Debates of May 12th, 2015

Order. It is my duty, pursuant to Standing Order 38, to inform the House that the questions to be raised tonight at the time of adjournment are as follows: the hon. member for Louis-Hébert, Public Works and Government Services; and the hon. member for Surrey North, Public Safety.

Resuming debate, the hon. member for York West.

Mr. Speaker, I am pleased to have an opportunity to speak to Bill S-4. I will be sharing my time with the fabulous member for Winnipeg North.

I am pleased that we are discussing this bill, but again, unfortunately, it is the same Conservative divisive policy of “You are either with us or you are against us.” Members from all sides wanted to see some improvements to Bill S-4, but unfortunately the bill came from the Senate, and any changes were going to disrupt the process of trying to get legislation through very quickly, which is typical, of course, of the government's plan. I can only say that I was disappointed and that I have to stand and say that I have recommended that the Liberal Party vote against Bill S-4.

It is legislation that could have given our digital privacy laws the shot in the arm they so desperately need, and Liberals would have welcomed it if we had had the opportunity to make it better. That was certainly the intention from the Liberal Party's perspective.

As Canadians are increasingly turning to online commerce, education, banking, recreation, and communication platforms, our laws must keep pace in order to protect all of us. Sadly, the government has a wilful ignorance and reckless disregard for reason on such matters, and Bill S-4 proves it again very clearly.

Information oversight and management are not areas that the government has excelled in, so forgive me if my confidence is shaken a bit. I simply cannot accept without proof the government's word that it is actually protecting consumers' interests.

Of course, the way the government looks at personal information protection and privacy has already been subject to a Supreme Court ruling, and once again the court gave the government another failing grade.

This should come as no surprise to anybody who is paying attention to politics in Canada right now. We all remember when the government lost a hard drive that held the social insurance numbers, medical records, birthdates, education levels, and occupations of 5,000 Canadians. In addition, we remember when the interim privacy commissioner revealed that telecommunication companies receive an average of 1.2 million requests from federal enforcement bodies for private customer information every year. That is approximately 3,300 requests every single day for Canadians' personal information.

Perhaps I should also mention the headline that appeared in The Hill Times this week. It warned that Canada's access to information regime is slipping into—guess what—irrelevance. The article went on to reveal that the Centre for Law and Democracy ranks our ATI regime 56th out of 89 countries. I repeat, we are 56th out of 89 countries. We are really way up there, are we not?

The article also said that in September 2014, Canadian Journalists for Free Expression noted that ATI “is severely failing to meet its minimum requirements, let alone adequately serve the population’s needs.”

While I understand that access to information laws are different from digital privacy laws, these examples all point to a government that does not understand information management, yet refuses to seriously consult or listen to the experts on the matter who came before committee. The government stubbornly refused to listen to experts such as Professor Michael Geist and many others who appeared, including lawyers and professors, who said it was a good piece of legislation but that it could be better.

The intent, certainly on the Liberal side, was to try to make it better, but as everyone here knows, Bill S-4 was referred to the committee after first reading, as my colleague mentioned.

This is typically done for procedural reasons, and because it more readily allows for substantive amendments, the referral traditionally indicates the government's willingness to compromise. It was really very unusual for the government to do this, but it was very welcome. We thought that maybe the government had seen the light and that together we could improve this important piece of legislation, so we gladly supported it after first reading. We were preparing to move amendments, work together with the government, and make it a good, strong bill. It was on this implied promise that the Liberal caucus was prepared to support Bill S-4.

Committee members heard from several experts, including the privacy commissioner, IBC, the Canadian Bar Association, Professor Michael Geist and so many more. We took their counsel to heart in those four meetings.

After the hearings concluded, over 42 substantive amendments were presented in good faith, most taken directly from expert testimony. Those 42 amendments came from the three opposition parties in the House.

Let me give an example. I introduced an amendment that was specifically proposed by several witnesses and contributed to the committee study, including the Insurance Bureau of Canada. The amendment dealt with the reporting threshold for privacy breaches. My amendment would have required the reporting of any unlawful breach of personal information security so long as the said breach presented a significant threat of harm to an individual. That same amendment also clarified what a company needed to do to remedy the breach, including a requirement to warn victims that their information was lost. That sounds pretty basic. If my credit card was compromised or my personal information was lost, I would want to know that.

