Evidence of meeting #101 for Public Safety and National Security in the 44th Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was information.
A recording is available from Parliament.
5 p.m.
Liberal
Jennifer O'Connell Liberal Pickering—Uxbridge, ON
This would provide greater clarity that confidential information would be disclosed only under authorized circumstances and with those with whom there is already a defined need to access the information.
Again, the confidentiality of the information continues with those to whom it's passed, but only in circumstances when they're authorized to have it.
5 p.m.
Liberal
The Chair Liberal Heath MacDonald
Is there any further discussion?
(Amendment agreed to [See Minutes of Proceedings])
We are on BQ-22.
5 p.m.
Bloc
Kristina Michaud Bloc Avignon—La Mitis—Matane—Matapédia, QC
Thank you, Mr. Chair.
BQ‑22 would add the following provision to clause 13:
(1.1) If an exchange of information occurs under an agreement or arrangement with the government of a foreign state or with an international organization established by the governments of foreign states, the Minister must, without delay, notify the person to whom the information relates of the disclosure and of the state or organization that received it.
It's something organizations concerned about civil liberties asked for. Telecommunications service providers or designated operators under the critical cyber systems protection act should be explicitly notified of when and, as appropriate, to whom the information may be disclosed when the disclosure is to a foreign state, agency, organization or party.
5 p.m.
Liberal
The Chair Liberal Heath MacDonald
Is there any further discussion on BQ-22?
(Amendment negatived [See Minutes of Proceedings])
We move to BQ-23.
Ms. Michaud, go ahead, please.
5 p.m.
Bloc
Kristina Michaud Bloc Avignon—La Mitis—Matane—Matapédia, QC
Thank you, Mr. Chair.
BQ‑23 would add the following provision to clause 13, after line 6:
(1.1) The agreement or arrangement must restrict the retention of the information to the period necessary for the purposes set out in subsection (1) and provide for its subsequent disposal.
Here again, the idea is to ensure that the information obtained from providers and designated operators is retained only for as long as is necessary.
5 p.m.
Liberal
The Chair Liberal Heath MacDonald
Thank you, Ms. Michaud.
Is there any further discussion?
(Amendment negatived)
We move now to G-17, please.
5 p.m.
Liberal
Jennifer O'Connell Liberal Pickering—Uxbridge, ON
This is providing more clarity that confidential information is to be disclosed only under authorized circumstances and shared with those who have that defined access to information.
This just goes to address some concerns and provide that clarifying language that the information is to be used only when it's required and with whom it's required, and it will always maintain that confidentiality component with it.
5 p.m.
Liberal
The Chair Liberal Heath MacDonald
Thank you.
Shall G-17 carry?
(Amendment agreed to [See Minutes of Proceedings])
We are on NDP-13.
5:05 p.m.
NDP
Peter Julian NDP New Westminster—Burnaby, BC
Mr. Chair, we—I mean the royal we—withdrew NDP-13 to NDP-24. My colleagues from the Conservative Party have withdrawn amendments up to CPC-50, so I believe we would be moving to NDP-25.
5:05 p.m.
NDP
Peter Julian NDP New Westminster—Burnaby, BC
That would mean, according to my records, Mr. Chair, that we're just about to hit the final page of amendments, so I would like to speak just once on the series of amendments and again test the feeling of the committee.
NDP-25 to NDP-36 seek to amend the legislation to give clear direction to the Office of the Superintendent of Financial Institutions, the Minister of Industry, the Bank of Canada, the Canadian Nuclear Safety Commission, the Canada Energy Regulator and the Minister of Transport. The amendments would require them to file a notice of violation and to make those violations public.
What this does is twofold: In terms of violations of the act, it pushes those regulators to issue a notice of violation, and it makes it public.
It may not have the support of the committee. I do believe it's important in terms of transparency and in terms of ensuring that we are doing everything in our power to push back against the cyber-attacks that have threatened some of our key institutions.
In an unusual way, because we're now at the back end of consideration of amendments, I'd like to propose NDP-25. Depending on the committee's reaction to NDP-25, if NDP-25 is supported, I'll continue to move the other amendments for the institutions I've just spoken of. If NDP-25 is rejected, I will withdraw NDP-26 to NDP-36.
5:05 p.m.
Liberal
The Chair Liberal Heath MacDonald
We're at NDP-25.
Is there any further discussion on NDP-25?
Shall NDP-25 carry?
(Amendment negatived [See Minutes of Proceedings])
5:05 p.m.
NDP
Peter Julian NDP New Westminster—Burnaby, BC
That is a very clear result. I'm not going to ask for a recount, but I will withdraw NDP-26 to NDP-36.
5:05 p.m.
Liberal
The Chair Liberal Heath MacDonald
Thank you, Mr. Julian. I'll give everybody a second to catch up.
