Evidence of meeting #42 for Access to Information, Privacy and Ethics in the 42nd Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was scisa.
A recording is available from Parliament.
5 p.m.
Executive Member, Privacy and Access Law Section, Canadian Bar Association
I think it's particularly useful if it is restricted to just the head of the particular institution, and only that. The head of the institution has access to the information and makes the call.
5 p.m.
Conservative
The Chair Conservative Blaine Calkins
Okay, good.
Mr. Erskine-Smith, your time is up.
The last question of the official round goes to Mr. Blaikie, and Mr. Bratina would like to use up some spare time if we have any, and Ms. Shanahan as well.
We'll have Mr. Blaikie, and then we'll go to anybody else who would like to ask questions.
5 p.m.
NDP
Daniel Blaikie NDP Elmwood—Transcona, MB
Mr. Elder has already weighed in somewhat on the question of what an appropriate oversight body might look like. It seems to me that's the linchpin for whether we stick with SCISA and change it somehow or throw it out. There will continue to be information sharing between departments, and the legislation that currently governs that might even be modified.
I'm wondering if the other two witnesses, Mr. Fraser and Ms. Tribe, want to weigh in on an adequate oversight regime for information sharing between departments.
5 p.m.
Partner, McInnes Cooper, As an Individual
I'll try to be brief, which is uncharacteristic.
Consistent with the other efforts that are going on related to oversight of national security generally and across the board, there is no common oversight of any of these 17 organizations, and all of them, apparently, are instrumental in our national security. All those functions should be overseen, probably by a parliamentary committee that has the ability to summon any information they want, and that committee should have absolute visibility into this. There should probably also be an additional committee, like the Security Intelligence Review Committee currently, that has the ability to go in and routinely do audits. It goes in and double-checks that all this is being done, because a parliamentary committee doesn't necessarily have the manpower to do that on a regular basis.
That would be my suggestion.
5 p.m.
Executive Director, OpenMedia
Can I add a plus one to that?
This really does exist in the bigger context of what's going on. I think it is really critical to have oversight over information sharing. The activities of each of those agencies is also something that.... What they do with that data once they have it, even if they collect it themselves, is something that we're really concerned about. That gets into things like the notion of “super-SIRC”, which is beyond just the mandate of the Privacy Commissioner. It's great to have those SIRC reviews come through, but they're so far behind the actual activities as they're taking place that the amount of resources that need to be put into place for checking in and auditing those proactively and on an ongoing, regular basis, as Mr. Fraser was saying, is really critical. Finding out three years later that the CSE was giving away metadata of Canadians is too late. Being able to weigh in at the appropriate time or in a more timely fashion is really important.
5 p.m.
Conservative
The Chair Conservative Blaine Calkins
Colleagues, as per usual, we have a bit of time left over at the meeting, so I'll give priority to any MP who hasn't had a chance to ask a question.
I have Mr. Bratina.
January 31st, 2017 / 5 p.m.
Liberal
Bob Bratina Liberal Hamilton East—Stoney Creek, ON
Thank you.
Item six on the recommendations from the CBA is clarifying the interaction of the Privacy Act in SCISA. How about clarifying item six? Is it that the CBA thinks the Privacy Act should dominate? What are your views on that? What's the problem with how it's written within SCISA?
5 p.m.
Executive Member, Privacy and Access Law Section, Canadian Bar Association
Yes, we like the Privacy Act and the controls that are in place there, and I guess there seems to be a bit of confusion about how the two interrelate. The Privacy Act would generally be presumed to govern, but the Privacy Act has explicit exceptions for situations in which another law is applicable.
As well, you have section 6 in SCISA, which I call the “not my job” paragraph, because it really says nothing is either authorized or prohibited by this act, so you're left with this sort of tautology that, I think, would be beneficial to clarify.
5:05 p.m.
Liberal
Bob Bratina Liberal Hamilton East—Stoney Creek, ON
Would you anticipate a problem in clarifying in terms of imminent national security issues if information is flying around because something bad may be happening and so nobody phones up the Privacy Commissioner?
5:05 p.m.
Executive Member, Privacy and Access Law Section, Canadian Bar Association
The concern here is that anything set out in the act in terms of the use of information can be covered off within the act. I think the main concern about the Privacy Act would be about further uses and disclosure, for which there aren't any restrictions in the law. You may have something that's disclosed legitimately in the interests of protecting national security, but it could be used for any other collateral purpose. I think that's why we really want to have the Privacy Act trump SCISA.
5:05 p.m.
Liberal
Bob Bratina Liberal Hamilton East—Stoney Creek, ON
The government of the day was facing serious issues and created Bill C-51 and SCISA. Was it a rush draft in the fog of war? In evaluating the drafting of this legislation, I know we've heard many people say we should just get rid of the whole thing, but could it be worked on, from CBA's perspective?
5:05 p.m.
Executive Member, Privacy and Access Law Section, Canadian Bar Association
I won't speculate on how it came to be, but certainly from CBA's perspective, it could be worked on. It could be made a lot better in a way that would much better protect the privacy rights of Canadians.
5:05 p.m.
Liberal
Bob Bratina Liberal Hamilton East—Stoney Creek, ON
Safeguards to ensure that any shared information is reliable are problematic for me, because.... Colin Powell said there were weapons of mass destruction. How would you envision the reliability being vetted?
5:05 p.m.
