Public Safety Committee on Feb. 6th, 2018

Thank you for the question. It's the traditional answer, but this time I mean it.

I didn't say it in my initial remarks, but one part of this quasi-omnibus bill that I think is overly complex is the one dealing with information sharing within the federal government. I would argue that there should be a positive obligation on any institution of the federal government to share with a listed number of institutions any information or concerns they might have about national security.

The way the bill is drafted now, you need to have worked in the Department of Justice for 15 years to understand the standards and whether there's a positive obligation or not. I think this is better than was the case when I was at CSIS, where there was no legal protection at all, but I don't think it makes clear to all and sundry that the overarching objective here is to share information relating to national security to avoid a crisis.

If you read that part of the bill, I don't think that comes through. There are so many conditions and thresholds and whatnot that I don't think it meets the standard, so if there is one part of the bill that I would argue you should strive to clarify and make very much clearer, that is the part. It would have made me more relaxed, when I was at CSIS, about the thing that you mentioned, but I would still worry that somebody in HRSDC or Heritage Canada who might have tripped over information would still not feel comfortable calling up and saying, “We have an issue.”

That's a pretty big question. I think, generally speaking, you're giving them the tools. It's like a lot of other areas: until they're actually out there in the field trying them out, it's hard to say.

I haven't counted, but the number of times that the words “protection of privacy” are mentioned in this bill is really quite astounding. I'm as much in favour of privacy as everybody else, but I sometimes wonder whether we're placing so much emphasis on it that it's going to scare some people out of dealing with information relating to national security. Generally speaking, though, I think they do have the tools.

What does worry me a bit—and I say this with great deference to Monsieur Blais and his colleagues—is that I think the review capacity, the review effectiveness, at least initially, is going to impose a considerable burden. Departments that have never had to deal with SIRC all of a sudden are going to have to develop a practical definition.

I think, to call a spade a shovel, the definition of national security is going to be hard. I understand what Monsieur Blais was saying. It's not that clear when someone is in Heritage Canada or the Department of Agriculture or CFIA that what they're doing could possibly affect national security. There's one stream that's easy to follow, and that's if they use information provided by CSE, but more broadly.... I'll give you an example.

A deputy minister once called me when I was at CSIS and said, “My department has responsibility across the country for doing a variety of things relating to individuals, and we think there's a pattern here that suggests that there's some foreign interference, and you ought to do something about it.” Four months later, our lawyers sort of concluded they weren't sure it was national security, and they were pretty sure they couldn't do it, given the Privacy Act.

Now, with great deference to lawyers—I was one earlier, and I'm now no longer one—I think we need to find a way to simplify some of these concepts. I know that once the bill is passed, if it's passed, there will be operational instructions, but my hope would be that in some respects, on some aspects of the bill, we could be a little bit less legal and a little bit clearer.

I don't have an answer to that, and I think if the answer is yes, then I'm even more frightened by what the range of his authorities could be.

Technically speaking, from what I remember of the Federal Courts Act, I think the short answer would be yes, and if that's the case, I think one of the things that the bill misses a little bit, although there are provisions for exigent circumstances, is that this intelligence commissioner in some circumstances is going to have to be alert and readily accessible, even though he or she will be holding a part-time position.

Therefore, I worry that there's a little bit lost about the world of national security, which requires rapid movement.

That's a very good question.

I would argue most likely “yes”, because most of the definitions that attach to the World Wide Web, the international digital infrastructure, are so broad that you could probably link in most aspects of AI and most aspects of the cloud. I think it would be better if there were some precision, to be honest, but if I were still working and you passed the bill, I would argue that the two things you mentioned could be included in the definitions. However, I would also worry that a bunch of people could also argue the opposite. I do think the definitions now are pretty flexible. As long as you can link them in any way to the World Wide Web, I think you can include them.

As you know, we have already been in contact for decades with our five particular allies, the Five Eyes. As you may remember, we welcomed those partners earlier, in late September. They came over here. We have regular meetings with them to adapt our approach and to be more efficient.

Obviously, the organizations that we're looking at are also having meetings and are remaining in touch with their allies as well, the Five Eyes and others. It remains important.

We have already discussed what was going on here in Canada. We met with the British, the Americans, all of them, and we go on with that. Obviously, the way we are developing our approach, particularly with almost 20 organizations, is a little new in the area, and we will probably share our views on that. For the time being, we're not yet there, because NSIRA will probably be in place later this year at best.

You won't be surprised by my answer. I think that the answer is no. I don't think that we're oblivious to the threat, but I would argue—and I make no distinction between governments here—that we are schizophrenic on China. There are people who see real trade and economic advantages and see some security problems. Other people see security problems with some small economic and trade advantages. I think that because of this, it's been very difficult to have a national debate on China. The good news is that we're not the only ones who have this problem.

I would argue that we do not really understand, in all of its complexity, how much China is different from Canada and how it aggressively uses all of the resources of the state against not just Canada but against any number of other countries in pursuit of its objectives.

Do you mean the threat reduction measures?

Oh, yes. As you know, we have the responsibility to review those threat reduction measures every year. I would say it's so far a success. It shows an issue that was raised earlier in the discussion about being proactive, because I think it was new, and it's successful. So far, so good. We have the mandate to look into that, and we will go on with that in the future as well.