Evidence of meeting #101 for Public Safety and National Security in the 42nd Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was cse.
A recording is available from Parliament.
11:20 a.m.
Conservative
11:20 a.m.
Liberal
The Chair Liberal John McKay
I perceive that as a dilatory motion that is without debate; therefore, we call for the vote.
I am assuming that you want the vote recorded.
11:20 a.m.
An hon. member
It's to adjourn debate on the motion.
11:20 a.m.
Liberal
The Chair Liberal John McKay
The motion has carried
With that, we go to Mr. Dubé.
Go ahead for seven minutes, please.
11:20 a.m.
NDP
Matthew Dubé NDP Beloeil—Chambly, QC
Thank you, Mr. Chair.
Minister, thank you for being here today, and thank you to the folks around the table as well.
My question—and you mentioned this in your comments—is about the capability sharing that's happening between CSE and the armed forces, in particular with regard to active cyber-operations. There have been concerns raised about the evolving landscape that was alluded to and what exactly that means for a civilian organization when you're talking about, in particular, foreign-state actors that might be involved in some of the activities that those active cyber-operations are being used against. It feels as if there might be a slippery slope there in terms of international law, as to what is military action and what is not.
I'm wondering if you could comment on that and perhaps explain how those capabilities go together and in what way we're making sure we don't have CSE as a civilian organization engaged in what other states might perceive as military attacks, especially with the concept of sovereignty being very nebulous in this digital age in terms of international law.
11:20 a.m.
Liberal
Harjit S. Sajjan Liberal Vancouver South, BC
I'll let Greta speak to the technical side of things. However, I think I need to be very clear on this. We, in Canada, are leveraging a repository of phenomenal excellence that resides in CSE. With regard to the expertise that's here, we as a government, and previous governments, have kept it there for that reason, to make sure we stay at the cutting edge.
The Canadian Armed Forces, with the new legislation, will be able to allow us to leverage that technology. Any type of military action that's taken, as with any other military operation, will be conducted with the proper targeting procedures, the proper rules of engagement, and in accordance with international law and, more importantly, our laws as well.
11:25 a.m.
NDP
Matthew Dubé NDP Beloeil—Chambly, QC
Before I get to the technical side for a more precise aspect, the bill calls for authorization by you, in consultation with the Minister of Foreign Affairs, for any active cyber-operation. Let's say there's a foreign state actor involved in the activity that requires that active cyber-operation. Can you walk us through the process of how you make the decision as to whether the Armed Forces should be intervening with their cyber-capability or whether it's CSE as a civilian organization?
11:25 a.m.
Liberal
Harjit S. Sajjan Liberal Vancouver South, BC
Let's make a distinction in terms of whether it's a military operation that's providing.... For example, we're in Iraq right now. We have to look at the threats that are there. If a threat was developing capability in terms of creating a new type of IED, CSE will have the ability to support them on how to defeat that type of technology, and they will come out with that. But when it comes to active cyber-operations, it could be strictly, for example, that we as a government have to take some type of action to protect Canadians. That is a separate piece that CSE would be looking at. We have to separate the two. That will go through an appropriate process, as outlined in the legislation here, that will look at the proportionality, making sure that all the laws are respected, and a decision will be made.
Greta, do you want to add to that?
11:25 a.m.
Chief, Communications Security Establishment
Sure. Thank you, Minister.
When the National Defence Act was amended some 17 years ago to recognize the role of CSE, at that point CSE was actually part of the Department of National Defence. We've always had an assistance mandate, the so-called part (c) of our mandate, that allows us, upon request from another organization such as a federal law enforcement organization, to request whether CSE could be supportive of their work under their lawful mandate. Again, given that we were part the Department of National Defence, assistance to National Defence or CAF wasn't explicitly spelled out because we were part of that department.
About six years ago, to give a bit of history here, we separated from the Department of National Defence and became a stand-alone agency, the Communications Security Establishment, albeit still reporting to the Minister of National Defence. Therefore, this proposed legislation adds the Canadian Armed Forces and National Defence as an organization that could request our capability, request our support, as the minister explained, on one of their lawful missions. We would be in a support operation to the Canadian Armed Forces.
