Thank you for the question.
As was mentioned right from the outset here, perhaps in the first question I received, it has been obvious since the establishment of Shared Services Canada that one of the government's objectives, in addition to greater cost efficiency and better service, was to have a more secure IT infrastructure for the Government of Canada. We knew that security was going to be a focus of ours and a priority of ours from the beginning.
So from the very outset we consulted, as I mentioned earlier, with the Department of Justice, the Department of Foreign Affairs and International Trade, the Department of Public Works and Government Services, CSEC, and our Public Safety partners on what the vulnerabilities were that we would be facing as we built a new e-mail system and transformed the data centres and the networks.
As a result of this consultation, we came to the conclusion that in order to protect Canada's national security interests as we go forward with all of this, it would be relevant to invoke the national security exception. “Exception” is the word; it's the exception to the provisions of the trade agreements. That is essentially what it means. It's a provision that is in all of our trade agreements. It says that if it's required in order to protect national security interests, then governments can derogate from their obligations under those agreements.
But you have to do it in an organized way, which is what we did. There was a notification posted on MERX that summarized the analysis, which came to the view that because of the sensitivity of the systems, the interconnection of the systems, and the sensitivity of the information that is kept on those systems—all the private information of Canadians as well as national security interests—it was appropriate to invoke the national security exception. That's what we did.
What this does is remove us from the obligation of all of the provisions of the trade agreements. Essentially, the key ones are that we can specify country of origin without being subject to a trade tribunal complaint, and we can also not make public our requirements. You will understand that if we are designing the infrastructure and the architecture for a new, modern networking configuration for the Government of Canada, it's not something we would want to advertise. It's not something we would want to put on MERX—that this is what we're building, and this is how we're building it, and this is what we need you to do.
The NSE gives us the flexibility to keep things out of the public domain when we need to and to specify our requirements in terms of security, in terms of country of origin, etc.