Thank you, Mr. Chair. Thank you to the committee for inviting me to appear before you today.
In particular, I will be focusing my comments on the government’s Green Paper, which was recently released. We will present our formal response to Public Safety by December 1. In the meantime, I am happy to provide preliminary comments, in the hope these may be helpful as you prepare to engage with Canadians in several cities across the country.
The stated purpose of the Green Paper is to prompt discussion and debate about Canada’s national security framework, which is broader than the reforms brought about by Bill C-51, the Anti-terrorism Act, 2015. I fully support the need to review the entire legislative framework, not just the changes brought about by Bill C-51. But to do that in a comprehensive way, the focus cannot be only on addressing challenges faced by national security and law enforcement agencies. It must also take into account legislative changes and other developments that have had an impact on human rights, including international information sharing and the need to adopt rules to prevent another tragedy like the one lived by Maher Arar.
In order to ensure our laws adapt to current realities, it is important to consider all that we have learned since 2001, including the revelations of Edward Snowden regarding government information gathering and sharing activities, as well as other known risks regarding the protection of privacy and human rights, including those identified during commissions of inquiry. Obviously, we must also consider recent terrorist threats and incidents.
In my public statements on Bill C-51, I expressed significant concern with the broad information sharing authorized by the Security of Canada Information Sharing Act. I warned that the lowering of thresholds for sharing could lead to large amounts of personal information on law-abiding citizens being disclosed. Edward Snowden demonstrated how government surveillance powers can be used on a massive scale. Unfortunately, there is nothing in the Green Paper that addresses the lowering of legal standards for information sharing.
When Bill C-51 was tabled, the government maintained SCISA was necessary because some federal agencies lacked clear legal authority to share information related to national security. The Green Paper addresses complexity around sharing, which can prevent information from getting to the right institution in time. These references to the complexity of the old law do not clearly explain its shortcomings. Situations where there is no legal authority for sharing information related to national security can be identified, but so far they have not. I strongly urge this committee to ask specific questions on the subject. A clearer articulation of the problems with the previous law would help define a proportionate solution.
The green paper speaks of the challenges of law enforcement getting access to what it calls “basic subscriber information”, which is cast as relatively innocuous on the premise that it does not include the contents of communications. There has been extensive work done by my officials and other technical experts that finds that this subscriber information, or metadata, is far from benign. Daniel Weitzner, who founded the Internet Policy Research Initiative at MIT, considers metadata to be “arguably more revealing [than content] because it's actually much easier to analyze the patterns in a large universe of metadata and correlate them with real-world events than it is to go through a semantic analysis of all of someone's email and all of someone's telephone calls.”
The GCHQ, the British signals intelligence agency, has publicly stated that metadata is more revealing for intelligence purposes than the content of communications. If, as the green paper suggests, new legislation is to be informed by the privacy expectations Canadians have about metadata, Canadians should be clearly advised of the personal information metadata can reveal about them.
The green paper presents a scenario in which a police officer wants to obtain metadata from an Internet service provider but is unable to do so when the investigation is still in its early stages, and there is not enough information to convince a judge to provide authorization. While we appreciate that it might be useful information to have “at the outset of an investigation”, as it says in the green paper, it is unclear to us why neither the evidentiary threshold required to obtain judicial authorization via production order or warrant nor the exigent circumstances exception articulated in R. v. Spencer can be met.
I should add that preservation orders can be obtained on a reasonable grounds to suspect threshold, a very low standard indeed. In that context, we would urge the committee to probe government for precise explanations of why current thresholds are unreasonable and why administrative authorizations to obtain metadata, rather than judicial authorizations, sufficiently protect charter rights.
Encryption, another issue raised in the discussion paper, represents a particularly difficult dilemma. On the one hand, as a technological tool, it is extremely important, even essential, for the protection of personal information in the digital world. On the other hand, as a legal matter, individuals who use it and companies that offer it to their customers are also subject to laws and judicial warrants that may require access to personal information where legitimately needed in cases in which public safety is at risk. Ultimately, the issue is whether it is possible to enable authorized access for the state without creating technological vulnerabilities imperilling the privacy of significant numbers of ordinary citizens. Where it is not possible to do this, I think it is important to ask which of these two important public interests should prevail. We expect to have more to say on this by December.
The green paper lists accountability mechanisms, including ministerial oversight, judicial review, Parliament, and review by independent bodies of experts. On the issue of parliamentary review, I would note that Bill C-22, which proposes to create the national security and intelligence committee of parliamentarians, fills the need for democratic accountability and brings us into alignment with other western democracies. I would note, however, that many agencies that have a role to play in national security or public safety are not currently subject to any independent expert review. This is an omission that, in my view, needs to be addressed.
As I mentioned, my office will be submitting a formal written response to this green paper once we've fully analyzed some of its newer proposals. In the meantime, I would be happy to answer any questions you may have. For instance, I think it would be important to discuss how monitoring of the Internet to prevent radicalization should not create a climate such that ordinary Canadians feel they cannot enjoy fundamental freedoms.
Thank you very much, and I look forward to your questions.