Evidence of meeting #36 for Public Accounts in the 39th Parliament, 2nd Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was classified.
A recording is available from Parliament.
12:20 p.m.
Liberal
June 3rd, 2008 / 12:20 p.m.
Conservative
David Sweet Conservative Ancaster—Dundas—Flamborough—Westdale, ON
Thank you, Mr. Chairman.
I guess the Auditor General gave the nod that you should be congratulated for a good business plan and a path forward. Obviously I should congratulate you for that, Mr. Fonberg, and for taking action.
I don't want to speak for everybody, but I think certainly one reason for some of the frustration and additional questions is that post-9/11 it still took an auditor general's investigation to really cause action to happen in this regard. It was obviously long overdue. There is that kind of feeling here. I know that there's no answer regarding that, but that's certainly the concern that I and some of the committee members have, that there should have been some mechanism so that there would have been a review and more initiative taken.
It does concern me that, as you mentioned, you did not find out how the blueprints got there. It sounded as though you weren't really concerned about investigating that aspect, about how they arrived in the middle of Bank Street, or talking to the vendors. Did I hear that correctly?
12:20 p.m.
Deputy Minister, Department of National Defence
No. In fact, I'm not sure who would actually have the laydown on that. We actually did go back and do a thorough review of everybody in this contracting and subcontracting process who may have had access to those blueprints. As I understand it, we actually did make a number of calls trying to figure out whether in fact they had laid other tubes--are you familiar with this?--into that dumpster.
It was not an investigation that was leading anywhere. As I understand it, but I stand to be corrected by my staff, because the blueprints were not classified it did not appear to be a terribly fruitful investigation to continue.
12:20 p.m.
Conservative
David Sweet Conservative Ancaster—Dundas—Flamborough—Westdale, ON
It actually puzzles me that even for unclassified documents there isn't a catalogue of how many blueprints are issued...and make sure they're returned.
You've mentioned several times, Mr. Fonberg, the Treasury Board review. Are you going to be advocating for substantially different procedures, as this review goes on, in terms of how documents are classified and handled?
12:20 p.m.
Deputy Minister, Department of National Defence
There are two different issues, Mr. Chairman. I think we are already in the process of looking internally. We will probably set a threshold that is beyond the government security policy for the actual classification of our buildings. We will strengthen the assessment of threats and risks in terms of the classification.
With regard to the handling of documents, I actually share the member's frustration. I think we were all puzzled, in some ways, to find out after the fact—maybe some of my colleagues before the fact—that there actually were absolutely no rules for the handling of unclassified documents.
So in my deliberations and discussions with Treasury Board, I have certainly been arguing that they need to be very clear--either that there will be or there will not be. I may have a preference, but there are implications associated with those preferences, as well.
12:20 p.m.
Conservative
David Sweet Conservative Ancaster—Dundas—Flamborough—Westdale, ON
Specifically in the NORAD facility, we obviously have partners there. Are there any concerns in their regard? Have they addressed any concerns to us?
12:20 p.m.
Vice-Chief of the Defence Staff, Department of National Defence
Mr. Chairman, we have been very transparent with our American allies in this regard. In developing the mitigation measures, we've shared those measures with them. As was indicated in the deputy minister's letter back, they have indicated their confidence in how we're moving forward with regard to the mitigation measures on information security.
12:20 p.m.
Conservative
David Sweet Conservative Ancaster—Dundas—Flamborough—Westdale, ON
Thank you.
Finally, you mentioned that you're taking steps to investigate the 8,500 contracts. I don't think I'm going to have enough time, but I'd love to hear more about the detail around that. I am very glad you're doing that, in regard to Mr. Bélanger's questioning, in the sense that I hope you're also going to investigate not just where there should have been a different classification but also where there's any kind of additional expense that's been aggregate over the years—it might be a humbling process—so that we can discover exactly what that cost is. I think that will drive some of the process of change as well for the future.
12:25 p.m.
