Debates of Nov. 28th, 2022

Madam Speaker, my comments are similar to the member for Windsor West's, in terms of the balancing of the interests of business with the interests of the individual. To some degree, the bill fails to do both of those things. Businesses are looking for clarity and businesses are looking for a clear set of rules for how they can operate. I would note that, from clause 17 to clause 50, there are all of these exemptions. Exemptions do not allow for clarity.

I just wonder if the hon. member thinks there are enough exemptions in the bill.

Madam Speaker, can we have the support of the hon. member across the aisle to ensure that the bill can go to the committee, so that we can have the opportunity to have conversations such as the one he is tabling?

Madam Speaker, I am pleased to rise before hon. members today to speak to the digital charter implementation act, 2022. More specifically, I would like to discuss the new artificial intelligence and data act.

This legislation seeks to not only enhance Canadians' confidence in emerging technologies, but also support economic development stemming from the responsible use of AI systems and data.

As many have noted, Canada is well placed to play an important global role in AI. Thanks to Canada's highly skilled and diverse workforce and experts at research centres across the country, we have a unique opportunity to create an environment where Canadian companies can be world leaders in responsible innovation, taking full advantage of the digital economy.

Pan-Canadian institutes such as the Quebec Artificial Intelligence Institute, or Mila, the Vector Institute in Toronto, and the Alberta Machine Intelligence Institute in Edmonton reflect the abundance of Canadian talent and resources. What is more, according to Global Advantage, in January 2020, the number of AI companies in Canada, in other words, companies with a product or service that implements AI, has doubled over the past five years to 660.

The responsible use of data and AI systems has the potential to drive improvements in all sectors of the economy, leading to groundbreaking discoveries with significant economic, health, environmental and social benefits, including streamlining processes and decision-making, eliminating inefficiencies and enabling better resource allocation.

AI is already augmenting processes and skills in every industry. As noted in the March 2021 report, “Artificial Intelligence Policy and Funding in Canada”, by McGill University's Centre for Interdisciplinary Research on Montreal, the Government of Canada is making massive investments in AI, with $1 billion in government contributions provided across Canada as of August 2020.

In addition, in budget 2021 the Government of Canada committed to expanding the pan-Canadian AI strategy that was first launched in 2017 with an initial investment of $125 million through the Canadian Institute for Advanced Research. Budget 2021 proposes additional funding of $443.8 million over 10 years, starting in 2021–22. It is clear that the government recognizes the potential of this industry and that the development of artificial intelligence technologies will play a fundamental role in the growth of the digital economy.

Canadians are also optimistic about the future benefits of AI. For example, a recent study by Nanos Research on behalf of ISED shows that Canadians are almost seven times more likely to say that the impact of AI will be very positive rather than very unfavourable. However, stakeholders have also expressed a range of concerns regarding AI and automated decision-making systems.

As some of these technologies have matured, risks associated with AI systems have also come to light, including with respect to health, safety and bias. The same Nanos survey I mentioned earlier noted that Canadians are most concerned about job loss, AI replacing humans, privacy and security, AI malfunction, and biased decision-making and ethics considerations.

These concerns speak to the need to ensure the responsible development of AI. The proposed consumer privacy protection act will address protections related to privacy and related security elements, but what about health, safety and bias? As machines learn from datasets they are fed, they may replicate many of the past failings that resulted in systematic disparate treatment of minorities and other marginalized consumers in vital sectors such as banking, housing and health care.

In order to increase Canadians' confidence in the use of AI technology, our laws need to be adapted to the realities of the digital economy. Some issues were identified through our consultations on digital media and the feedback we received following the publication of the consultation document on the modernization of the Personal Information Protection and Electronic Documents Act.

Many stakeholders expressed concern regarding individuals' potential loss of control over the use of their personal information in the application of AI, the lack of transparency regarding the resulting decisions, and the impacts on individuals and groups.

While businesses are investing in increasingly complex AI systems and algorithmic technologies, Canadians need to have confidence in the AI systems they use every day. They also need to have recourse when automated systems make important decisions that can impact their lives.