Next, we have G-18.
Ms. O'Connell, please go ahead.
5:05 p.m.
Liberal
Jennifer O'Connell Liberal Pickering—Uxbridge, ON
Thank you, Chair.
This is just putting a comma, removing the word “and”, and then inserting “manner and period”. It's a very technical language change.
5:05 p.m.
Liberal
The Chair Liberal Heath MacDonald
Thank you, Ms. O'Connell.
Is there any discussion?
Shall G-18 carry?
(Amendment agreed to [See Minutes of Proceedings])
Next, we have BQ-24.
Go ahead, Madame Michaud.
5:05 p.m.
Bloc
Kristina Michaud Bloc Avignon—La Mitis—Matane—Matapédia, QC
Thank you, Mr. Chair.
BQ‑24 addresses a concern raised by Crown corporations such as Hydro-Québec. The concern is that parts of the bill could infringe on the jurisdiction of the provinces and Quebec.
This amendment would simply add the following lines:
(2) For greater certainty, the power provided by subsection (1) must be exercised in accordance with the jurisdiction and powers of the provinces and territories.
April 8th, 2024 / 5:10 p.m.
Liberal
Jennifer O'Connell Liberal Pickering—Uxbridge, ON
Thank you, Chair.
I have concerns about this one. The amendment would ultimately reduce or diminish the ability of the federal government to determine the level of cybersecurity required. I think a good cyber-practice is working with provinces and territories in these areas. That makes a lot of sense.
I would worry that some provinces and territories may not have the cyber-capabilities the federal government has. Some provinces may have excellent capabilities and others may require more time, expertise or technical support. I worry about the current language requiring the federal government to, first, work in accordance with provinces and territories when not all might be at the same level in cyber-capability.
Obviously, some of our agencies, such as CSE, CSIS and the RCMP at higher levels, are specifically federal. It is no fault of the provinces and territories that they wouldn't have access to all of that information. That's where I have some issues with this amendment.
Mr. Chair, I don't know if Mr. MacSween has any comments or concerns in regard to whether this would limit or prevent the federal government from moving forward without first having that provincial buy-in. That could also add time delays. The technical experience might be in some places, but not all.
5:10 p.m.
Director General, National Cyber Security Directorate, Department of Public Safety and Emergency Preparedness
Thank you for the question.
There are some challenges.
To your point, there is a potentially unintended consequence here. It could result in the government giving up some jurisdiction to provinces and territories in areas that are federally regulated. Obviously, because of that confusion, this could very much cause delays in implementation. I believe you mentioned this, but I think it would reduce or greatly limit the federal government's ability to determine the level of cybersecurity for federally regulated critical infrastructure.
I have a couple of considerations. One is that if a designated operator is also provincially regulated, the bill as currently written would only apply to those areas that are subject to the federal regulations.
As well, based on the government amendment that was provided earlier, there is a commitment within the bill to work collaboratively with provinces and territories. The provisions exist within the bill already to ensure that information can be shared.
5:10 p.m.
Liberal
The Chair Liberal Heath MacDonald
Is there any further discussion?
(Amendment negatived)
Go ahead on BQ-25, Ms. Michaud.
5:10 p.m.
Bloc
Kristina Michaud Bloc Avignon—La Mitis—Matane—Matapédia, QC
This is a similar amendment, although the wording is slightly different. That tells me where my fellow members stand, but I will move it anyways.
The amendment would add the following provision:
(2) Any law of a province relating to cybersecurity that provides for more stringent rules than those prescribed by regulations made under subsection (1) is to prevail in that province.
Quebec, for instance, has a ministry of cybersecurity and digital technology. It's reasonable to think that Quebec's rules are pretty relevant, if not more stringent, as may be the case in other provinces. If so, the amendment would ensure that the rules of the province in question overrode the federal rules set out in Bill C-26.
5:10 p.m.
Liberal
The Chair Liberal Heath MacDonald
Thank you, Ms. Michaud.
I have a chair's ruling that I'm going to read.
The purpose of Bill C-26 is to help protect critical cyber systems in order to support the continuity and security of vital services and vital systems. The amendment would allow any law of the province relating to cybersecurity that provides for more stringent rules than those prescribed by regulations to prevail in that province. As House of Commons Procedure and Practice, third edition, states on page 770, “An amendment to a bill that was referred to committee after second reading is out of order if it is beyond the scope and principle of the bill.”
In the opinion of the chair and for the above-mentioned reason, giving precedence to a provincial law constitutes a new concept which goes beyond the scope of the bill as adopted by the House at second reading. Therefore, I declare the amendment inadmissible.
Thank you, Ms. Michaud.
We're at CPC-50.1, reference 12922438.