Deputy Minister, Department of National Defence
Mr. Chairman, if I may say so, the priority of that investigation of the 8,500 is really not so much to determine what should have been classified differently but to determine where there could be an exposure because they were not classified differently. So it would be to determine first and foremost whether there could be or could have been a breach in the handling of classified information as a result of not having done an SRCL. In that process, we will obviously develop a view of whether there are any projects that need to be modified, and develop a sense of whether there are actual costs associated with that.
12:25 p.m.
Liberal
12:25 p.m.
Bloc
Jean-Yves Laforest Bloc Saint-Maurice—Champlain, QC
Mr. Chairman, I will share my time with my colleague.
Mr. Fonberg, Ms. Fraser appeared before the committee in February, after tabling her report. In this report, she states:
It is not known to what extent government information and assets may have been exposed to risk and who is accountable for that risk.
When she was asked if she could exclude the possibility that security had been compromised, she answered: “In our opinion, there is a risk that security was breached.”
How can an organization committed to defending and protecting the public get caught by... How is it possible that an audit from the Auditor General's office was needed in order to reveal a situation that could have been dramatic? We do not know what exactly could have happened. Why do you not have sufficient internal control?
Had there not been an audit by the Auditor General's office, could you have applied some process yourselves to analyze the situation and make sure that it never happens again? This is extremely worrying.
12:25 p.m.
Deputy Minister, Department of National Defence
The member has raised a number of issues, Mr. Chairman.
First of all, in terms of the issue of a breach of security or handling of classified information, the purpose of our review of the 8,500 contracts that were let is to ensure, ourselves, that in fact there were no breaches. If we discover that there may have been a breach, then we will take actions to deal with that.
I think one of the things the Auditor General's report showed--she is here, and she can speak to her report—was that there are systemic issues around this, that the government security policy itself, Treasury Board policy, was less than perfectly clear, Mr. Chairman, which led to different interpretations for those who actually were trying to manage projects, particularly construction projects. My understanding is that her recommendations to us, to the RCMP, to Public Works, and to Treasury Board will bring coherence and alignment, so that the challenges we actually experienced, which the Auditor General pointed out in her report, do not occur again.
12:25 p.m.
Vice-Chief of the Defence Staff, Department of National Defence
Mr. Chairman, perhaps I can add a bit more with regard to our internal regulation and looking at the seriousness of this issue. Going back to 2005, the initial indications from the people in North Bay that there were difficulties on that base, reported through their chain of command to 1 Canadian Air Division, which asked for the services of the Canadian Forces national counter-intelligence unit to launch an investigation as to what occurred in this regard, they are looking at, again, the kinds of security issues and risks that the departmental security officer mentioned, looking at that whole thing, because again, leadership takes this very seriously. If there were indeed any kind of disciplinary action required, automatically it would go across to the Canadian Forces national investigation service in that regard.
So those investigations were launched. In addition to that, the military police launched an administrative review on how this situation could have percolated to that point.
Following the conclusions of those, and again, given the context that the deputy minister just mentioned—these policies that were not sufficiently specific because they had not been updated after 9/11, as we've described earlier—that provided the context. So having done an administrative review, a national counter-intelligence review, a national investigative service review, we then launched our own chief of review services to have a look at this, in the fall of 2006, with their director of sensitive evaluations and investigations, so another review of the situation, and then based upon the technical valuations of what was occurring, going into the mitigation measures.
That is just to say that these processes happen in parallel and are complementary to each other to ensure that the action plan is as comprehensive as we can make it to ensure for the security, and indeed the credibility, of this facility as we move forward.
12:30 p.m.
Liberal
12:30 p.m.
Conservative
Brian Fitzpatrick Conservative Prince Albert, SK
I have found this session educational. Maybe it wasn't really necessary, but I found it educational. I'm not an expert in this area. I'm reassured by the testimony I've heard today, Deputy Minister and Lieutenant Colonel Shuster, and by the answers I've heard from you folks today.
I also want to thank, of course, the Auditor General and her staff, because she is sort of the catalyst for all the changes that have taken place here. Without her report, maybe we wouldn't have this good report card we're getting today.
I do want to pursue one area. I anticipate that there may be people in the public or members of Parliament who assume that the simple solution in the defence department is to just classify everything as “classified”. But as I said, this has been educational to me.