The advancement of AI systems requires data, a lot of data. Personal information is particularly sought after to help develop algorithms and customize services. It is therefore vital that the collection and use of this data follow international standards and best practices in order to protect Canadians' rights and freedoms.

The artificial intelligence and data act is needed to address these types of concerns by establishing rules to promote a human-centred approach to artificial intelligence, good data governance practices and respect for Canadian standards and values. This approach will protect Canadians from a range of potential harms including discrimination, loss of dignity and autonomy, and serious harm to their health, safety, and economic and social well-being.

The artificial intelligence and data act will support responsible innovation by giving businesses a clear framework to guide the design, development and deployment of artificial intelligence systems.

The AIDA will ensure that entities responsible for AI systems that have a high impact on Canadians identify and mitigate potential harms, including bias. By aligning with internationally recognized standards, this will ensure market access for Canadian innovations. The proposed AI law contains provisions that protect commercially sensitive information while ensuring that AI systems do not have adverse or negative effects on Canadians.

More precisely, the AIDA contains obligations for organizations that design, develop or deploy high-impact AI systems to conduct assessments to determine the level of impact of their systems; adopt reasonable administrative, policy and technical measures to mitigate risks and assess compliance; maintain records about their artificial intelligence systems, and report harm or risk of imminent harm.

The AIDA will also give the Minister of Innovation, Science and Industry the necessary tools to engage with organizations and to ensure compliance with the law. While voluntary co-operation will always be the first course of action, the AIDA provides that the minister may order an organization to provide documentation relevant to assessing compliance with the act. Under the AIDA, the minister may also refer questions to the other relevant regulatory bodies, such as the Privacy Commissioner or the Competition Bureau.

Also, in cases in which there are reasonable grounds to believe that the AI system may cause serious harms, the minister may order suspension of its use or operations. The minister will also be able to communicate compliance issues to the public as a means of further raising awareness about the requirements of the act.

The artificial intelligence and data act also creates a position of artificial intelligence and data commissioner to assist the minister in administering the act and to help businesses understand their responsibilities and how to comply. The commissioner will have a dedicated structure and budget for that purpose. These measures will help increase consumer confidence and their understanding of these technologies, support the ecosystem and maintain a flexible legislative framework that is responsive to international technological and regulatory developments.

Madam Speaker, I would like to take 15 seconds to congratulate my colleague on delivering half his speech in French. He has improved by leaps and bounds in less than a year.

Now, the moment we have all been waiting for, my question. Quebec has a law that protects its citizens' privacy, law 25. We talked about it earlier. In the early 2000s, PIPEDA's paragraph 26(2)(b) stated that the Governor in Council would, by order, respect Quebec's legislation. Essentially, the federal act would not apply with respect to personal information about individuals' property or their civil rights. In other words, the act would leave matters under Quebec's jurisdiction alone. Even though Quebec's law 25 already complies with EU expectations, Bill C‑27 contains no clause guaranteeing that the federal government will respect the application of Quebec's law.

My question is simple. Will my colleague work to ensure that the federal government respects Quebec's law 25 and that there will be an order to that effect?

Madam Speaker, I thank my colleague for her question and her comment about my French. I practice a lot, but not all the time.

I am going to answer her question about Quebec's law in English.

It is interesting that we are again following the Province of Quebec, much as we did with the child care plan we introduced in Canada. This piece of privacy legislation is really modelled and follows the Quebec law that was put into place. My understanding, from reading over the notes on the bill, is that where there is provincial jurisdiction that is deemed to be similar to the law we introduce, we will obviously hand it over or defer to the provincial legislation.

There is nothing that infringes on the law that is currently in place in Quebec. I applaud the Quebec provincial authorities for bringing forward legislation over the years that the federal government has looked to and modelled.

Madam Speaker, I would note that from point 17 to point 50 there is a whole raft of exemptions for this bill. It is interesting to me that we are trying to build something that is predictable for the business community and protects the interests of the individual.

Does the member not think that several pages of exemptions does neither? It does not give definition to business and also does not protect the rights of individuals.

