Transport Committee on Dec. 13th, 2023

Yes. Thank you for thinking of our interpreters.

Thank you, Mr. Chair, for the good work you are doing this evening.

Thank you, Mr. Iacono.

Mr. Strahl, just following up on Mr. Iacono's intervention, if you do have any documents that your team perhaps can share with committee members, who are very interested in what you are currently sharing, please pass those along to the clerk, and the clerk can perhaps pass those along to members.

With that, I'll turn the floor back over to you.

Thank you, Mr. Chair.

Of course, if we wanted to.... Perhaps during one of the adjournments this evening I can share some information, including Bill C-26, which is clearly referenced here. This is a coordinating amendment, so we need to be having a discussion about what we're coordinating with and the concerns that have been raised.

I'll just continue on here:

The groups and expert individuals campaigning to fix Bill C-26 are: the Canadian Civil Liberties Association, the Canadian Constitution Foundation, the International Civil Liberties Monitoring Group, Ligue des Droits et Libertés, the National Council of Canadian Muslims, OpenMedia, the Privacy and Access Council of Canada, Professor Andrew Clement, and Dr Brenda McPhail.

It ends with a quote here. It says:

“Today's report should set alarm bells ringing on Parliament Hill. As written, Bill C-26 gives the government and its spy agencies a blank cheque to intrude on our private lives and endanger our—

I have a point of order, Mr. Chair.

The floor is yours, Mr. Barsalou-Duval.

In fact, I had the chance earlier to raise the fact that my colleague was not talking about Bill C‑33, he was talking about Bill C‑26. He told us that he intended to get around to explaining the connection between the two, but I see that he is still telling us about Bill C‑26, not Bill C‑33 or the clause we are now considering.

I don't know whether you have the authority to intervene, Mr. Chair, for him to get around to making a connection with the bill now being considered.

Thank you, Mr. Barsalou‑Duval.

Mr. Strahl, I am going to have to ask you to perhaps be more diligent about linking what you're currently speaking about and clause 124. Please ensure you are explaining to members how what you are speaking about right now is related to clause 124, or I will have to pass the floor on to another member. I strongly encourage you to do that.

Thank you, sir.

Mr. Chair, I would strongly object to anyone suggesting that they get to choose for another member what they bring to the table in terms of background information that should inform us on how we address a specific clause. The first three words.... If my copy of the bill is correct, the title of clause 124 is “Bill C-26”. There's the link for you.

Clause 124 says, “If Bill C-26”, and it continues on. I am talking about a bill that is specifically referenced in Bill C-33, and this is a coordinating amendment. I will raise my concerns with Bill C-26 and the idea that if we pass this clause, we are endorsing Bill C-26 with all of its problems.

Quite frankly, it's not my job to convince other members of Parliament that they, too, should be concerned about that if they're not listening to what I have to say, but I will continue to address the concerns related to this bill, which is specifically referenced in clause 124.

I will just go back to this particular thing that I was reading from. I will start the quote again:

“Today's report should set alarm bells ringing on Parliament Hill—

I have a point of order, Mr. Chair.

I'm sorry about that, Mr. Strahl.

I have a point of order from Mr. Iacono.

Mr. Strahl has just said that he was reading something. If that is the case, then he simply needs to provide us with what he is reading.

Mr. Chair, he made a comment about my colleague Mr. Barsalou‑Duval and myself that I find a bit out of line. Both of us have raised points of order to say essentially the same thing, but the member is starting over again.

He says he is reading something. Could we have a copy of what he is reading, so we are in a better position and are better able to follow what he is saying? He has said that Bill C‑26 is referred to in Bill C‑33. If that is the case, why not simply provide us with the document he is referring to?

Thank you, Mr. Iacono.

For reference, I think he is reading what is on page 79 of Bill C‑33, which we are now discussing.

Am I mistaken, Mr. Strahl?

I just want to confirm that for Mr. Iacono, so that he knows what Mr. Strahl is referencing.

Yes. You're referencing Bill C-26, which is on page 79 of the piece of legislation we are currently looking at.

I'm just sharing that with Mr. Iacono, so he can follow along.

I appreciate that. I'm looking at a digital version of the bill, so I'm afraid I don't have a page number.

I hope that answers your question, Mr. Iacono.

I apologize, Mr. Strahl. The floor is yours.

It's okay. I'll get this quote read eventually.

It reads:

Today's report should set alarm bells ringing on Parliament Hill. As written, Bill C-26 gives the government and its spy agencies a blank cheque to intrude on our private lives and endanger our fundamental Charter rights. Frankly, as currently drafted it is little more than a spy agency wish list. MPs need to fix this risky and deeply-flawed legislation so that it delivers the cybersecurity we need, while protecting the freedoms we hold dear. Canadians deserve nothing less.

That's from Matthew Hatfield, executive director, OpenMedia.

