Good afternoon, everyone. Thank you for inviting me to this meeting.
My name is François Perron, and I'm the director of CyberQuébec. I run the college centre for technology transfer at the Cégep de l'Outaouais. This CCTT consists of a team of cybersecurity researchers. It's one of 59 other centres in a network that currently involves over 1,400 researchers. I'm also a technology entrepreneur, a teacher and a researcher. I've worked on telecommunications, transportation and renewable energy projects.
My remarks will be divided into three main parts. First, I'll provide some context. I'll then give three impressions. Lastly, I'll give a short introduction to the principles that I believe are important for discussing geolocation solutions.
First, regarding the context, the needs are currently exacerbated. We're all going through a much-needed lockdown in response to a pandemic that's pushing all Canadians online. Our needs are universal. We know that the Internet must be accessible to everyone. Right now, I'm thinking a great deal about the most vulnerable people. It's not necessarily a matter of age. Isolation can also be a factor, along with, perhaps, the ability to use technology. Clearly, because of the current physical distancing and voluntary isolation, we have greater needs. All areas of our lives are affected. Basically, we're in an acceleration phase, where the expected transition to digital services has been catapulted at high speed.
In my view, for all this to work, the concept of online trust is very important. The quality and security of the digital services that we use revolve around a few key principles, including the ability to create trust during a transaction. The foundations of online trust depend on our ability to confirm the identity of those whom we're speaking to during a transaction and to leave non-refutable traces that can't be erased or falsified for the purpose of entering into contracts. That's the current context.
Three impressions emerge when we start talking about geolocation, particularly with regard to recent identity theft. I don't think that we need to go over what has happened in the industry in recent months. Clearly, the government's use of a unique identifier—I'm talking about the social insurance number—is completely outdated. Once this secret source that identifies us is revealed, there's no way to replace it.
I believe that, to interact properly on the Internet, we now need a digital identity system. I think that this system should be outsourced, in multiple parts, perhaps even in open source software, to ensure that it includes three key components.
First, if a government chooses to provide verifiable information, it must be able to do so. However, other verifiable sources must also be available online.
Second, I'd like the individual to be responsible for collecting this verified information and for choosing whether to submit it. I'll address this concept of choice a little later in my presentation.
Third, we need an identifiable and fully functional system that will make it possible to confirm ownership or a claim that someone could make, so that, ultimately, a minimal response can be provided to formal questions. The word “minimal” is very useful—