However, the government was unmoved. In just one short meeting, government members defeated every one of those 42 amendments without any explanation or defence. Some of them were out of date already by the time other ones had been defeated. There was no explanation or no big defence. It was simply the silent majority on the other side of the House voted them all down, just like they do all the time at all committees.

Despite warnings of overly broad, cumbersome and nebulous provisions within Bill S-4, the Conservatives took less than three minutes each to consider, discount and defeat everything that the experts had warned us about. As a result, Bill S-4 remains flawed. It has never been fully considered and should not be accepted or passed without a true and unbiased evaluation.

To be clear, there are positive elements to Bill S-4. For example, the legislation grants the Privacy Commissioner the ability to enter into enforceable compliance agreements with companies that have likely breached the act. This provides a regulatory remedy for certain actions and is a positive development. Public Safety Canada said that the bill would help to protect the security and privacy of Canadians by limiting the number of police and security officials who could request subscriber data and applying new requirements for recording, reporting and auditing those requests.

These may be good things, but several independent and credible sources outside of government expressed their concerns with Bill S-4. For example, many warned that metadata could be used to track specific individuals on the Internet and when in the wrong hands, that tracking could represent a serious threat to personal privacy. Bill S-4 utilizes a similar approach, and this is an issue of tremendous concern for those of us on this side of the House.

I want to ensure that law enforcement officials have the information they need to keep us all safe, but a blank cheque approach is inappropriate and promises limited success. We could do better if the government would just listen to the experts and then work with the opposition.

In broad strokes, Bill S-4 represents a shift in the way we deal with digital privacy. Privacy laws have traditionally outlined the rules and procedures needed to protect information and personal data, but in this case the legislation sets up circumstances under which that material could be released.

In a world where crimes involving personal data theft, identity fraud and online stalking are on the rise, protecting data is crucial. Data is not just information; it is a commodity. It is power and it is a back door into our private lives. The Liberals are deeply concerned that the government's commitment to safeguarding personal information and privacy of Canadians is less than absolute with Bill S-4.

Whether driven by Conservative ignorance or intent, Canada is clearly on the cusp of a paradigm shift with respect to privacy laws, and the Liberals are worried about the consequences of Conservative insolence.

Mr. Speaker, I would like to thank my Liberal colleague for her speech.

With respect to the meetings of the committee that studied this bill, we recognized that it was very difficult to get amendments adopted and make corrections to the bill. As my colleague the digital issues critic put it so well, this bill is flawed. The government and the Standing Committee on Industry, Science and Technology did not listen carefully.

I would like her to expand on what she considers to be one of the most problematic flaws in this bill and tell us how we can fix it.

Mr. Speaker, part of the reason why we on this side of the House supported the bill going to committee after first reading was so something as important as it could be improved by working together to ensure that we were better protecting Canadians. The flaws were there. However, the unfortunate part was that it was like all of our committees. They do not function. We can go and put in our hours, but the government has the majority. The Conservatives do exactly what they want. We sit there, we contribute, we try to make sense of some of these things, but it is a major waste of time.

I have been here for 16 years. Committees used to function very much in a non-partisan way. There was give and take, and people listened so we could make the legislation better.

I continue to have a major disappointment when I see the House not working that way. I cannot wait until we have an election and hopefully we can straighten things out so we can get back to doing the kind of work Canadians expect us to do at committee level.

Mr. Speaker, I take the member's point about amendments really being dead on arrival in committee these days. It is getting to the point where the days when amendments from opposition parties were accepted in committee are fast becoming part of Canadian folklore. They are so far back in the past.

I have a question about one of the amendments the hon. member mentioned. I would like her to expand a bit upon it. That is the amendment that would have required credit card companies to divulge some information when a client's card was defrauded and so forth. I am not sure exactly what information and that is why I am asking.

Mr. Speaker, let me use the telecommunications companies as an example. There were thousands of times that telecommunications companies were giving access to personal information; that is our information and the information of many others.

