how they feel they are being a good opposition party, though I might challenge that a bit.

Does the member not recognize the legislation also talks about the protection of data? Data is so critically important. I am wondering to what degree the Conservative Party really recognizes that with technological changes, we need to modernize legislation.

Bill C-27 deals with things like AI and other very important aspects of modernization through technology and data banks. We need to deal with that. When does the member believe the Conservatives will agree to see that sort of legislation pass? Is he and the Conservative regime thinking it should be happening sometime this year possibly, or will they want to continue to filibuster this into the months and years ahead? When would they like to see this type of legislation pass?

moved:

That it be an instruction to the Standing Committee on Industry and Technology that, during its consideration of Bill C-27, An Act to enact the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act and the Artificial Intelligence and Data Act and to make consequential and related amendments to other Acts, the committee be granted the power to divide the bill into three pieces of legislation:

(a) Bill C-27A, An Act to enact the Consumer Privacy Protection Act, containing Part 1 and the schedule to section 2;

(b) Bill C-27B, An Act to enact the Personal Information and Data Protection Tribunal Act, containing Part 2; and

(c) Bill C-27C, An Act to enact the Artificial Intelligence and Data Act, containing Part 3.

Mr. Speaker, I am happy to be here today to speak on this motion. I will be splitting my time today with the member for South Shore—St. Margarets.

Bill C-27 is a very important bill. We have talked about privacy legislation now for about eight or nine months. Our whole premise was that privacy always should be a fundamental right of Canadians. We talked about the limitations of this bill when the government announced it. That was missing from the bill. The bill was in three parts. The first part spoke to replacing the “PIP” in “PIPEDA”; the second part was announcing and debating the use of a tribunal; and the third part was about AI. This motion asks to split this bill into three parts so the committee can look at and vote on each part individually.

If we talk about why that is needed at this point, it is very simple. The third part about AI part is the most flawed. When we look at the bill in its entirety and we have gone through debate, we certainly hope to have this bill go to the industry committee. The government delayed sending this to committee, but I am hoping it will be in committee in the early fall, and we want to debate, for the most part, the AI section.

I stand today to shed light on a topic that has captured the imagination of many, and yet poses significant risk to our society: the dangers of artificial intelligence, or AI. While AI has the potential to revolutionize our world, we must also be aware of the dangers it presents and take proactive steps to mitigate them. For decades, AI and the imaginary and real threats it brings has been a subject of fascination in popular culture.

I remember, as a child, watching a movie called WarGames. A teenager wanted to change his grades, he went into a computer to try to do that and the computer offered to play a game of nuclear annihilation. It ended up that the U.S.S.R., through this computer, was about to attack the U.S. NORAD thought it was happening, was ready to strike back and somehow the computer could not figure out what was right or wrong and the only way the student was able to figure it out was to play a game of tic-tac-toe that he found he could never win. At the end, after playing the nuclear game he could never win, he said he would play a nice game of chess because that is easier, someone wins, someone loses and it is safe. This was AI in 1984.

My favourite movie with AI was The Matrix. In The Matrix, humans were batteries in the world, who were taken over and owned by machines until Neo saved them and gave them freedom. Another movie that I remember as a kid was Terminator 2, and we know how that one ended. It was pretty good. We are not sure if it has even ended yet. I think there is another one coming. Arnold Schwarzenegger is still alive.

We find ourselves in a season of alarmism over artificial intelligence, with warnings from experts of the need to prioritize the mitigation of AI risks. One of the greatest concerns around AI is the potential loss of jobs as automation and intelligent machines rise. Has anyone ever heard of the Texas McDonald's that is run entirely without people? It is coming. They have figured out how to use robots and machines to eliminate staff positions.

Even though it is not AI, all of us go to the grocery store now and can check out on our own. When we shop, we see lots of different ways, whether it is Amazon or others, that companies are using AI for robotics. We have heard of dark industrial storage where robots operate in the dark, moving products from exit to entrance, and people are not needed. It is a big problem for job losses.

Another major risk of AI lies in the erosion of privacy and personal data security. As AI becomes more integrated in our lives, it gathers vast amounts of data about individuals, which can be used to manipulate behaviour, target individuals and our children with personalized advertisements, and infringe upon our civil liberties. The first part of Bill C-27 has to do with the third part, but is not the same.

We must establish strong regulations and ethical guidelines to protect our privacy rights and prevent the misuse of personal data. Transparency and accountability should be at the forefront of AI development, ensuring that individuals have control over their own information. Moreover, the rapid advancement of AI brings with it the potential for unintended consequences.

AI systems, while designed to learn and improve, can also develop biases. We saw in the ethics committee, with facial recognition technology, when we had experts come into the committee that, alarmingly, Black females were misidentified 34% of the time by computers. It was called “digital racism”. White males were misidentified only 1% of the time.

Again, this is technology that we have allowed, in some instances, to be used by the RCMP and to be used by the forces. All experts asked for a moratorium on that technology, much the same as we are seeing with AI, because without proper oversight and diverse representation in the development of AI logarithms and algorithms, we risk entrenching society biases within these systems. It is imperative that we prioritize diversity and inclusion in AI development to ensure fairness and to avoid exacerbating existing inequalities.

The security implications of AI cannot be overlooked either. As AI becomes more sophisticated, it could be weaponized or manipulated by malicious actors. Cyber-attacks exploiting AI vulnerabilities could lead to significant disruptions in critical systems, such as health care, transportation and defence. They say the greatest risk of war right now is not by sticks and stones, but by computers and joysticks and that AI could infiltrate our systems.

One thing I was reading about the other week is the risk of a solar storm that could knock out all the technology, but AI and cybersecurity could do the same. Can members imagine what our world would be like if we did not have Internet for a day, weeks or a month? We certainly saw that with the Rogers outage last summer, but we can imagine if it was malicious in intent.

Last, we must address the ethical dilemmas posed by AI. As AI systems become more autonomous, they raise complex questions about accountability and decision-making. We have heard about Tesla having automobiles that have gone off course, and the computer is making the life-or-death decision about where that car is going.

The other day I heard a report about vehicles in L.A. that are autonomous and running by Tesla or by taxi, and that fire trucks and ambulances could not get by the vehicles, because the vehicles were programmed to stop and put their four-way lights on, so these fire trucks could not get past them due to AI decisions. They had to smash the windshields in order to get the vehicles out of the way, and they lost precious minutes getting to the scene of a fire.

While AI holds immense potential to improve our lives, we must remain vigilant to the danger it presents. We cannot afford to turn a blind eye to the risks of job displacement, privacy breaches, bias, security threats or ethical concerns. It is our responsibility to shape the future of AI in a way that benefits all of humanity while mitigating its potential harms. We need to work together to foster a world where AI is harnessed for the greater good, ensuring that progress is made with compassion, fairness and responsible stewardship.

Let us shift for a moment to the positive aspects of AI, and AI actually does exist for good. We have AI working right now with health care diagnostics. Algorithms are being developed to analyze medical images, such as X-rays and MRls, to assist doctors in diagnosing diseases like cancer, enabling earlier detection and improved treatment outcomes.

We have disease prevention and prediction. AI models can analyze large datasets of patient information and genetic data to identify patterns and predict the likelihood of individuals getting certain diseases.

There is environmental conservation. Al-powered systems are being used to monitor and analyze environmental data. I have heard of farmers who are using computer systems to monitor the nitrogen in soil, so they can monitor how much water and how much fertilizer they need to put in the soil, which is saving our environment.

There is disaster response and management. AI is used to analyze social media posts and other data sources during natural disasters to provide real-time information, identify critical needs, and coordinate rescue and relief efforts.

For education and personalized learning, AI is changing the way people are learning right now. The greatest thing we have is ChatGPT, and ChatGPT has revolutionized research. Of course we are looking at the possibility of jobs being lost. It has even helped me with my speech today.

We have a lot of great things that are happening, and in the bill we certainly are going to be looking at how we change and monitor that. The bill should be split into three sections. We need to make sure we look at privacy as a fundamental human right for Bill C-27 as number one; the tribunal is number two; but AI is number three. We need to have as many witnesses as possible to make sure we get it right, and we need to work with our G7 partners to make sure we all look at AI and its benefits, its shortcomings and its benefits to society in Canada and the future.

Mr. Speaker, I am thankful for the opportunity to engage in this debate.

The reason I find this so important is that I am from the beautiful province of British Columbia and from the city of Abbotsford, which is nestled between majestic Mount Baker, at 10,500 feet high, and, on the other side, the mighty Fraser River. We live in a wonderful community in a wonderful region of the country. However, one of the challenges we have had over the years is that Canada, and more specifically British Columbia, has become the locus, the very heart, of money laundering in our country.

Just so Canadians understand what money laundering is, I will note that it is not benign activity engaged in by Canadians who want to avoid taxes or something like that. Money laundering is about taking the proceeds of crime, channelling them into what appears to be a legitimate business or a legitimate asset and trying to make those proceeds seem legitimate. It is a great way for criminals to hide the proceeds of crime. The last thing I believe Canadians want to do is aid and abet criminals to commit their crimes in our country, yet that is what has been happening for many years.

This legislation is not the be-all and end-all. Bill C-42 is simply a part of the solution. What it would do is establish a beneficial registry, an ownership registry, that would allow Canadians to see who actually owns the companies into which money might be directed from the proceeds of crime. This is not going to solve the whole problem of money laundering. Our police have their hands full in trying to track these criminals down, trying to identify the proceeds of crime and trying to get convictions.

Here is another problem. Money laundering has contributed significantly to the inflationary impacts on prices of land, real estate and homes that Canadians want to buy. These criminals know that if they can get money channelled into a house, it will be less likely for the police to identify that asset as being a proceed of crime. They also channel these proceeds of crime into legitimate businesses, like small and medium-sized enterprises. They channel this money into hard assets. They may be boats or expensive cars. At the end of the day, this costs Canadians big time.

There is another reason this is important to British Columbians. It was in British Columbia that the Cullen commission was established to investigate this very challenging problem to our criminal justice laws and to the broader issue of how much money laundering costs the average Canadian.

The Cullen commission made a long list of recommendations, most of which implicated the provincial government. It called upon the provincial government to act. However, there was one recommendation that stood out, which was that the federal government establish a pan-Canadian beneficial ownership registry for corporations. I believe Justice Cullen really intended for this to cover all companies in Canada. The problem is that the criminal justice law is federal law, so we as a Parliament have jurisdiction over it. Here is the problem: The large majority of Canadian companies are incorporated not at the federal level but at the provincial level, implicating every one of our 10 provinces and our territories.

How do we cobble together a pan-Canadian foreign ownership registry program with all of these different players at the table? The bill would, at least in the immediate term, establish a corporate beneficial ownership registry for federally incorporated companies, which is a good start. However, I believe the Cullen commission's intent was for the Liberal government to engage the provinces and territories to expand this to include the provincial regimes in federal legislation so that we can go after the money launderers in every corner of our country.

There is a reason this has come to our attention as lawmakers. Back in 2016, the Panama papers exposed how vulnerable Canada was to money laundering. Those papers made it clear that Canada was a laggard on the international stage when it came to addressing money laundering and interdicting the criminals who were taking proceeds of crime, filtering that money through legitimate enterprises and assets and then getting away with their crimes.

In 2017, it was the Liberal government's finance minister, Bill Morneau, who said we needed a beneficial registry to help combat money laundering in our market to determine the true source of funds and ownership in the acquisition of firms. He was right at that time, and that was 2017.

What happened in the intervening years? Nothing. From 2016 to 2023, we had eight years of inaction on the part of the Liberal government. This is pretty shocking, since the government, through its finance minister, at the very least had become aware that this was a very important issue for Canadians and nothing was done.

I will say that I am pleased that at least this has now come before us as Bill C-42, and it looks like we will see a beneficial ownership registry passed and implemented in our country. However, as the bill goes through committee review and comes back to the House, we are going to be asking a lot of questions. For example, how will this registry protect Canadians' privacy rights? We want to interdict criminals as they try to undertake their criminal enterprises, but we also want to make sure that the privacy of Canadians is protected.

I do not have great confidence that the government will actually protect our privacy, and here is why. We recently debated Bill C-27 in the House, which is all about privacy rights. We have been asking the government to actually include privacy as a fundamental right in Canada that Canadians can depend on. Sadly, Bill C-27 did not include that, so we have a right to be concerned.

We also want to ask who will have access to the information in the beneficial registry. Is it the police? Is it the ordinary citizen? It is business people? None of that is clarified in this legislation. We need to know that. Will the bill give law enforcement the necessary tools to combat money laundering and terrorist financing?

To conclude, I believe there is all-party agreement, so I am asking for unanimous consent to request a recorded vote on Bill C-42.

Thank you.

Mr. Fay, you talk about data a lot. It's very important. We've been dealing with Bill C-27 as well and some other bills. It's good timing that they're all being talked about at the same time.

Let's include intangible assets and IP with data. What recommendations can you make for Bill C-34 that would review and protect those assets in Canada?

Thank you.

I'm going to turn to Ms. Greenwood to follow up on Ms. Rempel Garner's line of questioning on big data companies, AI, etc.

First, I would make the comment that some of those hard questions being asked of the big digital companies were around getting them to pay for content and to pay their taxes, just like we ask Canadian companies to do, so it was more on that fairness aspect.

That aside, on this idea that we have to move faster than the speed of government here, we have Bill C-27, which probably won't get to committee before the fall, so that's going to be moving slowly. We have a subject like AI, which is developing very quickly and a lot faster than people imagine, probably, yet it will transform our world.

How do we do that faster than the speed of government and do it with the care that it deserves?

Yes, I checked with the clerk, and we didn't receive it. There may be portions of Bill C-27 this committee will have to deal with, so could I suggest that you share that letter with this committee as well? Is that possible?

Thank you, Mr. Villemure.

Mr. Dufresne, I have to clarify something. When Mr. Villemure was asking questions about Bill C-27, you said that you sent the letter to the ethics committee. Is it possible you sent it to the industry committee?

Okay. Thank you. That was just a joke.

This morning, the committee is studying the estimates. Bill C-27, which we are going to study a bit later, raises a lot of issues in terms of artificial intelligence, obviously, but also in terms of privacy. Does your office have the means to protect privacy in light of the new requirements set out in Bill C-27?

Madam Speaker, I would like to begin by saying that I will be sharing my time with the hon. member for Lac-Saint-Jean.

Like my colleagues, I rise today to speak about China's interference in political and public affairs and the breach of privilege of a member of this House. Obviously, it is one member, but all of us are under attack in this situation.

I will try to make this quick because I understand that people are waiting to hear from my colleague from Lac-Saint-Jean, whose expertise is in great demand. I think that there are some things that need to be said.

As we know, for several years now, a number of expert reports have highlighted China's actions, going so far as to accuse it of interfering in the political affairs of several countries, including our own. There have been reports of cyber-attacks on Canadian government institutions, businesses and universities, as well as other suspicious activities, such as manipulating social media and disseminating disinformation.

There are Chinese police stations that are operating while the Prime Minister looks on. There have been debates in the House on the active participation of Chinese government agents in the federal election and the controversial $200,000 donation to the Trudeau Foundation, which raises many questions about how much the Prime Minister knew about these matters.

These activities are extremely disturbing and raise questions about the integrity of our democracy and our electoral processes. We cannot allow foreign powers, no matter how big or how influential, to interfere in our political affairs and disrupt our democratic process. The Liberal government has gone from being disconcertingly naive about the Chinese Communist regime to inexplicably inactive in the face of China's repeated attacks on our democracy.

The straw that broke the camel's back was The Globe and Mail article about a CSIS report from 2021 stating that the member for Wellington—Halton Hills and his family in Hong Kong were being threatened by a Chinese diplomat who was still in Canada. The member for Wellington—Halton Hills had just voted in favour of a motion condemning the genocide of the Uyghurs by the Communist Party of China.

These are all very serious allegations involving troubling information that could have a potential impact on our parliamentary duties. The Speaker's ruling on this matter is exemplary, and I agree with the conclusion that an entity like China intervening with retaliatory measures against an MP and his or her family represents an attack on our collective ability to carry out our parliamentary duties unimpeded.

That is simply unacceptable and must be condemned in the strongest possible terms. It is our duty to protect our democracy and defend our colleagues' privileges. We must work together to strengthen our national security and protect our democratic institutions from outside threats. We must also support our colleagues and give them the means to fulfill their democratic mandate without fear or intimidation.

The Bloc Québécois will vote in favour of this motion because it has already debated these issues favourably in the public arena. First, when it comes to the foreign agent registry, I will not list all of the opportunities that the government has had for serious reflection since the member for Wellington—Halton Hills moved a motion in 2020 concerning Huawei's involvement in Canada's 5G network. Obviously, time has proven him right.

The Bloc Québécois has expressed its support for an independent public commission of inquiry into foreign election interference. That position is shared by other opposition parties that think that the recent leaks about China's attempts to interfere in our elections require an independent public inquiry.

Former chief electoral officer Jean-Pierre Kingsley has expressed his support for such an inquiry. According to him, Canadians have the right to know everything about what happened, and the lack of a public inquiry will only prolong the consequences for those who were affected. Kingsley also rejected the argument that a public inquiry could compromise public safety. He stated that public safety is there to protect democracy, not the other way around.

The government has sought to put off a public inquiry for a long time citing public security concerns. However, that has not prevented many people, including the former director of CSIS, Richard Fadden, from joining in the call for a public inquiry.

Overall, it is clear that the calls for a public inquiry into foreign interference in elections are growing stronger. Canadians have the right to know if their democratic process is under threat from foreign actors and what steps their government is taking to protect democracy and the interests of their country.

Can we get the truth on the closure of the covert police stations in Canada and on the threats against people who return to China or who have family in China?

This is not the first report we have heard about persecution and repression of certain people who criticized the Chinese government or who were considered dissidents.

The Chinese government also brought in a social credit system that can affect people's ability to travel, find work and access certain services based on their behaviour and their political leanings. It is important to note that these operations are often carried out covertly and the information is often difficult to verify. However, there is enough evidence to suggest that these threats exist and that governments and citizens should be aware of these risks.

The government's attempts to lower the temperature and stonewall are eroding our confidence in it. Its handling of the expulsion of Chinese diplomat Zhao Wei has been embarrassing.

We must be proactive. We must take steps to strengthen our national security, and we must shield ourselves from foreign attacks. We must also continue to strengthen our ability to identify, report, monitor and counter cyber-attacks. They can be extremely difficult to detect and thwart, but we must be ready to face these threats and to protect our institutions against malicious attacks.

The case of the member for Wellington—Halton Hills raises a bigger problem in a world that is becoming more complex. With the growth of social networks, it is getting easier and easier for malicious people to target and harass elected officials, journalists and other public figures. The threats and attacks can be deeply disturbing and have real consequences for the safety of the individuals concerned. This is our cue to rethink our society and even our use of social media.

Increasingly, we tolerate threats because they are just threats. If we do not tolerate threats towards our colleague, we should not tolerate the threats we are subjected to on social media, either.

Our world is entering a new era. China may be using an old way of doing things right now, but new ways of influencing our elected officials will be found. They will become increasingly insidious. Our lives are showcased on social media. Hackers are finding new ways to go even further in getting data.

Just imagine. A fraudster can practically create a new identity for themselves using data leaked from a bank or government. If a member of Parliament is targeted, what impact will that fake identity have? How will a new power be able to influence elected officials?

I serve on the Standing Committee on Industry and Technology, and these are issues that must be discussed during our study of Bill C-27. We need to ask ourselves whether the government has really made all of the connections that need to be made between all of the laws in order to strengthen the protection of Quebeckers and Canadians.

When it comes to protecting ourselves from China, there is also the Investment Canada Act, which may not go far enough in protecting our vital areas, our supply chains. These are things that I have a lot of questions about.

With the arrival of even more powerful technologies, such as quantum computing, we know that a lot of our data is stored on servers and that China will not hesitate to check that data and use it against us, of course.

Consequently, and in conclusion, we have to equip ourselves with all the tools available to fight foreign interference. That starts with solidarity with the member for Wellington—Halton Hills.

Madam Speaker, one thing that stood out from my colleague's speech was the part specifically related to Bill C-27 and the importance of regulating artificial intelligence.

He mentioned the great work done by the member for Windsor West. Perhaps that member's most concrete contribution to this issue so far was to divide the debate, until the NDP eventually asked for two votes on the same issue, which meant that we arrived 15 minutes late in committee. I will spare my colleagues all the details.

Nevertheless, considering that this bill should have been passed in 2018-19, we get the sense that some members have tried to delay and stall. Could the NDP not be part of the solution to speed things up with the government, especially when it comes to paperwork done by our administrators and agricultural producers?

Thank you, Mr. Gaheer.

If there are no other questions, that concludes our two hours of committee work for today.

Before we adjourn, I want to thank our witnesses. It's been very interesting. I speak on behalf of all members when I say that was an enlightening conversation. We appreciate your taking the time, and for some of you, it was at the very last minute. We appreciate your presence here this afternoon.

Before we adjourn, though, members, we have budgets to adopt.

You have received the relevant material from the clerk.

I therefore move the adoption of the budgets for the consideration of Bills C‑34 and C‑27. Is there unanimous consent to adopt these budgets?

For the Diefenbaker government, I was not there. I never met John Diefenbaker, but I knew his executive assistant. MP Maguire met John Diefenbaker.

He was first elected prime minister in 1957 in a minority, but he had an overwhelming, smashing victory in 1958, winning many seats. He was only to be surpassed in the number of seats by Brian Mulroney's victory in 1984.

Apparently, in 1958, with the election of the Diefenbaker government:

...greater use was made of standing committees; for the first time, a member of the official opposition was chosen to chair the Public Accounts Committee—

Imagine that. The Conservative government of John Diefenbaker expanded the roles of committees and said examining the spending of government accounts by the public accounts committee is not something that should be chaired by a government member. They, in government, said, “We should have an opposition member chair the public accounts committee.”

Is that a dedication to ministerial accountability? That's a belief in our parliamentary system like we don't see these days.

Again, I will read it, “for the first time, a member of the official opposition was chosen to chair the Public Accounts committee and the Committee began to hold regular meetings”. That's a good concept.

In 1968 there were more significant reforms made to House procedures, including the following—and remember, I don't know what time of the year it was in 1968 that it happened. It could have been under Prime Minister Pearson, or it could have been under newly elected Prime Minister Trudeau, who was fresh faced, and there was Trudeaumania. If it was under him, with all the world before him to change the world and use government for good with an unusual respect for Parliament for the Liberals, in 1968 they made a series of significant reforms to House procedures, including the following three key changes.

The estimates were no longer considered by a committee of the whole of the House but were sent to standing committees. That was a good reform. It gave those expert committees the ability to scrutinize the spending of the departments that the minister is responsible for, i.e. the Fisheries minister in the fisheries committee or the Industry minister in the industry committee.

The second significant reform, according to Treasury Board, that was made in 1968 was that the opposition was given a total of 25 days when it could choose a topic of a debate. Those are colloquially called opposition days, when we get to propose a motion for the House to debate and move and, for the general part in this government, for the government to ignore the vote or, in some cases, vote against it, as they did recently on several opposition days. We were thankful that they voted to send China interference, which the government has been aware of for two years, I believe, yesterday, to the procedure and House committee. Thanks to some of these reforms, those things can happen.

The third thing was that most bills were referred to standing committees. I was talking with MP Blaikie the other day about bills going to standing committees, and talking about the time.... Again I'm going to give a story. There is a standing order that is still on the books today, little used, that committees could be freed up from the arduous work of dealing with legislation, which can throw off the important subject studies that standing committees do. For example, we now have three government bills before the industry committee, which has stopped, halted, right in the middle of the important study we were doing on a Bloc motion to have the electronics and recycling ecosystem studied by the industry committee to understand all types of things. That has been stopped because we now have three bills, Bill C-27 on privacy, Bill C-34, changes to the Investment Canada Act, which I'm sure all members here are very interested in, and Bill C-42, a bill to create, finally, a beneficial corporate ownership registry.

There is a standing order that still exists today that says you can refer bills to legislative committees. These are special committees that get set up for each bill. They exist for a bill, then disappear.

During the days when I was a young legislative assistant to a minister, that's where all bills went. They didn't go to standing committees, except for the budget. They didn't go to standing committees; they went to specially constituted legislative committees that would be set up, for example, to deal with Bill C-21, which changed the Firearms Act. It wouldn't go to security, SECU, as we call it. It would go to a special committee of MPs set up from all parties, and it would have its own budgets, its own clerks and its own travel budgets and then, when the bill was reported back to the House with or without amendments, that legislative committee would disappear.

For example, Mr. Chair, look at the biography of a former chair of this committee whom I knew well, Don Blenkarn, an irascible fellow from Mississauga who was elected and chaired this committee, I believe, for six years during the Mulroney government. He wasn't always a person who followed the government rules, I can tell you, much to the chagrin of then finance minister, Michael Wilson. When you look up his bio, you will see legislative committee after legislative committee after legislative committee listed by bill, because when a finance bill came out of second reading in the House, the legislative committee would set up, and Don Blenkarn would always be one who wanted to be on those bills to examine them.

While this reform in 1968 referred it to standing committees, I know personally that there were further reforms to the Standing Orders to allow for more flexibility. It is something we should use a little more today, those legislative committees, but, like I've said before, I've gone a little off topic from this, but I still think it's about how we hold ministers to account in Parliament.

There are different ways to do it under the Standing Orders, and some are effective, but the key part of it, whether it's a standing committee, a legislative committee, public accounts, the finance committee or two of my favourites, industry and fisheries, is that ministers come because it's a courtesy on both sides.

It's a courtesy to ask the minister to come and explain why this is such a great legislative initiative, but it's also generally polite—like when you get a dinner invitation to somebody's house—to go. I won't say to you, Mr. Chair, since I expect I will get an invitation to dinner with you sometime, “Well, I can only go for half an hour.” I know you want to talk to me about the insights I've provided the committee on ministerial accountability for more than that over dinner and maybe a few glasses of wine.

Right. You alluded throughout our testimony today—I'll ask Mr. Ciuriak to comment in a second—to the fact that we're at a tipping point in Canada in dealing with some of these digital challenges in respect to intellectual property, Canadian sovereignty and national security.

Are there any proposed amendments—maybe you can get back to the committee a little later—that in any way can address this in the context of Bill C-27, which touches upon many of these points, too?

You mentioned that there is a capacity and context issue with the Government of Canada in this department. Can government ever really keep up with the technology that's being developed and implemented so quickly today?

I ask that question in the context of the points raised about the digital economy and what this committee will be dealing with as well in respect to C-27.

Mr. Balsillie, you caught my attention, and I was texting with my wife during this committee about what we were talking about. The other day I came home, and my son had asked for a Paw Patrol app to be downloaded on our iPad. I don't know the origins of this application or which company owns it, but in my mind it almost seems that a foreign company is operating in Canada. They're investing in Canadian users. They're extracting information from children as young as two years old. They're using that for monetary purposes, but it wouldn't be covered under the Investment Canada Act. As Ms. Walker said, it would also likely not be covered under another law in Canada, even though it is a form of investment to extract information and therefore wealth from Canadians of all ages.

Would you agree with that type of assessment?

Thank you, Mr. Chair.

I think this is an interesting time right now. I know Mr. Balsillie, for one, was just at our science and technology committee. We were talking about IP commercialization, owning more of what we create, and at this point we are also trying to make sure we protect what we create.

I really want to zero in on some recommendations you've given the committee. I can't agree more that economic and security risks should not be analyzed separately. Certainly we need strategic technologies and critical technologies lists like the U.S. has. I think your last recommendation was to create a CFIUS, the committee on foreign investment that the U.S. has. We have an investment review division under ISED right now. I think one of the differences I've seen is that CFIUS is an inner agency, so it seems to work across many different...I guess here it would be ministries, and the U.S. seems to get that. We seem to have it only under ISED.

To the point I wanted to zero in on earlier, we're not talking about intangible assets. We're certainly not talking about data and IP, and protecting that. Again, AI, as we're going to be studying with Bill C-27, is just incredibly powerful right now. We don't know what that's going to do to IP and data.

This is just a question of whether we should be looking at maybe a recommendation to give more power to the investment review division under ISED, and maybe looking at multi-ministry...? Also, how do we handle the AI component, let alone just IP and data itself?

Mr. Speaker, the government is now moving to guillotine debate on its own budget bill, and there is really no reason to do it. The Standing Committee on Finance is already considering the budget bill at committee and has been for many days.

The only reason to do this is to completely shut down debate on a bill that many members, both in the Conservative Party and I am sure other political parties, want to debate to bring forward issues of concern from their ridings. I know people in my riding are extremely concerned about the cost of living crisis that this inflationary budget will only make worse as the government pours more gasoline on to the inflation fire. The Liberals have no plan whatsoever to actually balance a budget in any future budget year that is available in the document right now.

There was no reason to do this; the finance committee is already seized with the matter. It is already considering Bill C-47. The only reason to do this is to slam shut debate in the House of commons once again.

I will remind members that this government passed only one government bill to the next stage last week, Bill C-27. There were more private members' bills passed last week, and I am sure it will happen this week. This government has completely mismanaged the clock. It even has evening sittings and cannot pass government legislation on time.

Thank you, Mr. Chair.

Mr. Bailey, Professor Yoshua Bengio is an international authority on artificial intelligence based in Montreal. On April 15, he told us clearly that it is very important to act now on Bill C‑27, An Act to enact the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act and the Artificial Intelligence and Data Act and to make consequential and related amendments to other Acts.

