There are several models, but they're not all infallible. I repeat that, at present, there is certainly a lack of collaboration between parliamentarians and intelligence agencies.
For a very long time, the Canadian Security Intelligence Service, or CSIS, and the Communications Security Establishment, or CSE, weren't even allowed to inform anyone except the prime minister or the Minister of Public Safety. Bill C‑70 looks set to change all that. It remains to be seen how this will play out in practice.
One thing is certain: prevention is needed. Equipment can't do everything, and it can't stop everything. We need to develop a new business culture. I'm not talking about spyware or James Bond, but a business culture. We need to acquire new reflexes, because we're still very vulnerable. If we create a breach, we're literally letting everyone into the house.
The TikTok app has been cited as an example. Why is TikTok problematic? If someone blindly signs the terms and conditions and gives access to his or her phone, contact list, camera and microphone, which can be activated remotely, it becomes nothing less than clandestine wiretapping equipment.
Let's say I'm a teenager going to CEGEP or school. I'm not necessarily the target of cyber-attacks, but my contact list may contain information about my uncle, who works for the Department of National Defence, my mother, who works for the government, or my sister, who works for a very important strategic company. So we've just given a foreign power, like China, access to all this information.