My privacy and that of other Canadians needs to be protected. It should not be randomly given out because somebody asks for it. On anything to do with fraud, Canadians should be aware that their credit cards have been compromised. Individuals should be notified of that fact so they can monitor it themselves, not just assume that the credit card company will be on alert to protect their interests. Far too often the consumers are not notified of those kinds of things.

Again, on the issue of committee, my colleague has been here for quite a long time. He is knows how parliamentary committees are supposed to work, and have always worked. When the government came into power, it decided it was not interested in committee work anymore. It did what it had to do to fill in time to go through the basic process.

Bill S-4 came in through the Senate. The bill should have come in through the House, and had the proper work done through a member of Parliament or minister. That is a proper way to deal with legislation. However, bringing it in through the Senate is the back door way of getting things done, and the government has used that approach several times to get through what it wants done.

Mr. Speaker, I thank the member for York West for allowing me the opportunity to share a few thoughts on Bill S-4.

I am used to the member talking very passionately on a wide variety of issues, particularly regarding our seniors. She is a very strong advocate for our pension programs and so forth. It is also very nice to see that she takes the same sort of attitude in wanting to hold the government accountable on an issue that is important to seniors and all Canadians, which is the digital privacy laws, especially since the Internet and the use of it has exploded over the last decade or so.

When we get advancements in technology and witness it first hand, to the degree in which we have, one would expect the government to have an interest in wanting to ensure we stay on top of the issues related to those advancements. However, the government has not done that.

In fact, it is interesting that we are today debating Bill S-4, which is an important issue. If we were to consult our constituents, I think we would hear genuine concern with respect to the type of information that is on the Internet and just how easy it is for a breach of that security, ultimately causing a great deal of harm to individuals. In a macro situation, it could have a severe impact on the economy.

However, we have an important issue in which the Prime Minister has made the determination that he wants to give the bill that final push as we start to wind down after four years of inaction on the file. Now the Prime Minister, with four and a half weeks of sitting days left, wants to rush the bill through the process and pass into law.

As has been pointed out, we had a different situation in the process with Bill S-4. Not only did it come through the Senate, but it was also stopped before second reading and sent to committee for review. From what I understand, that is very rarely done. The reason it is done is to accommodate significant potential changes to the legislation. That tells me the government, the minister responsible for bringing this legislation before us today, understood there were issues related to the legislation that needed to be dealt with before it completed second reading. I am convinced it was the reason the government took the initiative to take the bill out of the normal process and bring it to a committee first.

I suspect the Independent members, the Liberals and the New Democrats believed the government would be open to amendments. That was kind of the impression that was given to us. However, something happened between the decision to bring the bill to committee and have it voted on in committee with respect to the amendments. This is where the Prime Minister's Office interjected.

Through his office, we found that the Prime Minister was not interested in amendments, because all that would do would prolong the amount of debate, possibly, by having it go back to the Senate. He was more interested in being able to make the statement that the Conservatives had made some changes to the law, even though the legislation was flawed.

I want to focus some attention on the fact that we have very important consumer-type legislation related to something about which Canadians in all regions of our country are concerned, and that is the issue of privacy and protecting it.

The amount of purchasing and other items taking place economically on the Internet is increasing every year. The government wants to try to score a political point by saying it is trying to address the issue. In reality, nothing could be further from the truth. If it were really important to the government, I would suggest that Conservatives would likely have brought it in before the last month or two of this session and that the Prime Minister's Office would have allowed for amendments at the committee stage. Why would Conservatives oppose amendments that would improve the legislation? Unless maybe the government did not want the opposition to support the legislation. There is a lot of merit to that. We have seen that in other pieces of legislation: bring in an idea, give it a label, tell Canadians they are concerned about something, but then leave serious flaws in the legislation to try to maybe get the opposition party offside. Who knows?

What I do know is that there are many deficiencies within the legislation, as has been pointed out by the Liberal Party critic or others, at committee. There are serious flaws in the legislation and there were, I believe, 40-plus amendments that were being proposed. Not one of those amendments passed. The government cannot say that it was political parties that were doing the posturing on it. Many of the amendments, including amendments brought forward by the Liberal Party, were taken from experts at committee who made presentations, some credible organizations, government agencies of sorts that came before the committee.