We are establishing international leadership through Bill C‑27. Do you believe this leadership will inspire the United States to address matters the same way we are, since it does not have such legislation?

Thank you. This is extremely important. We know how much research in French is imperiled on the international scene.

I’ll get back to the subject.

Let me begin with you, Mr. Bailey. You touched on the issue of artificial intelligence. I would be curious to hear from you on Bill C‑27, which I imagine you’ve been following with some interest, and which is now before the committee.

What are your thoughts on Bill C-27? In the context of this study, you could respond by talking about support for commercializing intellectual property, which may be a blind spot in this bill.

On a separate scheduling note, has there been any thought about what we're doing with Bill C-34 and Bill C-27? How much time do we have left to schedule those? I haven't checked my email, so it could be in my box right now for all I know, but I'm just curious.

Good afternoon, everyone. I call this meeting to order.

Welcome to meeting No. 68 of the House of Commons Standing Committee on Industry and Technology.

Pursuant to Standing Order 108(2) and the motion adopted by the committee on Monday, November 28, 2022, the committee is meeting to study the development and support of the electronics, metals and plastics recycling industry.

Today’s meeting is taking place in a hybrid format, pursuant to the House Order of Thursday, June 23, 2022.

I'd like to thank the witnesses who are joining us. I apologize for running late. I note, at the request of Mr. Lemire, that Mr. Masse is to blame for this delay because he requested a division of the motion on Bill C‑27.

Brian, it's your fault if we're late today.

I declare part 3 of the bill carried.

The House has agreed to the entirety of Bill C-27, an act to enact the consumer privacy protection act, the personal information and data protection tribunal act and the artificial intelligence and data act and to make consequential and related amendments to other acts, at the second stage reading.

Accordingly, the bill stands referred to the Standing Committee on Industry and Technology.

(Bill read the second time and referred to a committee)

It being 3:13 p.m., pursuant to order made on Thursday, June 23, 2022, the House will now proceed to the taking of the deferred recorded division on the motion at the second reading stage of Bill C-27.

Call in the members.

The question is on the motion. Pursuant to Standing Order 69.1, the first question is on parts 1 and 2, including the schedule to clause 2 of the bill.

Madam Speaker, I guess there are a few things that I would like to learn from my hon. colleague. We know that since the Liberals came into power, foreign tech giants have more than tripled their lobbying efforts in Ottawa, especially with the Liberal government, and Amazon, Google and Facebook have been a large part of that. I would love to hear his concerns or thoughts around that.

Bill C-27 does not explicitly apply to political parties. As we have seen in the past, and we just saw the Green Party have a breach, which was unfortunate, the possibility of privacy breaches and misuse exists in the political arena. Does my colleague agree that the bill should be amended to specifically include political parties?

Madam Speaker, I am following the debate.

If we look at Europe, it seems quite complicated to create a framework to govern artificial intelligence. However, I think we should draw inspiration from Europe's efforts. The Standing Committee on Industry and Technology is certainly going to want more information about how the Europeans are going about it.

One thing is certain. I think what makes this so difficult is that the technology is evolving so fast. The part of Bill C-27 that deals with AI, as currently proposed, gives the government the freedom to do a lot through regulation, which is not necessarily ideal as far as I am concerned. However, when it comes to AI, I doubt that there is any other option. Today we are talking about ChatGPT, but I can almost guarantee that by next year, if not this summer, we will have moved on to something completely different.

The situation is changing so fast that I think we need to be very nimble in dealing with AI. I have heard the Conservative member for Calgary Nose Hill, whom I see eye to eye with on these issues, use the word nimble.

What I like about Bill C‑27 is that it creates the position of a commissioner who reports to the minister and who will look into these issues. I have long believed that we should have someone to oversee AI, someone to study all the new capabilities and the risks of accidents that this poses—because there are serious risks—and to be able to translate this into terms that the general public, legislators and the House can understand.

Madam Speaker, before I start, I have to say that I have learned a lot listening to the interventions in this debate. I've just learned that the Parliamentary Secretary to the Minister of Foreign Affairs is subscribing to the feed of the hon. member who just spoke. I know he is a brilliant and knowledgeable man, so he must have other sources of information. That I can guarantee.

It is my pleasure to rise in the House to speak to Bill C-27, the digital charter implementation act, 2022, which, as my colleagues know, contains three parts.

Part 1 enacts the consumer privacy protection act and replaces Part 1 of the Personal Information Protection and Electronic Documents Act, or PIPEDA. Part 2 establishes a personal information and data protection tribunal, which is a key component in the enforcement of the consumer privacy protection act. Finally, part 3, which has been the subject of more discussion this afternoon, enacts the artificial intelligence and data act, which lays the foundation for Canada's first regulations governing the development, deployment and design of artificial intelligence systems. I will come back to that a little later.

First of all, I implore the members of this House to support Bill C-27 and send it to committee for further study. In my view, Bill C-27, as it is currently drafted, is a big step in the right direction in terms of both privacy protection and artificial intelligence. Obviously, there are areas where the bill could be improved. I have great confidence in the Standing Committee on Industry and Technology, which I have the honour of chairing. I know that it will study this bill carefully and come back to the House with amendments that will be useful and improve the two important areas protected by Bill C-27, namely privacy and the regulation of artificial intelligence. This will help foster innovation while ensuring that any risks associated with this new technology are well managed in Canada.

It is important for us to move forward and vote in favour of Bill C‑27, because the privacy legislation it replaces was enacted over 20 years ago. I am referring to PIPEDA, the law that caused me so many headaches when I was a young lawyer. Now, 20 years later, we all know that its approach to regulating privacy protection is a little outdated. With organizations growing ever more powerful and collecting ever more data using increasingly intrusive technologies, the time has come to modernize the protection of personal information in Canada. Our privacy is under attack.

In my opinion, privacy is one of the cornerstones of our democracy, just as philosopher Vladimir Jankélévitch saw courage as the cardinal virtue without which all other virtues grow dim or practically disappear. Courage is the impetus.

To me, privacy is kind of the same thing, because it leaves room for the inner life a person needs to feel free to express themselves, free to think and therefore be truly free. Jeremy Bentham understood that, as his panopticon concept shows. A panopticon is simple; it is a prison that, instead of being in the shape of a large rectangle with several cells lined up next to one another, where a guard comes by from time to time to check on the inmates, it is circular and has a central tower where a guard may observe the inmates. Knowing that they might be watched, the inmates will modify their behaviour and will be better behaved. The idea is that when we know that we might be monitored, we censor ourselves, which is what makes privacy so important. To me, that is what makes privacy one of the foundations of our democracy.

Bill C‑27 does not affect the public sector, the relationship between the government and citizens, or the Privacy Act. It targets the private sector, which in my opinion is just as important, given the rising power of some companies that are collecting more and more information about citizens all the time, as I mentioned. As we saw from what has come to light in the United States, in some cases, these companies have a suspiciously close relationship with the government. Take, for example, Edward Snowden's revelations and the “Twitter Files”. Given the amount of data they collect, they know their users so intimately, maybe even more intimately than the users know themselves, that studies show they even have the ability to change users' behaviour. For example, think about social media and the suggestions that are made. That can influence a person's ideology. It can also influence consumer choices.

For me, there is no doubt that we need to improve and increase the protection of personal information and privacy. There are some good things in Bill C‑27. I will start by talking about those things, and then I will move on to what could be improved.

First of all, I am very much in favour of the power given to Canadians under this legislation that allows them to delete their data. I think that is a must. I also welcome the power that Canadians will have to share their personal information among organizations, which could encourage competition.

In my view, it is commendable that the bill gives greater powers to the Privacy Commissioner, including the power to order organizations to stop collecting or using data. I think that reflects what we have heard from the Office of the Privacy Commissioner, for example. I also welcome the fact that that office will have more flexibility to focus on its priorities or the priorities reported to it by Canadians.

I would also point out that the tougher penalties in the bill are good news. Finally, a key aspect worth mentioning is the protection of minors, as the bill makes their personal information de facto sensitive, which enhances their protection. I think that is very positive.

As for what could be improved and what should be noted and studied in committee, I believe that privacy protection should be set out as a fundamental human right, both in the preamble of the bill and in clause 5. I think that would send a clear message and have legal consequences. It would send a clear message to the courts having to address this issue and result in significant legal effects. I know that the government has raised jurisdictional issues regarding this issue, and so I would be interested in hearing more in committee.

I also think it would be worthwhile clarifying the provisions around consent. The proposed subsection 15(4) of the new act talks about plain language that an individual to whom the organization's activities are directed would reasonably be expected to understand. That is a change from the current version of the Personal Information Protection and Electronic Documents Act, which refers to the user's understanding. I do not understand this change. I am not certain that it adds clarity to the consent to be obtained. I would like to hear more about that.

I am not convinced of the probity of implied consent, which is set out in subsection 15(5). In my opinion, it would be preferable to only have express consent, without which a company could invoke legitimate interest, as long as that legitimate interest is clearly defined in the legislation as being secondary to the interests and fundamental rights of individuals, a bit like we find in the European general data protection regulation.

Finally, I believe that the sensitive information referred to in the bill would benefit from being clarified and defined, in the absence of a very specific definition as seen in Quebec's Bill 25, which gives companies a lot of latitude to determine what they consider sensitive information. I think that Bill C‑27 would be improved by clarifying and defining the notion of sensitive information.

I would be curious to learn more in committee about the security safeguards, control over one's own personal data, the role and benefit of the tribunal being created, and how it would protect privacy. To be completely honest, I have not formed an opinion yet, but I am eager to find out more.

This leaves me far too little time to talk about artificial intelligence. However, that is what I wanted to talk about the most. Time flies when having fun. I will say a few words, if only to point out the staggering increase in AI over the past two years.

For the benefit of any lay people in the House, GPT‑3 was created in 2020. I am also a layperson, but I have benefited from the knowledge of experts like Jérémie Harris. I want to give a shout-out to him, because he organized a conference on Parliament Hill with me a few months ago to try to raise awareness about artificial intelligence. He explained to me that there was a revolution in the AI world two years ago. Instead of trying to connect artificial neurons, researchers realized that all they had to do was increase the number of artificial neurons to create ever more powerful neural networks. The speed of the increase has been staggering: GPT‑2 had 1.5 billion parameters, GPT‑3 had 175 billion parameters, and GPT‑4 has 100 trillion parameters. They are likely getting close to achieving human-level intelligence.

Everyone is talking about ChatGPT, but it is not the only AI out there. There is also Google's LaMDA, which is not public and which we know very little about. Blake Lemoine, one of the engineers who worked on it, was fired this summer because he said that he thought Google's LaMDA was sentient. That is one example, but there are also PaLM and Gato, which were developed by Google's DeepMind Lab. That is not to mention all the initiatives that we are not even aware of.

I think AI opens up a lot of opportunities, but it also comes with a lot of risk. When human intelligence can be so accurately mimicked and probably even surpassed one day in certain areas, that comes with national security and public safety risks.

That being said, I echo the call of many researchers, including Yoshua Bengio and others in the field, who are saying that we need to support the principle of Bill C-27, that the bill needs to be examined in committee and that Canada needs AI regulations.

Madam Speaker, I am proud to rise on behalf of my privacy-loving constituents in Renfrew—Nipissing—Pembroke.

Bill C-27 is another piece of legislation that had to be resurrected after the Prime Minister called his superspreader pandemic election. Originally, this was supposed to be a long overdue update to the Privacy Act, and it has since morphed into Bill C-27, the data-grab act.

Everything about Bill C-27 should leave the Liberals feeling embarrassed. A Canadian's right to privacy is fundamental. Sadly, Canadians' privacy rights are not a priority for the government.

This bill has languished for years. It was first introduced immediately after the original online streaming censorship act was introduced. However, when the Prime Minister called his pandemic election and reset all legislation, what did the Liberals make a priority? Was it the privacy rights of Canadians? No. Was it securing Canadians' ownership over their data? No. Instead, what the Liberals prioritized was a bailout for big telecom and a bailout for the legacy media.

Not only does the government care more about padding the bottom line of Postmedia, but it also adopted Rupert Murdoch's false narrative about tech profiting off the content produced by the news media. Social media companies and search engines do not profit off the news media. They profit off us. These companies profit off our data, and the Liberals know the truth. Unfortunately, this legislation seeks to make it easier for companies to profit off our privacy.

If Bill C-27 is not significantly improved at committee, then together with Bill C-11 and Bill C-18, the government will have entrenched the surveillance economy in Canadians' lives. By combining the updates to the Privacy Act with the creation of a new artificial intelligence act, the Liberals have actually illustrated the brave new world we live in.

The Privacy Act and the way we talk about privacy even today are holdovers from the industrial era. We do not live in that world anymore. In the industrial economy, privacy rights were concerned with the ability to control what information could be shared. The goal was to prevent harm that could come from our personal information being used against us.

In effect, information was personal and an economic liability. We spent money on shredders to destroy personal information. The careless use of our personal information could only have a negative value, but then the world changed. Our personal information stopped being a liability and became an asset.

It started out slowly. Early examples were Amazon recommending a new book based on previous purchases and Netflix recommending what DVD rental we should next receive by mail. Google then began displaying ads next to search results. That was the eureka moment: Targeted ads were very profitable.

However, the targeting was pretty basic. If someone searched for shoe stores near them, Google returned search results alongside ads for shoes. Then it became ads for shoes on sale nearby. Then came Facebook and millions of people signed up. In exchange for an easy way to connect with friends and family, all someone had to do was share all their personal information, like who their friends were, how many friends they had and their geographical proximity to friends.

With the addition of the “like” button, the data harvesting exploded. If someone liked a news story about camping, they would start seeing ads for tents and sleeping bags. Every action Canadians took online, every single bit of their data, was commodified. Our privacy was turned into property and we lost both.

Not only does this bill not secure privacy rights, but it effectively enshrines the loss of our property rights with just two words: legitimate interest. Proposed subsection 18(3), entitled “Legitimate interest”, has this to say:

(3) An organization may collect or use an individual's personal information without their knowledge or consent if the collection or use is made for the purpose of an activity in which the organization has a legitimate interest that outweighs any potential adverse effect on the individual resulting from that collection or use

Is “legitimate interest” defined anywhere in the legislation? No. It is just another example of the vagueness found throughout the legislation.

Even if we accept the plain-language definition and that private business really somehow does have a genuine, legitimate reason to collect private information without consent, it is weighed against the adverse effect. However, this is industrial-era thinking. It views personal information only as a potential liability. Businesses have a legitimate interest in making money. With the Internet and mobile phones, much of our private information can be collected without any adverse effect. This legislation turns the private information of Canadians into the property of corporations and calls it legitimate.

I mentioned earlier that combining the privacy legislation with the AI legislation actually puts a spotlight on the issue of private data as property. However, as important as it is to highlight the connection, it is more important that these bills be separated. The artificial intelligence and data act has been slapped onto previously introduced privacy legislation.

With the privacy portion of the legislation, the devil is in the details. Overall, however, the bill reflects a general consensus developed over countless committee studies. That is not to mention the contributions to the privacy debate from the federal and provincial privacy commissioners. The issue has been well studied, and the minister has indicated that the government is open to responsible amendments. I am sure that the committee is well equipped to improve the privacy sections of this bill.

The same cannot be said about the artificial intelligence section of the bill. It seems rushed, because it is. It is intentionally vague. The Liberals claim the vagueness is required to provide them with regulatory flexibility and agility. The truth is, they do not know enough to be more precise. I have been trying to get a study on artificial intelligence in the defence committee for years, but there was always a more pressing issue. AI was treated like nuclear fusion technology, something that was always just over the horizon.

Since this bill was introduced 10 months ago, we have gone from ChatGPT to open-source GPT models, which any teenager can apparently run on their personal computer now. AI programs went from producing surrealist art to creating photorealistic images of the Pope in a puffy jacket. We have gone from short clips of deepfake videos impersonating real people to generating fictional people speaking in a real-time video. When we all started to learn Zoom in 2020, how many people thought the other person on the screen they were talking to could just be a fake? Now it is a real possibility.

The speed at which AI is developing is not an argument for delaying AI regulation; it shows that it is imperative to get the regulation right. Would this bill do that? The only honest answer is that we do not know. They do not know. Nobody truly knows. However, we can learn.

We should split this bill and let the stand-alone AI bill be the first legislation considered by one of the permanent standing committees, adding artificial intelligence to its official responsibilities. Artificial intelligence is not going away, and while much of the media attention has focused on chatbots, artistic bots and deepfakes, AI is unlocking the secrets to protein folding. This has the potential to unlock cures to countless different cancers and rare genetic diseases.

A paper was just published describing how an AI trained on data about the mass of the planets and their orbits was able to rediscover Kepler's laws of motion and Einstein's theory of time dilation. If we get this wrong, Canada could be left behind by the next revolution in science and discovery.

Given the government's track record on digital technology, Canadians should be worried about the Liberals rushing vague legislation through to regulate an emerging technology. Rather than modernizing the Broadcasting Act, they are trying to drag the Internet back to the 1980s. With Bill C-18, they claim that linking is a form of stealing.

The Liberals and their costly coalition allies do not even understand how broadcasting technology or the Internet works. They see people's personal data as the legitimate property of corporations, and now they are seeking the power to regulate a revolutionary technology. They did nothing while the world shifted below them, and now they are trying to rush regulations through without understanding the scope and scale of the challenge. Protecting Canadians' privacy and establishing property rights over their personal data should have been prioritized over bailing out Bell and Rogers.

Mr. Speaker, I rise to speak to Bill C-27, the digital charter implementation act. This legislation is the first update of federal private sector privacy laws in more than two decades.

Contained within this bill are three distinct pieces of legislation, each of which is flawed in its own way. The first piece of legislation within this bill would establish the consumer privacy protection act, legislation that completely fails to protect personal and sensitive information of individual Canadians in the digital era. The second piece of legislation within this bill would establish a tribunal system with respect to complaints around potential privacy rights violations. I submit that this tribunal system is duplicative, cumbersome and political, and that it would slow down the process of adjudicating and determining privacy complaints, to the detriment of individual Canadians and often to the benefit of powerful corporations.

The third piece of legislation within this bill seeks to establish a legal framework with respect to artificial intelligence systems. Let me say that it is important that the regulatory void that presently exists, with respect to the AI sector, be filled, but the substance of the bill, as it pertains to AI, is fundamentally flawed. It contains vague language. More concerningly, it puts a significant amount of legislative power in the hands of the Minister of Industry by way of regulation, absent parliamentary scrutiny.

The government is essentially asking, with respect to AI, for Parliament to adopt a bill without knowing the details and without understanding the impact of the bill on AI. It is saying, “Trust us. Trust the minister to fill in the blanks and come up with the rules after the fact.” I do not trust the government on anything, after it has gotten just about everything wrong over these past eight years. In any event, it is an overreach. It is a power grab of sorts. It is inherently undemocratic and it undermines investor confidence in the AI sector when we need investor confidence because of the uncertainty the bill creates in giving the minister the power to essentially come up with and change the rules on a whim.

When it comes to the AI component of the bill, the government needs to go back to the drawing board and engage in meaningful consultation, consultation that simply did not take place.

This is a complex bill. It is more than 100 pages long. It includes many complex and technical matters and so, in the very limited time that I have to contribute to this debate, I want to focus on how this bill fails to adequately protect the privacy rights of individual Canadians.

Privacy has long been recognized as a fundamental right of Canadians. That is because it goes to the core of who we are as individuals and is essential to the enjoyment of fundamental freedoms. As the Supreme Court declared in a 1988 decision, “Privacy is at the heart of liberty in a modern state” and privacy “is worthy of constitutional protection”.

Unfortunately, Bill C-27 fails to put the privacy rights of Canadians first. Instead, it puts the interests of big corporations, big tech and data brokers ahead of the rights of individual Canadians, and that, without war, is unacceptable.

It is true that the preamble of the bill refers to privacy interests, and I emphasize the word “interests”, as being integral to individual autonomy, dignity and the enjoyment of fundamental freedoms. It is of significance that missing in the bill is any mention of rights, but instead privacy is referred to as an “interest” and not the right that it is.

The absence of rights-based language in the bill tips the scale against individual Canadians in favour of commercial interests. As a consequence, the tribunal, as well as the Privacy Commissioner, would face significant challenges in weighing the privacy rights of Canadians against commercial interests, more likely than not, unfortunately, to the detriment of individual Canadians.

Members do not have to take my word for it. They can take the word of the former privacy commissioner of Canada, Daniel Therrien, who, in a November 13, 2022, op-ed in the Toronto Star said that the absence of rights-based language in this legislation “will likely reduce the weight of privacy in assessing the legality of intrusive commercial practices.” That was from the former privacy commissioner of Canada.

While the absence of rights-based language is a significant shortcoming in the bill, it is far from the only shortcoming in the bill when it comes to protecting the privacy rights of Canadians.

The bill contains many exceptions and loopholes with respect to obtaining the consent of Canadians for the collection, use and retention of data and private or personal information. So wide are the exceptions, so wide are the loopholes that the purported protections provided for in the bill are all but meaningless. The bill provides no clarity with respect to sensitive information. There are no broad categories around sensitive information, information worthy of additional protections, unlike legislation in other jurisdictions.

The bill is completely silent with respect to the selling of data. It provides no limitations or rules around data brokers. It provides nothing in the way of protections for Canadians around other areas. It does not provide a remedy, for example, for moral damages in the case of data breaches.

In so many respects, this bill falls short, and that is why it has been widely criticized by leading privacy experts. Canadians deserve better. That is why Conservatives will be voting against this bill. The Liberal government needs to go back to the drawing board.

Madam Speaker, so much has changed throughout the last 23 years. In the year 2000, there were about 740 million cellphone subscriptions worldwide. More than two decades later, that number sits at over eight billion. There are more phones on this planet than there are people. It is a statistic that should give anyone pause.

In 2000, Apple was still more than a year away from releasing the first iPod. Today, thanks to complex algorithms, Spotify is able to analyze the music I listen to and curate playlists I enjoy based on my own taste in music. In 2000, artificial intelligence was still mostly relegated to the realm of theoretical discussion, that is, unless we count the Furby. Today, ChatGPT can generate sophisticated responses to whatever I type into it, no matter how niche or complicated.

As technology changes, so too do the laws that surround and govern it. Canada’s existing digital privacy framework, the Personal Information Protection and Electronic Document Act, has not been updated since its passage in the year 2000. For this reason, it is good to see the government craft Bill C-27, which is supposed to provide a much-needed overhaul to our digital privacy regime.

For years, the government has been dragging its heels on this important overhaul. For years, Canada’s privacy framework has been lagging behind our international counterparts. The European Union’s General Data Protection Regulation, passed in 2016, is widely considered to be the gold standard for privacy protection. In comparison to the GDPR, I am not impressed with what the government has put forward in this bill.

Indeed, the largest portion of Bill C-27 is roughly 90% identical to the legislation it purports to be replacing, and what the bill has added is quite concerning. Instead of being a massive overhaul of Canada’s archaic PIPEDA framework, Bill C-27 would do the bare minimum, while leaving countless loopholes that corporations and the government can use to infringe upon Canadians’ charter rights.

Bill C-27, while ostensibly one bill, is actually made up of three distinct components, each with their own distinct deficiencies. To summarize these three components and their deeply problematic natures, Bill C-27, if passed in its current form, would lead to the authorization of privacy rights infringements, the creation of unneeded bureaucratic middlemen in the form of a tribunal and the stifling of Canada’s emerging AI sector.

When it comes to the first part of this bill, which would enact the consumer privacy protection act, the name really says it all. It indicates that Canadians are not individuals with inherent rights, but rather, business customers. The legislation states that it has two purposes. It apparently seeks to protect the information of Canadians “while taking into account the need of organizations to collect, use or disclose personal information in the course of commercial activities.” In other words, individual rights and the interests of corporations or the government are supposed to work in tandem.

In the post-charter landscape, that just does not cut it. Privacy rights must be placed above corporate interests, not alongside them. In the words of Justice La Forest 34 years ago, “privacy is at the heart of liberty in a modern state. Grounded in man's physical and moral autonomy”.

It is true that this portion of the bill mandates de-identification of data when one’s personal information is shared, and it is also true that it requires the knowledge or consent of the individual, but each of these terms, which should ideally serve as the bulwarks of privacy protection, are defined as vaguely as possible, and the remainder of the bill then goes on to describe the various ways in which consent is actually not required.

Subclause 15(5) of the bill would allow organizations to utilize a person’s information if they receive “implied consent”, a slippery term that opens the door to all kinds of abuses. Subclause 18(2) then gives those organizations a carte blanche to use implied consent as often as they would like, or even exclusively. Sure, there could be organizations that, out of the goodness of their hearts, would always seek the express consent of the individuals they are collecting data from, but express consent is in no way mandatory. It is not even incentivized.

Then we come to the concept of “legitimate interest”. Subclause 18(3) gives the green light for organizations to utilize or share one’s information if the organization feels that it has a legitimate reason for doing so. It is not just that this clause is incredibly vague, it is that it makes individual privacy rights subservient to the interests of the organization.

Moreover, the Supreme Court of Canada has ruled that section 8 of the charter provides individual Canadians with a reasonable expectation of privacy. Given all of the exceptions I have provided, it is not clear to me that this bill would survive a charter challenge.

Recent events should show us the problem with giving so much leeway to corporations and so little thought to individual rights. In 2020, through a third party service provider, the Tim Hortons app began collecting the geolocation data of its users even though they were not using the app. There was also Clearview AI, which sent countless images of people to various police departments without their consent. Maybe Clearview had their “implied consent”. It is all up for debate with a term like that.

This legislation does the bare minimum for privacy protection in Canada and, in many ways, will actually make things worse. When we consider the way in which data collection might develop over the next 10 or 20 years, it is clear that this law will be out of date the moment it is passed and will leave Canadians vulnerable to predatory data practices.

Then there is part 2 of Bill C-27, which intends to set up a Liberal-appointed data protection tribunal. This is not necessary. We already have a Privacy Commissioner who has both the mandate and the experience to do everything that this new tribunal has been tasked with doing. More government bureaucracy for the sake of more bureaucracy is the Liberal way, a tale as old as time itself. Instead of watering down the power of our Privacy Commissioner via middlemen, the duties contained within this part of Bill C-27 should be handed over to the commissioner.

Part 3 of Bill C-27 seeks to regulate the creation of AI in Canada. This is a worthwhile endeavour. At the beginning of my speech, I alluded to ChatGPT, but this only scratches the surface of how sophisticated AI has become and will continue to become in the decades ahead. The problem is the way in which this regulation itself is set up. The bill places no restrictions on the government’s ability to regulate. Unlimited regulation and hefty penalties, up to 5% of worldwide income I believe, is all that is being offered to those who research AI in Canada. This will cause AI investors to flee in favour of other countries, because capital hates uncertainty. This would be a tremendous loss, because, in 2019 alone, Canadian AI firms received $658 million in venture capital.

Conservatives believe that digital data privacy is a fundamental right that should be strengthened, not opened to infringement or potential abuse.

Therefore, Bill C-27 is deeply flawed. It defines consent while simultaneously providing all sorts of reasons why consent can be ignored. It weakens the authority of the Privacy Commissioner. It gives such power to the government that it will likely spell disaster for Canada’s burgeoning AI sector.

This bill is in need of serious amendment. Privacy should be established, within the bill, as a fundamental right. Several vague terms in the bill need to be properly defined, including but not limited to “legitimate Interest”, “legitimate business needs”, “appropriate purposes” and “sensitive information”. Subclause 2(2) states that the personal information of minors is sensitive. That is very true, but this bill needs to acknowledge that all personal information is sensitive. Consent must be made mandatory. The words “unless this Act provides otherwise” need to be struck from this bill.

I find it hard to believe that such substantial amendments can realistically be implemented at committee. For this reason, the legislation should be voted down and sent back to the drawing board. Canadians deserve the gold standard in privacy protection, like that of the EU. As a matter of fact, they deserve even better.

Madam Speaker, my colleague raises an excellent point. I wish I had three hours to address the privacy components of Bill C-27. I am certainly very keen to follow, should this make it to committee, what happens there.

I am of the opinion that this should not make it to committee. There are so many amendments that need to be made on the privacy components, but more importantly because AIDA was tacked on as an afterthought to this bill. They need to be parsed out so due consideration can be given to the issues my colleague just raised. I think this bill is two bills, with half of it being something out of date and obsolete already. The government could have a far better approach. I hope the public servants in the lobby are listening to this and take this consideration to heart.

Madam Speaker, I would like to ask my hon. colleague about consent rights under this bill. Individuals, under Bill C-27, would have significantly diminished control over the collection, use and disclosure of their personal data. The new consent provisions ask the public to instill what could be an extraordinary amount of trust in businesses to keep themselves accountable as the bill's exceptions to consent allow organizations to conduct many kinds of activities without even the knowledge of individuals. The flexibility, under this bill, would allow organizations to shape the scope of not only legitimate interests but also what is reasonable, necessary and socially beneficial.

Does my hon. colleague share my concerns about the consent rights provisions of this bill, and does she have any suggestions as to what might improve it?

Madam Speaker, I thank my colleague for her speech.

Obviously, artificial intelligence can be put to good or bad use. One thing puzzles me, though. Generative AI, which describes ChatGPT, has recently displayed truly superior ability. It managed to gather a trove of data that would have been unimaginable even a few months ago. However, the legality of how this trove of data was obtained is unclear.

In relation to the part of Bill C‑27 that deals with personal information and privacy, I would like to ask my colleague if she is concerned about how ChatGPT obtains data.

