Thank you very much for the question.
It isn't just a concern among civil liberties and civil society groups but across many sectors in Canada that there needs to be a trust developed. There needs to be openness and transparency to the degree that we understand what Canadian agencies, including the CSE, are engaging in when they are engaging in protecting Canada's cybersecurity, engaging in active and defensive cyber-operations and engaging in signals intelligence.
The way to ensure this is happening is to have greater mandatory reporting around the activities that they're carrying out. For example, there's a lack of mandatory reporting in Bill C-26 right now, so it would be very difficult to track not only the ways that it's used but also whether there are any failings so we can improve the system. Oversight and review are simply not only about putting organizations on the defensive and calling them out but also seeing where we can learn from our errors and improve the operations.
Right now, there are the intelligence commissioner and NSIRA, and, as I mentioned, it's not clear that they have a role in reviewing Canada's cybersecurity operations, because they touch on national security but not necessarily in the way that those bodies always review it. Therefore, we think that either there needs to be a new position or there need to be amendments made to their mandate to clarify that they do have that mandate.