We also have representation here this morning from the Canadian Armed Forces. They may also want to speak to their operations.
11:25 a.m.
NDP
Matthew Dubé NDP Beloeil—Chambly, QC
I appreciate that. My time is limited, so perhaps we can come back to that in a second. While the minister is here, though, I have a couple more questions.
We mentioned the mandate and the relationship with the Department of National Defence. That leads me to the question I asked the officials from Public Safety. We've spent a lot of time on this aspect of the bill. I think your presence here today is proof of the need to drill down on that aspect of it. This committee doesn't necessarily have the same kind of institutional memory that the committee of national defence would have. Can you explain why the decision was made to take a bill that essentially was moving on elements that were in the previous bill, Bill C-51 in the last Parliament, and essentially add this big block of stuff dealing with some significant changes to CSE as opposed to having it as stand-alone legislation?
11:25 a.m.
Liberal
Harjit S. Sajjan Liberal Vancouver South, BC
I think it's very important that we demonstrate to Canadians, when we're looking at reviewing legislation of this kind, that we're looking at it in its entirety. We owe that to Canadians. We can't just look at it in a separate chunk. We need to be able to demonstrate to Canadians that we're looking after their security from foreign threats and making sure that they are educated and that we have the right advice for them to be able to be far more cyber-savvy as well while at the same time we are looking at, and making sure of, proper transparency and the protection of privacy.
11:30 a.m.
NDP
Matthew Dubé NDP Beloeil—Chambly, QC
I appreciate that, Minister, even though I remain unconvinced.
The other point I want to get to quickly, with the minute I have left, is on publicly available information. The deputy chief mentioned last time that information obtained unlawfully would not be included under that definition. When we look at the situation right now with Facebook, for example, it's not quite clear whether that information was obtained unlawfully. Under the current definition, as spelled out in the law, could the type of information we're looking at in this scandal, essentially, fall under the definition of publicly available information that—
11:30 a.m.
Liberal
Harjit S. Sajjan Liberal Vancouver South, BC
I can assure you that the CSE will...and that everything is followed in accordance with the law, and we make sure that we have the right processes in place. It's in here—
11:30 a.m.
NDP
Matthew Dubé NDP Beloeil—Chambly, QC
I'm talking about information that is out there, that is obtainable, that's not necessarily obtained in an illegal fashion, and that is therefore technically legally obtained, even if it's nebulous at best. What happens in those situations?
11:30 a.m.
Liberal
Harjit S. Sajjan Liberal Vancouver South, BC
I just want to make sure I got your question. You're talking about—
11:30 a.m.
Liberal
The Chair Liberal John McKay
That's an important question, and I doubt I'm going to get unanimous consent from the committee to extend your time, but if we could somehow or other circle back in on that question, that would be good.
Madam Dabrusin, go ahead, please.
March 22nd, 2018 / 11:30 a.m.
Liberal
Julie Dabrusin Liberal Toronto—Danforth, ON
Thank you, Minister, for coming to speak with us today about Bill C-59. Cybersecurity is an issue top of mind for a lot of people, so it's a really important time to be talking about what we will be doing with CSE and how that will enhance cybersecurity.
There are parts in here about how CSE operates with critical infrastructure. It's not federal infrastructure. Can you explain how CSE will be able to use the new framework we have in Bill C-59 to provide assistance to non-federal infrastructure?
11:30 a.m.
Liberal
Harjit S. Sajjan Liberal Vancouver South, BC
I will set the stage and let Greta get into the technical details of this. This is something extremely important. This is about protecting Canadians as they change to the technological advances of such things as new phones and social media, and making sure they have the right education about what they need to do to make sure they protect their own privacy in their own way.
More importantly, this is also about protecting the institutions Canadians use as well. That's critically important. Canadians expect us to make sure that everything from banking to our electoral grids operates properly and cannot be taken down. This is why it's important for us to work with non-governmental agencies to be able to provide the right advice to make sure they are protected, because ultimately this goes back down to making sure Canadians are protected.
Greta.