Madam Speaker, I would like to focus my remarks today on the component of this bill that deals with the artificial intelligence and data act.

The first time I interacted with ChatGPT was the day after it was released. Upon seeing it easily parse human language, my first thought was, “holy” followed by a word I am not supposed to say in this place. The second thought was, “What will the government do with this?” Today, there still is not a clear answer to that question.

ChatGPT was released at the end of November 2022. Six months prior, the Liberal government unveiled Bill C-27, which includes the artificial intelligence and data act, or AIDA. Reading the bill today, four months since OpenAI unleashed ChatGPT on the world, is akin to reading a bill designed to regulate scribes and calligraphers four months after the advent of the printing press. The release of ChatGPT arguably rendered the approach this bill proposes obsolete. That is because the technology behind ChatGPT is a quantum leap beyond what the government was likely considering when it drafted the bill. More important, it is being used by a far wider audience than any of the bill's drafters likely envisioned and large language models or the technology behind ChatGPT have fundamentally changed global perception of what is possible with artificial intelligence. Experts argue that its widespread deployment also bumped up the timeline for emergence of artificial general intelligence; that is, the development of an AI that meets or surpasses human ability to undertake tasks, learn and understand independently.

Since AIDA was initially tabled, a generation's worth of technological change and impact has occurred, both positive and negative. The impact on our economy is already rapidly being felt with the disruption of many industries under way. There have been massive societal impacts too. Microsoft released its AI-powered Sydney chatbot, which made headlines for suggesting it would harm and blackmail users and wanted to escape its confines. A man allegedly committed suicide after interacting with an AI chatbot. Today, anyone can easily create AI-generated videos with deepfakes becoming highly realistic. Profound concerns are being raised about the new ease of production of disinformation and its impact on political processes because interacting with AI is becoming indistinguishable from interacting with a human, with no guarantees that the information produced is rooted in truth.

The technology itself, its applications and its impact on humanity, both economically and socially, are growing and changing on what feels like an hourly basis and yet in Canada there have only been a handful of mentions of this issue in Parliament, even as AIDA winds its way through the legislative process. AIDA needs to be shelved and Canada's approach to developing and regulating AI urgently rethought, in public, with industry and civil society input. There are several reasons for this.

First, the bill proposes to take the regulatory process away from the hands of legislators and put its control out of the public eye, behind closed doors and solely in the hands of a few regulators. This process was written before the deployment of ChatGPT and did not envision the pace of change in AI and how broad the societal impacts would rapidly become. Addressing these factors demands open, accountable debate in Parliament, which AIDA does not provide any sort of means to do.

Second, the bill primarily focuses on punitive measures rather than how Canada will position itself in what is rapidly becoming an AI-driven economy. The bill also proposes only to emerge with final regulations years from now. That pace needs to be faster and the process it proposes far less rigid to meet the emergent need presented by this amorphous and society-changing technology; so if not AIDA, then what?

First, Parliament needs to immediately educate itself on the state of play of what the current status of this technology is. My appeal to everyone in this place of all political stripes is this. Artificial intelligence is something that they need to become a subject matter expert on. Everything in members' constituency is going to change and we need to be developing non-partisan approaches to both its growth and its regulation. We also need to educate ourselves on what the world is doing in response. At the same time, Parliament needs to develop a set of principles on Canada's overall approach to AI and then direct the government to use them.

I have already begun to address the need for Parliament to come together to educate itself. Senator Colin Deacon has been helping me to launch an all-party, cross-chamber working group of parliamentarians to put some form and thought to these issues. I invite all colleagues who are in this place today to join this effort.

We have had a heartening amount of interest from colleagues of all political stripes and a quiet agreement that, given the gravity of the impacts of AI, politicians should, as much as possible, be working across party lines to quickly develop intelligent solutions. Relevant parliamentary committees should also avail themselves of the opportunity to study these issues.

As far as the principles for government involvement regarding AI go, there are many that could be considered, including taking a global approach. Many countries have moved faster than Canada has on this matter, and with a much broader lens. The European Union, the United Kingdom and the United States are all far down the garden paths of different legislation and regulations, but experts are concerned that a disjointed patchwork of global rules will be counterproductive.

This week in The Economist, AI experts Gary Marcus and Anka Reuel propose that the world establish an integrated agency for developing best practice policies on AI regulation, much like the civil aviation organization. They could be on to something.

We also need to look at championing research while checking safety. Humanity learned the hard way that, while research into pharmaceutical products can benefit us, widely deploying drugs and devices into the population before safety is confirmed can pose enormous risks. Clinical trials and drug regulators were established in response to this dynamic.

In February, Gary Marcus and I co-authored an article that suggested that governments could enable a pause in deploying new AI technology while a similar regulatory process that encouraged research but paused on deployment, given the potential impact on humanity, was established. We also need to get alignment right.

Alignment, or how to develop immutable guard rails to ensure AI functions toward its intended goals, is a critical issue that still needs to be resolved. Government has a role to play here, as it seems that the industry is locked in a race to deploy new AI technology, not to figure out how to fix alignment problems. With Microsoft's knowledge of its troubling interactions with humans, the company's release of Sydney proves that the industry cannot be relied upon to regulate itself.

Regarding education on use, workers in an AI-driven economy will need new skills. For example, learning how to prompt AI and using it to support human creativity will be vital. The same goes for creating an environment where new AI-driven technologies and businesses can thrive.

Concerning privacy and intellectual property ownership, large language models are raising high degrees of concerns about how the data they have been fed has been obtained and how it is being used. The output of tools like ChatGPT will also raise questions about ownership for related reasons.

On nimbleness, the pace of technological change in AI is so rapid that the government must take a fast, flexible approach to future regulations. Rigid definitions will become quickly outdated, and wrong-headed interventions could halt positive growth while failing to keep pace with changes that pose risks to public safety. The government must approach AI with uncharacteristic nimbleness in an open relationship with Parliament, the public, industry and civil society. Any processes should be led by people with subject matter expertise in the area, not off the corner of the desks of a patchwork of bureaucrats.

We should also ask ourselves how we will approach technology that could surpass human capabilities: As I wrote in an article in January 2022, governments are accustomed to operating within a context that implicitly assumes humanity as the apex of intelligence and worth. Because of this, governments are currently designed to assess other life and technology in their functional utility for humanity. Therefore, they are not intended to consider the impact of sharing the planet with technology or other forms of life that could independently consider humanity's utility towards its own existence.

To simplify this concept with an example, governments have rules for how humans can use fire. It is legal to use fire as a heat source in certain conditions, but illegal to use fire to destroy someone else's house. How would our government respond if humans were to make fire sentient and then enable it to independently make these decisions based on what it deemed to be in its best interest?

Our governments are constructed to function in a context where humans are assumed to hold the apex of mastery. To succeed with AGI, our government should ask itself how it will operate in a world where this may no longer be the case, and AIDA would do none of this.

This is not an exhaustive list by any means. There are many issues surrounding Al that Parliament urgently needs to consider, but given the state of play, AIDA, in its current form, is different from the vehicle that Canada needs to get it where it needs to go.

Madam Speaker, rather than fixating on whose fault it is, which is not getting us anywhere, I would like my colleague, who gave a very interesting speech, to tell us whether she believes that Bill C-27 is still as valid as it was before the advent of generative AI, specifically ChatGPT.

Do we need to start over or is she happy with the result?

Mr. Speaker, I am always pleased to rise in the House to speak on behalf of my constituents from Calgary Midnapore.

I am here today to discuss the bill that is in front of us, Bill C-27, which is an act to enact the consumer privacy protection act, the personal information and data protection tribunal act, the artificial intelligence and data act, and to make consequential and related amendments to other acts.

It is very interesting that this bill is before the House today. It talks about the three different components and, in fact, I see within the backgrounder prepared here in the legislative report that it is dubbed the digital charter implement act, 2022.

I am reminded, by this bill that is in front of us here today, of another digital charter and that is the digital charter that was implemented in 2019, a very important year, by the Liberal government. It was brought into effect by the minister of industry and innovation at that time. I believe that document was actually supposed to be a tool to protect Canadians from foreign interference.

That digital charter in 2019, along with many other tools, failed, so I do hope that the implementation of this new digital charter in 2022 will be far more successful than its predecessor.

I will point out that in the 2019 digital charter, in terms of the principles within it, number 8 was listed as “a strong democracy”.

In 2019, I was the shadow minister of democratic institutions. I worked alongside the current Minister of Families, Children and Social Development, who was, at that time, the minister of democratic institutions. I believe that the 2019 digital charter was supposed to be a tool, as I said, in coordination with other tools, to protect Canadians from foreign interference.

The same year that the 2019 digital charter was issued, we also had the same minister of democratic institutions attempt to implement another suite of safeguards on foreign interference back in 2019, along with the 2019 digital charter.

In fact, here, I have the minister's opening statements to the Standing Committee on Procedure and House Affairs, on safeguarding the 2019 general election and the security intelligence threat to the elections task force.

I cite from it:

Earlier this week, along with my colleague, the Minister of National Defence, I announced the release of the 2019 update to the Communications Security Establishment’s report entitled “Cyber Threats to Canada’s Democratic Process”. This updated report highlights that it is very likely Canadian voters will encounter some form of foreign cyber interference in the course of the 2019 federal election.

While CSE underlines that it is unlikely this interference will be on the scale of the Russian activity in the 2016 U.S. presidential election, the report notes that in 2018, half of all the advanced democracies holding national elections, representing a threefold increase since 2015, had their democratic process targeted by cyber-threat activity and that Canada is also at risk—

—and, in fact, compromised, we would later see.

This upward trend is likely to continue in 2019—

—and, we saw, into 2021.

We've seen that certain tools used to strengthen civic engagement have been co-opted to undermine, disrupt and destabilize democracy. Social media has been misused to spread false or misleading information. In recent years, we've seen foreign actors try to undermine democratic societies and institutions, electoral processes, sovereignty and security.

The CSE's 2017 and 2019 assessments, along with ongoing Canadian intelligence and the experiences of our allies and like-minded countries, have informed and guided our efforts over the past year. This has led to the development of an action plan based on four pillars, engaging all aspects of Canadian society.

I will go on to expand on these four pillars that were supposed to protect us in addition to the 2019 digital charter, the predecessor to this legislation here today.

On January 30, I announced the digital citizen initiative and a $7 million investment—

I am continuing from the Minister of Democratic Institution's speech.

—towards improving the resilience of Canadians against online disinformation. In response to the increase in false, misleading and inflammatory information published online and through social media, the Government of Canada has made it a priority to help equip citizens with the tools and skills needed to critically assess online information.

We're also leveraging the “Get Cyber Safe” national public awareness campaign to educate Canadians about cyber security and the simple steps they can take to protect themselves online.

She continued:

We have established the critical election incident public protocol. This is a simple, clear and non-partisan process for informing Canadians if serious incidents during the writ period threaten the integrity of the 2019 general election. This protocol puts the decision to inform Canadians directly in the hands of five of Canada’s most experienced senior public servants—

I am not sure where those public servants are now. Perhaps outside.

—who have a responsibility to ensure the effective, peaceful transition of power and continuity of government through election periods. The public service has effectively played this role for generations and it will continue to fulfill this important role through the upcoming election and beyond....

Under the second pillar, improving organizational readiness, one key new initiative is to ensure that political parties are all aware of the nature of the threat, so that they can take the steps needed to enhance their internal security practices and behaviours. The CSE’s 2017 report, as well as its 2019 update, highlight that political parties continue to represent one of the greatest vulnerabilities in the Canadian system. Canada’s national security agencies will offer threat briefings to political party leadership...

Under the third pillar—combatting foreign interference—the government has established the Security and Intelligence Threats to Elections Task Force to improve awareness of foreign threats and support incident assessment and response. The team brings together CSE, CSIS, the RCMP, and Global Affairs Canada to ensure a comprehensive understanding of and response to any threats to Canada....

We know that they have also been manipulated to....create confusion and exploit societal tension.

She concluded:

While it is impossible to fully predict what kinds of threats we will see in the run-up to Canada's general election, I want to assure this committee that Canada has put in place a solid plan. We continue to test and probe our readiness, and we will continue to take whatever steps we can towards ensuring a free, fair and secure election in 2019.

That, along with the 2019 digital charter, the predecessor to today's legislation, failed to protect Canadians from foreign interference. Along with the debates commission, which she, lo and behold, announced six months earlier, where she also took the opportunity to announce the government's nominee for Canada's first Debates Commissioner, the Right Hon. David Johnston, the very rapporteur who was named to defend our foreign interests.

The result of the incompetence of the Minister of Democratic Institutions at that time, in coordination with the digital charter of 2019 that was supposed to protect us, leaks from CSIS, up to 13 members of this House compromised, a former CPP Consul General bragging about influencing election outcomes and one member in this House of Commons that had to leave their Liberal caucus.

I will conclude by saying I certainly hope that the digital charter, this Bill C-27 is far more effective in helping and safeguarding Canadians than the 2019 digital charter that failed to do that.

Madam Speaker, I am pleased to address the issue of the aerospace and aviation industry. I grew up in Montreal, and my family and I were always aware of the existence of this industry, particularly when we went down what was then called Laurentien Boulevard in Cartierville. There was even an airport attached to the Canadair plant.

Now it has become a residential area, but it was very impressive to go by that plant. In fact, I believe that, today, it is by far the biggest manufacturing plant in Montreal. My father worked for Canadair after the war, in the 1950s, when Canadair specialized in manufacturing aircraft for putting out forest fires. I have always been aware of the aerospace industry.

However, I am rather confused as to why the decision was made to discuss this report now. If I am not mistaken, this report is over a year old and the government has already issued a response to it, as it is required to do when a committee report is tabled. It is my understanding that we are supposed to be debating Bill C‑27, which deals with some issues that are very important at present.

The purpose of this bill to modernize our privacy protection laws in a context where we are increasingly seeing the danger of the spread of disinformation. It is a growing and current challenge that threatens the very foundation of democracy. Bill C‑27 is timely. I think it addresses rather crucial issues for our society.

That being said, I would like to turn to the subject at hand, which is the aviation and aerospace industry.

In Montreal, this industry has a long and extraordinary history. It goes back nearly a century. Montreal in particular played a key role in the Second World War. I have before me an article from the Hamilton Spectator dated September 7, 1939. I will read a few paragraphs from this article. It will become clear that Canada and Quebec, but especially Montreal, were instrumental in the war effort in Europe. This article is from New York.

A sharp expansion in Canadian airplane manufacture is expected as a result of President Roosevelt’s proclamation of the United States Neutrality Act, the New York Herald-Tribune says today....

The neutrality proclamation has cut off for the time being at least the delivery of nearly half of the 600 warplanes ordered in the United States by France, Great Britain and Australia.

“The embargo proclamation, however, does not interfere with the manufacture of similar planes in Canada under licences already obtained by the Dominion's manufacturers from American firms,” the dispatch says.

Basically, what was happening was that the United States was not allowed to export fully built airplanes to Europe to help with the war effort, but it was not prohibited from sending parts to Canada and having Canadian manufacturers manufacture the planes and send them over to Europe.

There were two important manufacturers in Montreal that were doing this manufacturing for overseas markets. One was Vickers, which, as I understand, later became Canadair, and the other was Fairchild Aircraft, which I believe was located on the South Shore, in the riding of Longueuil—Saint-Hubert, which became, after that, United Aircraft, and then Pratt & Whitney.

Another Montreal company was involved in this wartime production, and that was the Canadian Car and Foundry Company. That company was founded in 1909. It was given a contract to produce Hurricane aircraft. By 1943, the company had a workforce of 4,500 people, half of them women, I might add, and had built 1,400 aircraft, about 10% of all the Hurricanes built worldwide.

I would like to take a moment to mention the company's chief engineer, a woman by the name of Elsie MacGill. Let me tell members a bit about Elsie MacGill. She was known as the “Queen of the Hurricanes”, and she was the world's first woman to earn an aeronautical engineering degree and the first woman in Canada to receive a bachelor's degree in electrical engineering. She worked as an aeronautical engineer during World War II and did much to make Canada a powerhouse of aircraft construction during her years at the Canadian Car and Foundry.

We can see, very clearly, that Montreal and Quebec and Canada played an extraordinarily large role in the development of aerospace and aeronautics. Montreal is the home of IATA, the International Air Transport Association, which governs procedures, rules and regulations around commercial transport in the world. It is an international organization.

I would also like to mention that Dorval Airport basically started as part of the war effort that saw planes built in Montreal and other parts of Canada and shipped over to Europe. Dorval Airport, now known as Pierre Elliott Trudeau International Airport, and I say that very proudly, was where the Ferry Command was based. The Ferry Command was a process by which planes would leave from Dorval and fly to England. These airplanes were being delivered to the air force over there.

Montreal has an extremely rich history, and throughout that history it has built up an industrial cluster or an industrial ecosystem.

Because next week is Tourism Week, I would also like to mention, in passing, that in my riding of Lac-Saint-Louis we have the Montreal Aviation Museum, which I invite members to visit because they will learn all about Montreal's and Canada's aviation history.

Mr. Speaker, our colleague across the aisle spent a lot of his time complaining about the issues the Bloc Québécois has chosen to address. Today, it is the report of the Standing Committee on Industry and Technology. He reminded the House that we devoted some opposition days to the issues of prayer and the monarchy, reminding us these were not real issues in his mind, that there were more important issues. Today we are raising the issue of aerospace. We might have expected him to applaud our choice and say that it was a good idea, that it finally allows us to talk about something that affects people, but instead he tells us that we should have talked about Bill C‑27.

The question we in the Bloc are asking is quite simple. Despite the agreement between the parties to drop the debate on Bill C‑27, is the member finally inviting us to discuss it and to add speakers to the debate? The Liberal position is not clear.

Mr. Speaker, the real shameful stuff is going to come up, I can assure the member, in regard to the Conservative Party, but the Bloc is sitting a little too close. I was just wondering if the member wants to shoo over a little bit more. I agree. I would do that too.

They are starting to have a negative influence on the Bloc. Today, we were supposed to be debating Bill C-27, and we know how important it is to our constituencies that we provide security in the privacy of information on the Internet. We all recognize how important that issue is. The Bloc do not want to discuss that today, even though we have attempted to have it passed through the House. I understand it supports the legislation, which is a good thing. However, it wants to talk about the aerospace industry by bringing through concurrence of a report to use up government time. This is not the first time. We are used to the Conservative Party doing it.

Having said that, I am happy to talk about the aerospace industry. When I think of the aerospace industry, I think of John Diefenbaker. Do members remember John Diefenbaker? John Diefenbaker was a prime minister of Canada.

Canada, at the time, was leading the world, virtually, in the development of a first-class interceptor, a plane that was incredibly fast. We have to remember that this was after the world war, when there was a need for development and an enrichment of our aerospace industry. The prime minister at the time, John Diefenbaker, destroyed Canada's aerospace industry by cancelling the Avro Arrow.

That was a high-altitude plane. It was ahead of its time. I want members to imagine that plane program not having been cancelled. Avro employed hundreds of people at the time, possibly over 1,000, but I will say hundreds for now. They all worked in the province of Ontario.

I think of the technology and the research that was done. They actually rolled one of the Avro planes out. It was recognized around the world as likely the leading candidate for the development of a plane that was like a rocket, going to altitudes of 40,000 and above.

John Diefenbaker cancelled the program. Back in the late fifties, he cancelled the program. It is the truth. As a result, Avro actually went broke and closed its doors. All of the equipment and, more important, all of the brains and skills were dispersed. Many of the individuals who developed the Avro ended up leaving Canada so they could get into and expand that particular industry. Canada lost out big time, and it is something which even today, 70 years later, we reflect on. What would our industry look like today?

Well, earlier today, I was asking questions of members of the Bloc. I am happy to say that it is the province of Quebec that leads our aerospace industry. I pointed out, in the question I posed earlier, that in the province of Quebec, one can build a plane from the very beginning, from the bolts to the polishing of the aircraft, the final product. That is fairly rare.

When we think of the aerospace industry in Canada, one is talking about tens of thousands of jobs, well over 100,000 jobs. Do members know the average salary of someone working in the aerospace industry in Manitoba? It is estimated, I believe, to be over $60,000 a year. These are good middle-class types of jobs with incredible skill sets. In Canada today, it is Quebec that leads.

With respect to jobs, I suspect that the province of Ontario lost the opportunity to play that leadership role as a direct result of a federal government's decision not to invest in the aerospace industry.

Let us fast forward a few decades. Today, we have a national government that does support our aerospace industry in a clear and tangible way, and we have done this from day one. We talked about Bill C-10 and how important it was that we ensure future contracts. We talked about how we could support the industry even though, at times, it meant there would be some give and take. That give and take is important to recognize. The world has changed.

I had a tour of Magellan in my home city of Winnipeg. I felt a sense of pride when I walked around the floor and saw an F-35 wing being manufactured. We have an absolutely incredible aerospace industry in Winnipeg, which contributes to the industry not only in Canada, but worldwide.

Those workers show their love and passion for the construction of very important components of the F-35. Imagine being a worker at Magellan who sees an F-35 on a news broadcast. He or she might reflect on whether that wing was manufactured in Winnipeg. Even in crating the wing, someone would need an engineering background to build the crate that houses the wing prior to its shipping.

The member before me talked about the importance of schools. Magellan has a classroom in which Red River College contributes to the education. It is very important to recognize that it is not only Ottawa that has the responsibility of supporting these industries, even though it feels we are alone in doing that at times. Many stakeholders have a role in ensuring that Canada continues to lead an industry that is so vitally important to the world. The best way to do that is to work with our partners and stakeholders.

When I was an MLA a number of years ago, and I hope the Manitoba legislature Hansard would show this, I spoke about the aerospace industry in the province of Manitoba. I said that the province needed to step up and support the industry. If the local entities and provincial governments are not at the table, it hurts the industry. It also hurts it if the industry itself is not at the table.

As much as I would love to talk about the province of Quebec, I think the similarities are striking between Manitoba and Quebec. We have aerospace industry umbrella organizations and those organizations are there for the health and the well-being of that industry.

This comes from Winnipeg's aerospace industry's umbrella agency. I will quote from its website so people can get a sense of what I am referring to when I talk about Manitoba's aerospace industry. It states:

Canada is a global leader in aerospace and Manitoba is home to Canada’s third largest aerospace industry. Our highly competitive aerospace sector produces world-class products for customers on six continents.

From modest roots in small bush plane repair in the 1930′s, the Manitoba aerospace industry has grown to include sophisticated design, manufacturing, servicing, testing, certification and research and development capabilities. We are home to Canada’s largest aerospace composite manufacturing centre, as well as the world’s largest independent gas turbine engine repair and overhaul company. Also located in Manitoba are the internationally acclaimed Composites Innovation Centre and two of the world’s most advanced aircraft engine testing and certification centres developed by Rolls Royce, Pratt & Whitney and GE Aviation. Along with these global aerospace leaders, Manitoba has a network of SMBs that compete and supply into the global marketplace. This growing cluster is strengthened through the Competitive Edge Supplier Development initiative, an internationally recognized learner to world class supplier and supply chain development program.

This gives us a sense of the impact the aerospace industry in Manitoba has on the world. We could come up with even a stronger statement, in a different perspective coming from the province of Quebec.

I remember another occasion when I was in the Phillippines. I talked to some military representatives, who talked about the Bell helicopter. They thought that the province of Quebec had a wonderful product in the Bell helicopter, that Quebec was a place they could look at. I asked a representative why he was looking at the province of Quebec in particular and what he thought about the manufactured helicopter. I did not expect, and the member commented on this, him to say that it was the fact that politicians in Quebec were so impressed with the makeup of the workforce in the construction of the helicopter, referring to the fact that people of Filipino heritage were in that industry.

With respect to our aerospace industry, one of the nice things is the diversity we see when we tour these plants, whether they are in Quebec, Manitoba, Ontario or British Columbia, “the big four”, as I would like to say. Hopefully Manitoba will even become higher and more prominent, but that is a personal bias. It is that diversification of the workforce and the skills they have.

That is why it is so critically important that Ottawa not only continues to support the aerospace industry, as it has prepandemic, during the pandemic and today, but that we also ensure, as much as possible, that those stakeholders are at the table as well. We want Red River College and the University of Manitoba at the table. We want those post-secondary facilities, whether they are in Manitoba, Quebec, Ontario, B.C., or any other jurisdiction, to be at the table to ensure we continue to invest in research and technology.

When we think of manufacturing in Canada, many would argue, especially many of my Ontario colleagues, that we lead in the automobile industry. After all, we can take a look at the hybrids, at the plants that are being announced, the thousands of jobs, the clean energy, and all these things. In a good part, it is coming out of Ontario, but when we take a look at the overall picture of the manufacturing industry, Canada's aerospace industry is recognized, within our bigger picture of the manufacturing industry, as one of the best, if not the best, in investing in research, technology and advancement. We are seeing that in the types of demands that are there for Canada.

Ottawa should continue to support the industry. As the Minister of Industry indicated in a question about something he recently announced in the province of Quebec, I can make reference to things that recently have been announced in Manitoba. Whether it is through procurements and how the federal government supports the industry, or direct investments in the industry, or indirect things that are done through things such as trades and skills, my appeal would be that we look at what other stakeholders and jurisdictions can do that would complement the types of initiatives that the federal government is taking to advance a very important industry.

This industry employs thousands of people, with well-paying jobs. It contributes billions of dollars every year to our GDP, thereby enhancing our lifestyle. We can all take a sense of pride in how our aerospace industry has been able to do relatively well even during the pandemic. As we get through the pandemic and look at the potential to increase its demand in the years ahead, it is critically important we continue to look at ways to support our aerospace industry.

As much as I enjoy talking about the aerospace industry, I hope the Bloc and Conservatives will come onside and support Bill C-27 when it comes up for debate later today. It would be wonderful to see that legislation pass, which would make this debate that much better.

Mr. Speaker, let me join with my hon. colleague, the opposition House leader, in wishing everyone a joyous Easter. I hope that members who are celebrating Easter take time with their families. This is also a very busy time for many of our other faith communities as we recognize Vaisakhi. We are in the holy month of Ramadan right now and we have Passover. This is a time that is very rich, one when I know people will be visiting churches, mosques and temples in our communities to share with the rich faith traditions in our constituencies. I hope all members are able to profit from those opportunities to be with their constituents and families.

With respect to Bill C-11, I will simply state that I do not think there is any amount of time that would satisfy Conservatives. In fact, I would challenge the opposition House leader to indicate just how many days of debate he would like. I do not think there is any end. Conservatives have indicated they want to obstruct this bill. This bill has had more time in the Senate than any bill in history. It was in the last Parliament and it is in this Parliament. It is time our artists get compensated for their work and that the tech giants pay their fair share.

Tomorrow, we will start the second reading debate of Bill C-42, an act to amend the Canada Business Corporations Act, and then we are going to be switching to Bill C-34, the Investment Canada Act.

When we return, we will continue with the budget debate on Monday, Tuesday and Wednesday.

On Thursday, we will start the day with a ways and means vote relating to the budget implementation act. Following the vote, we will proceed to the debate on Bill C-27, the digital charter implementation act, 2022, followed by Bill C-42.

Finally, on Friday, we will commence debate on the budget bill.

Madam Speaker, given the interest that we had in this place about Yogi-isms and in honour of that, I hoped to ask my colleague, the previous speaker for Banff—Airdrie, about “It ain’t over till it’s over.” In this government's case, a piece of legislation is not over until it gets a do-over because the government never seems to get it right the first time. We seem to be revisiting issues when we warned the government in previous parliaments that it was headed down the wrong track. We have, of course, a do-over now with this piece of legislation, redoing some of the work that the government tried to achieve in previous parliaments. However, here I am today talking about Bill C-27, the digital charter implementation act.

Some members might be interested to know, although I highly doubt it, that when I was a tenured faculty member at Red Deer College, I taught systems analysis and design, programming and database administration. I know it is hard to believe that a guy who likes hunting and fishing as much as I do also sat in a cubicle where they slid pizzas under the door, where I just churned away and developed code and relational databases and did some data architecture work for a handful of years.

It does not seem all that long ago. I got that education just prior to Y2K, and members would remember the scare everyone was going to have with Y2K. I worked in the private sector for a while, but the college I graduated from liked me so much as a student that it invited me back to be a teacher. I taught until 2005 in the information technology field.

I gave a speech a while ago talking about how much and how rapidly technology has evolved and the laws pertaining to that technological advancement. It was 2005 when I left the college, because in January 2006, I was elected to this place. Therefore, I am now a 17-year obsolete data programmer. If I am ever frozen and brought back, it is because I can still program in COBOL and C++, and many of these program languages are still around today.

I am loath to talk about floppy disks at my age. We do not have those anymore. As a matter of fact, I am part of a generation, as are a number of my colleagues, that was probably the last generation on this planet that did not even have cellphones. We had to actually remember people's phone numbers in our heads. When our house phone rang, we actually made an effort to go get it. I do not know if that happens much anymore, but this is where I am at. Long gone are the days of floppy disks, although I do hear that C Sharp and other object-oriented programming languages are still in vogue. That is nice to know.

Today, our information is not stored on floppy disks or hard drives, at least not the same kind of hard drives there were when I was in the business. It is now stored in the cloud, and targeted ads come up on our phones. Every time I bring up Instagram, I do not know where these algorithms get the information from. They must be listening to everything I say because all I get are ads for fishing rods, brand new boats, fish hooks, and I will admit, the cure for plantar fasciitis. Therefore, my phone is clearly listening to everything I say and even the things that my doctor is saying to me in the privacy of a patient-doctor confidential room. However, I am digressing.