If an entire building such as the Trenton facility were a classified facility, I'm assuming that the contractor, the subcontractor, the architect, the engineers, the tradespeople, the workers on it, the key suppliers, and key service providers to the whole project would all have to go through some fairly stringent clearances. Is that correct, Mr. Fonberg?
12:30 p.m.
Deputy Minister, Department of National Defence
It is correct that they would have to have a reliability status or they would have to have something beyond a reliability status, an actual security clearance. The lowest level of classification for contractors is reliability status, essentially a police investigation and criminal check.
12:30 p.m.
Conservative
Brian Fitzpatrick Conservative Prince Albert, SK
There has to be some caution before people go ahead and just classify everything as “classified”. I would imagine that for a full classified facility the price tag would be significantly higher than just a regular construction project.
12:30 p.m.
Deputy Minister, Department of National Defence
I think that's fair to say.
12:30 p.m.
Conservative
Brian Fitzpatrick Conservative Prince Albert, SK
So we have to manage that.
Another issue is that if we got more stringent on classifying everything for security purposes, it would seem to me that, really, there are a lot of high-quality contractors in Canada today who have more than their share of work lined up. They can pick and choose their work. The danger, I think, if you went too far this way is that a lot of the high-quality contractors might say, “Thanks but no thanks; we have lots of other work to do and we're just not interested in this sort of project.” Is that a concern?
12:30 p.m.
Deputy Minister, Department of National Defence
I was at Cold Lake last week in northern Alberta, and they can't get contractors to work on unclassified projects up there because the market is so tight. We know that labour markets right around the country are very tight, so even before you get into the classified business, they can't get guys to work on unclassified stuff at the rates we're offering up there.
12:35 p.m.
Conservative
Brian Fitzpatrick Conservative Prince Albert, SK
So that's a reality we also have to focus on. As a member of Parliament, I need to have some regard for taxpayers in the country too. We don't live in an ideal world, and you have competing interests. You have to find some middle ground in some of these things. I know that everybody would like perfect security, but I don't think we're going to get that in this world. Part of living is risk.
Thank you very much. Those were my questions.
12:35 p.m.
NDP
David Christopherson NDP Hamilton Centre, ON
Thank you very much, Chair.
I think we are actually getting to the bottom of the great National Defence blueprint blunder. It would seem that proper procedures were followed that allowed what most of us would call highly sensitive documents to be thrown in a dumpster. Therefore, proper procedures in this case are just stupid. I don't think you would find a single person--including in your review--in Canada who wouldn't say that leaving blueprints like that lying around is not in the best interest of the security of our country and our personnel. It's that simple.
I'm hoping and expecting that as a result of your review there'll be a change in the policy. The deputy minister has said that those documents were not outside the bounds of what the contractor can do with those blueprints. Hopefully in the future that will be outside the bounds of what a contractor can do. I think we've sussed out that much. While procedures were followed, they are woefully inadequate to provide the basic protection Canadians expect the Department of National Defence to provide.
Having said that...and I'm comfortable that this is where we are. If it isn't, I'll be arguing that you come back here and defend a policy that didn't make the change that makes this out of bounds.
But assuming that's where it is, Mr. Nicholls, I want to talk to you, sir. If it's currently not against procedures for these things to be thrown in the dumpster, your agency is responsible from a common-sense point of view. What is your defence for these documents--that you would be responsible for--ultimately being thrown in the dumpster? How was that okay in terms of your responsibilities, sir?
12:35 p.m.
President and Chief Executive Officer, Defence Construction Canada
My answer to that would be somewhat similar to what you've heard already. Where sensitive documents are identified, we apply--
12:35 p.m.
NDP
David Christopherson NDP Hamilton Centre, ON
I'm sorry, sir; I don't want to be rude, but I'm really on short time.
We have found out it isn't against security rules, but it's certainly against any kind of common-sense rules, and you're the one who's responsible for all of this development. I'd like to know what you've done and what you have to say about these blueprints being thrown in the garbage. Since it seems that it's legal and okay, that doesn't make it proper and acceptable.
What kind of loose rules do you have around the kinds of contractors you hire or the work you do, sir? Please, we need some explanation from you now.
