Thank you, Mr. Chair and members of the committee. As you know, I attended this committee last week in relation to this bill.
I'm a senior researcher at the Citizen Lab, which is based at the Munk School of Global Affairs and Public Policy at U of T. I have submitted a written brief to this committee along with a colleague, Lina Li of McGill Law, which builds upon the research and analysis of my former colleague at the Citizen Lab, Dr. Christopher Parsons.
Today I will readopt my comments from last week and supplement them as follows.
First, several concerns have been raised throughout these hearings focusing on malicious targeting by, for example, ransomware of aspects of the economy that are outside federal responsibility, such as hospitals. The need for protection in other areas is important, but this committee can also be mindful of the proper scope of its responsibility in its work on Bill C-26.
I also appreciate other committee witnesses raising threats facing Canadian society today. However, it is never a good idea to legislate out of fear. This is an important issue that requires careful due diligence and reflection as to what goes into any amendments. I would suggest the committee carefully look at what it is doing. Making the right decision now could improve the security, safety, privacy and charter rights of all people in Canada for decades going forward. It's incredibly important that lawmakers are thoughtful, nuanced and reflective of the kinds of amendments they propose for the legislation.
Second, our brief sets out recommendation 12—including recommendations 12A through 12C—pertaining to judicial review proceedings under Bill C-26. This includes the recommended appointment of special advocates in judicial review proceedings, and the need to align Bill C-26 with analogous provisions under the Canada Evidence Act applicable to secret evidence. These amendments are not only important but also fair, simple and common-sense enhancements.
Lastly, I also wish to address our recommendation that government entities empowered with new information collection and sharing powers be required to limit the use of that information to cybersecurity and information assurance.
The collection or use of information by national security intelligence agencies like the CSE about Canadians or persons in Canada is a core matter of public and constitutional concern. The concern that the CSE may repurpose information it receives through Bill C-26 into its other intelligence activities is not a speculative one. Recent reporting from the National Security and Intelligence Review Agency, or NSIRA, documents that, at this time, the CSE does not consider itself prohibited under its home statute from repurposing information about Canadians across its mandates.
However, only a few years ago, in Bill C-59, an important equilibrium was struck by Parliament concerning the need for important limits, given the prohibition against intelligence agencies directing their activities towards people in Canada. Bill C-26 could destabilize this important equilibrium. It currently contemplates broad and even secretive government collection and sharing powers about information concerning people in Canada. While the Department of Justice's charter statement on this bill referred to the government's potential use of only technical information and not sensitive personal information, there are no caveats or safeguards to stipulate this in the legislation. Clarity is needed.
Telecommunications providers, for example, are quite literally conveyors of the most private information known to our legal system. I agree with witnesses from CIRA and OpenMedia that this is a core matter of public trust. The public should not have to be asking itself whether the government's cybersecurity bill is actually a spy bill under a different name.
As noted by Mr. Hatfield last week, NSIRA has reported a chronic problem in reviewing the lawfulness of the CSE's activities since its inception. Lawmakers here should be very cautious when considering whether extending additional new powers is appropriate or necessary under Bill C-26, and what corresponding judicial oversight mechanisms are necessary and fit for purpose to protect the privacy of all people in Canada.
Thank you. I'm happy to answer any questions you may have.