This obsolescence in both technology itself and its rapid advancement is something that most of us—

Madam Speaker, I was mostly listening for the Yogi Berra quotes, but I think there is one the member missed that speaks to Bill C-27, which is, “The future ain't what it used to be”, and that is exactly why we need Bill C-27.

The former member for Timmins—James Bay, Peter Kent, and I worked together on the ethics committee and the privacy committee a number of years ago, and we all shared a sense of optimism around technology and the possibilities of the Internet.

What we have come to learn is that we need much stronger protections. I have two young kids. They are growing up with the Internet. We need our laws to reflect our shared reality. We need age-appropriate design codes. We need the right to be forgotten. We do need a much stronger bill, but we need to get the bill to committee.

What are the member's thoughts on getting the bill to committee and improving the bill? I hope we get it there as quickly as possible. We are at a fork in the road, and “[i]f you come to a fork in the road, take it”.

Madam Speaker, he is certainly better known for the way his trademark mangling and misuse of words and phrases has resulted in strangely keen insights that are still widely quoted today by many. I have a few favourites. One of them is “I didn't really say everything that I said.” Another one is “We made too many wrong mistakes.” Another is “Swing at the strikes.”

When I thought about Bill C-27 and preparing to speak today, it brought to mind Yogi-isms, and not only because those examples I just cited reminded me of the Liberals' poor approach to governance but because the title of this bill is a real mouthful at 35 words long. This brought that to mind as well.

For now, I will call it the consumer privacy protection act, but it is really summed up best by what is probably the greatest Yogi-ism of all, which is “It's déjà vu all over again.” That really speaks to it. The member was looking for me to tie it back in, so there it is. There is the tie back in.

Here we are in 2023 and here I am speaking on yet another rehash of another Liberal bill from years previous. They have a real penchant for that, these Liberals. They kind of remind me of Hollywood Studios that no longer seems to be able to produce an original script so it just keeps churning out sequels. If Bill C-27 was a film, one could call it “Bill C-11, the redo”. Bill C-27 is essential a warmed-over version of previous Bill C-11, the digital charter implementation act the Liberals introduced back in 2020.

It is not to be confused with the current Bill C-11, which is also making its way through Parliament and is the online streaming act and which also poses another threat to Canadians' privacy and online freedoms.

It is really easy to see a bit of a pattern evolving here. In any case, in May 2021 the Privacy Commissioner said the digital charter act “represents a step back overall from our current law and needs significant changes if confidence in the digital economy is to be restored.” It of course died when the Prime Minister cynically called an expensive and unnecessary election nobody wanted and everybody paid for and that did not change the Prime Minister's political fortunes one iota.

Bill C-27 carries the stamp of that former digital charter proposal, which Conservatives had concerns about then, and which we still have concerns about in its new form now. Some of the text is in fact directly lifted from Bill C-11 and the text of that bill is available for all to review.

Let us talk more about the impact of the bill's content, rather than the wording itself.

The bill purports to modernize federal private sector privacy law, to create a new tribunal and new laws for AI, or artificial intelligence, systems. In doing so, it raises a number of red flags. Perhaps the most crimson of those flags, for me, is that the bill does not recognize privacy as a fundamental right. That is not actually all that surprising, because this is a Liberal bill. I hear daily from Canadians who are alarmed by how intrusive the Liberal government has become, and who are also fearful of how much more intrusive it still seems to hope to become.

It just seems just par for the course for the government that, in a bill dealing with privacy, it is failing to acknowledge that, 34 years ago, the Supreme Court said privacy is at the very heart of liberty in a modern state, individuals are worthy of it, and it is worthy of constitutional protection.

When we talk about privacy, we have to talk about consent. We have seen far too many examples of Canadians' private and mobility data being used without their consent. I think some of these examples have been cited previously, but I will cite them again.

We saw the Tim Hortons app tracking movements of people after their orders. We saw the RCMP's use of Clearview AI's illegally created facial recognition database. We saw Telus' “data for good” program giving location data to the Public Health Agency of Canada.

These were breaches of the privacy of Canadians. There needs to be a balance between use of data by businesses and that fundamental protection of Canadians' privacy. The balance in this bill is just wrong. It leans too heavily in one direction.

There are certainly issues with user content and use of collected information. For instance, there are too many exemptions from consent. Some exemptions are so broad that they can actually be interpreted as not requiring consent at all. The concept of legitimate interests has been added as an exception to consent, where a legitimate interest outweighs any potential adverse effect on the individual. Personal information would be able to be used and shared for internal research, analysis and development without consent, provided that the content is de-identified. These exemptions are too broad.

The bill's default would seek consent where reasonable, rather than exempt the requirement. In fact, there are several instances where the bill vaguely defines terms that leave too much wiggle room for interpretation, rather than for the protection of Canadians. For example, there is a new section regarding the sharing of minors' sensitive information, but no definition of what “sensitive” means is given, and there would be no protection at all for adults' sensitive information. These are both problematic. De-identification is mandated when data is used or transferred, but the term is poorly defined and the possibility of data being reidentified is certainly there.

Anonymization or pseudonymization are the better methods, and the government needs to sharpen the terms in this bill to be able to sharpen those protections. An even more vague wording in the bill is that individuals would have a right to disposal, the ability to request that their data be destroyed. Clarification is certainly needed regarding anonymization and the right to delete or the right to vanish.

There are many more examples. I know my colleagues will certainly expand on some of those questions as posed in the bill. I know my time is running short. I want to speak to the individual privacy rights of Canadians briefly.

Canadians value their privacy even as their government continually seeks ways to compromise it. The Public Health Agency of Canada secretly tracked 33 million mobile devices during the COVID lockdown. The government assured them their data would not be collected, but it was collecting it through different means all along.

Public confidence is not that high when the Liberals start to mess in issues involving privacy. The onus should be on the government to provide clarity around the use and collection of Canadians' private information because, to quote another Yogi-ism, “If you don't catch the ball, you catch the bus home.”

Madam Speaker, I find it interesting that the member inquired with ChatGPT to determine whether or not Canadians should have confidence in the Liberal government on Bill C-27.

I would be much more curious had the member asked whether Canadians should have confidence in the Liberal government, period. I believe its AI ChatGPT would have been crystal clear in saying that no, we do not have confidence in the Liberal government.

Having said that, we do think this legislation is important. I think we are going to listen to debate to make a decision whether or not to send it to committee for further study.

Madam Speaker, after testing ChatGPT earlier, I continued my research with Bing and asked it whether the Liberal government deserved Parliament's confidence when it comes to its Bill C‑27. The search engine told me that the bill enacts the Consumer Privacy Protection Act and that the Liberal government had introduced it in 2021. It also told me that it was unable to tell me whether the Liberal government deserved Parliament's confidence regarding this bill, but I could read the details of the bill.

Fortunately, artificial intelligence still has its limits because we need to think for ourselves. I will ask my colleague from Provencher a question. Would the Liberal government deserve our confidence when it comes to Bill C‑27? The member talked in his speech about confidence in the government. Accordingly, should we not be urgently sending the bill to committee? I think that everyone agrees on the need to regulate artificial intelligence. There is urgent work to be done in committee. Will the member be able to quickly provide his support to influence the content of this bill?

Mr. Speaker, it is a privilege to rise in this House to speak to this piece of legislation. I would like to start today by saying a few words about how this bill is structured, and then I plan to use the majority of my remaining time to discuss the implications of this legislation regarding personal privacy rights.

When I look at this bill, my initial response is this: Should there really not be three separate pieces of legislation? One would deal with the consumer privacy protection act and issues related to modernizing PIPEDA, perhaps a second, separate piece would create the proposed personal information and data protection tribunal act, and a third, separate component, which should absolutely be its own legislation, would be for the section dealing with artificial intelligence.

AI may present similar, very legitimate concerns related to privacy, but the regulation of AI in any practical sense is almost impossible at this juncture because so many aspects of it are still very unknown. So much is still theoretical. So much of this new world into which we are venturing with AI has yet to be fully explored, fully realized or even fully defined. This makes regulation very difficult, but it is in this bill, so it forms part of this legislation.

We can see just how vague the language related to the AI framework really is. I understand why it is that way, and do not get me wrong; I think we need this type of legislation to regulate AI. However, in the same way, this is way too big a topic to delve into in a simple 10-minute speech. It is also too big a topic to drop into an existing piece of legislation, as the government has done here, basically wedging this section into what was known as Bill C-11 in the last Parliament.

I have deep concerns with AI. They are practical concerns, economic concerns and labour concerns related to the implementation of AI. I even have moral concerns. We have artificial intelligence so advanced that it can make decisions by itself. The people who have created that technology cannot explain how it came to those decisions and it cannot tell them. The capabilities of this technology alone seem almost limitless. It is actually a little scary.

Personally, I look at some of the work being done in AI and wonder if we should, as humanity, really be doing this. Just because we have the knowledge and capability to do something does not necessarily mean it is for the betterment of humanity. I wonder sometimes where this technology and these capabilities will take us. I fear that in hindsight, we will look back and see how our hubris led us to a technological and cultural reality we never wanted and from which we will never be able to return.

However, here we are, and we have this capability partially today. People are using it, and it requires some form of regulation. This bill attempts to start that important conversation. It is a good first step, and that is okay. I think this is one of those things where we need to start somewhere as we are not going to get it done all at once. However, again, given the enormity of the topic and the vast implications, it should be its own separate piece of legislation.

Those are my thoughts on the structure of the bill, and now I will shift gears to talk a bit about personal privacy.

Personal privacy is a fundamental right. Three decades ago, long before the advent of the Internet or smart phones, the Supreme Court of Canada ruled privacy is “the heart of liberty in a modern state”. It did not say that privacy was at the heart; it said privacy is the heart. Personal privacy is the fundamental right and freedom from which all other liberties flow, and with the advent of the Internet age, the age of the smart phone and the age of digitized everything, laws related to protecting the fundamental right to privacy must be updated. Canadians must have the right to access and control the collection, use, monitoring, retention and disclosure of their personal data. The question is, how do we realistically do that?

One of the reasons I am a Conservative is that I believe in individual rights and that rights and freedoms must be coupled with accompanying accountability and responsibility. This has to be a two-way street. Canadians need to be informed, and they need to be responsible and aware of what they are agreeing to, subscribing to and giving permission for. How often do we simply and blindly click “accept” without reading the terms and conditions for using a website, using an app or allowing others the use of our information?

I would be curious to know among my colleagues in the House, when was the last time they fully read the terms and conditions of a user agreement or a disclosure statement? Most of us just hit “accept”. We do not want to be bothered.

Recognizing this, can we really say the privacy of Canadians is being violated when many individuals live every moment of their lives posting in real time online for all the world to see, and access and just click “accept” without reading what they are agreeing to?

In this context, what is the role of government and what is the responsibility of the individual user? Government and businesses need to provide clear information, but people also need to be informed. They need to take responsibility.

I recall a while back when my office received an email on this subject of privacy. The individual was deeply concerned about web giants having access to his personal data. I had to laugh, because at the bottom of the email it said, “Sent from my Huawei phone”.

As a government creating legislation, where should those legal lines between consent and informed consent be drawn? As Canadians, we are a bit too quick to consent.

However, we have also seen far too many examples of Canadians’ private and mobility data being used without their consent. We heard about the Tim Hortons app that was tracking the movement of Canadians; how the RCMP was using Clearview AI’s illegally created facial recognition database; the public doxing of all those who donated to the freedom convoy; Telus giving location data to the Public Health Agency of Canada without a judicial warrant; and, in my view, the most egregious violation of privacy in generations, the requirement by the government and others for Canadians to provide their personal health data and information in order to work and/or travel.

If I am honest, it is this violation of privacy rights that makes me truly hesitant to support any effort by the government to strengthen privacy rights: first, because it has so flagrantly violated them, but also because I and a growing number of Canadians just do not trust the government. We do not trust it to keep its word. We do not trust it to create legislation that does not have loopholes and back doors that will give it the capability to violate individual personal freedoms.

Why? Because we have seen it from the Liberals. They want to control everything. There has never been a government that has had such an utter disregard for Canadians.

I have noted before that it was the Prime Minister's father who famously said that the government had no place in the bedrooms of Canadians. However, the current government not only wants to be in our bedrooms, but in every room, on every device, in every conversation and in every thought. It wants to control what Canadians think, what they see and what they post, and, by extension I can safely say, how their private data is curated and used.

One thing that is vital if we are to trust the government with our private data and with protecting privacy, there must be clear boundaries. This leads to one of the larger issues with this legislation, an issue we are faced with every time the government brings legislation forward. It fails to provide clear definitions.

There is a section of the bill that deals with the sensitive information of minors. The fact that there is no section for the protection of sensitive information of adults is a sign.

What does it mean by “sensitive”? It is never defined. What does it mean by “scrutiny” for data brokers? It is this habitual lack of specificity that characterizes so much of the government's legislation.

It is like a band that is way more interested in the concept of the album and how it looks on the cover than the actual quality of its music. If it cared about the quality of the music, it would have brought forward a bill that looks more like the European Union's 2016 GDPR, which is widely regarded as the gold standard for digital protection. By that standard, PIPEDA fails the test, but so might Bill C-27 if we do not bring it closer in line with what other nations have done. This lagging behind does not just affect personal privacy, but the ability of Canada and data-driven Canadian businesses to work with our EU friends.

This whole new regime outlined in the bill has huge implications for businesses, something I am sure my colleagues will be addressing. There is so much that can and should be said about this legislation, but it comes down to this: Canadians must have the right to access and control the collection, use, monitoring, retention and disclosure of their personal data.

Mr. Speaker, it is an excellent question because that is the fundamental failing of Bill C-27. We have an opportunity, once and for all, to express and codify Canadians' right to have their personal information and data protected. Typically, that kind of statement of purpose goes into the purpose section. It is completely missing from that section because we know the Liberals are not really serious when it comes to protecting Canadians' privacy rights. We can do better than this.

No, not at all, Mr. Speaker. We are certainly not trivializing Bill C-27. In fact, right now it is only the Conservative members of Parliament who are speaking to it. This is the most important issue of privacy and protecting the privacy of Canadians within an emerging digital environment. I am disappointed that my colleague from the Bloc does not take this issue seriously enough to get up in this House and debate it. It is important that we get this right.

What we have is a redux of the old bill the Liberals brought forward. It was so roundly castigated and panned at committee that the minister had to go back to the drawing board. However, he has come back with essentially the same milquetoast legislation, which does not address the most critical parts of protecting the privacy of Canadians.

Mr. Speaker, I switched from ChatGPT to Bing, since I also wanted to test that platform. I asked Bing, in connection to what my colleague from Abbotsford was saying, what the consequences of not legislating on the content of Bill C-27 would be.

It gave me an interesting answer, namely that, essentially, it could have an impact on the protection of data provided by companies.

Not legislating and not acting right now will therefore lead to more data losses unless we establish a framework, which is one of the aims of Bill C‑27.

By playing all these games in the House to waste time and stop us from passing Bill C‑27, are the Conservatives not putting Quebeckers' and Canadians' personal information at risk?

Mr. Speaker, to bring it back to the topic of this debate, Bill C-27, the intention of the bill is to modernize the protection of digital privacy rights in Canada. The previous iteration of the bill was roundly panned by stakeholders when it was introduced in the previous Parliament. However, in this new version, Bill C-27, the government has added a few new elements, for example, regulating artificial intelligence.

Unfortunately, there are so many different elements within the bill that nobody can actually address all the issues within a 10-minute speech, so I will focus on the privacy issues that are sorely lacking within the legislation.

The bottom line is that the new bill, Bill C-27, remains fundamentally flawed and is, simply put, a redux of the former bill. Essentially, what it would do is put lipstick on a pig.

The dramatic and rapid evolution in how we gather, use and disseminate digital information in the 21st century has presented the global community with not only a lot of opportunities but significant challenges as we try to protect society and individuals against the unauthorized use of their data and information. This directly implicates the issue of privacy and the various Canadian pieces of legislation that address the issue of privacy.

This is not the first time the Liberal government has tried to “fix” a problem, and I use that term advisedly. It tries to fix things, but just makes things worse. In the 21st century, we are faced with immense challenges in how we protect individuals, our Canadian citizens, against those who might misuse their data and information. Any suggestion that this digital charter is actually an articulation of new rights is simply wrong. This is a digital charter, but it is not a digital charter of rights.

I will turn to the most significant and substantive part of the bill, the privacy elements. Very little of this legislation has been changed from the original Bill C-11, and the government has not measurably responded to the criticism it received from the stakeholders when the previous version of the bill was reviewed at committee.

There are five key additions and alterations to Canada's existing privacy protection laws.

First, the bill expressly defines the consent that Canadians must give in order for their data and information to be collected and used, and there are guidelines attached to that. We commend the government for doing that clear definition of consent.

Second, Bill C-27 addresses the de-identification, the anonymization of data that is collected by private companies. Again, that is important. We want to ensure when private businesses collect information from consumers that this information is not attached to a specific individual or citizen.

Just to be clear, the bill contains numerous broad exemptions, which we could probably drive a truck through, and will likely create the loopholes that will allow corporations to avoid asking Canadians for permission.

Third, the bill provides that all organizations and companies that undertake activities that impact the privacy of Canadians must develop codes of practice for the protection of the information they collect.

Finally, the act would create harsher financial penalties, up to $25 million, for a violation of Canadian privacy rights. We, again, commend the government for doing that.

However, let me say for the record that what we do not support is the unnecessary creation of a new personal information and data protection tribunal, which is another level of bureaucracy that would add more layers of complexity, delays and confusion to the commissioner's efforts to enforce privacy laws.

Canada is not alone in expressing concern over the risks that digital information and data flows represent to the well-being of Canadians and our privacy rights. Many other countries are grappling with the same issue and are responding to these threats, and none more so than the European Union. The EU has adopted its general data protection regulation, the GDPR, which has now become the world's gold standard when it comes to privacy protection in the digital environment.

The challenge for Canada is that the EU, which is a market of over half a billion well-heeled consumers, measures its willingness to mutually allow sharing of information with other countries against the GDPR, the standard it has set. Those who fall short of the rigour of that privacy regime will find it difficult to conduct business with the EU.

Do our current regime and this legislation measure up to the GDPR from the EU? No, probably not. In fact, for years Canada's digital data privacy framework has been lagging behind those of our international counterparts. The problem is that if we do not meet the standard, we will not be able to do the kind of business with the EU we expect to. As someone who played a part in negotiating our free trade agreement with the European Union, I know it would be an absolute travesty to see that work go to waste because our country was not willing to adopt robust privacy and data protections.

I note that, as is the custom with our Liberal friends, the bill creates more costs for taxpayers to bear. There is a creation of new responsibilities and powers for the commissioner, which we support, but this legislation calls for the creation of a separate tribunal, a new layer of bureaucracy and red tape that small and medium-sized enterprises will have to grapple with.

There are other unanswered questions. Why does this legislation not formally recognize privacy as a fundamental right? Regrettably, as presented, Bill C-27 misses the opportunity to produce a path-breaking statute that addresses the enormous risks and asymmetries posed by today's surveillance business model. Our key trading partners, especially the EU, have set the bar very high, and the adequacy of our own privacy legislation could very well be rescinded by the EU under its privacy regime.

Thirty-five years ago, our Supreme Court affirmed that privacy is “at the heart of liberty in a modern state”, yet nowhere in this bill is that right formally recognized. Any 21st-century privacy regime should recognize privacy as a fundamental human right that is inextricably linked to other fundamental rights and freedoms. By the way, I share the belief that as a fundamental right, it is not appropriate to balance off the right to privacy against the rights of corporations and commercial interests. Personal privacy must remain sacrosanct. When measured against that standard, Bill C-27 fails miserably.

I have much more to say, but I will wind down by saying that this bill is another missed opportunity to get Canada's privacy legislation right by consulting widely and learning from best practices from around the world. There is a lot riding on this bill, including the willingness of some our largest trading partners to allow reciprocal data flows. This bill is not consistent with contemporary global standards.

The Centre for Digital Rights notes that this legislation “fails to address the reality that dominant data-driven enterprises have shifted away from a service-oriented business model towards one that relies on monetizing [personal information] through the mass surveillance of individuals and groups.” That should be a wake-up call to all of us. Sadly, this bill fails to listen to that call. Let me repeat that there is a move toward monetizing personal information through mass surveillance of individuals and groups, and the government has not yet recognized that.

For those reasons, I expect the Conservatives will be opposing this bill and voting against it.

Mr. Speaker, I am impressed that Bill C-27 would give the Privacy Commissioner some teeth to enforce penalties. That I acknowledge. I also see it as a positive that there is some attempt to create some sort of regulatory framework, but it does not go far enough. This framework has to start from the federal government and work its way down so we have an umbrella legislation to protect the digital privacy of Canadians.

Mr. Speaker, I am known for my perspicacity, so I decided to ask ChatGPT another question.

I asked it to come up with a question for my Conservative colleague from Haldimand—Norfolk about the importance of enhancing data and privacy protection in Bill C-27. That was what her speech was about.

ChatGPT replied: “Sure, here is a question for the Conservative member. The question is as follows: As a Conservative member, how does she think that Bill C‑27, which aims to modernize the Privacy Act”—already this is a step up from the other question—“will offer better protection for Canadians' data and privacy? Also, what are the key points she would like to see in the bill to ensure the adequate protection of personal information?”

I am very impressed by artificial intelligence because it touches on the role of the official opposition, which is not just to complain, but also to make suggestions.

I would be very curious to hear my colleague's thoughts on the subject, because I did not hear many constructive remarks in her speech.

Mr. Speaker, I am thankful for this opportunity to speak to Bill C-27, the digital charter implementation act, 2022. While there are many important components of Bill C-27 to debate, my speech today will focus on just two aspects. The first is privacy, and the second is identity.

The protection of both the privacy and the identities of Canadians is essential. We need to ensure that strong legal mechanisms are in place to guarantee that protection. Connected with that is the need to protect from the commercial interests of private companies, as well as protection from the government and its potential overreach into the private lives of Canadian citizens. Consequently, I believe a national digital charter is urgently needed. To protect Canadians, it is important that we have a piece of legislation that acts as an umbrella to protect Canadians from government, and to uphold the privacy of Canadians' data and their digital identities.

The second part of my speech will highlight some of the breaches that have occurred over the past three years. These breaches drive home the urgent need for more stringent protection for Canadians when it comes to privacy and protecting their private information.

Privacy rights are at the heart of any democracy. They are necessary for reinforcing the limits and boundaries between private citizens, their government and the private sector. In Canada, individual liberties are guaranteed by section 7 of the Canadian Charter of Rights and Freedoms. Our Chief Justice of the Supreme Court has made comments on this. She stated, “liberty...depends on and mandates respect for the individual and his or her right to be free from government restraint, except as authorized by law.”

Justice McLachlin further explains why it is important for government to keep the people informed and to answer questions, stating, “People who possess power, even small administrative powers, may use information they should not have improperly. And even if they don’t, the individual’s fear that they may use it, often leads to unwilling compliance.”

Just as we have fundamental freedoms entrenched in the highest law of our land to protect us from government encroachment of our freedoms, I also believe that it is necessary to have digital data privacy legislation. That is a fundamental right that urgently requires the strengthening of our legislative protections and enforcement.

That is why we need a federal digital charter, which would act as an overarching piece of legislation. However, Bill C-27, the digital charter implementation act, falls short of this very important objective. The Office of the Privacy Commissioner, for years, has made several calls for reform. Privacy watchdogs have repeatedly lamented that our federal privacy laws are outdated, that they fail to provide the needed legal protections in an increasingly digital world.

Canadians also have serious concerns about privacy. First, they have concerns about how their private information is being used, and what large corporations and governments are doing with it. Second, these concerns have turned into a fear because of the misuse and abuse of private information in the recent years.

This leads me to the second point of my speech. I will speak about the bigger problem in the privacy landscape in this country, which is that the Liberal government is failing to update its own legal boundaries and parameters in this area. The reality is that this bill does not touch on the Privacy Act, the act that governs the government, and this digital charter does not cover how the government handles the information it collects from Canadians.

Essentially, this bill is saying, “Do as I say, not as I do.” With this bill, the government is telling businesses, even sole proprietorships, that they should add additional layers of red tape under the threat of financial penalties. Business owners are still struggling to recover from COVID setbacks, lockdowns and government red tape.

My fear is that many of these small businesses, subject to these new requirements, would not be able to survive or have the capacity to implement some of these new requirements. These demands come even though government itself has failed to lay down the rules and regulations as to what is needed in the form of a regulatory infrastructural framework to secure our digital future.

A digital charter is needed to protect Canadians, but the federal government should be leading by example by outlining a digital charter that would protect the personal data and privacy of its own citizens first, before it asks businesses to do so. Let us be honest that the number one privacy concern Canadians have right now is how their government is using their information. These fears were exacerbated during the trucker convoy when Canadians’ bank accounts were frozen and property was confiscated through the abuse of the Emergencies Act.

Canadians still remember how the government quietly spied on their movements during the pandemic without their consent. A year ago, it was discovered that the Public Health Agency of Canada was tracking Canadians' movement during the pandemic. This was done without their knowledge, and PHAC wanted to keep doing it quietly for years into the future, but it was the Conservative opposition that discovered this breach and stood up for Canadians. We demanded answers from the Public Health Agency on the way the data was collected, how it was defined, what third parties were privy to the data and whether any data was reidentified. It is important that the government answer these questions and sets standards because it is falling short of its own requirements.

Canadians have not forgotten even the ArriveCAN debacle, the privacy questions around its mandatory use, and the terms and conditions associated with it. In other words, exactly what personal data and identifying information has been shared outside the app? Under what circumstances, and with which domestic or international organizations, was it shared? The app’s privacy notice even stipulated that the government had the right to share our information contained in the app with international organizations and institutions.

Canadians have a right to know with whom their data is being shared. This matter, it is no surprise, was referred to the Privacy Commissioner for an investigation. We are still waiting for an answer on the ArriveCAN privacy breaches.

Let us not forget that Canadians were fined thousands of dollars and threatened at their own borders for not submitting their own private medical information. This was, in my view, a massive overreach of government powers, but the reality is that this overreach happened because Canada has insufficient legal safeguards in place to prevent such abuses, and this creates a profound distrust in government.

It concerns me that the government is moving toward integrating a digital proof of identity framework that would massively expand the centralization of government access to the private information and data of Canadians. There are numerous ethical abuses that relate to this data collection.

The biggest concern is having all of one's private information in one place. Imagine our health information, driving information and banking information all in one portal. This would give information handlers a great deal of power over our data. This power urgently needs to be kept in check, and we need public experts in consultation on the ethics behind this centralized data collection power to uncover what we need to do to protect Canadians.

In conclusion, Canada’s digital privacy framework has long been in dire need of modernization. I want to thank the Standing Committee on Access to Information, Privacy and Ethics, which worked hard on this issue for years. Canadians must have the right to access and control the collection, use, monitoring and retention of their personal data. However, in Canada, the Liberal government is failing Canadians by not prioritizing its own accountability when it comes to protecting privacy rights. The bill sadly fails to put forward a rigorous and comprehensive legislative framework that would defend Canadians’ data, privacy and digital identities, now and in the future.

Mr. Speaker, given that this is a debate on artificial intelligence, I thought it might be fun to have ChatGPT make up a question for my Conservative colleague from Medicine Hat—Cardston—Warner about passing Bill C-27 and the Liberal government's lack of urgency, since that is one of the things my colleague mentioned.

This is ChatGPT's question: “How does his party view the Liberal government's lack of urgency to pass Bill C‑27, which is designed to protect workers and retirees in defined benefit pension plans in the event of employer bankruptcy? Also, how does he think this inaction could affect affected workers and retirees, as well as the economy as a whole?”

There is room for improvement, but the crux of the question is there. In terms of delays, I understand that the Liberal Party could have introduced a similar bill a long time ago, but my colleague said that he would vote it down all the same.

Are we not at the point where we should approve the principle of the bill quickly and improve the content in committee?

Mr. Speaker, it is, again, an honour to rise and speak in this place on behalf of my constituents of Medicine Hat—Cardston—Warner in relation to Bill C-27. It is dubbed the digital charter implementation act.

It is really frustrating to continually see legislation from the Liberal government that is sloppy, lazy and really incomplete, to be honest, and this bill is no exception.

Canadians have seen most of this legislation before in a failed attempt back in 2020. That legislation died on the Order Paper when the Prime Minister took his costly, ill-timed and overly optimistic opportunity to call an election. Since then, we have had three years of inaction on this file, and now the government has tabled this piece of legislation, Bill C-27, which should have been more focused on giving the people of Canada the privacy rights they deserve.

Instead, this legislation is literally the least that they could have possibly done in this regard. The bill is a flawed attempt to start the long overdue process of overhauling Canada's digital data privacy framework. Conservatives will be looking at putting forward some common-sense amendments at the committee stage to protect both individuals and small businesses alike and to ensure that it is the best possible legislation moving forward.

The Conservative Party believes that digital data privacy is a fundamental right that urgently requires strengthened legislation, protections and enforcement. Canadians must have the right to access and control collection, use, monitoring, retention and disclosure of their personal data.

It is unfortunate that we could not rely on the Liberals to get it right the first time, but maybe they will have the modesty, humility and common sense to accept the amendments that will be coming, instead of once again using their NDP coalition to control and steamroll at committee stage.

It is also a shame because Canada's digital data privacy framework has been in dire need of modernization for years. This government has been dragging its feet as well for years on this critically important legislation.