One of the groups he referred to in that article is the Canadian Civil Liberties Association. They have also provided some detailed information on their concerns with Bill C-26, “an act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other acts”.

They made a submission that I'd like to share with the committee as well, because when we're talking about civil liberties and how this bill will be coordinated into Bill C-33, I think it's important that we consider whether or not we believe that we should—

My apologies once again, Mr. Strahl, but I want to confirm whether that raised hand by Dr. Lewis is a point of order or whether she has something she would like to share.

Go ahead, Dr. Lewis.

No. I'm sorry. My video wasn't even on. I'm sorry about that. That's probably why you thought that. No, not at all. I'm waiting for my turn to speak.

Thank you.

Thank you, Dr. Lewis. I wanted to make sure we didn't miss you.

Your name is on the list, Dr. Lewis.

Thank you for calling on me. I probably didn't turn my video back on after the break. My apologies to my colleagues for that.

Thank you.

You're very welcome, Dr. Lewis.

Mr. Strahl, the floor is yours once again.

Thank you.

As I was saying, the Canadian Civil Liberties Association has raised significant concerns with regard to Bill C-26, which, again, is as referenced in clause 124. I'll just read their submission here so that we can consider it in our deliberations on whether or not we believe that we want to approve this coordinating amendment clause in the legislation. They state:

The Canadian Civil Liberties Association...is an independent, national nongovernmental organization that was founded in 1964 with a mandate to defend and foster civil liberties, human rights, and democratic freedoms of all people across Canada. Our work encompasses advocacy, research, and litigation related to the criminal justice system, equality rights, privacy rights, and fundamental constitutional freedoms. Working to achieve government transparency and accountability with strong protections for personal privacy lies at the core of our mandate.

In this submission, CCLA speaks to Bill C-26, the Government of Canada's telecommunications and cybersecurity legislation. This submission addresses the concerns Bill C-26 raises for human rights and civil liberties, with a particular focus on privacy. Cybersecurity is an essential part of national security, and the digital ecosystem in which we increasingly live our lives needs to be safe, reliable, and secure from threats. Cybersecurity is also crucial for our democratic institutions, the economy, critical infrastructure, national defence, and the privacy of our online life. It is important that Canada take steps toward protecting the digital foundations on which modern life is built. However, in its current form, Bill C-26 risks undermining our privacy rights, due process and the principles of accountable governance—all of which are part of the very fabric of our democracy. [Bill] C-26 must not pass without substantial revisions to protect fundamental rights and due process.

This submission makes recommendations for how Bill C-26 can improve the way government and telecommunication companies define, handle, and protect individuals' personal information and thus protect individuals' right to privacy. Privacy is, after all, an essential component of individuals' personal sense of security, both off- and online, and stands to be positioned more centrally in [Bill] C-26. CCLA believes that our recommendations enable the legislation to better fulfill its stated objectives: bolster cybersecurity across the financial, telecommunications, energy, and transportation sectors, and help organizations better prepare, prevent, and respond to cyber incidents.

The amendments outlined in this submission echo the Joint Letter of Concern that CCLA sent with civil society partners in September 2022. In addition, our recommendations are consistent with those contained within the “Fixing Bill C-26 Recommended Remedies Package”, of which CCLA is a signatory, as well as with the recommendations in Christopher Parsons' report, “Cybersecurity Will Not Thrive In Darkness”.

It's the second time that's been referenced. I think we'll be bringing that up again shortly.

The next section is “Defining Personal Information”.

As it stands, Bill C-26 undermines privacy by empowering the government to collect broad categories of information from designated operators, at any time, subject to any conditions, or even no conditions at all. This may enable the government to obtain identifiable and de-identified personal information and subsequently distribute it to domestic, and perhaps foreign, organizations.

Given the sensitivity of the information people in Canada provide to designated operators, this provision poses an extraordinary risk to individuals’ privacy. Measures must be established to constrain the government’s collection, use, and distribution of individuals’ sensitive information.

In general, the privacy of personal information is one of the keys to strong cybersecurity protections. Building privacy into cybersecurity legislation will go a long way toward ensuring the cybersecurity protections proposed in Bill C-26 are successful. Some degree of monitoring is required to protect telecommunications infrastructure from attack, but this should not come at the expense of personal privacy. There is no excuse for governments to surveil and analyze online activity without clear safeguards for personal privacy and individuals' fundamental rights.

One way to reasonably restrict the government's capacity to collect information is to refine how Bill C-26 conceives of information worth protecting. This would involve codifying personal and de-identified information as confidential. Personal information is any information that can be used to identify an individual through association or inference. Many kinds of information qualify as personal in their capacity to identify an individual; these, according to the European Union's (EU) General Data Protection Regulation (GDPR), include names, ID numbers, location data, online identifiers, or “factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity” of a person.

Further, personal data can be anonymized or de-identified, but de-identified information requires additional protections. Anonymization involves permanently deleting identifying data—