The government made the decision that it was not going to accept any amendments. What surprises me is that if the Prime Minister's Office had been more clear with the minister responsible for the legislation, the bill could have gone through the normal process. The normal process is not that much better. Ever since the Conservative/Reform government received a majority it had a different attitude in terms of how democracy works here inside the chamber.

I have heard about many pieces of legislation, not only this one, where opposition parties or individual members of Parliament would bring forward amendments and the government consistently said “no” and defeated amendments. The government makes a mockery of the system by not allowing members from all sides of the House to move amendments that would improve the legislation.

Subscriber data requests are very important. People are concerned about that. We know that there are victims who need to be warned when there are breaches of security. Personal identity theft is very real. It is happening far too often. The amount of fraud out there continues to grow and is becoming a serious problem.

We need to protect the privacy of Canadians, and this bill would not go anywhere near far enough to address the many concerns that were brought up, whether at committee or by individual members.

The issues are important. The government has dropped the ball. I would suggest that if the Conservatives really wanted to make a difference, they would allow amendments to pass. In essence, that would provide assurance to Canadians that the government truly does care and that it is more than Conservative spin that it is interested in, but there is no sign of that, unfortunately.

Mr. Speaker, I listened with some interest to the member for Winnipeg North as he intervened on this bill. I was certainly convinced by his arguments. He talked about the fact that there were many witnesses who raised significant concerns about this legislation. He talked about the dangers of not being careful and how we could deal with these privacy issues on the Internet.

Given his strong feelings, I can understand why he would not support this piece of legislation, but I have to tell him that I was a bit flummoxed when I considered the Liberals' response and the response of this member to Bill C-51. We heard the same arguments. The government would not listen to amendments. It would not listen to the experts. The impact of Bill C-51 was going to be extraordinarily significant, but in that case, they turned around and voted for it.

In this case, there are similar arguments and similar positions and they are voting against it. I wonder if the member for Winnipeg North would try to square that circle for me?

Mr. Speaker, I will try to make it relevant to this particular bill. I appreciate the question from the member. Maybe I can assist him by indicating that in debating Bill C-51, because I did get the opportunity to talk about it, we needed to recognize that there was some value to the passage of the bill in the context of time. Through that value, we could provide security for Canadians.

We did have concerns, and we still have concerns regarding Bill C-51. I would suggest that the member need only reflect on what the leader of the NDP and even some of his colleagues said inside the chamber, that if they were in government, they would not repeal the legislation that Bill C-51 brought in, but rather make changes to it. They recognized that there was some value to Bill C-51.

That is not necessarily the same case here. It is nowhere near as time sensitive, and there is no reason why a more all-encompassing piece of legislation dealing with the issues of online commerce and privacy could not be addressed by having a more thorough piece of legislation. If I had more time—

Questions and comments, the hon. member for Beauharnois—Salaberry.

Mr. Speaker, I would like to ask a question.

Bill S-4 has several flaws with respect to the protection of personal information. For one thing, it would lead to a reduction in the number of complaints and reports of breaches because the complaints made would be managed by the companies themselves. It would be up to the companies that receive the complaints to determine if they are serious enough to be addressed.

John Lawford, the executive director and general counsel of the Public Interest Advocacy Centre, says that this will incentivize not reporting data breaches by leaving it up to the organization to determine whether the breach creates a real risk. That is a real conflict of interest.

I am wondering what the member for Winnipeg North thinks about that. Was the committee told that the fact that this bill reportedly protects privacy when it actually does the opposite is a serious concern?

Mr. Speaker, it is important to recognize that victims need to be warned if there has been a breach. That is one of the reasons why the member for York West, on behalf of the Liberal Party, moved amendments specifically dealing with the issue of a threshold and how important it is that companies recognize their responsibility and their role in informing consumers and victims once there has been a breach.

Legislation that would have encouraged this would have gone over a whole lot better, as opposed to what we have here today. That is one of the reasons why, I would suggest, the government was negligent by not accepting a number of the amendments, not just the one I just cited from the Liberal Party critic. There were many other amendments that also could have been passed, I suspect.