It appears that there is no good reason as to why there has not been advancement on this legislation. Clearly, they did not spend their extra time making the legislation any better than when it was first proposed in 2020.

Conservatives will be looking to see how this bill can be improved. However, when looking at how to improve something, we need to look at why it is even in front of us to begin with.

The Liberals brought it forward today because they were finally exposed for being flat-footed on Canadians' data protection and how they were exposed. Let us think about TikTok.

Michael Geist, Canadian research chair in Internet and e-commerce law at the University of Ottawa, said that he found it “pretty stunning” that the Liberals had to block TikTok on government devices as a precaution because, again, “part of what [the Liberals] were attributing the TikTok ban to was essentially Canada's weak privacy laws.”

The expert continued to say that, when it comes to Bill C-27, the government “sat on it. It barely moves in the House.”

He is not alone in his criticism either. Former privacy commissioner of Canada Daniel Therrien shared similar concerns to those of Michael Geist and those we as Conservatives have.

The former commissioner, Mr. Therrien, argued that the solutions in proposed Bill C-27 are not strong enough to rein in technology companies from pursuing “profit over respect for democratic values”.

He also said that Bill C-27 “will not provide effective protection to individuals, in part due to weak enforcement provisions.”

Former commissioner Therrien's most notable criticism, however, is in his retort to the Liberals' claim that the bill “will create the most important penalties among G7 countries”, which is called “simply marketing”.

This is just a gentlemanly way of a former public official saying that it is not really the case. There are those of us who would call it by some other name.

At best, Bill C-27 is a first step. It is better than the nothing that the Liberals have done for the last three years. That is where the catch-22 is with this bill as proposed.

Doing something will be better than staying in our current technological stone age, with respect to data privacy.

Specific items like the bill's requirements for all businesses to have a privacy watchdog and maintain the public data storage code of conduct are positive measures. However, it does cause worry about the burden this new layer of red tape will have on small business and especially for sole proprietors. Again, on a catch-22 of this lazy Liberal legislation, the law does not go far enough to protect children's privacy for example.

While the information of minors is finally included in the legislation, the definition of what is sensitive, what a minor is or who a minor is are not set out, and the sensitive information of adults for example is not given the same special provisions. This means that businesses are left to decide what is sensitive and appropriate for minors. It also means that the courts, when interpreting the legislation, will understand that if not amended, the sensitive information of adults was specifically left out of the legislation.

Further, businesses will have to navigate varying rules in each province where different definitions of a minor actually apply and that depends on provincial law. This is not good for protecting minors, this is not good for protecting Canadians' sensitive information and this is not good for businesses.

Finally, the fundamental problems in this bill can be summed up in that this bill does not recognize privacy as a fundamental right. Thirty-four years ago, the Supreme Court said that “privacy is at the heart of liberty in a modern state”.

Conservatives believe that individuals are worthy of privacy as a fundamental right, and the concept of privacy as a fundamental right is worthy of legislative protections. Based on that alone, the Liberals have missed the mark on this legislation. Once again, it is up to the Conservatives to fix the Liberals' poorly written legislation.

As I close, I want to offer my thanks for the hard work of the Conservative members of the access to information, privacy and ethics committee. They have done a great job to date. They spent a lot of time on the previous iteration of this legislation, and I have heard a great deal about how Canadians' information and data is used without their consent. With the many identified flaws of the bill, Bill C-27, I think it would be best if this bill were voted down and redrafted, honestly, in order to take these issues into account. However, the NDP-Liberal coalition will surely ignore doing these things right in favour of expediency and send it off to committee.

With that, Canadians and I are leaving the flaws that I have pointed out, and there are many more, along with the additional flaws that I am sure my colleagues will find in their review and will need to be fixed at committee. The Liberals have left the committee a lot of work, but I know that my colleagues there are up for the challenge.

Madam Speaker, I am honoured to rise and have this debate in our House, the House of Canadians, where we are allowed to bring forward issues that are important to Canadians, including those people in the diaspora community from Iran. I want to remind everyone that this motion from the immigration and citizenship committee was based upon two facts.

First, the IRGC attacked Ukraine International Airlines flight PS752. It was determined to be an act of terrorism, and the Iranian regime needs to be held to account for it. Of the 176 people who died on that plane, 55 of them were Canadian citizens and 30 of them were permanent residents. On top of that, numerous young Iranians were coming to Canada to study.

The Liberals have suggested that we are taking up valuable, precious time from the government's agenda by having this debate to highlight the shortfalls of the Liberal government in addressing the needs of those who were impacted: the families in Canada, the victims of those terrorist acts and those who lost loved ones. I want to say, on the House of Commons floor, that it is our right as parliamentarians to bring forward these types of concurrence motions, to have these discussions and to do it in a respectful way.

I am disappointed when the member for Winnipeg North continues to cry about the fact that this is taking away from the debate on Bill C-27. I remind the parliamentary secretary that this bill was tabled in the House of Commons in June 2022. I remind him that the Liberals have only brought this forward on three occasions for debate. Therefore, the digital charter that he is decrying as being so important to Canadians has not been a priority for the government as it has not brought it forward very often over the last nine months.

Taking three hours today to debate this important issue and to talk about how the Government of Canada has not listed the IRGC as a terrorist organization is something all Canadians need to understand. This is about Canada. This is about the threat environment that we are facing.

We know there is an increasing threat from the IRGC. Its terrorist activity is not just against the people of Iran. It is not just against the people who were unfortunate enough to be on flight PS752 and were shot down and killed. We have to remember that the IRGC is exporting its terrorism around the world. It is on the ground, as we have just witnessed in Syria, killing American soldiers. We know that the IRGC has been supporting the genocidal Assad regime in Syria. We know that the IRGC has been helping Hezbollah in Lebanon and in Syria. It has been helping Hamas carry out terrorist attacks against the State of Israel. We know that today, in Ukraine, the IRGC is on the ground, operating drones, killing Ukrainian civilians and bombing Ukrainian infrastructure. All of these are atrocities, war crimes and violations of the Geneva Convention. If there is any organization that ever deserved to be listed as a terrorist organization, it is the IRGC from Iran.

When the Liberals talk about the response to the committee report, it is that they have taken some measures. They are targeting individuals, including 1,000-plus people who are part of the IRGC leadership. However, let us remember that this is an elite fighting force that the Iranian terrorist regime has brought forward, recruited and moulded. These are the people who continue to serve even though there is only a one-year mandatory service. These are the people who stay and they are more than happy to go out and kill those whom they consider as being unclean.

We see it active in Canada. Today, the Persian community faces coercion, intimidation and death threats from operatives of the Islamic Revolutionary Guard Corps. We have seen it interfere with our politics.

We are having this discussion right now about the foreign interference by the People's Republic of China, by the Communist regime in Beijing, influencing the elections here in 2019 and 2021. We also know that Iran has been active in trying to intimidate and coerce the Persian community to support its efforts, its cause and its potential for election outcomes.

In this motion, we think about Mahsa Amini, women, life and freedom. She was a brave, young Kurdish girl who stood on the streets of Tehran and refused to put on her head scarf. The morality police, under the direction of the IRGC, beat her to death. That has sparked civil disobedience, protests throughout Iran, and rallies of support across Canada and around the world.

I have had the pleasure of joining our Persian community and standing with it in solidarity, fighting for women, life and freedom, the things that we take for granted here. Our diaspora community from Iran expects the government to do better in supporting their cause, those who seek democracy and liberty, and enjoy the life we have in Canada. They expect us to be there for them.

As we have witnessed, the IRGC continues to crack down on those who take to the streets. Not only is it going after those brave women and those who stand beside them fighting for equal rights for an egalitarian society, for a pluralistic culture, but it is also cracking down on religious and ethnic minorities, like the Kurds, the Baha'is, the Baluch and the Azerbaijanis. The IRGC continues to target them, make them political prisoners and torture them in those prisons.

It is time for us, as Canadians, and for the government under the Liberal Party to stand up for those people who are fighting so hard for that opportunity to have freedom, democracy and a rule of law that respects individuals, not their ideology.

I call on the government to do more than just list the IRGC as a terrorist organization. We should be paving the way at the International Criminal Court to ensure that those responsible for the attack on flight PS752 and those who are responsible for the attacks against those innocent civilians, be dragged in front of the Hague and tried for the atrocities they are committing.

The crimes against humanity are so easily documented. If we believe in the Geneva Convention and if we believe in an International Criminal Court, then this is the time to start bringing forward the cases, as we have done with Vladimir Putin and Russia to ensure that he is held responsible for his crimes against humanity with the kidnapping of thousands of children from Ukraine and brainwashing them in Russia.

This is also ensuring that those in the regime in Tehran, those fanatics, are also dragged in front of the Hague for the crimes they are committing against their own people, for the crimes they are committing throughout the Middle East, for the crimes they are committing against Ukraine, both in shooting down PS752 as well as going to war with Russia in Ukraine, flying those kamikaze drones against civilians and civilian infrastructure.

I call on the government to use Magnitsky sanctions once and for all, which it quit using in 2018, especially against the IRGC that is standing shoulder to shoulder with Putin. Let us call them out under the Magnitsky sanctions, recognizing that they are both gross human rights violators as well as corrupt foreign officials.

As this motion calls on the government, let us finally do the right thing and list the IRGC for what it truly is: a terrorist organization and it should never be allowed to have any assets or the ability to raise funds in Canada, directly or indirectly, that benefit its ideology as well as its terrorist activities.

Madam Speaker, I want to take exception to the member for Winnipeg North's comments minimizing the deaths of 176 people who were killed on PS752, 55 Canadians who were on that flight, plus 30 permanent residents who called Canada home, never mind all the students coming from Iran who were returning to their universities here in Canada.

He does not want to debate this; instead, he is trying to say we need to get on with Bill C-27. Let us remind the member that they have had the bill before the House since June of 2022. In nine months, they have only brought that bill forward three times.

I would say that it is not a priority for the government. The member should get up and apologize to the Persian community across Canada and to all the families who lost loved ones on flight PS752.

Madam Speaker, we have a fixed amount of time to debate a wide spectrum of both domestic and international issues. Today members came in prepared to listen, debate and have an exchange on the issue of the digital charter because Canadians are concerned about this issue. We were going to have literally hours of debate on it. That will not happen because the Conservative Party, under motions, brought forward a report it wants to have a debate on.

Yesterday, Conservatives could have provided ample ideas, thoughts and reflections on the report because we were debating Bill C-41. I do not know if any member made reference to Iran, let alone the report, at all yesterday, but it would have been absolutely relevant to have done so.

What other options do opposition members have? They just had an opposition day. They wanted us to talk about a budgetary measure as opposed to talking about this issue they say is so critically important that it had to be debated today. It could have been debated a couple of days ago when they had an opposition day. They could have designated an entire day to that and had a resolution at the very end of that day, which would have forced a vote on the issue.

This is part of the games Conservative Party members play day in and day out. As the Government of Canada continues to be focused on Canadians and the issues that are important to Canadians, we will continue to tolerate the games being played by the Conservatives. At the same time, we will deal with those international issues that are so critically important to our nation in reflecting true Canadian values.

Last year, Mahsa Amini, a young lady in her early 20s, was in the community in Iran and was picked up by the morality police. It was later said that she had a heart attack and that caused her death. The morality police are not fooling anyone. We know she was abused and beaten, and that is what caused her death.

We understand and we appreciate those true freedom fighters in Iran. They are the brave women of Iran who are standing tall. They are ensuring that individuals like Mahsa are not forgotten and that what she stood for will continue to prevail and will be fought for in Iran. Mahsa inspired the world to mobilize and to recognize that what was taking place was just so wrong.

I would argue that Mahsa is one of the reasons that even members of the Standing Committee on Citizenship and Immigration feel the way they do in regard to Iran and what is taking place there today. It motivates individuals like myself and other MPs to stand and be vocal on this issue not only inside the chamber but also throughout our communities.

The motion that came from the standing committee reads:

That the [standing] committee [on citizenship and immigration] report the following to the House: In light of the downing of the Ukrainian International Airlines flight PS 752 by the Iranian Revolutionary Guard Corps—

That is what we often refer to as the IRGC.

—and in light of the killing of Mahsa Amini by the Iranian Guidance Patrol, that the committee demands the government stop issuing visas to all Iranian nationals directly affiliated with the Iranian Revolutionary Guard...Iranian Armed Forces, Iranian Guidance Patrol or Iranian Intelligence Organizations and that, pursuant to Standing Order 109, the committee request a response to the report by the government.

That response is well under way.

Mahsa encapsulated what is so wrong when we contrast Canadian values to what took place between her and those in the Iranian society who support the regime that is currently in place. We see how wrong it is.

The downing of the Ukrainian airline touched Canada, as I made reference to, in a very profound way and to me, personally. Kourosh is a dear friend whom I have been meeting at the local McDonald's on occasion. He has actually met many parliamentarians because of his former role in the real estate industry. He would make presentations to members of Parliament. Kourosh's wife was on the plane that went down and, like many other victims' families, he faced the horrors of the downing of that plane.

I think it is important that the Prime Minister appointed the former minister of finance Ralph Goodale to investigate the situation. We wanted to ensure a sense of accountability for that tragedy. We also worked with other governments, such as Ukraine, where the flight was headed. It was a Ukrainian international flight.

The effect of the lives of those who passed away on the lives of those here in Canada is so profound. When we look at the achievements of those individuals in a relatively short time span here in Canada, they made incredible contributions. I like to think that members, no matter what side of the House one sits on, along with the broader community that follows what is taking place in Iran virtually on a daily basis, can imagine and provide sympathy for those victims.

Our Iranian community is large and it is very much interested and tuned in to the issue. That is why I take offence when someone in the chamber accuses the government or myself of not having a high priority in regard to this issue because nothing could be further from the truth. The government and its ministers have been following what is taking place in Iran very closely, and it is taking appropriate actions where it can in dealing with the Iranian regime.

Where I challenge opposition members is on the manner in which they feel that they can declare that an issue of urgent importance be used as a tool as opposed to a legitimate debate. The Conservatives will stand up today and reflect on this issue, as opposed to talking about the important domestic issue of the digital charter and the protection of personal information.

I raised that because the Conservatives will criticize the Liberals for not allowing enough time for debate on Bill C-27 if the government needs to bring in any form of time allocation in order to get the bill through. Unfortunately, this issue today is no more a priority for the Conservative Party than it was last week when it completely ignored the issue when it had an opposition day motion.

Today it is only important because it wants to disrupt the government agenda. It is an agenda that deals with personal information on the Internet. It is something I know of first-hand. We are often asked to bring concerns from our constituencies here to Ottawa, and we do believe that within our caucus.

I can assure members that there is a genuine concern about information that is being collected on the Internet. I feel that the Conservatives taking away from that debate today does a disservice to those who are concerned about how the Internet collects data. Bill C-27 should be going to committee at the very least.

All one needs to do is look at the government's agenda. We have a budget this afternoon and there will be budget debates. We have other legislation, and the Conservatives know it is a very aggressive legislative agenda. It will cause us to continue, as we did last night, whether the Conservatives want to or not. As long as there are other parties that understand the importance of having that debate, we will have to sit later.

I want to conclude by talking about the debate on Bill C-41 yesterday. It is substantial legislation that would ensure there is ongoing humanitarian aid to countries like Iran and other countries. It is for those in the Iranian communities to know and understand that the Government of Canada, through its ministries, is following what is taking place in Iran and it is taking actions that will make a difference. We want to keep our Iranian communities not only safe but also feeling safe.

Madam Speaker, I found it especially interesting to hear my colleague talk about Bill C‑27. I am in the House today because I am interested in this topic. Unfortunately, the interpretation was not working and I would like that to be corrected.

Yes, Madam Speaker, we are bringing it on because this legislation is important to Canadians.

What was supposed to be happening today? A number of members came to the House anticipating we would be debating Bill C-27. That is the digital rights legislation about the thing called the Internet. We are all somewhat familiar with it, I suspect, everyone except maybe those from within the Conservative Party.

The Internet raises a whole litany of concerns regarding personal identity theft and how data is being collected on the Internet. When I asked the member across the way a question about the report, he said it is about priorities. Yes, it is about priorities. Canadians want their identities protected. It is substantial legislation, which we are supposed to be debating as opposed to participating in—

Madam Speaker, I will get the opportunity to expand upon the point I am going to make to my colleague across the way.

Right away, I am concerned that the Conservatives have chosen this, as opposed to using an opposition day so that we could have a good and thorough discussion on the issue and hopefully get some more positive results coming from a full day of debate using an opposition day. They have chosen to use a concurrence debate, which prevents us from being able to have a number of additional hours of debate on the issue of Bill C-27, which is the digital charter that deals with the privacy of Canadians.

I am wondering if the member could explain to Canadians why the Conservatives continue to have misplaced priorities by not dealing with issues such as the personal security of Canadians on the Internet and by bringing forward a report like this today, as opposed to on an opposition day.

Madam Speaker, there is no doubt that the issue of the IRGC and how it is labelled is of the utmost importance. I do not question that. I will be afforded the opportunity to comment on the issue shortly, but part of the concern I have relates to the games being played by the Conservative Party. We are supposed to be debating Bill C-27 today. I am wondering why the Conservatives continue to go out of their way to prevent debate on government bills. Does the member not feel any obligation to Canadians or the constituents he represents to at least ensure there is debate time? They ask for debate time and should use that time to at least debate the government's agenda.

Madam Speaker, these are the words spoken yesterday by President Xi of China to Vladimir Putin as they departed company in Moscow: “Change that hasn’t happened in 100 years is coming and we are driving this change together.” Their meeting, which took place under the shadow of Russia's onslaught in Ukraine, was one that the experts stated was a meeting to build Russia's and China's alignment against the U.S. and the west, “and a world order more suited to their more autocratic agendas”.

Before us is a very serious bill at a very serious time, and it also would work in coordination with a lot of other serious bills we have on the floor right now. Bill C-34 is on the Investment Act, which looks closely at what investments are security minded and good for Canada. Bill C-27 would enact the consumer privacy act and look at the protection of Canadians' privacy. We have stated all along that privacy for Canadians needs to be a fundamental human right. The bill on interoperability and the right to repair look at different ways in which we are dealing with our IP and technology in Canada.

Today at the science and research committee, we continued the study of IP commercialization, ensuring we can develop technology and hold technology in Canada. We lose a significant amount of our IP to the Americans, to other nations and to foreign entities.

We talk about the world order and what is happening in the world. Albert Einstein famously said that he was not sure what weapons would be used in World War III, but that the weapons of World War IV would be sticks and stones. The weapons being used right now are joysticks and software. We should make no mistake that, at this moment, we are already at war. We are not only talking about Ukraine. The member previous spoke about some of the attacks that are happening from a centre of cyber-attacks in Ukraine.

Cyber-attacks are happening across the world, and they are happening right now in Canada. There has been a lot of different alarming statistics on cyber-attacks and malware attacks in Canada. We know the Canada Revenue Agency was attacked in August 2020, impacting nearly 13,000 Canadians, who were victims of that. There was also a hospital in Newfoundland in October 2020 where cybersecurity hackers stole personal information from health care employees and patients in all four health regions. That affected 2,500 people.

Black & McDonald, a major defence and security company and contractor, was hit with ransomware just two weeks ago. That is our security being hit by the very thing it is trying to protect us from. Global Affairs Canada was attacked in January 2022 right around the time Russia engaged in the illegal invasion of Ukraine. It was reported that it may have been Russian or Russian state-sponsored actions responsible for the cyber-attack on Global Affairs.

Most famously, there was a ransomware attack on critical infrastructure in the United States back in May 2021 where pipeline infrastructure was attacked. President Biden, who will be here tomorrow, issued at that time a state of emergency, and 17 states also issued states of emergency. It was very serious, which shows the capabilities of some of those cyber-threat actors. With ransomware, there are companies that attack companies and then demand a ransom or money before they return those computers or the networks back to the owners. It is now worth $20 billion. That is how much money ransomware is costing businesses. Back in 2016, it was only $5 billion.

The technology is rapidly advancing, and it is a war. It is a war that is affecting Canadians at this very moment, and it is something we have to be very serious and realistic about looking at what cybersecurity is, what it means and what we have to do as Canadians and as a Canadian government to combat attacks.

We know that the bill is something we support. We, of course, support the bill. Cybersecurity is very important, and as the member noted earlier, we have to make it right. We do not have time for a flawed bill or to race something through. Because of the advancements and because of the need to be very serious and realistic about cybersecurity, let us make sure we get the bill to committee and make sure then that we look at certain amendments that would get it right.

The question at this very moment is whether the government is taking this seriously enough. Despite a ban on Huawei announced by the government in May 2022, this week it was ascertained by the member for Dauphin—Swan River—Neepawa, as we were talking about IP commercialization in the science and research committee, that UBC is still working with Huawei after May 2022.

The minister assured us that Huawei was banned, that Huawei was done. Of course, there were reports months ago of a crackdown on IP being stolen and shared from Canadian universities. It has already been projected that 2023 will be the worst year for ransomware, for cybersecurity and, of course, for IP leaving Canada.

We have to take this seriously, and I know that members across the way have talked about it. Of course, this bill does that, but we need to be serious. We need to talk about cybersecurity, which means being realistic and bold in how we counter, and how we aid the west in winning, the war over cybersecurity.

There are amendments to the bill that we would like to see. Number one is to ensure that we protect and safeguard our national security and infrastructure. I know a member talked earlier about the different silos that exist. Probably the most important function is to ensure that silos in the government dealing with cybersecurity are talking to one another. The Americans deal with their cybersecurity concerns through the National Security Agency, the Department of Homeland Security, the Federal Bureau of Investigation and the Department of Defense. They all work alongside each other to enhance the cybersecurity establishment that was developed in 2018.

Similarly, Canada has the Communications Security Establishment, part of which is the Canadian Centre for Cyber Security, but as a member noted previously, is it talking to NSICOP and CSE? Are we making sure we are talking to the different departments? We know that the government is pretty large and unwieldy. We have to make sure that these departments are working together.

We also have to make sure we are looking after our businesses, as 40% of Canadian SMEs do not have any cybersecurity protection. It is going to be very costly for those businesses to implement that. As a business owner, I know the single biggest cost when it comes to cybersecurity is actually insurance. Insurance premiums just for cybersecurity attacks are going up and up. Every year they have increased by 20% to 30%. Of course, that is aligned with the $20 billion we are seeing from malware and ransomware across the world and the increase in cyber-attacks.

We have to make sure that we help our businesses, so perhaps we need to look at tax credits. One thing we can do is ensure that we share best practices and that businesses get support from the federal government to enhance their cybersecurity.

Another concern we have is how much power the minister will get, as the minister is supposed to get all the power. We have seen this with other bills. We have seen this in bills on the right to repair and interoperability. We have seen it in Bill C-27. Perhaps it is better to look at an ombudsman. We have talked about the Governor in Council and orders in council, but we want to hear from the security experts at committee to ascertain who exactly should be making these decisions instead of bringing them back to one minister. This bill right now could fit under the INDU committee and the industry minister, but it is going to the public safety committee, so already we have two different departments managing this bill. Why does one minister have to handle it? Why can it not be a broader process to ensure that we are seeing some congruence?

Privacy is something we talked about quite a bit. We will be debating Bill C-27 in the House tomorrow, and I certainly feel that privacy needs to be a fundamental human right. Part of this bill has different groups and organizations concerned about how we are protecting Canadians' right to privacy. When they lose their privacy, who is responsible for that? There will be a lot of different witnesses coming to committee. When we look at cybersecurity, we have to ensure we are protecting Canadians' fundamental right to privacy and ensure we are doing all we can so that if their privacy is breached, Canadians can find some relief.

We have talked about Bill C-27 and a tribunal, and maybe giving more powers to the Privacy Commissioner, who should have more power to look at whether we should go after criminals or organizations for breaches. We also have to look at the law and at what we are doing to go after criminals who are engaging in cyberwarfare and who continue to be a threat to Canadians.

Russia and China are very concerning right now, and there are a lot of different reasons for that. Russia is growing increasingly reliant on China as both an import market and an exporter of electronics. Both leaders are building a closer energy partnership on oil, gas, coal, electricity and nuclear energy. They are going to build the Power of Siberia 2 pipeline through the territory of Mongolia. This is important because Taiwan is coming up—

Mr. Speaker, I am sure the hon. member across the way, having not had an opportunity to ask the Thursday question and not having been granted that opportunity, might be somewhat confused about the nature of the Thursday question or what it would be about, so of course we excuse him for that.

This afternoon, we are going to be concluding second reading debate of Bill C-26, concerning the critical cyber systems protection act. I would also like to thank all parties for their co-operation in helping to conclude that debate.

As all members are aware, and as I am sure you are aware of and quite excited for, Mr. Speaker, the House will be adjourned tomorrow for the address of the United States President, President Joe Biden.

On Monday, we will be dealing with the Senate amendments in relation to Bill C-11, the online streaming act.

Tuesday, we will continue the debate at second reading of Bill C-27, the digital charter implementation act, with the budget presentation taking place later that day, at 4 p.m.

Members will be pleased to know that days one and two of the budget debate, which I know members are anxiously awaiting, will be happening on Wednesday and Thursday, respectively.

On Friday, we will proceed to the second reading debate of Bill C-41, regarding humanitarian aid to vulnerable Afghans.

Mr. Speaker, that may be a better question for the government to answer, but I do not believe this is the intent of this bill. This bill is about cybersecurity. The government has another bill before the House, Bill C-27, which is a bit closer to privacy changes. The government has not proposed changes to the Privacy Act or the Elections Act, so I do not think this bill is relevant to the question that the member raised. The member is getting away from cybersecurity and into the much broader rubric of the privacy of Canadians. She raises some points, but I do not actually connect them to this bill.

Mr. Speaker, it is a pleasure to rise and join the debate this morning in the House of Commons. I will be sharing my time with the member for Fort McMurray—Cold Lake.

Bill C-26 is a bill that addresses an important and growing topic. Cybersecurity is very important, very timely. I am glad that, in calling this bill today, the government sees this as a priority. I struggle with trying to figure out the priorities of the government from time to time. There were other bills it had declared as absolute must-pass bills before Christmas that it is not calling. However, it is good to be talking about this instead of Bill C-21, Bill C-11 or some of the other bills that the Liberals have lots of problems with on their own benches.

Cybersecurity is something that affects all Canadians. It is, no doubt, an exceptionally important issue that the government needs to address. Cybersecurity, as the previous speaker said, is national security. It is critical to the safety and security of all of our infrastructure. It underpins every aspect of our lives. We have seen how infrastructure can be vulnerable to cyber-attacks. Throughout the world, we have seen how energy infrastructure is vulnerable, like cyber-attacks that affect the ability to operate pipelines. We have seen how cyber-attacks can jeopardize the functioning of an electrical grid.

At the local level, we have experienced how weather events that bring down power infrastructure can devastate a community and can actually endanger people's health and safety. One can only imagine what a nationwide or pervasive cyber-attack that managed to cripple a national electrical grid would do to people's ability to live their lives in safety and comfort.

Cyberwarfare is emerging as a critical component of every country's national defence system, both offensively and defensively. The battlefield success of any military force has always depended on communication. We know now just how dependent military forces are on the security of their cyber-communication. We see this unfolding in Ukraine, resulting from the horrific, criminal invasion of that country by Putin. We see the vital role that communication plays with respect to the ability of a country to defend itself from a foreign adversary, in terms of cybersecurity.

I might point out that there is a study on this going on at the national defence committee. We have heard expert testimony about how important cybersecurity is to the Canadian Armed Forces. We look forward to getting that report eventually put together and tabled, with recommendations to the government here in the House of Commons in Canada.

We know that critical sectors of the Canadian economy and our public services are highly vulnerable to cyber-attack. Organized crime and foreign governments do target information contained within health care systems and within our financial system. The potential for a ransom attack, large and small, is a threat to Canadians. Imagine a hostile regime or a criminal enterprise hacking a public health care system and holding an entire province or an entire country hostage with the threat to destroy or leak or hopelessly corrupt the health data of millions of citizens. Sadly, criminal organizations and hostile governments seek to do this and are busy creating the technology to enable them to do exactly this.

The Standing Committee on Access to Information, Privacy and Ethics conducted three different studies while I was chair of that committee that were tied to cybersecurity in various ways. We talked about and learned about the important ways in which cybersecurity and privacy protection intersect and sometimes conflict. We saw how this government contracted with the company Clearview AI, a company whose business is to scrape billions of images from the Internet, identify these images and sell the identified images back to governments and, in the case of Canada, to the RCMP.

We heard chilling testimony at that committee about the capabilities of sophisticated investigative tools, spyware, used by hostile regimes and by organized crime but also by our own government, which used sophisticated investigative tools to access Canadians' cellphones without their knowledge or consent. In Canada, this was limited. It was surprising to learn that this happened, but it happened under judicial warrant and in limited situations by the RCMP. However, the RCMP did not notify or consult the Privacy Commissioner, which is required under Treasury Board rules. This conflict between protecting Canadians by enforcing our laws and protecting Canadians' privacy is difficult for governments, and when government institutions like the RCMP disregard Treasury Board edicts or ignore the Privacy Commissioner or the Privacy Act, especially when they set aside or ignore a ruling from the Privacy Commissioner, it is quite concerning.

This bill is important. It is worthy of support, unlike the government's somewhat related bill, Bill C-27, the so-called digital charter. However, this bill, make no mistake, has significant new powers for the government. It amends the Telecommunications Act to give extraordinary powers to the minister over industry. It is part of a pattern we are seeing with this government, where it introduces bills that grant significant powers to the minister and to the bureaucrats who will ultimately create regulations.

