Mr. Speaker, I am grateful for the opportunity to speak to this bill, which is very important for the safety of Canadians and for Canada's role on the international stage.
Usually, when I give a speech, I like to speak off the cuff, relying on only a few notes. However, I will not do that today for two reasons. First, as a member of the National Security and Intelligence Committee of Parliamentarians, I have several obligations, including the obligation not to disclose certain information that I am made aware of in the course of my work. Second, this issue is very relevant to the work of the committee of parliamentarians, which is made up of parliamentarians from all political parties in the House and the Senate. I am therefore going to be very focused and read my speech just to make sure that I do say anything that I should not.
The world around us is becoming increasingly digital and networked, and much of our day-to-day business, means of communication and overall lives relies on the Internet. I do not have to tell my colleagues about all of our different devices, which I will not use as a prop, such as smart phones, emails and the like, and instant messaging applications. All these things easily and instantly transcend provincial, national and international borders.
Unfortunately, this equally means that malicious actors like organized crime groups and violent extremists can explore this borderless nature of cyberspace for their own benefit. Canada's law enforcement agencies and the Canadian Security Intelligence Service need modern tools to help keep communities and Canadians safe. Therefore, we must close the capability gap in current legislation that prevents law enforcement's and CSIS's lawful access to data and ensure they can properly execute their mandates and protect Canadians.
Canada maintains an international reputation as a safe and peaceful country. To sustain this reputation, we must ensure that our legislation keeps pace with modern threats and technologies used in criminal and malicious activities.
“Lawful access” is a term we will hear a lot in association with this bill, and let us be very clear about what it means. Lawful access includes the tools and authorities to legally obtain certain information, data or communication during investigations. This information is often essential to generating leads on serious criminal activities and national security threats, as well as identifying and prosecuting those involved.
For decades, law enforcement and CSIS have had to operate without a legal framework requiring electronic service providers, or, as I will refer to them, ESPs, to develop and maintain lawful access capabilities. The current legal framework has not kept up with rapid advances in technology. Frankly, our laws are very much like me: They are analog in a digital world. This is the reason we have developed Bill C-22, which aims to facilitate law enforcement's and CSIS's timely access to basic subscriber information. I would like to make sure we understand it would be basic information. This is important because law enforcement and intelligence investigators need basic subscriber information, like a legal name or an address, to identify or exclude suspects, particularly during the preliminary stages of an investigation.
Bill C-22 would also establish a general legal framework to require electronic service providers to have the capability to respond to legally authorized requests, like a warrant or a production order, while respecting and protecting privacy interests and fundamental rights that all Canadians expect.
Bill C-22 would introduce provisions to support law enforcement agencies as they crack down on crime in an increasingly complex technological landscape, where the vast majority of evidence is online and in an electronic format. Law enforcement groups have sounded the alarm on the obstacles they encounter during investigations. They have sounded this alarm for years. Currently, law enforcement faces many challenges in obtaining the information it needs. Often, law enforcement does not know which service provider holds the customer account associated with the subscriber information, which also means it does not know who to serve with a production order. This challenge presently stalls and delays real-world investigations.
In many cases, law enforcement is required to seek multiple judicial authorizations to seek very basic information from different service providers, solely to confirm which provider services a phone number or an IP address. The current framework causes significant, unnecessary and harmful delays. Timely access to this basic information is crucial in all stages of an investigation and can spell the difference between securing key evidence and allowing criminals to slip through our fingers.
As another example, police could be aware that a provider holds certain information, but the company is unable to provide it because its systems do not possess the capability to do so and there is no legal requirement to carry such capabilities. We have heard many stories of law enforcement tracking a missing child or attempting to stop a terrorist attack, knowing which ESP to obtain the information from but being stonewalled by the provider's lack of lawful access capabilities. We cannot hope to fully protect Canadians and our communities if law enforcement and CSIS are unable to do their jobs. What is more, Canada may not be able to contribute meaningfully to joint investigations with its international partners or fully benefit from the support that our international partners provide to us. My colleague the parliamentary secretary spoke at length about this.
For this reason, Bill C-22 introduces new legislation to close this gap, whereby certain electronic service providers would need to develop and maintain the technological capabilities to respond to production orders. To be clear, this aspect of the legislation intentionally and explicitly would not allow for a so-called back door or any direct access for law enforcement or CSIS into electronic service providers' systems, and the legal authority to access that information would still always be required.
Bill C-22 proposes two ways by which an ESP could be asked to develop and maintain lawful access capabilities. First, those designated as core providers, such as traditional telecommunications companies, would have to abide by specific requirements set out in the regulations. Second, the Minister of Public Safety could issue a ministerial order to develop specific capabilities based on operational needs as new technologies develop.
We have heard the concerns from parliamentarians and stakeholders around privacy and oversight, and I want to reassure Canadians. I am actually very proud of the fact that the government took back this bill, listened carefully and amended it in ways to address the concerns that were raised. Bill C-22 now includes safeguards so that ESPs would not have to abide by any demands that would introduce systemic vulnerabilities in electronic protections, such as encryption breaking or what I called a “back door”. The bill would also require that the Minister of Public Safety obtain the approval of the intelligence commissioner before a ministerial order is valid, and it could be subject to further review by the National Security and Intelligence Review Agency, or NSIRA.
Bill C-22 is about removing harmful barriers that impede active investigations, delay justice and put Canadians in harm's way. This is about bringing our legislation up to date, finally, with modern technologies and with that of our closest allies. This is about ensuring that extortionists, child predators, cybercriminals, hostile state actors and organized criminal networks would have nowhere to hide.
This is a responsible bill that would make the necessary changes, and I hope all members can see their way to support it.