Madam Speaker, once the bill arrives at committee stage there will be plenty of time to bring forth ideas and to strengthen legislation. That is the job of all members of Parliament here. We are sent here to improve legislation, so I encourage my colleague to do so.

All MPs know, from studying PIPEDA and other pieces of legislation that we have examined while sitting on committees, that because of technology, be it Facebook, Instagram or the use of AI, we need to revise our privacy laws. This is a good, solid step in that direction.

Madam Speaker, the issue of the tribunal is an interesting one. Does the member know what the cost of the tribunal will be?

We are taking away a potential resource from the Privacy Commissioner and/or the court system, and we will have to create an entirely new organization. I am curious to know what the cost of the tribunal will be.

Madam Speaker, I thank the member for Windsor West, who I have travelled and worked with on the Canada-U.S. interparliamentary association. From my understanding of the bill, the tribunal will provide for access to justice and contribute to the further development of privacy expertise. That is very important in this day and age, when we are dealing with artificial intelligence and with a lot of data. We need to ensure that individuals' data is not misused, that we can move forward and that people can have confidence that their data is being protected.

Madam Speaker, it is indeed a pleasure to rise to discuss Bill C-27, an act to enact the consumer privacy protection act, the personal information and data protection tribunal act and the artificial intelligence and data act. There is a lot happening in Bill C-27. I have a lot of concerns about this bill, and that is why I will be voting against Bill C-27. It would not do the things we need to do to protect the privacy of Canadians.

I would first flag, in looking at this legislation, that the first act it would create is the consumer privacy protection act. Why is it not the Canadians' privacy protection act? Why are we talking about consumers and giving more ability to corporations to collect the privacy data of Canadians? That, to me, is very disconcerting and one of the things I want to talk about during my presentation.

The Personal Information Protection and Electronic Documents Act, PIPEDA, was the very first piece of legislation we had back in 2000, so it has been 22 years since we have updated legislation related to the issue of the privacy protection of data that has been shared online. Of course, technology has evolved significantly over the last 20 years. If we look at PIPEDA, it all rolls back to 34 years ago when the Supreme Court of Canada said, “that privacy is...the heart of liberty in a modern state”.

It said “privacy is...the heart of liberty”, and that completely falls back on the Charter of Rights and Freedoms. Concerning fundamental freedoms, subsection 2(b) of the charter says, “freedom of thought, belief, opinion and expression, including freedom of the press and other media of communication” while subsection 2(d) refers to, “freedom of association.”

We know very well that people's privacy has to be protected on anything they do online, what they do through mobile apps, what they do in their email communications and the collection of that data by service providers because, ultimately, anything we do online goes through a service provider on the Internet, and we have to ensure that our charter freedoms are protected to ensure our liberty.

We already know that under freedom of association, a lot of people who gather in Facebook groups and other fora on the Internet have already been violated by the Emergencies Act. We know that during the “freedom convoy” in the city, the government was harvesting data and that data was then shared by some means. With GiveSendGo, the data was mined off of it, shared on Google Maps and distributed across the country. People's individual financial information, the ultimate piece of privacy that should be protected, went across this country and the government failed to intervene.

Bill C-27 falls short on what needs to happen to protect privacy, recognizing how people are using the Internet and modern technologies, especially with mobile apps and everything that is happening on our phones. However, the protection of individuals is worth it and the privacy rights are worthy of constitutional protection, which Bill C-27 fails to recognize. We do not have a definition of privacy rights or a guarantee of privacy rights in Bill C-27, and that is why it fails.

I am the shadow minister of national defence, but earlier this year I served for a number of months as the shadow minister of ethics and digital information. I can say that, during my time serving on the ethics committee, it dealt with a number of issues. One of them, of course, was the use of Clearview AI, the facial recognition software that the RCMP and other police agencies use across this country. The ethics committee dug in deep and provided a report.

The Liberals let the RCMP make use of this technology under their tenure and did not say anything until it became public. Clearview AI, an American company, was scraping images off of Facebook and other social media such as Instagram to populate its database.