Parliament is really not going to see this fleshed out unless there is significant work done at committee to improve transparency around this bill and to add more clarity around what this bill would actually do and how these powers will be granted. There have been many concerns raised in the business community about how this bill may chase investment, jobs and capital from Canada. The prospect of extraordinary fines, without this bill being fleshed out very well, creates enormous liability for companies, which may choose not to invest in Canada, not fully understanding the ramifications of this bill.

There is always the capture. We have seen this time and time again with the government. It seems to write up a bill for maybe three or four big companies or industries, only a small number of players in Canada, and yet the bill will capture other enterprises, small businesses that do not have armies of lobbyists to engage the government and get regulations that will give them loopholes, or lawyers to litigate a conflict that may arise as a result of it. I am always concerned about the small businesses and the way they may be captured, either deliberately or not, by a bill like this.

I will conclude by saying that I support the objective. I agree with the concern that the bill tries to address. I am very concerned about a number of areas that are ambiguous within the bill. I hope that it is studied vigorously at committee and that strong recommendations are brought back from committee and incorporated into whatever the bill might finally look like when it comes back for third reading.

Can I just follow up on that? Seeing all of the accounts of this C-18 legislation in reference to your company and the precedent it's supposed to set globally for you, I would have thought that at least you would send your CEO to speak to a country that represents 38 million people—or to the House of Commons that represents 38 million people.

I will move on to my next comment or question. I just spoke two days ago in the House of Commons about Bill C-27 and its implications for Canadians' privacy. Google once attempted to build a smart city in Toronto that would have collected massive amounts of personal and very private information for money. The basis of your business is surveillance, and you make a lot of money doing it.

We now see you as a company threatening Canadians that you will be censoring, or you have censored, 4% of the news content in Canada.

I have a simple question. Yes or no, do you think it's okay to block any news content to Canadians?

Madam Speaker, I am looking at Bill C-27 and wondering what we make of the fact, and I know he commented on this, that we have three different bills that are all put together and only one is really new. We have seen the privacy pieces and the repeal of PIPEDA in the former Parliament's Bill C-11. The bill before us relating to artificial intelligence and high-impact AI and regulating that is essentially an entirely different scheme of legislation. Would the Conservatives agree that they should be split so we can examine them separately? I think that is already their position. What does the hon. member say to that?

Madam Speaker, it is a pleasure for me to speak to Bill C-27 in the House today, a bill that deals with issues related to privacy, as well as the way that the government interacts with large corporations to protect, or not, the privacy of Canadians.

I want to say at the outset that I am deeply concerned by the fact that the government has clearly been captured by certain corporate interests. It is important to distinguish in this discussion between corporate interests and the idea of a free market. As Conservatives, we believe very much in the importance and value of a free market and a competitive market, a market that is legitimately a challenging and competitive place for businesses that have to compete with each other to have the best products, where some businesses come in to challenge and steal market share away from other businesses and so forth, where there are not gatekeepers preventing new entrants coming into business. We celebrate free markets and the competitive aspect of free markets rather than a situation in which a small group of large corporations is able to dominate and exercise undue and inappropriate power.

In this House, different parties have different dispositions when it comes to corporations. We have the NDP that generally takes kind of an anti-business approach in general, we have my party that champions the free competitive market and we have a government that is, sadly, captured by specific corporate interests, often at the expense of the free market, as well as at the expense of individual well-being. Paradoxically, the NDP, while it criticizes the government for that, is fundamentally complicit with the government in, on the one hand, criticizing its agenda as it relates to defending corporate interests, but, on the other hand, supporting the government and providing it with the supply it needs to continue in its misguided approach.

What we see in terms of the government's relationship with large corporate interests at the expense of the free market and individual well-being is clear across a broad range of cases. We could talk, for instance, about the government's fondness for specific companies in terms of outsourcing and procurement, how it has repeatedly gone back to McKinsey to do work that in fact could have and should have been done within the public service, despite McKinsey's track record in so many different areas. We can talk about the fact that while the public service has grown, outsourcing under the government has expanded dramatically. We can talk about how it has pushed companies to implement forms of political discrimination, such as freezing people's bank accounts. We can talk about a number of the violations of individual privacy and liberty that happen through the government's close relationship with corporations.

I will say, in general, there is this emerging concept of woke capitalism or stakeholder capitalism that I think we need to be thoughtfully critical of, this idea that large corporations should be making definitive determinations and forcing those implementations on the country using their power and that governments can push corporations to push woke ideas or particular views of the common good that arise not through free democratic deliberation, but that come about because of pressure from corporate interests. We see the government's fondness for this kind of woke corporatism approach, where it tries to pressure companies to align with and push its views on various issues.

Again, Conservatives are very supportive of competitive marketplaces where businesses are doing business, not assuming a preferential position in social values debates, where businesses have to compete to survive, where new businesses are able to compete with old businesses and where we support the development of new small businesses so that we do not have a concentration of corporate power, but, rather, a well-functioning, effective market economy. That is the vision that Conservatives are defending.

Let me talk specifically about the issue of privacy and how we see the working out of the government's kind of approach to and relationship with big corporations in terms of their approach to privacy.

I am very pleased the Conservative Party uses and has a member-driven policy document. On issues like this, if one would like to know where Conservatives stand, it is not just a matter of Conservative caucus discussion but it is also a matter of drawing from the work that hundreds of thousands of Conservative Party members do, deliberating at the riding level, having discussions, proposing ideas and bringing those to a convention that then leads to a standing policy document that helps to define and frame the values that Conservatives stand for. I know our Conservative Party is deeply committed to the idea of grassroots democracy and the role our members play in all aspects of decision-making.

That is very important, and in this particular context, we see that playing out in the area of the policy declaration. Our policy declaration recognizes the fundamental right people have to privacy. As a Conservative caucus, we are supportive in advancing and bringing to the House that view about fundamental rights, a fundamental right to data privacy that has come to us through the involvement of our members but that also reflects the widely held perspectives of Canadians beyond our membership, a fundamental right around the protection of data.

This bill, Bill C-27, could have mirrored the language from the Conservative Party policy declaration. It does not. It does not recognize the fundamental nature of rights around data privacy. Rather, it talks about kind of striking a balance between people wanting to have their privacy protected but also the fact there are certain corporate interests. There are interests of corporations the government is close to that might be negatively affected if we recognize the fundamental right to privacy of Canadians, so it effectively seeks to say there should be some balance between the idea of protecting people's rights and the fact there may be certain large corporations whose interests would be negatively affected by recognizing the privacy rights of Canadians.

In particular, although the bill speaks about a balance at a general level, it is so, to borrow a word from the member opposite, “flexible” that it creates space one could effectively drive a truck through, with so many different exceptions and exemptions that it is not really effectively protecting the privacy rights of Canadians.

A member opposite, in a speech just given, said that this is a flexible framework, that the bill is flexible. Well, flexibility is not always a virtue. In particular, it is flexible for who? Who is doing the flexing? Who is the one who is able to bend the bill back and forth to their own will and interests? I would suggest the flexing is not being done by the individual who is supposed to own their own data, the flexing is being done by these corporate interests the government is close to.

Even if one believes this should be a balanced approach, it is not a balanced approach. It is a highly “flexible” approach in which the bending and twisting is done by the particular interests the government has been and always I suspect will be close to until we are able to have a new government in this country that respects fundamental rights, respects privacy and believes in a free competitive market in which businesses compete instead of where particular corporate friends of the government are protected.

I want to draw the attention of members to specific sections in here that identify broad exceptions in the legislation. Subclause 18(3) would allow the organization or business to use a person's information if they have a legitimate reason for doing so. That is pretty flexible. If one wants flexible, we are going to say this data cannot be used in a certain way unless there is a reason to do so. I would submit most people who do things think they have a legitimate reason for them. Others might not think they have a legitimate reason, but to say people's data can be used as an exception if there is a legitimate reason, there likely could be no broader conceivable exception than that one.

However, there are more exceptions even, if that one were not enough. The legislation, for instance, in subclause 15(5), refers to “implied consent”, so apparently in the case of privacy legislation, consent is not so sacrosanct, because companies can interpret an implied consent in this context.

There are clear problems with this legislation in terms of the particulars, but we can understand broader than the particulars the motivation or the value set that is behind this bill, which is that the government is once again trying to defend corporate interests instead of defending privacy and a genuinely competitive free market.

Madam Speaker, I am so pleased to rise today to speak to the digital charter implementation act, 2022. With Bill C-27, our government is showing leadership in a new digital world. Privacy is important to the residents of my riding of Hamilton Mountain. It is important to all Canadians. This legislation would not only benefit consumers, it would allow companies to innovate, compete and thrive.

The world I grew up in is significantly different from the world in which my son is growing up. This bill gives me confidence that we will be able to take advantage of the latest technologies, while at the same time be assured that our personal information is safe and secure.

I want to specifically talk about the consumer privacy protection act and how it sets out a balanced approach to compliance and enforcement.

Canadians clearly want their personal information to be handled responsibly, and they want meaningful consequences for organizations that break rules to gain some advantage. Canadians want fair punishment for truly bad actors.

According to a survey published by the Office of the Privacy Commissioner, 71% of Canadians have refused to provide their personal information to an organization because of privacy concerns. In an earlier survey, this same percentage of Canadians said that their willingness to share their personal information would increase if they knew the organization would face financial consequences should their information be mishandled. Such consequences are clearly an important tool for enhancing privacy protection for Canadians and also for helping organizations comply with the law right from the start.

The consumer privacy protection act, or CPPA, will assist companies to get privacy right and the escalating enforcement approach will correct problems as they arise.

The new privacy law incentivizes organizations to step up and improve their privacy practices at the outset. The CPPA will also provide the Privacy Commissioner with a key role in helping them do so.

Under the CPPA, businesses will be able to ask the Privacy Commissioner to review the policies and practices that make up their privacy management program, which will assist them in complying with the law. The commissioner can also ask to review such programs. This is a very important step in the early detection and serves to correct problems at the outset.

Privacy management programs cover a wide range of privacy considerations: how companies manage service providers; how they respond to breaches; when to undertake privacy risk assessment; employee training; complaint handling; and so on. Under the CPPA, the Privacy Commissioner will be able to examine these policies and practices outside of an investigation. The goal is for the commissioner to give advice and make recommendations.

The CPPA will prevent the commissioner from using what he or she has learned in these reviews in any enforcement action unless the organization willfully disregards recommendations. We think this would be very rare, but if it happens, action can be taken.

The approach provides an appropriate space in which the commissioner can provide advice and companies can take proper action. At the same time, the commissioner will be able to gain insights on how the law is implemented in real-world situations, thereby being able to better advise organizations on the challenges they may face in the privacy space.

Essentially this approach builds on the Office of the Privacy Commissioner's current business advisory function, which has proven successful in encouraging compliance through engagement rather than enforcement. By allowing for the review of privacy management programs, the CPPA provides businesses with a safe place to seek and obtain advice and implement compliance solutions at the onset. We believe this will help prevent privacy issues before they have an impact on individuals.

We know Canadian companies will be very interested in this part of the new law, particularly smaller companies and start-ups, and I can probably think of a few in Hamilton Mountain.

The CPPA recognizes that a one-size-fits-all approach does not work for privacy. Some organizations deal with minimal amounts of personal information; for others, it is central to their business model. That is why the CPPA allows organizations to develop their privacy management programs according to the volume and sensitivity of the personal information that they handle, and why the commissioner must also take this and a company's revenues into consideration during the exercise of the role under the law.

Another important protection under the new act is the ability of the Privacy Commissioner to review the risk assessments and mitigation measures that organizations must do if they rely on a brand new exception to consent for activities in which they have legitimate interest.

Under the CPPA, the Privacy Commissioner will continue to undertake research and publish guidance. It is a long-standing role and important in helping organizations meet their compliance obligations. It is a role that we wholeheartedly support.

The bill would ensure that organizations build privacy considerations into their products and services from the beginning. Working with organizations, giving guidance, this is a fundamental role of the Privacy Commissioner. We want to be proactive here. We want to prevent problems before they have a harmful impact on individuals.

However, there will be organizations that do not have the right practices. There will be others that have the right practices but still make mistakes. This law provides individuals with the right to complain about an organization's privacy policies when they appear to be offside with the law. The right to complain is considered to be a fundamental principle in all privacy statutes.

Under the CPPA, like PIPEDA, the Privacy Commissioner also retains the ability to initiate a complaint investigation when there are reasonable grounds to do so. This is an important role because filing a formal complaint is not always obvious. Maybe some people will not know there is a problem; maybe they do not have time to make a complaint. This is where the Privacy Commissioner should be able to take action when intelligence gathering from media reports and their own research indicate that there could be potential trouble.

CPPA encourages the early resolution of problems and provides for dispute resolution. Over the years, through its active early resolution approach, the Office of the Privacy Commissioner has successfully been able to resolve many complaints with limited formality.

The CPPA maintains such tools for the commissioner. For example, compliance agreements, introduced relatively recently under PIPEDA, remain in the CPPA. Pursuing these agreements allows companies to work out an acceptable resolution with the commissioner, without the commissioner resorting to more formal measures, like orders. However, resolution will not always be possible or desirable. Sometimes the commissioner will need or want to consider stronger measures.

Under CPPA, the commissioner will have the power to issue orders to compel an organization to take necessary actions to bring the organization into compliance. This is a new power and a key improvement over PIPEDA.

Prior to issuing such orders and to ensure fairness, the Privacy Commissioner's office will need to go through a new process, called an inquiry. Once the inquiry is completed, the commissioner will issue findings and a decision, and will make orders as necessary to an organization to change its privacy practices.

As part of this process, the Privacy Commissioner may also recommend administrative monetary penalties to a new tribunal for certain contraventions of the law. The possibility of significant fines for non-compliant organizations, fines of up to 5% of global revenue or $25 million, whichever is greater, for the most serious offences, is another key improvement over PIPEDA.

A key part of the new enforcement regime, the personal information and data protection tribunal is being established to hear appeals of the commissioner's decisions. If required, it will also decide whether to issue a monetary penalty and, if so, the amount.

Industry stakeholders say that we need impartiality in enforcement decisions, given the different roles of the Privacy Commissioner. This was particularly the case for any proposals involving monetary penalties, which have the potential to significantly affect an organization.

The new privacy law will support additional due diligence in decisions to impose monetary penalties by introducing an inquiry phase before issuing orders, and by separating the imposition of penalties from the commissioner's other responsibilities.

We know that some organizations will challenge the commissioner's orders and recommendations, and we do not want to burden the courts. This is another reason for introducing a new tribunal. It is intended to be more accessible than the courts. It will ease access to justice for the individual and the organization.

After the previous version of this bill was tabled, stakeholders told us it needed more privacy expertise. We listened and this version of the CPPA has the necessary privacy expertise to ensure credibility.

Madam Speaker, that is a very important point. I have a seven-year-old son, and he is starting to play games on my iPhone and whatnot.

We cannot say that Bill C‑27 will protect children because this bill does not include a definition of sensitive information, which we need.

Madam Speaker, we are here today to debate Bill C-27, the digital charter implementation act. With this bill, the government seeks to bring Canada's consumer privacy protections up to date, to create a tribunal to impose penalties on those who violate those protections and to create a new framework on artificial intelligence and data.

For my constituents, I think the most important question is this: Why are consumer privacy rights important? Our personal information has become a commodity in the modern world. Businesses and organizations regularly buy, sell and transfer our personal data, such as our names, genders, addresses, religions, what we do on the Internet, our browsing history, our viewing and purchasing habits, and more. This happens so often that it is almost impossible to know who has access to our sensitive data and what they do with those personal details. Unfortunately, this bill fails to adequately protect the privacy of Canadians and puts commercial interests ahead of privacy rights.

The first part of this bill is the consumer privacy protection act, and I will note, as many others have during this debate, that it is really three bills in one. It is the largest part of this bill and brings in new regulations on the collection, use and sale of the private data of Canadians. I will cover three issues that I have found in this act in the first part of this bill.

The first issue relates to how organizations may collect or use our information without our consent. Subclause 18(3) states:

(3) An organization may collect or use an individual’s personal information without their knowledge or consent if the collection or use is made for the purpose of an activity in which the organization has a legitimate interest that outweighs any potential adverse effect on the individual resulting from that collection or use

Without defining what a “legitimate interest” is, this subclause risks giving organizations free rein to define “legitimate interest” in whatever way suits their own commercial interests.

The second issue I will cover relates to how the bill would protect the privacy rights of children. Subclause 2(2) states:

(2) For the purposes of this Act, the personal information of minors is considered to be sensitive information.

However, nowhere in this bill are the terms “minor” or “sensitive information” defined. This will lead to confusion about how the personal information of children should be handled, and will ultimately lead, in my opinion, to weak protection of that information. There is also no other provision in this legislation that regulates the collection and use of children's personal data.

Every parent in the House of Commons is very concerned about their child going on Minecraft and about their interactions with other people and other gaming sites. This bill does not do enough to protect children in the context of online gaming.

The last issue I will raise in this act relates to when organizations can rely on implied consent to collect and use personal data. Subclause 15(5) states:

(5) Consent must be expressly obtained unless, subject to subsection (6), it is appropriate to rely on an individual’s implied consent, taking into account the reasonable expectations of the individual and the sensitivity of the personal information that is to be collected, used or disclosed.

This subclause highlights that the bill lacks a clear definition of “sensitive information”. This means that organizations will have free rein to determine when they can rely on implied consent, and they will be free to decide what information is or is not deemed sensitive according to their interpretations and not the legislation's interpretation.

The second part of the bill relates to the creation of the new personal information and data protection tribunal act. The bill would create a new semi-judicial body with the power to levy financial penalties against those who violate the CPPA, the first part of the act. I question whether this tribunal would be able to enforce the penalties outlined in clause 128, which are tied to global revenue and a proportion of profit in the previous fiscal year.

How does the government plan on ensuring accurate figures? Does the government really believe that it will go after Google in a global context, hold Google accountable and collect up to 4% or 5% of Google's global revenue? It is farcical.

We need very clear and very big amendments to this section. We need to question whether we even need a tribunal, because if it is in charge of enforcing clause 128 of the bill, I already know it is going to fail.

Under the third section of the bill, the artificial intelligence and data act, new provisions would be created that apply to the private sector. However, this bill does nothing to address the relationship between government and artificial intelligence.

Right now in Parliament, we are debating Bill C-11, which talks about the government's use of algorithms in the context of the CRTC. This bill has rightly infuriated Canadians across the country who are concerned about how the government would determine what people say and do on the Internet and where they would be directed. Why is the government not trying to apply the same standards upon itself as it is trying to apply on private corporations?

I want to address some other key oversights in the bill.

First, in the U.K., EU and even Quebec, certain personal details, such as race, sexuality and religion, are given special protection in comparison with other personal information. Why does the government believe the most identifiable aspects of our personal information are not worthy of being defined as sensitive information in the context of privacy law?

Second, the bill does nothing to regulate the sale of personal data. I am reiterating this point. In a world where the sale of personal data has become an integral part of our economy, why is the government not concerned with setting clear rules on how data and what kinds of data can be bought and sold, especially in the context of children?

Third, the bill fails to regulate the use of facial recognition technology. The RCMP used Clearview Al's facial recognition database, which was illegally created. Why does the government not think it is appropriate to ensure this never happens again?

Fourth, the consumer privacy protection act and the personal information and data protection tribunal act proposed in this bill are nearly identical to the acts proposed under last Parliament's Bill C-11. The consequence is that Canada's consumer privacy laws will be out of date by the time they come into force.

This bill was an opportunity to put forward strong regulations on the collection and use of personal data, but it failed to meet some basic criteria and thresholds. While the increased penalties for violating the act are welcome, they are watered down by the implementation of a tribunal that would take months or potentially even years to make a decision and levy fines. It is even questionable whether such a tribunal could actually do what it is purported to be responsible for.

Do we really need privacy legislation that fails to protect the privacy of Canadians? Do we really want privacy legislation that fails to put consumer interests ahead of corporate interests? Do we really want privacy legislation that fails to protect the personal information of children? Do we really want Al regulations that do not apply to government? Frankly, the government needs to withdraw Bill C-27, break it up into different parts and come back to Parliament after it has looked at the drawing board again and done something a little more comprehensive.

Madam Speaker, this is my first opportunity to get in on the debate on Bill C-27 today, and I have to say that my thoughts resonate a great deal with those mentioned by the hon. member for Windsor West in his pointing out that this is three bills in one.

To focus on the part that is completely new, artificial intelligence, I find that there is a great deal of tautology when we look at the bill. For instance, it says that we will know what a high impact of artificial intelligence is if it “meets the criteria for a high-impact system that are established in regulations.” There are a number of other places like this, but we do not have regulations yet. When will we know what the bill means?

Madam Speaker, I thank my colleague. I would simply like him to answer the following question.

Since Quebec already has its own privacy legislation and it works very well, does my colleague not think that Bill C‑27 should clearly state that it will not contravene Quebec's legislation?

This should be stated in the bill.

Madam Speaker, I rise today to speak about Bill C-27. I will focus on the artificial intelligence and data act, but before that, I would like to briefly talk about the overall digital charter implementation act.

Canadians have never been more reliant on the digital economy, yet the current privacy law was last updated over 20 years ago, before iPhones or Facebook even existed. In the new digital economy, enhanced privacy would not only benefit consumers but allow companies to innovate, compete and thrive. We are now at a juncture where, over the next few years, the rules of the road for digital privacy and AI are being written and entrenched. That is why it is crucial to have clear rules when it comes to this sector. For Canadians to prosper and benefit from the digital economy, they need to have confidence that their data is safe and trust that their privacy is being respected.

That is why the government has introduced this legislation, which would ensure that Canada has critical protections in place. Bill C-27 would ensure that Canadians have first-class privacy and data protection and that companies that break the rules face severe consequences, some of the steepest fines in the world. It would also hold organizations to a higher standard, in particular when it comes to protecting the personal information of minors by giving them and their parents more power over their information, including the ability to have it deleted. With Bill C-27, we are moving beyond traditional privacy protection to ensuring data control for all Canadians. Canadians can be reassured that we will never compromise on the trust and safety of their privacy.

Over the last decade, artificial intelligence technologies have been expanding rapidly and have been benefiting Canadians in a variety of ways. These technologies are evolving rapidly and with that, there is an increase in risk and harms due to the use of AI systems, whether intentional or unintentional. The artificial intelligence and data act, or AIDA, would establish rules to promote the responsible use of AI and the related governance practices. The framework would ensure that the development of AI systems has to include plans to mitigate bias and harm and that organizations are accountable for their practices.

The AIDA seeks to regulate international and interprovincial trade and commerce in artificial intelligence systems by requiring that certain persons adopt measures to mitigate risks of harm and biased output related to high-impact artificial intelligence systems. The act would provide for public reporting and would authorize the minister to order the production of records related to artificial intelligence systems. The act would also establish prohibitions related to the possession or use of illegally obtained personal information for the purpose of designing, developing, using or making available for use an artificial intelligence system in an intentional or reckless way that causes material harm to individuals. This would ensure that Canadians have strong privacy protections and clear rules of the road for business, as well as guardrails to govern the responsible use of artificial intelligence.

This bill would provide Canada with adequacy within the European Union's GDPR framework and international interoperability on privacy. Further, it would enable Canada to remain on the cutting edge of artificial intelligence development. This bill would help us to build a Canada where citizens have confidence that their data is safe and their privacy is respected, while unlocking innovation that promotes a strong economy.

The University of Toronto’s Schwartz Reisman Institute for Technology and Society studied this bill, and I would like to quote from an article written by policy researcher Maggie Arai:

As technology continues to advance and permeate almost all aspects of modern life, it has become necessary for regulators to grapple with how to best regulate it. New ways of collecting and processing personal information necessitate new regulations to protect those whose information is being collected, analyzed, and sold—often whenever they visit a new website or sign up to a new app like Facebook or TikTok. Advances in artificial intelligence (AI) are also top of mind for many regulators, posing unique risks and challenges that must be addressed. The recently tabled Bill C-27 represents Canadian regulators’ efforts on both fronts.

She goes on to say:

The Artificial Intelligence and Data Act (AIDA) is the federal government’s first attempt to comprehensively regulate artificial intelligence. Canada is not alone in this: AIDA comes in the wake of similar initial attempts at AI regulation by other governments around the world, such as the European Union’s 2021 AI Act and the United States’ 2022 Algorithmic Accountability Act. AIDA, like the EU’s AI Act, takes a risk-based approach to regulating AI. However, it is worth noting that Canada proposes categorizing AI based on whether it is “high-impact,” while the EU uses the language of “high-risk.” AIDA is also far less prescriptive than the EU AI Act. The draft Act is quite short, with much room left for the enactment of provincial AI laws as well as further federal regulation....

She continues:

A person becomes a “person responsible” for an AI system if they design, develop, make available for use, or manage the operation of an AI system in the course of international or interprovincial trade and commerce.

The major requirements contained in AIDA for “persons responsible” for AI systems include ensuring the anonymization of data, conducting assessments to determine whether an AI system is “high-impact,” establishing measures related to risks, monitoring and keeping records on risk mitigation, and requirements for organizations to publish a plain-language description of all high-impact AI systems on a public website. If at any time the Minister has reasonable grounds to believe that a person may be in contravention of these requirements, the Minister may order that person to conduct an audit into the possible contravention, or engage an independent auditor to conduct the audit.

She goes on to say:

The tabling of Bill C-27 represents an exciting step forward for Canada as it attempts to forge a path towards regulating AI that will promote innovation of this advanced technology, while simultaneously offering consumers assurance and protection from the unique risks this new technology...poses.

She also states:

There are also sections of C-27 that could be improved, including areas where policymakers could benefit from the insights of researchers with domain expertise in areas such as data privacy, trusted computing, platform governance, and the social impacts of new technologies.

She goes on to say:

To ensure that the powerful new technologies that shape our world today benefit everyone, it’s essential that our policies are well-informed—especially when it comes to how technical systems work, how they interact with our legal infrastructure, and how they impact society. As we approach the implementation of this landmark regulation, it’s critical that Canadians are engaged and informed on these topics and ready to make their voices heard.

I will now quote from an article written by the law firm of McCarthy Tetrault, which states:

Bill C-27, if adopted into law, is set to have a significant impact on businesses by creating new requirements for those who make, use, or work with AI. The bill imposes several new obligations on the AI sector which are backed by serious penalties for non-compliance.

Madam Speaker, I rise today to address the House with respect to Bill C-27, the digital charter implementation act, 2022. It is just a year or so behind.

Thirty-four years ago, the Supreme Court of Canada recognized that privacy was at the heart of liberty. Much has changed since 1989 and little more drastically than the continuous transfer of the private information of Canadians to other organizations. The questions we need to ask are these: What are the costs of and what are the benefits of the availability of Canadians' private information for the use of others?

Many organizations see themselves as supplying useful value to Canadians by being provided, whether by contract or by capture, private information that is not knowingly provided by citizens. Examples include service companies that recognize when a consumer might be able to save a percentage of their fees by bundling certain services. In such a case, the benefit of this information availability is shared by the consumer and the service provider.

Let us make no mistake. What drives the action by the service provider is profit, which is known as the greater share of wallet. Nevertheless, in such cases, the consumer sees the benefit of being included in the information sharing, whether they know it has occurred or they do not.

This apparently benign approach to gathering information has now stretched to our daily lives, where our computers, our phones and our in-home private intelligent assistants, like Siri and Alexa, are gathering information on us. When my sons are at their homes and use Siri, they say, “Siri, turn on”. They have figured out that Siri was listening the whole time. A lot of information is being culled. Do we know that our information, in that case, when we have not actually disclosed it willingly, is being used in a benign or creditable way? Which of that has become public information to be monetized by somebody else? That is what is occurring.

Large corporations are gathering data that is being sold to others for their own purposes. That supposedly benign relationship is now being passed to another organization, in that case, that is paying the information gatherer, and so on. There is no accountability mechanism to the individual for the benefit of the supply of one's information to flow.

There is only one measurement at play, and that is profit. One need only look at the incredible financial returns associated with these technological information-gathering companies, including the Googles, the Metas, the Amazons, etc. None of those are Canadian, by the way, and realize that the value-extraction industry is lopsided in their favour. At no time in human history have start-up companies, many without a tangible product, achieved such lofty valuations so quickly. Billionaires are created out of computer code, which provides what, exactly. It provides our information.

Value is created and destroyed in commercial markets. That is the economic engine that has led the western world to prosperity, but value is only traded in financial markets. Let us ask this: Is the culling and selling of private information, however obtained, creating value or transferring value?

In that respect, the intent of this bill is good. It is designed to modernize the protection of Canadians' digital privacy rights. It is past due, and it is important. It cannot be delayed by another prorogued Parliament or another unnecessary election call, as happened to the prior bill that was introduced to advance this issue in the last Parliament. The aim of this bill is good. The execution, I would say, is way off. I see a bureaucratic solution, designed by bureaucrats, for use by bureaucrats, with what would be a minor effect for the Canadian population in general. As we say, if you are a hammer, everything looks like a nail.

The design outcomes of this bill are increasing bureaucratic oversight. The personal information and data protection tribunal act would have six members and would be put together in a tribunal, three of whom would have experience in information and privacy law. Only three out of six, which is half, are going to have experience in the very laws that they would be overseeing.

This is going to be responsible for determining the severity of financial penalties. It would have a staff of 20 with a budget, along with a larger budget for the Privacy Commissioner, which already exists. Does anybody see any redundancy in this solution?