Mr. Speaker, as the member of Parliament for Renfrew—Nipissing—Pembroke, it is my pleasure to rise in my place and express strong support for Bill S-4, the digital privacy act. This legislation would make important updates to the Personal Information Protection and Electronic Documents Act, commonly known as PIPEDA.

I take issues of privacy very seriously, just as do the people in my riding, like teachers, parents, and grandparents. The number one concern that is expressed to me by individuals is their right to privacy and their right to be protected from the misuse of private information. When it comes to the Internet, while it has brought many improvements to the lives of Canadians, the concern always is what happens to the information that is collected from the Internet on individuals and how it may be used.

Under the current law, companies must seek permission from an individual to collect personal information and may only use this information for legitimate business purposes that had been identified prior to collection. Businesses are required to protect this information when it is in their possession, and they cannot share it with anyone, except in the case of very narrow, limited circumstances. The digital privacy act would build on these protection policies and would add new requirements by which companies must abide.

For example, the bill would require companies to inform Canadians if their personal information has been lost or stolen and if they have been put at risk as a result. It would also clarify the rules around obtaining individuals' consent to collect their personal information, clarifications that would ensure children and other vulnerable groups would be protected when they go online.

The recent high-profile criminal court case in Ontario of a hand-picked senior Liberal provincial deputy minister being convicted of charges related to the heinous crime of pedophilia using the Internet demonstrates how dangerous a place the Internet is for children and the continual need to try to stay one step ahead of the bad guys. The fact that an individual could occupy such a senior position for years as deputy minister of education and a senior advisor to the Liberal premier of Ontario, and apparently do so undiscovered until uncovered by an international crime investigation, is shocking. Convicted pedophile Ben Levin was photographed happily campaigning with the leader of the third party in this place undetected, apparently, or otherwise. This demonstrates why we must always keep up our guard, particularly when children are involved. The Internet is a dangerous place for children.

My constituents in Renfrew—Nipissing—Pembroke know that, when children are involved, I will always err on the side of caution. As we have discussed many times before, strong rules are meaningless if they are not backed up with strong compliance tools. I would like to focus my comments in this critical area.

Let me begin by explaining how PIPEDA currently works with respect to compliance. The act is enforced by the privacy commissioner, who has the ability to investigate complaints and the power to launch investigations in the event that he feels an organization is in violation of the law. PIPEDA gives the commissioner broad investigative powers, which allow him to enter premises, compel the production of information and gather evidence. It is a criminal offence to obstruct the commissioner in the process of an investigation. However, for the most part, the commissioner acts as an ombudsman, using a range of dispute resolution tools to address any violations of the act he discovers in the course of an investigation. At the conclusion of an investigation, the commissioner issues a report outlining any violations of the act, a list of recommendations, and an assessment on whether corrective action needs to be taken moving forward.

PIPEDA's compliance regime has, for the most part, been successful in resolving issues brought to the commissioner's attention. Most organizations in Canada are good corporate citizens, and when the commissioner identifies that they are in violation of the law, they move quickly to correct their practices.

Unfortunately, as a lawmaker, I know from experience that there will always be those who try to skirt the rules. That is why Bill S-4 would make some important improvements to PIPEDA's compliance framework. These changes would make sure the commissioner has the necessary tools to ensure organizations respect the law and the privacy rights of Canadian citizens.

First, Bill S-4 would increase the amount of time available to take an organization to court. Currently, an application to the Federal Court has to be made within 45 days after the commissioner issues the report of findings. In their testimony to the standing committee, officials from the Office of the Privacy Commissioner explained why this period needs to be increased. They stated:

As we've experienced in practice, 45 days is a very short time period to resolve some of the highly complex technological issues or broader accountability issues that organizations quite rightly need time to rectify.... We...follow up with them several months, if not a year, afterwards to ensure they did follow through on the recommendations they said they would undertake to do.

To address this issue, Bill S-4 would increase the time in which an organization could be taken to court from 45 days to 1 year. As the Privacy Commissioner pointed out to members of the standing committee, organizations are often given up to a year to implement recommendations. This amendment would enable the commissioner to enforce compliance in court if a company fails to take the necessary action.