That information was then used, using artificial intelligence, to profile and identify people using mass surveillance techniques. We found through testimony that, not only was this done illegally, and the Privacy Commissioner ruled that Clearview AI had broken the law and that the RCMP had used it illegally, but also it was racially discriminatory as well, and it was a huge problem that people of colour and women were unfairly treated by this AI.

Bill C-27 would not regulate the use of facial recognition technology such as Clearview AI. Right now, we know the RCMP disagrees with the ruling of the Privacy Commissioner, so the question is whether CSIS, the Department of National Defence or the Communications Security Establishment are making use of similar types of technology. I will get into some of the recommendations from that report if I have time later on, but we did call as a committee, and it was adopted by the majority of members on our committee, for a federal moratorium on the use of facial recognition technology. We called for new laws, guardrails and safeguards to be built into legislation through PIPEDA and through the Privacy Act.

Bill C-27 would not provide that protection to Canadians. It would not ban or install a moratorium on the use of FRT, so that is absent.

Also, we asked that all companies be prohibited from scraping the images of Canadians off the Internet, whether it be through Facebook, Instagram, TikTok or whatever the app might be. We know that this causes potential harm to Canadians, yet Bill C-27 fails again to recognize this harm. The Liberals failed to incorporate recommendations coming from a standing committee of the House into this legislation.

One of the other things we heard about was that Tim Hortons was caught mass tracking Canadians who were using their app. If anyone who had the Tim Hortons app went to a Tim Hortons location and bought a coffee and a donut, that app was then used to track the behaviours of consumers of Tim Hortons as they were travelling for the next 30 minutes.

Again, this shows how the sharing of personal information and the mass data violation with the tracking of individual Canadians violated their privacy rights. Although Tim Hortons assures us they are not doing it now, we are not sure what happened with that data. Was it shared or sold to other corporations? Again, Bill C-27 would give companies, under clause 55 of the bill, a litany of exceptions to consent to sharing that personal information they collected through the use of their app. That would violate our privacy rights.

Although the Liberals have built in here words about consent and the ability for individuals to write in with consent or get removed, when it comes to terms and conditions, most Canadians, when they download an app and check the box to say “yes”, they have not read those terms and conditions. They do not know that some of these apps, as Tim Hortons was doing, were actually undermining their own privacy rights as they apply to the use of mobility data information, and because those terms and conditions are long, legalistic and cumbersome, people refuse to actually take the time to read it. Just because someone checks the box to say “Yes, I consent to using this app”, does not give those companies the right to violate the privacy of those individuals' outside of the commercial transaction that takes place between them and, in this situation, Tim Hortons.

The exemptions that are allowed under the bill for corporations need to be changed in the bill. There is no we can support it as Conservatives because they would be huge violation of privacy and of mobility, which are all things that are provided under our charter rights.

Under the government, we also saw the Liberal Minister of Health stand up and defend the Public Health Agency of Canada, which was caught red-handed having companies such as TELUS track the movement of Canadians via their cellphones. It said that it de-identified all the data it collected, but it wanted to know how Canadians were moving around the country underneath the auspices of the COVID pandemic and how transmission was occurring. That was a violation of privacy.

At committee, we made a bunch of recommendations, which the government has failed to implement in Bill C-27. Bill C-27 gives companies, such as TELUS and other mobile service providers, the ability to track the movement of Canadians across this country. It may want to call it “meta data” or say it has been de-identified, but we also know from testimony at committee that it can re-identify the meta data that has been turned over to the government. We have to make sure that it is done in the public interest and under the auspices of national security, public health and national defence. If that type of data is being collected, then there has to be a way to dump that data and ensure it disappears forever.

One of the other studies we undertook was of the Pegasus software system, which is very insidious. It is being used for national security. A similar type of technology is being used right now by the RCMP, CSIS and others. It has the ability to turn people's cellphones into video cameras and listening devices. It is a very cryptic, insidious spyware, or malware, that people can get on their phones by accidentally clicking on a piece of information, like opening up an email, and it will download. Then they can listen to the individuals in that place.