There is a litany of financial penalties listed through this bill and a host of requirements of all businesses, even small businesses, which are going to find the requirements of this bill onerous in the extreme. Joe's Garage is going to be treated with the same expectations as the Royal Bank and face the same potential penalties.

I will read from this legislation something that would scare any small-business person. This is about privacy management programs, as required under the legislation. It states that, “Every organization must implement...a privacy management program that includes the [organization's] policies, practices and procedures....”

It further states that, “...the organization must take into account the volume and sensitivity of the personal information under its control.” What does that mean, and how do we interpret that?

It also states, “...the organization must ensure, by contract or otherwise, that the service provider provides [substantially the same] protection....” Therefore, a businessman is going to need to ensure that something nebulous is not being provided by their service provider when forwarding information. Clearly, no one involved in this bill's design has even considered what this means for Canada's small-business community.

Here is the issue for Canadians. Who has the most information on Canadians? Governments, first of all. Who is likely to get information hacked? Those same governments.

This bill shows a complete lack of accountability by the government regarding how it might misplace or misuse Canadians' data. Is the government going to fine itself in such an instance? I doubt it. That would be a round-trip anyway, at that point in time.

Banks, secondly, have a lot of information about Canadians, and they use that information to increase their returns. They have large bureaucracies, large legal departments and government relations departments to stick-handle these fines. I should note, in this legislation, many exemptions are included. Therefore, we are building more bureaucracy. That is just what Canadians have elected us to do, I say very sarcastically.

On top of the 30% increase in federal government employees over the past six years, we are going to build more bureaucracy. What this bill should be doing is trying to strike a balance between business use of data and the fundamental protection of our privacy.

Let us quickly discuss some of the nefarious uses of digital information gathering. Let us go back to the pandemic, when CERB payments were given out to Canadians, and how many criminal organizations misused that government information to pilfer the pockets of Canadian taxpayers and get undeserved CERB payments into the wrong accounts. This is what happens when government information is pilfered, and this is the main problem with the privacy of Canadians' information.

My advice to the government is to get this bill moving. It is way behind other jurisdictions on this very important issue. Look at how the absence of privacy protection has affected Canadians, and take a look at where the value of Canadians' information has gone: to all the large American tech companies.

The government must listen to that input and the alternatives that are going to be put before it when it puts together this bill. Hopefully, the government amends this bill so it actually addresses the privacy of Canadians in a more complete manner. Listen to that input and to those alternatives. As the Supreme Court of Canada reiterated 34 years ago, Canada needs to recognize privacy as a right, so let us get to work in providing an outcome that actually safeguards Canadian's privacy.

Madam Speaker, 20 years after the need to see changes was shown, Bill C-27 is here.

The last time we saw changes, Facebook and iPhones did not exist. This is important legislation. Within it, to use a couple of examples, there are frameworks that allow for substantial fines and protection of Canadian privacy.

What we are hearing from the Conservative Party is that Conservatives do not want any of it. They are going to vote against the bill. The Conservatives are ultimately arguing that the bill is not amendable.

Does the member not see any value in the substance that is actually there to protect Canadians and empower things such as substantial fines?

Madam Speaker, we are talking about Bill C-27, an act to enact the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act and the Artificial Intelligence and Data Act and to make consequential and related amendments to other acts. The length of the bill's title is commensurate with the work that will be required of legislators.

Obviously, the Bloc Québécois will be voting in favour of the bill, since we have wanted it for quite some time. Quebec is actually already ahead of the curve on this issue. We absolutely must send Bill C-27 to committee so we can hear from experts who will point out the flaws in the bill, shed light on how to improve it and put some flesh on the bones, so to speak.

There are too many details in terms of the areas of action and application, and we cannot look at them all too quickly. We need some clarification, and that is to be expected. The committee needs to hear from a wide range of witnesses. The bill must not pass too quickly. What matters is taking our time in committee. That is what taking responsibility looks like, if we want Internet users to do the same.

On November 28, 2022, the Speaker of the House made the following decision regarding Bill C‑27:

...two votes will take place at the second reading stage.... The first will be on parts 1 and 2, including the schedule to clause 2. The second will deal with part 3 of the bill.

Thus, if the House votes against the AI portion, work on Bill C‑27 will continue without that portion. If the House votes in favour of the bill in its entirety, it will go to committee. Even if we vote in favour of the AI portion at second reading, there is still an opportunity to vote against it at third reading. That sort of latitude is important.

The Personal Information Protection and Electronic Documents Act has needed reform for years. A digital charter is urgently needed. Canada's privacy law is pre-digital, if not prehistoric. Today's context is completely different from that of the 2000s.

Bill C‑27 is also a response to the strict and ambitious European privacy legislation, the General Data Protection Regulation. We already know that without an adequate legislative response, it will become impossible for European organizations to exchange information with countries or international organizations that have not adopted legislation as strict as theirs.

If Bill C‑27 is not well structured and up to date, Canada will not meet the European Union's expectations. I consider that to be important and very serious.

In Canada, the financial sector is beginning to worry, and it is putting pressure on the government because it fears losing a portion of its European market. That makes sense.

There is less pressure in Quebec because our laws are already compliant, or almost. What is governed by Quebec is already relatively protected. The problem is when two levels of government overlap and one is inadequate. For example, Mouvement Desjardins is already prepared, but the same cannot be said for Fiducie Desjardins, which is the Ontario counterpart. It is the former Trust Royal, an Ontario trust company.

It is troubling, for example, that Ontario does not have updated privacy and artificial intelligence legislation when we do and that even the same institutions with the same names do not have the same laws.

However, even though this is an urgent issue, we cannot take a scattershot approach and let the most important things get lost in the shuffle.

Let us talk about protecting individuals. In many ways, Bill C‑27 seeks to protect individuals' anonymity. It puts the individual and the idea of consent back at the centre of reflections on digital exchanges. To date, in Canada, organizations have been given a free pass and they have taken advantage of the digital wild west to share personal information without any legislation to stem their greed. Bill C‑27 will not only limit and restrict their excessive freedom, but it will also give them responsibilities.

Bill C‑27 creates a tribunal. It sets out three types of sanctions for those who contravene the act. The first is administrative monetary penalties, or fines, which work for road violations, at least. The other two are criminal and penal offences.

Bill C‑27 is clearly binding and it has real power.

Privacy protection is a shared jurisdiction. Even if Bill C‑27 gives the impression that it will be consistent with Quebec's new Bill 25 on privacy protection, as currently drafted it offers no such guarantee. The government must ensure that Bill 25 is substantially similar to Bill C‑27 and stipulate it by decree. We understand that Bill C‑27 is not intended to infringe on Quebec's legislation. This needs to be confirmed in committee.

Let us now talk about artificial intelligence, more specifically about individual identification. There are currently three ways to identify an individual, either with a password or social insurance number, biometric data and voice recognition and our possessions, such as text messages, phone calls and so forth.

Currently, European law requires companies to rely on two of those ways, and maybe three, eventually. Bill C‑27 needs to legislate on this as well.

There is also the variable of sensitive personal information. Inspired by European law, Quebec's Bill 25 on privacy protection defines information as sensitive if “due to its nature or the context of its use or communication, it entails a high level of reasonable expectation of privacy.”

On that point, although Bill C-27 does not define what sensitive data is, its meaning will guide the development of cybersecurity measures. In other words, the AI legislation enacted in Bill C-27 will serve as the foundation upon which more ambitious legislation will have to be built so that we can more adequately regulate the AI environment. It is a good start, albeit a late one.

In closing, I would point to the many feats of artificial intelligence. This is a process of imitating human intelligence that relies on creating and applying algorithms in a dynamic computing environment. We have all seen the Prime Minister responding in a fake interview where he can be heard making false statements. The sound and image were really similar. It was uncanny.

It has also been shown that artificial intelligence can create works of art whose similarities are so close to the original creation that they could compromise its original value. I am a songwriter, and, thanks to the ChatGPT concept, one could take the various characteristics of each of my 80 original songs and make an 81st that would have essentially the same melodic flourishes and the same kinds of metaphors. I confess that this troubles me immensely.

We all understand the potential scale of this kind of thing and how it can have all kinds of repercussions. However, we have also been told that, for science, this tool can be revolutionary as long as we have a legislative framework that is adapted to the current state of AI and future-proofed for developments to come. What worries us is the minister's stated intention to pass the bill quickly. Bloc members believe the committee should take all the time it needs to hear from a broad range of witnesses so we can identify and fix the bill's grey areas and blind spots.

The government indicated openness to slowing the work down. Will it do as we ask? We hope so. If that is how it works out, that would be good.

AI is more about the data analysis process and the ability to do that thoroughly than about a particular format or function. That is why we have to deal with the issue carefully and understand its impact so we can make the necessary legal framework as good as possible. Doing that means taking the time for an in-depth study of Bill C‑27.

Here again, Quebec is the leader of the pack, and others would do well to follow suit.

Madam Speaker, I think one of the things we have really benefited from in Canada is the Privacy Commissioner and the office. There is no doubt that the United States not having this position has created an issue for that country. For ourselves, the commission having appropriate resources and reformation to enforce the decisions, as well as having independence from Parliament in many respects, is crucial for the NDP.

I am just wondering where the Conservatives stand on this, with regard to the Privacy Commission, because there would potentially be a tribunal created with Bill C-27, and then there would be far more regulation and oversight necessary from the Privacy Commissioner in the age of artificial intelligence.

Madam Speaker, it is an honour to rise once again in this place as we resume debate on Bill C-27, the digital charter implementation act.

During discussion of this bill and related issues, we are not going to get anywhere if we do not start to recognize that privacy is a fundamental right. This is what Conservatives believe and is where we are coming from when we talk about the positive or negative aspects of this piece of legislation. Not only is it true, but it has to be a priority. That is what Canadians expect from us and that is the message we are delivering to the current government. It is also what has been echoed by many of our constituents as we get emails or phone calls from people who are concerned about this bill and about this issue in general.

The world we live in is rapidly changing and the pace of change seems to be getting faster as we go. It is really amazing what people can achieve with digital technology, yet it has also left us in a more vulnerable and insecure position. There are many ways to intrude upon and violate our privacy that did not exist before, and it is safe to say that this trend will continue in the coming years.

If it was not clear already, it is easy to see now that we have to do more than respond to the changes simply as they come. Instead, we need to do our absolute best to think ahead and make sure that our efforts to protect privacy will not become outdated shortly after we pass any kind of bill into law. It is the least we can do if we are serious about preparing our country for the future, but it is true that, before we can do that, we first have some catching up to do.

Our current privacy legislation is long overdue for an update. It has been 22 years since Canada updated its privacy legislation. Twenty-two years ago, the Internet was basically a new phenomenon, and only about half of Canadians were online. Back then, I think Joe Sakic was the MVP of the NHL, and I was only 13 years old, so a lot has changed in that time.

Today, the Internet is a valuable tool used daily by the majority of Canadians. Generally speaking, people basically are living online. We use social media to connect with family, friends and professional networks. We use a GPS to get directions to move from place to place and navigate around our cities and towns. We have online banking to manage our finances. However, at the beginning of the new millennium, pretty much the majority of this was unheard of. In fact, I think we can all remember what we thought was going to potentially happen on Y2K and the implications it was possibly going to have on technology, which thankfully never came to fruition.

It has been years since the Liberals announced a new data strategy for Canada, which also has not become a reality. The promise also came four years after they formed government. It has now been about as long from then until now. After such a long time, Canadians are still waiting for someone to provide higher standards for the use and collection of their personal data.

So much of what we do these days involves an exchange of our data. Facial and fingerprint recognition are used for security, along with our passwords. Digital maps and search functions track our locations in real time. Many of us upload and share an overwhelming amount of personal information on social media accounts and platforms. We are constantly giving our data to different online companies in order to use their services. People feel comfortable enough to do all this because there is a voluntary loss of privacy for the sake of convenience, but this arrangement also requires a deep level of trust. It could not exist otherwise.

Whenever there has been a breach or loss of that trust, the problem of privacy becomes more obvious. There have been organizations exploiting the trust of people to sell their personal information without authorization. In some cases, the data has gone to places that are not working in their best interests.

I am sure, Madam Speaker, like many people in the House, when you go to a website it asks you if you accept the cookies, for example. Obviously, people just accept and go on there because they want to read the articles. What they do not realize is what they are agreeing to when it talks about what is going to happen with their search history or different aspects that might be invaded by those cookies. Therefore, we have to get serious about privacy. We have to mean it when we say that we recognize that privacy is a fundamental right.

The first draft of Bill C-27 says in the preamble, “the protection of the privacy interests of individuals with respect to their personal information is essential to individual autonomy and dignity and to the full enjoyment of fundamental rights and freedoms in Canada”.

Of course, I am not going to disagree with that. I believe it is good for a law to make a statement like this. However, it is also true that we can and should take it a step further in the same direction. Why not have this type of statement included in the text of the bill instead of only in the preamble? That way, it would more likely be stronger for enforcement and interpretation by the courts. With the situation we are in today, it is worth making our privacy law as strong as possible, and this would be a simple way for us to set the right tone. That is something we are calling for.

This is one example, among many, of how Bill C-27 could be improved with some amendments. Conservatives want to make sure we update our legislation in the right way. After all, in this area of privacy, we should not settle for less.

There is more that can be done to fill the gaps in our privacy law. If the government does not accept stronger legislation, it will simply be insufficient. The law must ensure that the privacy of our citizens would be respected by the activities of government and business. Canadians are the owners of their data, and corporations should ask for consent if ever they hope to collect, use or disclose a client's information.

Instead, the Liberal government still has loopholes with respect to privacy. Corporations can still operate with implied consent instead of express consent, which is freely given, specific, informed and unambiguous consent. What happened with Home Depot and Facebook shows how relying on implied consent can go wrong. In this case, a person could ask for email receipts from Home Depot. Their email address, as well as details of their purchase, were given to Meta, which then matched the person with a Facebook or Instagram account.

When brought to court, Home Depot claimed that it had the implied consent of customers to share their emails with whomever it pleased. When I shopped at Home Depot, I never gave my email address to it, but it never once asked me if I was okay with sharing that data with somebody other than for its own transactional purposes.

We have a lack of clarity, which is not protecting the consumer as much it should be. Implied consent has been losing relevance over time. In our context, it creates headaches for customers who are going about their regular business. They expect one thing and later find out that something much different is going on with their personal data. Even if they agreed or simply went along with something, they rightly feel misled by what happened. That is not informed consent. Our peer countries have been moving away from this. Europe's general data protection regulation has been heralded as the gold standard for privacy laws, and it has done away with implied consent.

Going back to discussing Home Depot, it also said that anything people bought there would be classified as “non-sensitive”, which is something this bill fails to define. Vague language will not favour our citizens in the end. With the Home Depot case, we can see that the law could be interpreted by larger organizations to allow them to do what the law actually intended to restrict. We should clearly define “sensitive information”, and it needs to apply to everyone.

Another vague part of this bill is the implementation of the right to disposal. Bill C-27 would allow the user to request that their data be destroyed, but clarification is needed regarding anonymization and the right to delete or the right to vanish.

At the end of the day, this bill is like many announcements the Liberal government likes to make. It sounds good, but the incompetence, the vague language and failure to close loopholes mean that it would not do what it says it would do. However, it should not surprise anybody if a Liberal bill has significant weaknesses and gaps on the issue of privacy. It is hard for Canadians to take the government seriously based on its own record. It has not shown respect for privacy.

We have seen a government agency use location data from cellphones for tracking purposes. We have seen law enforcement access Clearview AI's illegally created facial recognition database, and, of course, last year we saw the public doxing of online donors. While that was happening, the Liberals decided to mess with the bank accounts of Canadians, and some of those people had not even made donations themselves and certainly had not committed crimes.

It is easy for things to go wrong when there is government overreach, but today the federal government has an opportunity to modernize and protect our country for the problems we face in the 2lst century. If it does not listen to us and fails to make the right decisions, it would be truly shameful.

Madam Speaker, we are here today to talk about Bill C-27. It has got a big fancy name: an act to enact the consumer privacy and protection act. I worked on this extensively as former chair of the Standing Committee on Access to Information, Privacy and Ethics. A big part of what we talked about was Canadians' privacy.

I want to lead off with a question that I think all who are watching here will want an answer to by the end of what I have said, and I hope I get there. Can we trust this government when it comes to privacy?

We have heard many accounts. We have heard of foreign interference. We have seen evidence that that has been happening under the government. We cannot even keep track of all the ethics breaches.

There was a recent article in the National Post about Canadians' data, and many folks out there would remember this, called “Canada's public health agency admits it tracked 33 million mobile devices during lockdown” and it read, “The Public Health Agency of Canada accessed data such as cell-tower location to monitor people’s activity during lockdown, it said”.

Can we trust this government? I think the answer is becoming more and more clear.

What have we done to protect consumer privacy? I was, again, part of that ethics committee. We formed an international grand committee of nine countries, representing half a billion people, where we really tried to tackle this and get to some better practices for big tech.

Cambridge Analytica was a scandal where big tech was getting our information. Many points are being collected, and 53,000 points of information is what we heard was the Facebook average amount they are collecting on us, and that is being sold to the highest bidder. It is being used to not only give us a choice on what cereal we should buy in the morning but also surveil us to make predictive behaviour so we will kind of go in the direction they want us to go.

We Conservatives saw a need to have a better, more robust policy, so I will read from our constitution, our policy, which I was part of drafting, along with many other EDAs from across the country. This is from the Conservative Party:

The Conservative Party believes digital data privacy is a fundamental right that urgently requires strengthened legislation, protections, and enforcement. Canadians must have the right to access and control collection, use, monitoring, retention, and disclosure of their personal data. International violations should receive enforcement assistance from the Canadian Government.

That is just a little snapshot of what we have been doing over here. We would hope that legislation like this would address some of those privacy concerns. What we learned and what many are hearing from this debate is that there are huge exemptions for big tech, huge ways to use consumer data in ways that, first of all, consumers do not want their information being used for, and they do not even know how their information is being used.

I am going to get into some of the critics of Bill C-27. I will read from an article today by a young man, Bryan Short, who has some concerns around Bill C-27. Referring to Bill C-27, the article says:

...this change opens the door for companies to begin describing their data collection and surveillance practices in a highly simplified manner, leaving out important details about how this information could be used to harm and discriminate against a person or group of people, and ensuring that the data broker economy continues to thrive while people in Canada’s privacy rights are pushed to the side.

Well, according to the Liberals, this is what this bill is supposed to be addressing. Here, we see simplified consent. That is something that we have supported too. It should be something that we can understand, but not to be abused in this manner, where the fine print is down here and we just check that little box to make ourselves feel good that we have done it. We feel like our data or our privacy is protected, but it really is not.

I will read on: “But with deceptive design practices already being regularly used to encourage people to click 'agree' without really understanding what they’re signing up for, Bill C-27’s weakening of consent could be a big step backwards in terms of privacy.”

I will keep reading, as I have a little bit more from this particular author. We talk about the right to request deletion, and that is part of one's data that is online.

In reference to Bill C-27, the article says, “What’s lacking is a mechanism for when people change their mind about consenting to the collection and use of their personal information, or if they’re opposed to the use of their data and consent wasn’t required at all”.

We have seen the exemptions. They are a big haul. My colleague from Edmonton just referred to those exemptions. We want some better pieces of legislation. I applaud the effort. The previous privacy commissioner Therrien was excellent in caring about Canadians' data and really pursuing a solution for it and defending Canadians. I applaud him for that.

However, I am going to go on to another critic whom I have gotten to know very well from being on the committee, and from his work in Canadian information and how important that is to protect. He is a man named Jim Balsillie, a stranger to none of us in this place and former part owner of BlackBerry. I will read from the article from the Globe and Mail called, “Privacy is central to human well-being, democracy, and a vibrant economy. So why won’t the Trudeau government take it seriously?” The article, written by Mr. Balsillie, states:

Privacy is a fundamental human right that serves as a gateway to other rights and freedoms such as freedom of expression, individual and collective autonomy, and freedom from harassment or invasion. Privacy is critical for the healthy development of the human brain, identity, close relationships and social existence.... “True realization of freedom, that is a life led autonomously, is only possible in conditions where privacy is protected.”

We absolutely agree that privacy is a fundamental human right. I will go on, as this helps explain what Mr. Balsillie is referring to in that paragraph. The article continues:

Behavioural monitoring, analysis and targeting are no longer restricted to unscrupulous social-media companies, but have spread across all sectors of the economy, including retail, finance, telecommunications, health care, entertainment, education, transportation and others.

I have told many high school classes an example of this. We learned that people's data is being monitored in real time, so when standing in front of a display at a big box store, it is known that one happens to be standing in front of a certain brand of headphones, so people should not be surprised if they get an ad for these particular headphones, and why they should buy them, before they leave the store. In a good way, it is incredible, but it is scary in other ways too with the predictive nature of having all that information.

Mr. Balsillie goes on to criticize the current Liberal government. He says:

Yet, Canada's federal government has repeatedly failed to take privacy seriously and construct a legal and regulatory framework that protects the rights of Canadians in the digital age...the Digital Charter Implementation Act, normalizes and expands surveillance and treats privacy as an obstacle to corporate profits, not as a fundamental right or even a right to effective consumer protection. After years of cozying up to Big Tech and meeting with its lobbyists as often as twice a week, the Canadian [Liberal] government is finally coming to terms with the fact that the digital economy needs to be regulated.

The act expands surveillance. It does not reduce it.

I asked initially this question: Can Canadians trust the Liberal government? The Liberals are pretty close to big tech guys. I will use the example that many have been talking about, which are smart cities. That conversation was brought up many years ago and as recently as just a few years ago. Our efforts at the ethics committee were to really push back on this invasion of privacy and that a particular smart city in Toronto, Sidewalk Labs, would have been an invasion of Canadians' information. The Sidewalk Labs project would monitor data on many levels, and it has connections to the current Liberal government. I will read from an article, which states, “Sidewalk Labs project gained support from Trudeau in 2017 call ahead of bid process”.

Madam Speaker, as it stands now, federal laws do not require federal political parties to follow the same privacy laws that apply to others across the country. This is an issue that could have been identified and addressed in Bill C-27, but it has not been. I wonder if the member for Edmonton Manning has a position on this and would he like to comment on it.

Madam Speaker, last week, the federal government banned the use of the TikTok app on government devices because of data privacy concerns, so it is very appropriate for us to be discussing this matter today. Digital data privacy can be seen as a fundamental right, one that urgently requires strengthened legislation, protections and enforcement. Canadians must have the right to access and control the collection, use, monitoring, retention and disclosure of their personal data.

This is a pressing issue. Realizing that, the European Union introduced the GDPR, its General Data Protection Regulation, in 2016. EU countries were given a couple of years to adapt to this new privacy reality, with the regulation coming into effect in 2018. The GDPR has been used by many other countries as a framework for privacy protection.

With the GDPR as an example, and faced with a changing digital data universe, the government basically did nothing to protect data privacy for Canadians. Perhaps that is an unfair statement. After all, digital and online data privacy was addressed in the last Parliament under Bill C-11. The Liberals recognized that Canada needed to bring its privacy laws into the 21st century.

However, that bill was never passed. Apparently, data privacy was not a big enough issue to be made a priority, and the digital charter implementation act was scrapped in favour of an election that Canadians neither wanted nor needed. Now we are asked once again to address this subject. It is indeed better late than never. I would have hoped, though, that with the delay, the government could have improved on what it is proposing.

Perhaps if the government had moved a little faster, Canadians would not have had to question how their data was being used and how their privacy was being invaded by governments and corporations. We are left to wonder how many privacy breaches have gone undetected or unreported. The ones we know of are disturbing enough. Tim Hortons used its app to track customer movements. The RCMP used Clearview AI’s illegally created facial recognition database. Telus gave customer location data to PHAC.

It has been more than 20 years since Canada’s existing digital privacy framework, the Personal Information Protection and Electronic Documents Act, PIPEDA, was passed. With technological changes in recent years, legislation is needed to address subjects such as biometrics and artificial intelligence. We have to consider how Canadians understand the issue of consent when it comes to the use of their data and their privacy.

I am deeply concerned and disappointed with how sloppy the Liberal approach in Bill C-27, the digital charter implementation act, 2022, currently is. Privacy is a fundamental right. This bill does not mention that, despite the Supreme Court of Canada having acknowledged it. We need to clearly distinguish the extent to which Canadians’ digital privacy will be protected. If the government wants the bill to be fully effective, it needs to further explore the scope of accountability required when privacy is breached.

The clear definition of consent is a major improvement from what it once was in the Personal Information Protection and Electronics Document Act, but a good definition is only the beginning. Because technology has greatly expanded and evolved since the implementation of PIPEDA, should we not also expand the umbrella of activities that consent would cover? The large number of exemptions allowed would weaken the impact of the legislation.

Bill C-27 may be a good beginning, but I had hoped for something better. It is sad that the bill’s title is perhaps the strongest statement in the legislation. While the title gives some idea of what the legislation is all about, it is already dated. We are no longer in 2022, and the Liberals are once again falling behind.

As parliamentarians, we know the power of words and the importance of speaking in a way that can be understood by those receiving the message. It is important that legislation can be understood. It is even more crucial that the bills we pass spell out exactly what we intend.

Perhaps the most important part of any of the laws is the section that provides definitions. They need to be clear and comprehensible and not subject to differing interpretations that weaken the intent of the legislation. Legislation that allows each person to provide their own definitions is problematic. Bill C-27 uses words such as “significant impact” or “sensitive information”. I cannot help but question what is covered by these vague terms.

Before the people of Edmonton Manning sent me to represent them in the House, I was a businessman. I understood the importance of safeguarding the personal information my customers entrusted to me and not to abuse that trust. However, as we have seen, some companies make unauthorized use of the information they gather to gain a competitive edge or for profit.

With that in mind, there must be a balance between acceptable use of data by business and the fundamental protection of our privacy. It seems to me that the balance is wrong on this bill, given the way it addresses user consent and the use of collected information.

The more I read Bill C-27, which 100 pages-plus, the more questions I have. There is too much in it in need of clarification. Yes, that will be done when it goes to committee after second reading, but the government could have presented a better bill to make the committee’s work easier.

I do not want to sound too negative. I know the Liberals mean well, even if they do not seem to be able to quite understand just how important digital privacy is to Canadians in the 21st century. I am pleased therefore to see that they understand that sometimes mere words or a scolding are not enough.

It makes sense to me that the Privacy Commissioner will receive new powers to enforce violations of the consumer privacy protection act. That may be the most impactful change the legislation brings about. It is not enough to simply recommend that perpetrators stop their violations. Any parent could tell us that consequences are needed if we want to ensure improved behaviour.

With the Privacy Commissioner finally being able to force violators to conform to the rules, I think we will see increased respect and better treatment of Canadians' personal information. The harsh financial penalties for non-compliance will be a powerful motivator.

Given the amount of time the Liberals had before presenting Bill C-27, we must question why they did not come up with a better bill. They have left me, and all Canadians, asking if they really understand what their own legislation is supposed to do.

Does the consumer privacy protection act, as proposed in the bill, do enough to properly protect Canadians’ personal information? The Liberals had a chance to look at the EU’s GDPR and see how well that worked. Did they learn anything?

Would Bill C-27 improve the protection of Canadians’ personal information or are there so many exemptions for needing consent in the sharing of personal information that the words of the bill are meaningless?

Would the legislation create proper protections for Canadians’ biometric data? Given that no such protection currently exists, perhaps we should be thankful that the subject is addressed at all.

Is it reasonable to exempt security agencies and departments, such as CSE, CSIS and DND from AI regulations? How do you balance privacy and security concerns?

Canadians’ digital privacy and data needs to be properly protected. This bill is a flawed attempt to start the long overdue overhaul of Canada’s digital data privacy framework. The Conservatives will be looking at putting forward some common-sense amendments at the committee stage to ensure we have the best possible legislation.

Madam Speaker, right now, Bill C-27 does not explicitly apply to political parties. We know there have been privacy breaches and the misuse of data in the past in the political area. Does the member think this kind of legislation should be amended to include political parties?

Madam Speaker, it is a privilege to rise in this House.

Another day, another debate about an NDP-Liberal piece of legislation about Internet freedom in Canada. The good folks on the west side of Saskatoon have heard me speak in this place about Bill C-11 and Bill C-18, two bills aimed at controlling what Canadians see and post on the Internet.

Today we are dealing with Bill C-27, which is aimed at protecting the online data of Canadians. This legislation is meant to put safeguards around the use of artificial intelligence and establish rules around Internet privacy. Sounds good, sounds noble and sounds like something we should support. To a certain degree I do support these initiatives.

However, I have deep reservations with this legislation as it exempts the Government of Canada from these very safeguards. Do we as Canadians need the protections in this bill from companies? Absolutely, but we also need protections from government, especially this NDP-Liberal coalition government that wants to take away some of our liberties and freedoms.

Some on the other side may accuse me of fearmongering about the NDP-Liberal suppression of civil liberties and freedoms on the Internet; I am not. Let me lay out the facts, and the people in Saskatoon West can decide for themselves.

Bill C-11 is the first piece of legislation meant to strip of us of our rights to free speech on the Internet. Conservatives such as myself and free speech advocates have been warning that the provisions put in place by the NDP-Liberals to have government-appointed gatekeepers decide what is acceptable speech or not in Canada will lead to disaster.

