Evidence of meeting #123 for Access to Information, Privacy and Ethics in the 42nd Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was elections.
A video is available from Parliament.
Privacy Officer and Director of Membership, Conservative Party of Canada
I'll get started on that one, if that's okay.
There are a couple of things. Other than working with Elections Canada on Bill C-76 consultation and any ongoing consultation on this matter, that's a bit outside my purview as privacy officer and membership chair. I'm not sure I can speak for the party on that particular issue other than, obviously, we want to make sure we have fair elections going forward.
Constitutional and Legal Adviser, National Board of Directors, Liberal Party of Canada
That's outside my purview as well. However, I can say quite strongly that obviously the Liberal Party is concerned about foreign money and its potential influence on our election.
Other than that, I don't think I can comment on that specific legislative suggestion.
Director of Operations, New Democratic Party
New Democrats are certainly concerned about foreign influence, whether it be monetary or otherwise. As I've said again and again, transparency is good. We believe in transparency and we think it increases the confidence of all Canadians in the democratic process.
Without knowing the details of that specific recommendation, in general, transparency when it comes to elections is a good thing.
Conservative
The Chair Conservative Bob Zimmer
Thank you, Mr. Kent and everybody.
Next up is Madame Fortier for five minutes.
Liberal
Mona Fortier Liberal Ottawa—Vanier, ON
Thank you, Mr. Chair.
This morning, I realized that I had been a party volunteer for 25 years. It's worth noting that 25 years ago, we weren't talking about these rules, policies or codes of conduct. We are talking about them today, though. Protecting Canadians' information and making sure protocols are in place is important. I'd like to ask a few questions about what's happening on the ground. I think political parties have put codes of conduct in place, but I'd like to know what's actually happening on the ground.
How can parties make sure volunteers know about these policies, for instance, within the Federal Liberal Riding Association of Ottawa-Vanier? Can you tell us how you make sure that the people working on the ground understand the importance of protecting Canadians' personal information?
Mr. Bailey, you can go first. Please keep your answer brief.
Privacy Officer and Director of Membership, Conservative Party of Canada
Absolutely, that's a great question.
We take it very seriously that we train our local volunteers. You're right; there are several levels of volunteers that exist, by their level of involvement. Mr. Fenrick mentioned earlier that it would be very difficult to impose stiff penalties upon someone at a lower level, so that works in a couple of different ways. One is that you need to provide them training and only provide them access to what they should have access to.
Most of our volunteers don't have access to any data. They should know that we'd have privacy policies and that they are covered by them because they are an extension of us during that time, but we need to limit the access to only those who truly need it. That comes from training at the local level. It comes from training of campaign managers. It comes from properly vetting all access so that we can effectively start up a campaign quickly and be compliant with any and all regulations.
Liberal
Constitutional and Legal Adviser, National Board of Directors, Liberal Party of Canada
Training is huge and key at all levels of the volunteer chain, including at the very basic level where people are out canvassing and have information. Obviously, limiting access as well, so people only have access to the information they need is important, and in addition to that, where people do have access, ensuring that there are protections in place.
We have our Liberalist user agreement, where anybody who has access to it is bound by it and has agreed to ensure to hold that information and to return it at the end of their use so that they actually don't maintain any of that information. They're reminded of those obligations from the very moment they begin to have any access to it.
Liberal
Director of Operations, New Democratic Party
Training is top on the list, and continued reinforcement of the importance of not just reading but understanding the protocols that are in place when they're given access or given a piece of information. It's why, if you are granted access to a Populus instance, where you might have access to a segment of information, you actually have to log on and read through the terms of use and take an affirmative step by saying, yes, you agree to this, and clicking the button. We try to write those in the clearest possible terms. That's why we have a privacy officer, not just to hear complaints but also to be a point of contact for individuals throughout our organization to ask questions.
You're absolutely right. Things have continued to change over the last 25 years. Certainly my generation, the younger generation, is very aware of the new world we're living in, so it's important for us to provide a point of contact for people throughout the organization to ask the questions they have.
Liberal
Mona Fortier Liberal Ottawa—Vanier, ON
I'm going to stay on the topic of privacy protection.
We talked about third parties. Specifically, how do your parties protect against the inadvertent or unauthorized disclosure of data to third parties, as far as volunteers and staff members go? How do you monitor that? How do you evaluate that?
Privacy Officer and Director of Membership, Conservative Party of Canada
Once again, I'll jump in first.
Absolutely, sharing information with third parties is of significant concern. As I mentioned, the security of our data is split into the two methods: protecting the data, and protecting against unauthorized access. It is evolving, but we certainly have an organization and leading privacy policy, which I haven't mentioned explicitly, and they do sign those agreements.
We start anywhere from, as the first step, simply cutting off access and then investigating it, to issuing cease and desists both to the individuals who have drawn the information and anyone who we believe has access to it. In terms of legal involvement, our legal team will get involved quickly if we feel that it has been used.
It's requested, and in fact demanded, that they destroy any copies of data if it came from our source and was used inappropriately. Then, of course, with any type of authorities that we need to go to further, if there are other rules or laws that have been broken, particularly Elections Canada laws, which are pretty broad on this topic, we co-operate with any and all investigations. Our data is our most valuable asset.
Liberal
Mona Fortier Liberal Ottawa—Vanier, ON
My time is up, but if ever you could share your information....
Conservative
Constitutional and Legal Adviser, National Board of Directors, Liberal Party of Canada
Sorry, did I understand the question correctly? Is it about inadvertent disclosure? Is that the issue?
Constitutional and Legal Adviser, National Board of Directors, Liberal Party of Canada
The Liberal Party of Canada regularly does training with its staff in order to address issues along the lines of when you get spoof emails and phishing scams. We regularly get involved in those sorts of security processes to ensure that the information is not disclosed.
The second piece just comes back to the segmented database we use, which is not simply to provide limited scopes of access to users. The database itself is segmented such that it is a more secure way of proceeding, such that information can only be accessed in tranches, rather than the complete information.
Conservative
The Chair Conservative Bob Zimmer
Mr. Calvert, it has to be a much quicker answer than that, if you can.
Director of Operations, New Democratic Party
We protect it through limiting access, ongoing threat monitoring and extensive training.
Conservative
The Chair Conservative Bob Zimmer
Well done.
Mr. Cullen, you're last up. Welcome back. You have three minutes.
NDP
Nathan Cullen NDP Skeena—Bulkley Valley, BC
Jesse, are you sure you're a New Democrat? That was awfully concise.
Let's try for concision in this little speed round.
Thank you for being here. It's fair to say that in order for your parties to be effective, you need to be able to communicate with voters, and in order to do that effectively, you need to understand voters at an individual level. Each party collects information on individual Canadians in terms of voting intention, where they live and voter ID. Is that correct?
Constitutional and Legal Adviser, National Board of Directors, Liberal Party of Canada
Correct.
NDP
Nathan Cullen NDP Skeena—Bulkley Valley, BC
I was just establishing that.
That has increased over time, in terms of the wealth, depth and breadth of the information that each of the parties holds about individual Canadians. Is that also true? Compared to 20 or 30 years ago, is it fair to say that what we know about individual voters has increased significantly?
Privacy Officer and Director of Membership, Conservative Party of Canada
In terms of quicker and more response time, online contacts....
NDP
Nathan Cullen NDP Skeena—Bulkley Valley, BC
In terms of online contacts and social media, is that fair to say?