They do not have to bug people's houses anymore. They do not have to use high-grade technology to listen to the interests of individuals because it gives them the ability to turn cameras on to watch what they are doing, and turn microphones on to hear what they are discussing without them ever knowing it.

We want to make sure charter rights are protected. There are times we have to use this in the collection of data. There was definitely the admission by members of the RCMP that they have used it over a dozen times. They have their own system, not Pegasus, but one similar to it. We know that to use that type of technology, to protect the rights of Canadians, there should be a warrant issued to ensure there is judicial oversight, even if it is being used by the Department of National Defence and CSE, we have to make sure it is not being used against Canadians and only deals with those national threats they refer to as threats that are foreign entities. That is something that Bill C-27 fails to recognize.

I should say this as well. We heard at committee that this type of technology is being used against politicians, that there is foreign interference out there. As we have come to learn on different occasions, there are countries out there and other agencies that are interested in what we are saying as politicians, not just here in the House, but the private conversations we have in caucus, among colleagues, when we get together at committees, at pre–committee meetings, and the discussions we have in our offices. Our phones have become listening devices, so we have to be aware of that.

One of the things we have always talked about is what the gold level standard is to protect individuals, the citizens of our country, and to ensure their privacy rights are paramount in all the discussions we have. At the same time, we know there are going to be advances in technology, and the need at times to have police agencies, the Department of National Defence and the military use technology that could violate the rights of some people, but always with that judicial oversight that is provided underneath the charter. That gold standard is the European Union’s General Data Protection Regulation. We see that the gold standard goes well above and beyond what Bill C-27 is trying to do.

Bill C-27 falls way short. We heard at committee that with the data collection taking place on apps, online surveillance measures have to provide the right for data to be forgotten, or the right to data disposal or erasure, another terminology that is used. It is about making sure that data collected, even if it is for the public good or even if it is metadata, is disposed of at the end of the day.

It should not be that I consent to have my data removed from a database by checking something off or having to write in an app being used to buy coffee at the neighbourhood store, for example. It should be that it is our right to be forgotten and that after a certain time frame, data is erased forever from the database where it is being held and is not used again for commercial purposes, nor used, sold or traded among commercial entities.

The gold standard that the European Union has is not included in Bill C-27. Again, that is why we have so many concerns.

When we look at clause 55, which has already been mentioned by a number of my colleagues, it has a boatload of exemptions built in for corporations to get around the removal of privacy data. These exemptions allow them to write in, make changes and share data. We have to make sure the onus is not on Canadians to get their privacy information back or to get their privacy information removed. The onus should be on corporations to prove why they need it. The onus also has to be on the government. This is about transparency and accountability. There needs to be a realization that Canadians deserve an explanation as to why some of their data may be used, even if it is de-identified, and why it would be used for the buildup of public policy or to deal with issues like a pandemic.

Just to move forward a bit, I note that given some of things we saw at committee when we were looking at facial recognition technology, the power of artificial intelligence and the growing power of AI, we made a number of recommendations. They included that whenever the government looks at using artificial intelligence or FRT for military, defence or public safety, it needs to be referred to the National Security and Intelligence Committee of Parliamentarians for study, review and recommendation, and it needs to be reported publicly. There also needs to be a public artificial intelligence registry for the algorithmic tools being used. However, we do not see that registry for artificial intelligence companies in Bill C-27.

I have already talked about the right to be forgotten and said there needs to be a set period of time. I have talked about the prohibition on the practice of capturing images of Canadians from public platforms such as Facebook, Instagram and Twitter. We also need to make sure there is a federal moratorium on using FRT until we have proven it is needed by police agencies, the justice system has proven that it works and we are sure it is not racializing Canadians in its use. Ultimately, the Privacy Commissioner and judicial authorization have to override that.

As Daniel Therrien, the Privacy Commissioner, said about the RCMP:

[It] did not take measures to verify the legality of Clearview’s collection of personal information, and lacked any system to ensure that new technologies were deployed lawfully. Ultimately, we determined the RCMP’s use of Clearview to be unlawful, since it relied on the illegal collection and use of facial images by its business partner.