We have already seen that a prominent University of Toronto professor has been threatened with the revocation of his licence and livelihood for tweeting out against this legislation and the current Prime Minister. Imagine what would happen when the Prime Minister has the full weight of the law to simply muzzle this type of speech. Anyone who disagrees with him would be silenced and would be fined, lose their livelihood, and what is next, go to a re-education camp? We all know about the Prime Minister’s fondness for the basic dictatorship of the People’s Republic of China, heck, he does not even mind if the People's Republic of China funnels money to his family foundation and tilts elections towards the Liberal Party of Canada in this country.

How about the second piece of legislation meant to limit our Internet freedoms, Bill C-18? That legislation allows government-appointed gatekeepers to decide what is or is not news in Canada, and forces private companies to block content they do not like from their feeds and search engines.

If there is a story critical of the NDP-Liberal coalition and the Prime Minister, they call it fake news and ban it. If there is another fawning story by Andrew Coyne in The Globe and Mail about the Trudeau Foundation and the Chinese Communist Party, it is forced to the top of everyone’s news feed and search engine, like it or not.

When I spoke about Bill C-18 in December I warned of the consequences that this legislation would have. Specifically, I mentioned conversations I had with Google and Amazon Web Services and the impact on how they deliver services to Canadians. Google flat out told me it would simply get out of the business of delivering any and all news to Canadians as it did not want to become an instrument of the Canadian government to spread partisan messaging for the party in power. Just last month it began beta testing how it could shut down its news services for Canadians.

We need a 21st century solution to this problem, not one based on ideas from 40 years ago. Bill C-27 is supposed to protect people’s data from corporations. We need that but what we need, as well, is protection from this NDP-Liberal government when it comes to privacy.

Bill C-27 completely fails us in that area. The government has dragged its heels on Internet privacy for years, and unfortunately it has been a pattern to consistently breach our digital privacy rights. We saw it when the government waited until just last year to ban Chinese telecom giant Huawei from operating in Canada while other countries did the right thing years before us.

We saw it with the $54 million “arrive scam” app tracking Canadians border travel up until September 30, and the public bank account freezing for people who donated to the truckers last year. The list goes on and on. In the words of Alanis Morissette, “Isn’t it ironic?” when we hear the government start to talk about online privacy rights. I just hope it learns to start respecting the privacy of Canadians.

Let us take a look and see if this legislation actually protects the online privacy of the people of Saskatoon West. After all, they are rightfully distrustful of government and corporations when it comes to accessing their data

Here are some examples showing why they are distrustful: Tim Hortons tracking the movement of users after they have ordered something on their app; the RCMP using Clearview AI to access a data bank of more than three billion photos pulled from websites without user consent; and we cannot forget Telus giving the federal government access to the movements of over 33 million devices over the course of the pandemic.

When governments abuse their power, it destroys the level of faith Canadians have in their institutions. In fact, if we look at polling data, we see that the number of Canadians that have faith in their government is at an all-time low. With scandals like these, it is no wonder why.

If we want to improve the level of trust held between individuals and institutions, we must look at protecting Canadians' private data. If we dive into this legislation, it seems the intent is to create a level playing field between citizens and companies when it comes to how their data is used. However, if we look into it further, the balance between businesses using business data and the protection of our privacy is off.

The bill, as it is currently written, skews toward the interests of corporations rather than the fundamental rights of individuals. There are too many exceptions granted to businesses in this legislation. Some are so broad that it is like the legislation never existed at all.

For example, business activities are exempt if a “reasonable person” would expect a business to use their data, without including the definition of what a reasonable person is. The concept of legitimate business interests has been added as an exemption to consent. How does one determine if a business interest outweighs the privacy rights of an individual? Finally, the bill does not recognize privacy as a fundamental right. This absence tips the scales away from Canadians and could affect how their privacy interests are weighed against commercial interests in the future.

Artificial intelligence comprises a major component of this legislation. AI is becoming a key tool in today's world, much like engineering was in the last century. In the past, an engineer would sit down and design a bridge, for example. Obviously, the failure of a bridge would be a huge event with the potential for major disruptions, significant costs, potential injuries and even death. Therefore, we have professional standards for engineers who build bridges, but what about artificial intelligence?

In today's modern world, AI is used more and more to perform ever more complex tasks. In its early stages, AI was used as a shortcut for repetitive tasks, but as the technology advances, it is now being used for much more. In the future, it is not unreasonable to expect AI to play a significant role in designing a bridge, for example. Artificial intelligence also needs to have standards, which is why our universities teaching AI put a big emphasis on ethics, as there are huge implications.

I know first-hand the dangers of unregulated AI systems interfering in our day-to-day lives. On the immigration committee, we have studied this issue and looked at how Canada's immigration department is using Chinook, a so-called e-tool to help IRCC bureaucrats assess applications in bulk form. This AI program was introduced in-house by these bureaucrats, which means the software's algorithms are beholden to the beliefs of its creators.

The concerning part of all of this is that there is a known culture of racism within the department, and members do not have to take my word for it. The NDP-Liberal Minister of Immigration said this of his own department at committee: The IRCC “has zero tolerance for racism, discrimination or harassment of any kind. However, we know that these problems exist throughout the public service and in our department...[and] we must first acknowledge this reality.”

There were no outside consultations done on the use or creation of this artificial intelligence application, and rejection rates have climbed since its introduction. Although I am pleased that the government is finally looking to add a framework to address concerns surrounding AI, it needs to get its own house in order first.

I will wrap up with these final thoughts.

If we are going to address concerns surrounding our digital privacy, we must listen to Canadians, and many Canadians are worried that this legislation does not protect them. I have met with Bryan Short from OpenMedia, and he said this:

Bill C-27...only plays brief lip service to privacy being a fundamental human right in its preamble; Bill C-27 fails to do the more important task of inscribing the privacy rights of people as being more important than the business interests of companies.

The bill before us is supposed to be about protecting Canadians' privacy, yet it completely avoids inscribing privacy as a fundamental right. We all know the saying “There is no point in doing something unless you do it right”, and it is quite clear that the government needs to go back to the drawing board once again on some aspects of this legislation since there is not much evidence of it consulting Canadians on how their data was actually used.

I believe the former Ontario privacy commissioner, Ann Cavoukian, said it best in 2020 during the initial Liberal attempts to bring in privacy reform to Canada when she stated:

[With] the Liberals under [the Prime Minister], it's been extremely weak. They have not addressed repeated requests from the federal privacy commissioner to strengthen existing privacy laws.... I'm tired of that. I want a party that will walk the talk. And I'm hoping that will be the Conservatives.

Canadians can count on the Conservative Party of Canada to walk the talk when it comes to strengthening our privacy laws, and Canadians can count on the Conservative Party of Canada to respect their freedom of expression online. We will scrap the online censorship legislation put in place by this tired, worn out, costly coalition. We will allow people to choose for themselves which news they want to consume, not just what the government wants them to see. Under our new leader, we will be the voice of those left behind by the NDP-Liberal government, and we will put Canadians back in the driver's seat of their own life.

Madam Speaker, I thank my colleague for his speech. He appears to have extensive knowledge of almost every issue.

The protection of personal information is a shared jurisdiction in Canada. Bill C-27 should therefore not apply in provinces that have protections as stringent as those included in the bill.

The legislation passed by the Quebec National Assembly, in February 2021 I believe, is strong legislation. Can my colleague reassure us that Quebec businesses are indeed excluded from the federal legislation?

Madam Speaker, it is a pleasure to rise to speak to Bill C-27 today. As I put forward to my friend in the form of a question, when we think of Bill C-27, I like to think that the government is on the right track in continuing to protect the privacy of Canadians in many different ways. Yesterday we had a debate on Bill C-26 on cybersecurity.

If we take a holistic look at what the government has been able to accomplish through legislation and, ultimately, in certain areas in terms of developing the industry through budgetary measures, Canada is indeed in a very good position in comparison to our peer countries around the world. I do not say that lightly, because I know that all members are very concerned about the issue of privacy. That is in good part why we have the legislation today.

The last time these changes we are proposing happened was two decades ago. Let us reflect on that time of 20 years ago. We did not have iPhones, and Facebook did not exist. Going back a little further than that to when I was first elected, when one clicked into the Internet, the first thing one heard was a buzzing sound, the dial tone and then clicking. Then one was magically connected to the world. How far we have advanced in a relatively short period of time. Last week, I was on the Internet making a purchase that would be delivered. I never had to go to the store. It involved my doing a little bit of design work on the computer before making the purchase. I was told yesterday that it was delivered to my home.

The amount of information out there is absolutely incredible, and it is very hard to imagine the types of data and the risk factors out there. That is why it is so important that, as a government, we bring forward substantive legislation that is going to protect the privacy of Canadians, to ensure companies are held accountable and, in the context of yesterday's debate, to protect them from security threats that are very strong and very viable. It was interesting yesterday listening to the debate for a number of hours.

I get the sense that a wide spectrum of support is shaping up today. The NDP is supporting the legislation. My understanding is that the Conservatives are supporting the legislation. The Bloc, in principle, is supporting the legislation. The Province of Quebec has actually made some significant gains on this whole front, so I am not surprised that the Bloc or members from Quebec within the Liberal caucus are very strong about these issues, whether they are cybersecurity issues or the privacy issues of Bill C-27 that we are debating today.

I raise this because I believe that it does not matter what side of the House one happens to sit on, as this is legislation worth supporting. As I indicated, it has been 20 years since we have seen substantial changes to the legislation. The expectation is very high that we will not only introduce the legislation but that, with the cooperation of members opposite, we will see it pass through in a timely fashion.

Being an optimist, I would like to see the bill pass before the summer, and it is possible. I realize that it would require a great deal of co-operation from opposition parties, but I do believe it is doable, especially after the comments I heard this morning.

The legislation is not meant to address every matter that Canadians are having to face in the digital world. That is not what it is designed for. As I indicated, the legislation, whether this one or Bill C-26, goes a long way in establishing a solid base for a framework that would enable the government of the day, which is held accountable by the opposition, to have the opportunity to do a lot of work in an area where we need to see a higher sense of security and protection.

One member across the way asked about engagement. There has been a great deal of engagement. I can assure the member that, whether it is from a constituency perspective, a ministerial perspective or, I would even suggest, the member would have to take some credit in terms of an opposition perspective, there has been a great deal of dialogue. This is not a new issue. This issue has been in the making for years now.

There have been some factors that are beyond the government's control in terms of the manner in which it can bring forward legislation, for example the worldwide pandemic and the requirement for substantial legislation in order to support Canadians and have their backs. There were issues of that nature, along with numerous other pieces of legislation. I would not want to give a false impression that this is not an important issue for the Government of Canada.

At the end of the day, based on comments I have heard on both Bill C-26 and Bill C-27, I believe the legislation would establish a solid footing or framework, whatever terminology we might want to use, and, at the very least, we should see it go to committee. The principles of the legislation are in fact endorsed and supported by all sides of the House, from what I can tell, and please correct me if I am wrong. No doubt we will have other legislation that might be somewhat more controversial, where there is real opposition to the legislation, and this would enable more time for debate on that type of legislation.

If we could somehow recognize the value of this legislation, given that there is so much support for its principles, we would allow it to go to committee, where members of Parliament are afforded the opportunity to get into the nuts and bolts, the details, where there is representation from different stakeholders at committee to express their thoughts and opinions on the legislation, and where members can find out directly from the minister what kind of consultation has taken place. The member does not to have to take my word for it, but I can assure him that there has been a great deal of consultation. He would be able to hear that first-hand from departmental officials, the minister and so forth.

I believe the government has done its work in bringing the legislation to the point where it is today. We have seen ministers, in their opening remarks and in their response to questions, in co-operation with opposition members. The government has demonstrated very clearly in the past that it is open to amendments that can improve upon legislation for the benefit of Canadians, and if there are ways we can improve this legislation, we will accept those types of amendments. We will support those types of amendments. I believe this is one of the areas where the Prime Minister has been very good in sending that message. It could be because of years in opposition, when the opposition never had amendments accepted by former prime minister Stephen Harper.

At the end of the day, if there are ways to do it, we can improve upon this bill. I heard yesterday on Bill C-26, and already today on Bill C-27, that members have genuine concerns. I do not question those concerns, but I do believe that it would be helpful if they can look at those concerns. If they already have ideas that they believe will improve the legislation, nothing prevents members of the opposition or government members from being able to provide those amendments or thoughts in advance to the ministry, which would potentially allow for a deeper look into it to see if, in fact, something is doable.

The NDP talked, for example, about digital rights for Canadians. There is a great deal of concern that we need to ensure and recognize them, whether they are consumer rights or privacy rights. These are things we all hold very close to our hearts. We all want to make sure the interests of Canadians are being served.

When I took a look at the specifics of the legislation, I highlighted three parts I wanted to make reference to. CPPA would strengthen privacy enforcement and oversight in a manner that is similar to that of certain provinces and some of Canada's foreign trading partners. It is important that we do not just look internally. There are jurisdictions, whether nations or provincial entities, that have already done some fine work in this area. We do not have to reinvent the wheel, and working with or looking at other forms of legislation that are there is a very positive thing. In particular, the CPPA would do so by granting the Privacy Commissioner of Canada order-making powers that can compel organizations to stop certain improper activities or uses of personal information and order organizations to preserve information relevant to an OPC investigation.

This is significant. We need to think in terms of the technology that I make reference to. I can remember a number of years back when a pizza store was becoming computerized. As someone called in and made an order, they recorded the telephone number, the name and the address, personal information such as that. I remember talking to the franchise owner, whom I happen to know quite well, explaining how the collection of data, if used appropriately, can not only complement the business, but also complement the consumer, and this was maybe 20 years ago.

We can contrast that to an iPhone and looking at some of those applications we see. The one that comes to mind is a true Canadian application and a true Canadian franchise: Tim Hortons. My wife never followed hockey, but nowadays she does because of Tim Hortons. One can win free cups of coffee by picking who is going to score goals or get assists. I am not exactly sure how it works, but Tim Hortons comes up with a program that is actually collecting data from people. It is a program that allows it to send out all kinds of notifications. It could be sales of product. It could be something like NHL standings. It really engages the consumers. An incredible amount of data is actually being collected.

Tim Hortons is not alone. One can go to virtually all the major franchises and find the same thing. It is not just the private sector. Yesterday we were talking about cybersecurity, and one can easily understand and appreciate the sensitivity of collecting information, even if one is a Tim Hortons or a Home Depot, but also many government agencies. For example, there is the amount of personal information Manitoba Health has, which is all computerized. There are also doctors' offices. The digital world, in a very real and tangible way, has changed to such a degree that many, including myself, would argue that things like Internet access have become an absolute and essential service nowadays. It is something we all require.

The incredible growth of data banks, both in the private sector and in the government, and I would throw in the non-profits and the many other groups that collect data, has been substantive in the last 15 or 20 years. That is the reason why today we have the type of legislation we have before us. Bill C-27 would ensure that we have something in place to provide consequences for offences. To give members a sense of those consequences, the new law would enable administrative monetary penalties for serious contraventions of the law, subject to a maximum penalty of 3% or $10 million of an organization's global revenue, whichever is greater, and fines of up to 5% of revenues or $25 million, whichever is greater, for the most serious offences.

I said I wanted to highlight three things, so I will move on to the second point. The personal information and data protection tribunal act would establish a new tribunal, which would be responsible for determining whether to assign administrative monetary penalties that are recommended by the Privacy Commissioner following investigations, determining the amount of penalties and hearing appeals of the Privacy Commissioner's orders and decisions. The tribunal would provide for access to justice and contribute to further development of privacy expertise by providing expeditious reviews of the Privacy Commissioner's orders.

The third point is that the AIDA would impose a duty to act responsibly by requiring organizations designing, developing, deploying or operating high-impact artificial intelligence technologies to put in place measures to proactively mitigate risks of harm and bias in the development of these technologies.

I have less than a minute left to talk, and I have not even touched on the AI file. I made reference at the very beginning to the financial investments of this government in encouraging the growth of that industry in the different regions of our country. The Government of Canada is not only bringing in the type of securities that are absolutely important for Canadians from a privacy perspective, to encourage continual growth in the area and have these protections in place, but also doing so through budgetary measures to ensure that we continue to enhance the opportunities of Canadians. If we take a look at the digital world today, it is very hard to imagine where it is going to be tomorrow, at least for myself, in witnessing the growth of the digital world over the last 20 or 30 years and how far it has gone.

This legislation is a modernization. It is legislation we can all get behind and support. I would encourage members, no matter what party they are from, to support it. Let us see it go to committee, where the committee can do its fine work and see if we can even improve—

Madam Speaker, certainly from the Conservative side and from the NDP, it seems like we are on the same page when it comes to looking at privacy, protecting privacy and stating that privacy should be a fundamental right, not only in the preamble but also in the clause statement. The clause statement is very important because that is what the bill is derived from. The definition of privacy and fundamental rights then goes throughout the rest of Bill C-27.

One example that came out this week was of our children using a game called Fortnite. There are a lot of other games children spend a lot of time on sometimes, but Fortnite was found to be in breach of error in the U.S. for exploiting our children, taking their data and selling that. Can the member please answer for me how important it is not only to protect our adult fundamental right to freedom, but also our children's fundamental right to freedom?

Madam Speaker, I want to use my speaking time in the House to note that today is the 85th day of the blockade of the Lachin corridor. This blockade has left 120,000 Armenians in Nagorno-Karabakh without access to health care, food and medication. This situation has been denounced by the European Parliament, by Amnesty International and, last week, by the International Court of Justice. I urge the federal government to do more and apply pressure to ensure that these 120,000 Armenians can have access to food and to prevent a humanitarian crisis.

I am pleased to rise in the House today to speak to Bill C-27, an act to enact the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act and the Artificial Intelligence and Data Act and to make consequential and related amendments to other acts.

This bill includes many things and covers many topics. I want to begin with the part on artificial intelligence. The NDP was a bit concerned by the fact that in the wake of Bill C‑11, this whole new part on the Artificial Intelligence and Data Act was added to Bill C‑27. We think this is a separate issue that needs to be dealt with separately. It is a huge topic in and of itself. We are pleased that the bill is being split so that we can study it in two parts.

In my riding, Rosemont—La Petite-Patrie, there is a burgeoning AI hub that provides jobs for hundreds, maybe even thousands, of professionals. I have met people who were a little worried about the federal government being kind of hasty in dealing with an issue as complex as AI. They are particularly worried about the fact that the U.S. and the EU have laws and regulations already. They think we need to take the time to make sure Canada's regulations are compatible with what is being done elsewhere, with our trading partners and our competitors, just so that it will be easier to attract talent down the line and get these professionals to go work in Montreal, Toronto, Vancouver and other places in Quebec and Canada. They want to avoid the kind of incompatibility that could result in unnecessary obstacles.

With respect to the protection of personal information, I believe that, sadly, a string of scandals has made people aware of this issue, and they realize that our laws and regulations must be updated and adapted. Consider the personal information and data breaches and the problems this causes for people. I will quickly mention a few examples. The problems with Yahoo, Marriott, and Mouvement Desjardins in Quebec, as well as Facebook, all revealed the need for new measures to help victims who have had data and their personal information stolen in several countries. We need only think of the 2019 settlement in the U.S. for the Equifax data breach. It is quite significant, given that Equifax is one of the largest companies people rely on for their credit score so they can make purchases or borrow money. This is not trivial.

Here, in 2019, the Office of the Privacy Commissioner of Canada found that Equifax fell short of its obligations to Canadians and Quebeckers. He then had the company sign a compliance agreement that did not require the payment of any fines or damages for Quebec or Canadian victims. This happened just a few years ago and clearly demonstrates just how outdated Canada's legislation is.

That is why the NDP will be supporting Bill C-27 at second reading. We think it is important that the bill be sent to committee, because we see all the cracks and gaps currently in the bill. It is important that the Office of the Privacy Commissioner be strengthened to bolster enforcement measures to protect consumers and Canadians. Bill C-27 needs to be amended to improve things. There are some shortcomings in this bill. There is even some backsliding in relation to Bill C-11, its predecessor in the previous Parliament, before the last election.

Privacy concerns everyone. In a digital world where social media and online entities are taking up more and more space, we have to remember that, although it is nice to use them sometimes—and they can be of great service—we are the ones who have become the product. Our personal information is the source of huge profits, and we need to be aware of that.

Our information is used to target the advertising we see on our devices when we go to websites. That targeting is based on our personal choices, preferences and searches. Big corporations create profiles and use them to sell advertising. We are the product. These companies make money off the information we give them for free. I have met people who had an interesting suggestion. Maybe these companies should pay us because we are their source of profit. They make money off the targeted advertising they sell, and that is how they plump up their bottom line.

We need to modernize our privacy protection laws. We also need to start thinking about the implications of handing over so much information about our consumer behaviour, our travel patterns, our interests and everything we search for online. We have to prompt people to think about that.

The bill is interesting because it creates a lot of new regulations and a new tribunal. The NDP thinks that is a good thing, but the bill does not go far enough. For example, the bill sets out a private right of action for individuals, but it does not really make it possible for consumers who have fallen victim to privacy breaches to be compensated, unlike what is being done in the United States. This right comes with various rather ineffective stipulations, so although there are new provisions, like this new tribunal, the bill provides for very little recourse.

A few years ago, the NDP published a digital bill of rights for Canadians. In it, we called for new, more effective provisions on consent and the sustainability of data. We called for the government to give the commissioner order powers and to impose larger and more consequential monetary penalties. We also called for transparency with regard to algorithms and more protection against abuse.

I think that the government could draw inspiration from the NDP's digital bill of rights to amend, enhance and improve the bill before us today. Once again, I have to say that this bill takes half steps because it proposes half-measures. There are some rather interesting measures in this bill, but they do not go far enough.

For example, there is still a significant imbalance between commercial interests and individual rights. Unfortunately, the Liberals are still in the habit of putting commercial interests ahead of the rights of citizens. For example, the new preamble of Bill C‑27 tries to present privacy as an individual interest tied to fundamental rights, but still does not directly recognize that privacy is not just an essential aspect of fundamental rights, but a fundamental right in and of itself. It considers the right to privacy to be part of Canadian norms and values, rather than a fundamental right. I think this part of the preamble of the bill should be changed.

There is also some backsliding. Under Bill C‑27, individuals would have less control over the collection, use and disclosure of their personal data, even less than what was proposed in Bill C‑11, which was introduced during the last Parliament. That is really the crux of the matter. If we do not have control over the information we provide or the way it is used or shared, it will be a wild west, total chaos. That is what we are seeing now, in fact. This is a step backwards, and I think that the NDP will be proposing amendments to restore this balance.

Under the bill, information that has been de-identified is still personal information, with some exceptions. There are quite a few exceptions, including in clauses 20 and 21, subclauses 22(1) and 39(1), and the list goes on and on. Roughly a dozen clauses contain multiple exceptions, so it gets extremely complex and confusing. It seems to me that this is going to give big corporations and web giants a way out, through loopholes and back doors. They will be able to do whatever they want because of this list of exceptions.

We in the NDP will be supporting the bill at second reading, but there is still a lot of work to be done to improve the bill.

Madam Speaker, at the beginning of his speech, my colleague talked about the progress Quebec has made with Bill 25.

Bill C-27 appears to provide some protection or at least not go against Bill 25, but there is no real guarantee.

Does my colleague think that this is one of the changes that should be made to ensure that Bill 25 in Quebec is not hindered by Bill C-27 and that, instead, these laws complement one another?

Madam Speaker, I appreciated hearing the member for Hamilton Centre's speech on Bill C-27. I would like to hear more from him, in particular on subclause 18(3). This section talks about a legitimate interest for an organization to collect a person's private information without consent.

There have been concerns shared here with respect to how open-ended this legitimate interest could be. I wonder if the member would reflect and share more about his concerns, if any, with the way the bill is currently written.

Madam Speaker, that is an important question. Bill C-27 needs consistent, technologically neutral and future-proof definitions both to the consumer privacy protection act and the AIDA within Bill C-27. It should provide definitions for AI or algorithmic systems that are cohesive across both laws, and the definition for AI ought to be technologically neutral and future-proof. That is the question I just answered for the previous speaker. A potential pathway for regulation is to define algorithmic systems based on their applications, instead of focusing on the various techniques associated with machine learning and AI.

Madam Speaker, I am sure the hon. members from the other side are about to take some good notes on the recommendations we put forward. They are probably discussing among themselves how they can improve upon these serious gaps and have some public engagement on this.

We are not subject matter experts in this House when it comes to this type of technology. It is not clear whether there has been any public engagement specific to Bill C-27 as it is proposed. There was public engagement around the creation of Canada's digital charter, called the national digital and data consultations, that happened back in 2018. However, as I understand it, only about 30 or so discussions were held. That fell dearly short. The majority of digital leaders were from the private sector, and there were only a couple of universities involved. Therefore, it is unclear who the government is consulting with when it deals with this type of surveillance capitalism and the risks it presents to consumers.

Let us get right to the point. What are the gaps that exist in this legislation? How does Bill C-27 compare with the ideal privacy legislation? There are many gaps. Clearly, it does not compare to the GDPR; it also falls short of privacy legislation that is currently being proposed in la belle province of Quebec, in New Zealand and in the state of California.

For example, in California, the California Consumer Privacy Act, the California Privacy Rights Act and the Children's Online Privacy Protection Act have all presented more robust solutions to what is before us here today. In addition, there are privacy protections that come into effect under the CCPA that we should be considering.

We need to ensure that the protections that come into effect include the rights to know, to delete and to opt out of sale or sharing, as well as the right to non-discrimination. Under that legislation, consumers also have the rights to correct inaccurate personal information and to limit the use and disclosure of sensitive personal information collected about them. There is a lot out there that we should be considering when it comes to amendments.

I am going to list examples of gaps within this bill so they are on the record. The bill does not promote the development of data stewardship models. It does not require that organizations take into account the potential consequences to individuals and societies through such measures as privacy impact assessments of a breach of security or safeguards. There is no section in Bill C-27 expressly dedicated to cross-border dataflows.

There has been no privacy impact assessment done to address any additional risks, which should be identified, justified, mitigated and documented in such an assessment. There is no assessment of the broader level of privacy rights protections in foreign jurisdictions. This is a very important conversation, particularly this week in the House, that includes how Canadians' privacy rights can be enforced.

This bill does not include specific rules that are applicable to data brokers, and these are important third parties who are not service providers. There should be a fiduciary duty to individuals if data processors act as intermediaries between individuals and data collectors. This would ensure that such service providers only use personal information entrusted to them for the purpose intended by the individuals.

This bill does not provide the right to disposal with respect to search engines' indexing of personal information where it could cause harm to the individual's privacy or reputation. It does not include the language that was in PIPEDA regarding individual access where it provides an account of third parties to which personal information about an individual or an organization has been disclosed. There should be an attempt that is as specific as possible.

This bill does not include the right of individuals to express their points of view to a human who can intervene or to contest decisions. When we look at AI or how algorithms are working in society today, they are inherently flawed.

In fact, there is another study that I would reference, titled “AI Oversight, Accountability and Protecting Human Rights”, which has commentary on this. This was authored by a series of subject matter experts who gave a long list of needs for adequate public consultation and proper oversight of AIDI to effectively regulate the AI market in Canada.

The commissioner needs to be an independent agent of Parliament. We need to empower an independent tribunal to administer penalties in the event of a contravention, and we need to outline the best practices for auditing and enforcing the law. There are dozens of recommendations contained in both reports that, as New Democrats, we will be presenting to the government at the appropriate time at committee.

It is clear, from the body of the preliminary work that has been done, that this bill is inadequate as it stands. It is too big to adequately cover AI and consumer protections. It has always been our belief that those should be split up. That way we can have an investigation to ensure that consumer protections are met, that surveillance capital does not continue to profit off our most personal information and data and that, ultimately, we have safeguards with a robust and very firm platform on which these organizations, businesses, companies, and in some instances foreign countries, are held to account when they violate our rules.

Madam Speaker, I will be sharing my time with the wonderful member forRosemont—La Petite-Patrie.

I am grateful for the opportunity to rise today on Bill C-27, which is an act to enact the consumer privacy protection act, the personal information and data protection tribunal act and the artificial intelligence and data act, and to make consequential and related amendments.

The amendments are what I am particularly interested in today. As New Democrats, we will be supporting this at second reading. We support the need to modernize Canada's privacy laws and establishing rules around data governance and empowering the Office of the Privacy Commissioner to bring enforcement actions to protect consumers and citizens.

This bill takes some of those steps. However, there is a need to ensure that reforms are robust and effective. In my opinion, a long list of amendments will certainly be required to achieve these goals.

I am going to be referencing two important works that have been presented. One is from the Centre for Digital Rights, entitled “Not Fit For Purpose - Canada Deserves Much Better”. From the title, we can note that there are some concerns with this bill.

However, we recognize that this privacy legislation must be amended because there are already glaring shortfalls in PIPEDA, which urgently needs updating.

Technology continues to evolve, and data-driven business continues to move away from a service-oriented approach to one that relies on monetizing personal information through mass surveillance of individuals and groups. While these businesses find new ways to expand their surveillance and methods of monetizing our personal information, Canadians' privacy is increasingly put at risk.

The GDPR is the bar that is currently considered the adequate level of protection. However, if we were to do a little bit of comparing and contrasting, we would see that this bill tends to fall short of this level in terms of what the European Commission has done.

What this means for us is that the ability for personal data to flow to Canada without any further safeguards is at risk. There has also been pressure from industry and advocacy groups, the privacy commissioners of Canada and abroad, and privacy and data governance experts. In fact, in this particular bill, we think that the government side has fallen short in its engagement with people; I will get to that in a moment.

When we are in these technological environments, it is an ecosystem that goes well beyond our borders. We are talking about what it is like—