Mr. Speaker, I, too, rise in support of Bill C-299. I will speak very briefly on the matter because I think it is a subject that all Canadians should be concerned with, and it is fitting that the House of Commons is seized of the issue today.
I am not sure that all Canadians realize the magnitude and the scope of this problem. Today in testimony at the access to information, privacy and ethics committee we heard that it is estimated there are roughly 30 million incidents of identity theft or breaches of personal information in the United States per year, which could lead to identity theft. In fact, there were 104 million incidents in the last three years.
Coupled with the initiative by my colleague from Edmonton, Bill C-299, our committee has undertaken a comprehensive study and analysis. We will be doing a full review and study of identity theft in all its forms.
One of the things that comes to mind, and people who are following this subject might be interested in this, is the justice committee has also been dealing with the issue. I believe my colleague, the justice critic for the NDP, was aware of this. Back in February, it submitted a report to the House of Commons, urging the Minister of Justice to amend the Criminal Code to include identity theft as a separate item under the Criminal Code, thus recognizing the severity of the problem in society.
We heard evidence from the Privacy Commissioner today. She tried to give some definition to a problem that is abstract in nature and poorly understood by so many. I do not think people realize the number of ways identity theft is being planned and implemented as we speak. There are people out there with great technical skills who are busily engaging themselves in identity theft now, not always resulting in injury to a Canadian but it should still be considered a crime in the context of the RCMP looking into it.
One of the assistants to the Privacy Commissioner currently is a former deputy commissioner of the RCMP specializing in identity theft. We take some comfort that we are well served with expertise, watching out for our best interests in this regard. However, they are wrestling with how we might better protect Canadians from this problem.
One of the more egregious examples that came forward in testimony today is the situation, which happens from time to time in our country and in the United States, where houses are sold right out from underneath people, without them realizing it. Unwittingly and unknowingly to them, someone has usurped their identity, gone through the motions and actually sold their homes. The titles have been transferred and they are sitting in homes that they thought were theirs, but they have been stolen from them. That is perhaps one of more glaring or shocking examples, but people should be taking that seriously.
We note the commissioner of privacy in the United Kingdom has just issued a report on this issue of identity theft and uses the word “shocking” at some of the revelations of the criminal activity going on in that country. One of the more shocking things they have uncovered and revealed to us, and that we have taken note of, is the fact there are moles willing to sell information to undercover police or undercover journalists, as was exposed in that country, in virtually every aspect of the financial sector. They are willing to sell personal information for the purposes of illegal activity and identity theft.
It can be through phishing attacks or fake bank e-mails, which is another one Canadians should be cautious of. It has been brought to our attention that people are getting phony e-mails, using the banner and the template of a local bank, asking them to please verify their bank account numbers and their pin numbers so the bank can double check to ensure everything is on the up and up. Those are fraudulent messages but they are so professionally executed that even people who are cautious of identity theft in their personal information are falling for this and are sending their most highly protected personal information to these individuals with sometimes tragic results.
There are robots, Bots, circulating throughout the IT sector, Trojans and worms that creep into the electronic systems. On a cautionary note, people must become aware of and be cautious of the Facebook and MySpace domains, especially young people, because there are people trolling through that database of information for the purposes of identity theft.
If there are 30 million people per year whose personal information is being compromised by people who would and could use this identity theft to inflict financial injury on us, just by sheer ratio and proportion, we could safely say that there are roughly three millions Canadians per year who are suffering this.
The reason I raise this and the reason I wanted to intervene today is that it is wrong that companies are not required to notify individuals if their personal information has been compromised. Companies have no obligation or duty to notify people in the case of a breach.
Even if I did not suffer any financial loss, if my personal information and my privacy were compromised, I would want to know because I may choose to change where I am doing business if its security network is so lax that once, twice or ten times my personal information has been compromised.
One of the recommendations of the committee which just did a statutory review of the PIPEDA legislation, the personal information protection legislation, was that there must be a duty and an obligation on the company to notify people, whether it is the credit card company or the bank that has lost the records or whatever, that their information has been compromised.
We are taking this very seriously. Bill C-299, or what is left of it, would only help us in one aspect of all that needs to be done. It does in fact call for the Criminal Code to be amended so that identification information obtained by fraud or false pretence would be a stand-alone offence.
It has always struck me as odd that it is a stand-alone offence to steal a cow but it is not a stand-alone offence to steal an automobile for instance, and it is not a stand-alone offence to engage in this criminal activity which is very much a sign of the times and one that was never contemplated when the Martin's Criminal Code was put together. However, it is a much more pervasive problem today than a lot of Canadians realize.
We are not trying to upset people or to cause a panic. We believe that, by and large, our financial institutions do provide adequate security but if there are creative and highly skilled technical people who are looking for every opportunity possible to penetrate whatever security walls might have been put up in order to gain access to our personal information for nefarious reasons, we must to take this seriously. If we do nothing else in this particular area, in this particular Parliament, we should be able to tell Canadians that we are seized with this issue and that we will do all we can to protect their financial and personal information.