Its business partner was Clearview AI.

There is an ongoing need to ensure that charter rights and international human rights are brought together in a collaborative way in how we all form our opinions on Bill C-27. I hope the bill is taken back and redrafted, and if not, I hope there is an opportunity to make massive amendments to it so that it actually takes into consideration the privacy rights of all Canadians.

Before we proceed to questions and comments, it is my duty pursuant to Standing Order 38 to inform the House that the questions to be raised tonight at the time of adjournment are as follows: the hon. member for Leeds—Grenville—Thousand Islands and Rideau Lakes, Public Safety; the hon. member for Saanich—Gulf Islands, Climate Change; and the hon. member for Nanaimo—Ladysmith, Fisheries and Oceans.

Madam Speaker, I note that the last time we had any real changes to the privacy legislation of this magnitude was a couple of decades ago. We did not even have iPhones 20 years ago, so I would ultimately argue that there is a need for change.

Tim Hortons aside, I believe the legislation we are talking about provides a good balance between consumer rights, the issue of privacy and the whole digital market out there. No doubt, it would be nice to see the legislation go before committee and, ideally, for that to take place sometime before the end of the year.

Given the urgency of the issue itself and the fact that we have not seen anything for 20 years, would the member agree that it would be nice to see the legislation pass before the end of this year?

Madam Speaker, the Liberals have been in government for the last seven years, and they have not brought forward this legislation with any urgency, it seems. It has been on the docket and off the docket a number of times.

The member talks about consumers rather than Canadians. Let us stop looking at people as commodities. Let us look at them as individuals and their rights.

One thing the Liberals could put into the bill, as recommended by the Standing Committee on Access to Information, Privacy and Ethics, is details on how Canadians can opt out of being surveilled and on how their data is collected. Why is that not in here? We have a national do not call list, and we can sign up for it so we are not getting bothered all the time by telemarketers. Why would we not have a national opt-out clause for Canadians' data collection, whether for government interests or commercial interests, so they have the ability to say no because they want their privacy rights to be respected?

Madam Speaker, my colleague from Selkirk—Interlake—Eastman mentioned some things that are not covered by Bill C-27. The law they have in Europe right now requires businesses to have two ways to identify individuals, but the trend is moving toward having three.

Does my colleague think that Bill C-27 should also legislate on the number of methods of identification that businesses should be required to use? It does not do so right now, which is why we need to carefully study it in committee.

Madam Speaker, I do not believe that the bill lives up to the gold standard of European Union law. The European Parliament has been very good at having general data protection regulation. That is the gold standard. The bill does not provide the types of safeguards that protect the interests of Canadians.

We need an ongoing discussion on how the personal information of Canadians is protected. Bill C-27 does not provide all the guardrails required for the protection of individual Canadians. A task should be given to the industry committee or the ethics committee to dive deeper to make sure we have an opportunity to hear from more witnesses and to provide the amendments that are so desperately needed to the bill. I think it actually needs to go back to be redrafted.

Madam Speaker, I want to the thank the hon. member for Selkirk—Interlake—Eastman for a very thoughtful speech. As a member of Parliament grappling with Bill C-27, I have to say that I am grateful that his party assigned him to this area of work sometime in the past, because this is enormously complicated.

The bill is three acts in one, and I would ask the member what we should do at this point. The Speaker has now given a ruling that says we will be able to vote separately on the AI piece of the bill, but I do not think that is good enough. I do not know if the committee will be able to set aside witnesses and only look at the AI piece in a concentrated fashion.

I would support anything we could do as opposition members of Parliament to make sure the bill is not rushed and to make sure that the artificial intelligence pieces are treated as separately as possible so that we have a good amount of time for amendments and understanding while not rushing it through.

Madam Speaker, I agree with the member. We want to get this right. This should not be rushed. It is not about getting this done by Christmas because we have a legislative agenda to hammer through, as the member for Winnipeg North continues to cheerlead. What we need is to take our time.

