There is no doubt that the concept of datasets is very broadly defined, something that could prove problematic without oversight mechanisms or legal standards. To my mind, the two safeguards are more or less adequate in relation to the various stages leading to the use and exploitation of the datasets.
The jumping off point is Judge Noël's Federal Court decision, indicating that CSIS had compiled and retained information on individuals who were not threats. Judge Noël also said that he had heard evidence to the effect that the information in question could be helpful to identify threats.
My view on the dataset provisions is that efforts should be made to use the value of that intelligence—which is very broadly defined, I agree—but with different filters to ensure the data are not retained for an excessive period of time. The Federal Court normally conducts a review within 90 days, which is a pretty good method. CSIS's exploitation of the data, relying on the necessity test, is the standard we think should be used for information-sharing purposes.
It would be tough to call the provisions inadequate. The ultimate use of the data depends on necessity. For two years now, I have advocated for the necessity test in information sharing.
I am asking parliamentarians to apply the same necessity standard in the Security of Canada Information Sharing Act to information sharing, in the case of receiving institutions.