Executive Member, Privacy and Access Law Section, Canadian Bar Association
I guess that there is some vetting and that we're not passing on information that is rumours or hearsay. We're not repeating or forwarding fake news. We're doing some analysis and some checking on our own to make sure we're reasonably sure this is accurate information.
5:05 p.m.
Conservative
The Chair Conservative Blaine Calkins
Thank you, Mr. Bratina.
Mrs. Shanahan, welcome to the committee.
5:05 p.m.
Liberal
Brenda Shanahan Liberal Châteauguay—Lacolle, QC
Thank you very much, Chair.
Thank you very much to the witnesses for appearing today. It's my first time on this committee, and it's always a good opportunity for us new MPs to learn about a subject that we haven't had much exposure to, except of course in the general media and the news.
One thing that does concern me is the notion of oversight and how that would take place. I think it came up in all three presentations that the key is how this information.... There is an acceptance by Canadians, and certainly I hear from my constituents that they're ready to share some information, as necessary, for national security, but who is going to be responsible for making sure that it's used responsibly?
The Office of the Privacy Commissioner brought up some concerns in its report in March 2015 with regard to some of the agencies listed having some oversight, while others did not. Can you share with me some more ideas that you have about what that oversight body should look like? Should it be in each of the agencies? Should there be one overall oversight body? What would that look like?
5:05 p.m.
Partner, McInnes Cooper, As an Individual
I would be broadly in favour of oversight over the entire national security and intelligence functions within the Government of Canada, which would include the law enforcement components as well. What we're seeing is that they all work as a group. When we have 17 organizations, some of which you'd think would have no national security role whatsoever, somebody has to have oversight over that.
I think that's absolutely critical, because most national security and intelligence activities are obviously top secret. Obviously they can't put all the information about what they're doing on their website. Because they are in the shadows, the only way you can make sure they conduct themselves in accordance with our expectations in a democratic society is to have confidence in the oversight, confidence that somebody is watching and keeping an eye on them, somebody who can keep the secrets but who can also blow the whistle when necessary.
I would suggest that it should be an officer of Parliament who has oversight and virtually unlimited powers of investigation, of her own initiative or in response to complaints, to deal with whistle-blowers and all that other sort of stuff over the entire apparatus. What's happened previously—and I think this is all part of the overarching discussion we're having on the green paper and everything else—is that, for example, the RCMP has been subject to one level of accountability, CSIS is subject to a different level of accountability, and CSE is subject to a different one, and I've no idea what's happening in some of these other departments. Nobody has a line of sight into the overall big picture other than perhaps the Minister of Public Safety, but even then, perhaps not. Somebody needs to be able to keep an eye on this.
The only way we can have confidence in it is by having confidence in the overseer. We have to trust that the overseer is acting on our behalf, because we, as citizens, can't have visibility into all of these things that really have to happen in the shadows. We're making a leap of faith, but we have to trust the supervisor.
5:10 p.m.
Liberal
Brenda Shanahan Liberal Châteauguay—Lacolle, QC
I thank you for that.
I saw Ms. Tribe nodding at certain points. Certainly with the new technology, it is a whole new world. Can you share with us some of your ideas about what that oversight body would look like?
5:10 p.m.
Executive Director, OpenMedia
OpenMedia hasn't put forward a formal proposal on what we think the oversight mechanisms should look like. The reason I'm nodding is that the real challenge we've seen is that having these disparate systems of oversight means there are different standards and tests and rules, depending on the department you work in.
We're starting to have the possibility for information to flow more freely among these departments. Having that bird's-eye view of everything that's happening and making sure that what is going where and the processes with which that's happening are really clear and having those checks and balances are really important.
To your question of whether there should be oversight within each individual agency, I think there can be that as well in making sure that each department is operating within its purview and making sure the information it receives and shares is being handled appropriately. There is a bigger picture, which Mr. Elder is getting to, which is understanding the big picture and how they all work together, particularly with such top secret information being shared.
5:10 p.m.
Liberal
5:10 p.m.
Executive Member, Privacy and Access Law Section, Canadian Bar Association
I generally echo those comments.
At least from a SCISA perspective, for the 17 institutions that are listed—and for many more, because if put on the disclosing end, it could be any institution that is permitted under SCISA to disclose—I think there needs to be a single body that looks at all of that. I don't think that takes away from responsibilities within each of those institutions, however. I think there still has to be a clear accountability within each of those institutions to comply as well. We do need an oversight body that can look at the whole picture.
5:10 p.m.
Conservative
The Chair Conservative Blaine Calkins
Thank you very much, colleagues.
Seeing no other questions arising from the members here at the committee, I just want to say thank you very much to our witnesses. This is very important testimony. This committee has been working very diligently on reviewing numerous pieces of legislation, and we've been working together very constructively and fruitfully. We've had two consensus reports already put before Parliament, and we're hoping that we can put forward another. Your testimony is very helpful in doing that. We appreciate your patience at the start of the meeting. We wish you well. If we need to get back in touch with you for further clarification, we know you stand ready to do so.
Colleagues, we're having a meeting again on Thursday, when we'll have more witnesses on this particular matter. I remind colleagues that I've allocated about 10 or 15 minutes at the end of that meeting just to have a brief chat about where we're going to go after that. We have witnesses with SCISA the following week as well, but we have to make some decisions about how far we want to take this and how much longer we want to continue with this study. Just keep that in mind, colleagues.
Thank you very much. We'll see you on Thursday
The meeting is adjourned.