We can split the bill into three ways and assign them to committees other than the industry committee. We can give the bill over to public safety to look at the use of the legislation from the standpoint of policing. We can shuffle off the piece on artificial intelligence to the ethics committee, making sure that it has the time to dive deep into it and hear from witnesses about how we can improve upon the bill.

Ultimately, what we could do is defeat the bill at second reading, send the government back to the drawing board and have it do a broader consultation on how this bill should be written so that it addresses the needs of the industry but protects the rights of Canadians.

Madam Speaker, I would bring to the member's attention the studies we undertook at the ethics committee, where it was reported that agencies of the federal government, including the RCMP and PHAC, did not follow the existing Treasury Board guidelines on the adoption of new technology. I think all parties agree that we need updated legislation, but the government is not even following the rules that it already has.

Does there need to be more than just new regulation and protection for Canadians' privacy? Is it not also important that the government actually follow the rules that it creates, which it has not done with respect to Canadians' privacy?

Madam Speaker, I want to thank the member for his time as chair of the ethics committee and for the great job he did.

We heard from a lot of experts, and the committee found over and over again that the government was not following its own rules, including those in the Privacy Act and PIPEDA, which is antiquated, as the member for Winnipeg North pointed out. It does not even follow the guidelines that the Treasury Board has.

If the government cannot even follow the rules as they are currently, it leaves us feeling hopeless that it is going to follow the rules of any new legislation we bring in. However, I would hope that a future Conservative government would make sure legislation provides that privacy rights and the charter's freedom of expression and freedom of speech are solely protected in legislation for Internet use. That has to be the guiding light in all documentation and legislation we provide.

Madam Speaker, given the issues of the bill and the complexity of it, I was really grateful for the intervention by the member for New Westminster—Burnaby about the NDP request to separate the votes. We cannot actually separate the bill so that it goes to different committees. We are stuck with having a separate vote on artificial intelligence.

I know the parliamentary secretary wants to rush the bill through by Christmas, so would it not have made more sense to have three separate bills because there are three extensive pieces of legislation? If the Liberals want to move the bill quicker, perhaps they would be willing to actually separate the bill for separate studies in the House of Commons. It requires them to do this, unfortunately, not the opposition.

Madam Speaker, I agree that we should be dealing with this in a more focused way. Instead of having one big omnibus bill, this should be split into smaller bills so we can have a more fruitful debate and have a chance for more expert input. Then we would have more parliamentarians engaged in drafting any potential amendments to any legislation. As it is right now, the bill will be referred to only a couple of committees, and we have a timeline, which seems to be pushed by the government, that does not work.

The Privacy Commissioner, Daniel Therrien, notes that “most Canadians whose data was used did not know their data was used. The parties, both the government and the private sector, could have done more to inform users that their data was used for these purposes.” That was the data collection done through PHAC. He also said, “the second issue is whether it is good legislative policy that de-identified information falls outside the reach of privacy laws.”

The Liberals are trying to correct that through legislation. However, as David Lyon said, “high-level studies from various places, one from Imperial College London and the university in Leuven, show that 99.8% of Americans could be reidentified in a dataset that used 15 demographic attributes.” That is disconcerting, and that is why this legislation falls short.

Madam Speaker, former Liberal bagman David MacNaughton, who was subsequently appointed to be the ambassador for Canada to the United States, went on to become the president of Palantir. It is the Dyson of data scooping and meta tag recombination.

His first order of business was to attempt to secure a contract with the Canadian federal government, but he had violated the cooling-off period for being a public servant. What assurances do Canadians have that this will be secure enough and that we will be protected from this legislation's being used as political weaponry on the taxpayer's dollar?

Madam Speaker, I begin by pointing out that Canadians have never been more reliant on digital data. In fact, a previous hon. member of this House, Scott Brison, famously quipped that we have Blockbuster legislation. We have Blockbuster law in a Netflix world. It is clear we need to update this.

To the member's question about enforcement and making sure there are repercussions for the misuse of data or for violating the proposed act, the act would create the data commissioner. It would give the commissioner powers to impose administrative monetary penalties. In contrast to today's legislative landscape, I think the proposed act would address the member's concerns.