The second important change brought forward by Bill S-4 would give the privacy commissioner the authority to enter into binding compliance agreements with organizations. A compliance agreement is a regulatory tool that provides an alternative to taking an organization to court if it was found to be in violation of PIPEDA. Compliance agreements are voluntary but binding agreements. They are agreements between an organization and the commissioner. These agreements benefit both sides. From the organization's perspective, it gets certainty and clarity. From the commissioner's perspective, these agreements increase the accountability of the organization to become compliant with the law. Currently, commitments made by an organization to implement the commissioner's recommendation are non-binding. Compliance agreements, however, would make these commitments binding and enforceable by a court.

The inclusion of compliance agreements in the digital privacy act was supported by a broad range of stakeholders during committee hearings on the bill. The Privacy Commissioner himself stated that there are two main amendments that are very necessary and would be helpful for us to implement and apply. The first amendment he was referring to was about mandatory data breach reporting. The second was about compliance agreements. Similarly, Mr. Tamir Israel, from the Canadian Internet Policy and Public Interest Clinic, stated, “We're particularly pleased to see the inclusion of compliance agreements and an extended appeal period...”.

Finally, Bill S-4 would give the commissioner more power to name and shame, or to publicly disclose information when organizations are not co-operating. Under the current act, the commissioner can only publicly reveal information about the way in which an organization handles personal information. However, the commissioner cannot, for example, disclose that an organization is not co-operating with an audit or is otherwise acting in bad faith. For many organizations, the threat of having their lack of action made public would be an effective tool to hold them accountable and encourage them to comply with the law; and the proposed amendment could be used, for example, against foreign-based companies that are otherwise beyond the reach of Canadian courts.

Mr. Speaker, my Conservative colleague spoke about corporate accountability with regard to privacy protection. However, she knows full well that Bill S-4 allows those same businesses to decide for themselves whether or not they will address the complaints people make regarding the use and sharing of their personal information without their knowledge, without consultation and without a warrant.

Many witnesses told the committee that there is a problem with transparency in this bill and that it creates a conflict of interest because the company at fault is the one that decides whether or not the complaint will be addressed. This bill does not provide greater protection for consumers and Canadians. On the contrary, it opens the door to abuse. Many people and experts told the committee that the bill is seriously flawed.

I am wondering how the member opposite can say that this bill is going to protect children when it is flawed. Even the Privacy Commissioner said that the bill does not have the power to really protect Canadians.

Mr. Speaker, if a company refuses to co-operate with requests for information, the commissioner could publicly disclose this fact, which would send a signal to consumers of the privacy implications of the organization's practices. The organization would, in turn, have to explain to its customers why it is not respecting Canadian privacy law, and this change would ensure that Canadians are informed and aware of issues that affect their privacy, so that they can make educated choices to protect themselves.

Our government is taking action to give the privacy commissioner powerful new tools to promote compliance with PIPEDA, whether through binding agreements, the possibility of court action, or being held to public account. These proposed amendments would increase the accountability of organizations to maintain good privacy practices, and if they do not report a breach, they would be heavily fined for each name that is disclosed, up to $100,000. When a company has thousands of clients, that could add up to quite a bit of money.

Mr. Speaker, in committee, one of the issues that was discussed at length is elder financial abuse. I would like to ask the member how Bill S-4 would work to combat this serious problem in our society today.

Mr. Speaker, unfortunately, senior abuse is a tragic fact in our society, and our government has put forth common-sense proposals in the digital privacy act to combat financial abuse of seniors. The digital privacy act would not broadly expand warrantless disclosure but would narrowly allow banks and other financial institutions to voluntarily disclose financial abuse to the proper authorities. It is a targeted proposal that would help combat the unfortunate situation of financial abuse of the elderly.

Mr. Speaker, I thank my colleague for her speech.

I completely understand why my colleague was so shocked when she saw the provisions allowing companies that disclose personal information to manage and discipline themselves.

It is quite surprising that, ultimately, the Conservatives are refusing to be guided by the most informed, most qualified experts on the matter. One example is Daniel Therrien, the Privacy Commissioner.

