Thank you for the question.
The dataset authority in the CSIS Act is an extremely complex regime that thoroughly embeds privacy protection at every step. It requires ministerial accountability and oversight. The collection, retention and use of data is undertaken through strict controls. For example, only designated officials are able to handle data in the evaluation period and it must be segregated from other CSIS holdings. There are a number of different steps in the approval process. The retention of Canadian data must go to the Federal Court for approval.
The scheme itself is heavily embedded with the appropriate safeguards for the privacy rights of Canadians, recognizing that the essential need for data is to understand dynamics in our threat environment while at the same time protecting the privacy of Canadians.
The amendments that are proposed in the bill make some significant changes in terms of the process, but they do nothing to change the safeguards. In fact, in some ways they enhance safeguards. For example, currently, when the service seeks to retain a dataset that contains both foreign and Canadian data, it goes through two tracks. We're proposing an amendment that would see all data in mixed circumstances like that be applied at the Canadian standard, which would mean it goes to the Federal Court.
None of the safeguards in the existing regime will change. The roles of the Federal Court and the intelligence commissioner remain, as well as ministerial approval for classes of Canadian datasets and designations. It's a significant improvement in process to enable us to better make use of data, but with no change with regard to the safeguards that the scheme already has in place.