With Bill C-51, once again, the Conservatives tried to take evasive action by not inviting the commissioner. However, in the case of the committee work on this bill, the commissioner was able to have his say.

Can my colleague comment on the fact that the very reasonable amendments brought forward by the NDP, which were inspired by the commissioner's comments, were flat out refused by the government, without any discussion?

Mr. Speaker, I thank my colleague from Beauport—Limoilou for his very relevant question.

As I said, since we have been here, since the beginning of the 41st Parliament, we have learned that this government prefers self-regulation. We have seen this in many areas, including rail safety, drug reporting—until we forced the government's hand—and personal information. Some 18 amendments were brought forward at committee. The commissioner also suggested that the bill be amended to reflect the Supreme Court ruling.

However, we know that privacy is a thorny issue and not a priority for the Conservatives. What, then, is their priority: getting personal information without authorization or income splitting?

Mr. Speaker, why is my hon. colleague across the way opposed to the position of the Privacy Commissioner? The Privacy Commissioner came to committee. The fact is that almost every witness agreed. Some did not agree with Bill S-4, and as we have heard, there were diverse opinions. However, the vast majority supported the changes that Bill S-4 presented, and the Privacy Commissioner was part of those.

Why does the NDP ideology get in the way of recommendations from the committee and the Privacy Commissioner?

Mr. Speaker, I would like to respond to my colleague across the way with some facts and key figures.

In one year alone, the Conservatives made 1.2 million requests to telecommunications companies for Canadians' personal information. What is more, 70% of Canadians feel less protected than they did 10 years ago. That came from a 2013 survey of Canadians on privacy protection.

Some 97% of Canadians would like organizations to notify them in the event of a breach of security of their personal information. It has been proven that there is a directive that is not clear. It surprises me that there is no authorization, no consent, no judicial oversight.

Mr. Speaker, I am pleased to speak to Bill S-4, the digital privacy act, which was recently reviewed by the Standing Committee on Industry, Science and Technology.

Bill S-4 introduces a number of important improvements to the Personal Information Protection and Electronic Documents Act that will increase the level of privacy protection for Canadians.

PIPEDA is privacy legislation that has been in place for more than a decade now. Under the law, organizations are expected to apply stronger protection in situations that are privacy-sensitive. As an overriding rule, businesses must limit what they do when it comes to the collection, use, and disclosure of personal information to activities that one would consider reasonable and appropriate in the circumstances.

Not all individuals have the same capacity to understand what is reasonable and appropriate, nor can they necessarily appreciate the immediate or long-term consequences of providing information about themselves to a commercial enterprise. This is particularly true of minors. The range of online activities today's kids engage in is astounding. They take part in multi-player games with people from all over the world. They explore virtual worlds. They join chat rooms and post comments, photos, and videos about themselves and their friends.

Today's kids have grown up with the Internet and digital technologies. Social networks, gaming consoles, and smart phones have always been a part of their lives. When kids interact with their friends and when they play games, more often than not it is through technology.

According to a survey conducted in 2013, more than 30% of grades 4 to 6 students have Facebook accounts. By grade 11, 95% of students have such an account.

Digital technology offers tremendous benefits to children's education, development, and social lives. In today's digital economy, children must be able to safety and securely use network technologies and access the online world if they are to develop the skills they will later need to find jobs in the digital marketplace.

What children may not be aware of is that the information they share in the context of online play or learning can actually have unintended consequences. Online personal information has become an enormous source of revenue for companies. Kids are able to play online games, download and use apps, and talk to their friends at no cost because companies offering these services generate revenue by harvesting and using personal information for profiling and marketing purposes.

This government does not wish to prevent today's youth from fully realizing the benefits of the digital world. The skills they develop through these many online activities will provide them with significant advantages when they enter the job market as young adults. This government fundamentally believes that digital literacy and skills are at the core of what is needed for individuals to succeed in today's digital economy.

However, with an increased online presence comes added risk. Strong protections for children's online privacy are needed.

PIPEDA already contains defences that safeguard the personal information of minors. For example, the act prohibits organizations from using deceptive means to obtain consent. Most importantly, it requires companies to limit the purposes for which they collect, use, or disclose personal information to reasons that individuals would consider reasonable and appropriate in the circumstances.

Bill S-4 enhances these protections by clearly setting out requirements that organizations must meet when obtaining consent. These new provisions will have a positive impact, especially when it comes to the protection and the privacy of children.

The new measure will require organizations to clearly explain why they are collecting information, what they will do with it once they have it, and what the consequences of providing it will be.

What is more, they must provide this explanation in a way that can be understood by the audience they are targeting with their product or service. This means that any business targeting children must pay very close attention.

The amendments in Bill S-4 mean from a legal perspective that when a company is seeking permission to collect, use, or disclose personal information from a group of individuals such as children, it must take steps to ensure that these individuals are able to fully understand what would happen to that information.

In practice, this would mean that the organization's request for information can be easily understood by the target audience. This includes making sure that the wording and language used in the request are age-appropriate. For example, a video game designed and marketed to preteens would clearly need to take a different approach to obtaining the consent of players to collect personal information than a video game marketed to adults.

We heard from a number of witnesses during the committee's consideration of the bill, and the majority were supportive of our government's proposed amendments in Bill S-4 to enhance consent.

The Privacy Commissioner of Canada repeatedly expressed his support for the amendment. This is what the Privacy Commissioner told the committee:

Consent is a big part of PIPEDA, and I think it's useful to have this clarification of what actually is consent. We obviously know that it is a huge challenge for organizations to properly advise individuals of the reasons they collect information and they use it, so any tool that enhances, that provides an incentive for organizations to be clearer, and to take into account the context of the individual or consumer I think helps Canadians.

The commissioner further emphasized:

So, when the individual is a child, if your product is addressed to children, you should think about what is reasonable to expect of a child in understanding the consent being sought. Overall, I think, again, the definition of consent in Bill S-4 will assist generally and will assist particularly groups that are more vulnerable, like children.

Privacy information must be clear to the user. The privacy policy should be specific to whatever service the child is using and not be a one-fits-all privacy policy.

The standing committee also heard support for this amendment from a number of other witnesses, including from business. For example, the Marketing Research Intelligence Association, a national self-regulatory body that represents Canada's survey research industry, wrote in a submission to the committee that it fully supports the enhanced consent requirements of the bill.

The association noted in particular that the amendment provides “added clarity for organizations when they seek the valid consent of an individual” when collecting, sharing, and disclosing their personal information. It went on to say:

We believe that specifying the elements of valid consent will go a long way to protecting the most vulnerable Canadians, such as seniors and children.

Our government has already taken significant action when it comes to protecting children online. We have made important progress to shield our children from online intimidation, cyberbullying, and other similar threats and abuse through amendments to the Criminal Code of Canada that were passed under the Protecting Canadians from Online Crime Act.

The amendments put forward under the digital privacy act build on those actions taken to address cyberbullying and represent additional real and tangible measures to protect Canadians and their families from online threats.

PIPEDA has been in force since 2001. Concerns about the protection of children's online privacy were raised with Parliament in 2007 during the first statutory review of this act. There was general consensus among witnesses that children warrant extra privacy protection, given their particular vulnerability to deceptive and privacy-invasive practices. Indeed, at the conclusion of its review of the act, Parliament recommended that the government examine the issue of consent by minors to determine if PIPEDA should be amended.

Our government heard stakeholder concerns and is responding to the recommendations of committee by introducing enhanced protection for the privacy of minors that is now before the House. This is an important amendment, and along with all other measures in this bill, it should be passed quickly.

The digital privacy act takes real and tangible steps to protect society's most vulnerable individuals. I hope hon. members will join me in supporting this bill so that these new protections can come into force quickly.

Mr. Speaker, I listened carefully to the speech by the hon. member, who, if I am not mistaken, is also a member of the Standing Committee on Industry, Science and Technology.

The government seems to be in a hurry to move forward with this bill. However, we still have some concerns about privacy protection. The Privacy Commissioner raised those concerns.

Can the hon. member elaborate on how this bill will really protect the privacy and communications of Canadians who communicate honestly and in good faith? Does this bill contain measures that will really protect Canadians' privacy?